From tss at iki.fi Fri Jun 1 13:26:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 1 Jun 2012 13:26:44 +0300 Subject: [Dovecot] inet_listener imaps { port = 0 } question In-Reply-To: <5748fd83f78445be8a644585a877b682@rootservers.in> References: <5748fd83f78445be8a644585a877b682@rootservers.in> Message-ID: <23CB1C0E-C328-45C9-980A-ABD79A0EB965@iki.fi> On 31.5.2012, at 16.58, henrixd wrote: > Why commenting out "inet_listener imaps {}" won't stop dovecot to listen port 993? I think this would be expected behavior. Just curious, finally got it working with port = 0. :) When you comment out something, Dovecot uses the default settings for it. By default Dovecot listens on port 993. From joe.beaubien at gmail.com Fri Jun 1 18:36:02 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Fri, 1 Jun 2012 11:36:02 -0400 Subject: [Dovecot] Inconsistent search results and crash on force-resync Message-ID: Hi, I am seeing inconsistencies in search results (finding 2 emails when only 1 exists, finding the email when it has been moved to another folder, etc). I figured I should run force-resync to fix any issues. I ran the following: doveadm -v force-resync -u and I got some worrysome logs. - I should mention that I have been seeing some crashes of fts-lucene in my logs. I sent a traceback of this on the mailing list 1-2 days ago under the subject "[Dovecot] fts_lucene crashing". - I should also mention that all the problems I am having are only in 1 email account. This email account contains folders of over 100k emails. Do I need to tweak dovecot somehow for this? Up until now all I did was change vsz_limit to 1024 MB for "service imap". Here are the logs: Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox INBOX2 Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox contrat Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_Immigation soi-m&AOo-me/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Templates/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox rep_eval_positive Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_eval_positive/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox Sent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Sent/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_positif Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_indetermine Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:25 XXXXX dovecot: indexer-worker: Error: indexer-worker: /home/jd/work/clucene-core-2.3.3.4/src/core/CLucene/index/DocumentsWriter.cpp:210: std::string lucene::index::DocumentsWriter::closeDocStore(): Assertion `numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )' failed. Jun 1 11:15:25 XXXXX dovecot: indexer: Error: Indexer worker disconnected, discarding 28 requests for form Jun 1 11:15:25 XXXXX dovecot: indexer-worker(form): Fatal: master: service(indexer-worker): child 9909 killed with signal 6 (core not dumped) I have 3 questions: 1) When the log says "/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent" should I be worried, or this will fix itself? 2) Should I expect to see "Error: Recent flags state corrupted for mailbox Sent"??? I ran the force-resync 3 times and I still see this message. 3) Any idea why clucene is crashing? Regards, -Joe From matthijs at stdin.nl Fri Jun 1 21:27:33 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Fri, 1 Jun 2012 20:27:33 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve Message-ID: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Hi folks, I'm setting up a dovecot server with managesieve support. I'd like to offer spamfiltering through a Sieve script to my users by default, but still allow them to modify the filtering rules through Managesieve. I found the sieve_global_path configuration option, which seems perfect for what I want. I can configure a default script there, which will work for all users until they set upload their own sieve script using managesieve. However, when configured like this, the user experience isn't quite perfect. When users open the managesieve interface on their client, there is no trace of the default filters, so users might think the spamfiltering is done in some other manner. Now, when they create a filtering rule (e.g., to sort out mail to mailing lists), that rule will overwrite the default spamfiltering rule causing all the spam to spill into the user's mailbox. I'm afraid that most users won't realize they have to manually recreate the spamfiltering rule to fix this. Also, they might not know how to write the rule, even if they do... I've considered a few existing ways to fix this: - Use sieve_before / sieve_after to make sure that the default script is always executed, in addition to any user-supplied scripts. This removes the surprise, but removes the option for users to tweak the spamfiltering rules. - Don't use sieve_global_path, but instead distribute the default script to each user's homedir on user creation. This prevents making changes to the default script for existing users and in my setup, user creation and (mail)homedir creation are nicely separated through an LDAP directory, I'd rather not go this route. - When using the Roundcube webmail application as the IMAP client, I can point Roundcube at the default sieve script. Now, when Roundcube sees there are no scripts through ManageSieve, it shows a (fake) "default" script with the correct contents. As soon as the user changes this script or creates a new script, it is actually uploaded to Dovecot, causing the edited script to be used instead of the global script. This option has the user experience I'm looking for, but having this out-of-band connection from Roundcube to the default script configured with dovecot is ugly (and tricky, since these run on different hosts in my setup). The biggest problem is of course that this only works for Roundcube, not for any other IMAP client my users might use. So, I was wondering: Wouldn't it make sense for the managesieve plugin to do something similar to roundcube: When the user has no sieve script configured, let it fake a single "default" script, showing the contents of the global script? Since the ManageSieve protocol doesn't seem to support any way to flag this situation, it would be fooling the clients a bit, but I'm not sure if that's really a problem. While the user has not script named "default" in his sieve_dir: - include a script called "default" in the LISTSCRIPTS output. - return the contents of the sieve_global_path in the GETSCRIPT "default" command. - remove any sieve symlink after a SETACTIVE "default" command (as if SETACTIVE "" was given). This causes dovecot to fall back to the sieve_global_path script. - the DELETESCRIPT "default" command should fail. This might confuse clients and users, since it is listed in LISTSCRIPTS but cannot be deleted, but I think most users will understand they can't delete the default script. - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path script into the user's sieve_dir. This will effectively copy the script instead of renaming it (since it will still be magically listed in LISTSCRIPTS), so that might be confusing. All other commands work just like they do now (in particular, PUTSCRIPT "default" uploads a script called "default" into the user's sieve_dir, preventing all of the above from applying. As noted above, this change might cause some confusion, but I think that is manageable. On additional thing is that running SETACTIVE "" will not completely disable sieve processing (as would be expected), but will (again) cause the sieve_global_path script to be run. This is already the case currently, though, and should probably be considered a separate problem (whose root cause is the lack of a difference between "no script script configured yet" and "active script disabled", both remove the sieve symlink). Also, this problem might be a feature in some setups, so fixing it might not be so easy... So, any thoughts on this? Any fundamental problems I'm missing? (Not-so) obvious alternatives? Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From p at state-of-mind.de Fri Jun 1 23:58:39 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Fri, 1 Jun 2012 22:58:39 +0200 Subject: [Dovecot] dovecot stats: useful data to gather Message-ID: <20120601205839.GG2176@state-of-mind.de> Timo, following our discussion on dovecot stats at the LinuxTag 2012 my team and I sat down and put together a list of stat items we think to be useful in daily dovecot usage. Besides pulling together all the data we also think it would be useful to have an SNMP interface to access the stats. Our offer to create and contribute a standalone web interface for dovecot stats stands. Here are the stats we believe to be useful: Login/Logout - total number login success/time - total number login failure/time - total number per authentication mechanism - total number plain sessions - total number STARTTLS sessions - total number of currently connected users (pop3/pop3s/imap/imaps/managesieve) - login names of connected users (not really stats, but great for actions regarding those uses e.g. force logout) - total number logout commands/time - total number BYE responses (autologout) Mailbox state - Inflow rate (number incoming messages/time) - Deleted rate (number \Deleted flagged messages/time) - Expunge rate (number Expunge operations/time) - total number current messages mailboxes normal storage - total number current messages mailboxes alt storage - total number read messages mailboxes normal storage - total number read messages mailboxes alt storage - per user number current messages mailboxes normal storage - per user number current messages mailboxes alt storage - per user number read messages mailboxes normal storage - per user number read messages mailboxes alt storage Mailbox Quota - total number persons under soft-quota per quota - total number persons above or equal soft-quota per quota - total number persons above or equal hard-quota per quota Performance - minimum time to write a message - maximum time to write a message - average time to write a message - minimum time to modify a message - maximum time to modify a message - average time to modify a message - minimum time to delete a message - maximum time to delete a message - average time to delete a message - minimum time search operations - maximum time search operations - average time search operations Regards, p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From ghe at slsware.com Fri Jun 1 23:26:30 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 14:26:30 -0600 Subject: [Dovecot] auth trouble Message-ID: Debian Lenny, Dovecot v 1.0.15. I'm getting a lot of what I think is a local socket asking dovecot:auth to verify username/passwords: > May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= Note the empty 'rhost='. That's why I think it's on the server. I see others that look like bots: > May 30 23:08:43 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost=200.119.139.22 And I know how to promote the latter to a firewall. But with no rhost, I'm stumped... I've read books, googled, read docs, and asked for help on other mailing lists, and I've learned a lot. And I no longer think it really has much to do with Dovecot, other than the login attempt going through it to get to PAM. But has anyone here seen this before? Is my current theory correct? What did you do to make it go away? (I suspect that upgrading to Debian Squeeze might get rid of it, but I'm afraid that if I don't figure out what's going on, it might just come back.) -- Glenn English hand-wrapped from my Apple Mail From tss at iki.fi Sat Jun 2 01:15:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 2 Jun 2012 01:15:44 +0300 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. I had thought about SNMP before also, but for the current kind of stats that are exported I couldn't think of any reasonable way to export them. > Here are the stats we believe to be useful: > > Login/Logout > - total number login success/time > - total number login failure/time .. I'll look at these later in more detail, but some important questions / design decisions: Currently stats process only remembers things after Dovecot was started. I don't think getting these kind of numbers would really work like that. Perhaps all of the statistics should be permanently dumped to disk every ~minute or so + at shutdown and loaded at startup, so the numbers would at least normally always just increase since the first time Dovecot was started? > Mailbox state > - Inflow rate (number incoming messages/time) > - Deleted rate (number \Deleted flagged messages/time) These operations/time type of things I had hoped to be able to externalize :) If stats process simply gives the raw stats, the reader could do this kind of summing up. Otherwise .. well, I guess it could maybe keep track of the current ops/ and the reader would then have to read the value about once a minute or half or something. It wouldn't give exact results though. > Performance > - minimum time to write a message > - maximum time to write a message > - average time to write a message Within last .. day? hour? minute? .. From ghe at slsware.com Sat Jun 2 01:23:16 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 16:23:16 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <41E18AC0-6F33-49C8-838B-F5F2B4132449@slsware.com> I forgot to include this config info: > # 1.0.15: /etc/dovecot/dovecot.conf > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap pop3 > ssl_listen: * > ssl_disable: yes > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > login_max_processes_count: 12 > mail_privileged_group: mail > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > pop3_uidl_format(default): > pop3_uidl_format(imap): > pop3_uidl_format(pop3): %08Xu%08Xv > auth default: > mechanisms: plain login > verbose: yes > passdb: > driver: pam > userdb: > driver: passwd > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: postfix -- Glenn English hand-wrapped from my Apple Mail From p at state-of-mind.de Sat Jun 2 07:57:32 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 2 Jun 2012 06:57:32 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120602045732.GB16571@state-of-mind.de> * Timo Sirainen : > On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > > > Besides pulling together all the data we also think it would be useful to have > > an SNMP interface to access the stats. > > I had thought about SNMP before also, but for the current kind of stats that > are exported I couldn't think of any reasonable way to export them. I am not an expert on SNMP, others in my office are, but as I understand it there's no need for Dovecot to export the data. AFAIK Dovecot would have to offer a subagent, which could be queried by a SNMP server. If we need more knowledge on SNMP I can ask my folks on the team to give some guidance. For the moment I found this: > > Here are the stats we believe to be useful: > > > > Login/Logout > > - total number login success/time > > - total number login failure/time > .. > > I'll look at these later in more detail, but some important questions / design decisions: > > Currently stats process only remembers things after Dovecot was started. I > don't think getting these kind of numbers would really work like that. > Perhaps all of the statistics should be permanently dumped to disk every > ~minute or so + at shutdown and loaded at startup, so the numbers would at > least normally always just increase since the first time Dovecot was > started? ACK. My understanding is: Statistical data are moments in time. The application provides these snapshots. It is up to other protocols (e.g. SNMP) and software (e.g. RRD) to gather and create time series and also to relate data to each other in order to come up with ratios, timelines etc. This might be a good opportunity to check out Howard's MDB database (in order to get around potential future law suits concerning BDB usage ...). > > Mailbox state > > - Inflow rate (number incoming messages/time) > > - Deleted rate (number \Deleted flagged messages/time) > > These operations/time type of things I had hoped to be able to externalize > :) If stats process simply gives the raw stats, the reader could do this > kind of summing up. Otherwise .. well, I guess it could maybe keep track of > the current ops/ and the reader would then have to read the > value about once a minute or half or something. It wouldn't give exact > results though. ACK. I'd externalize them too. So dump the /time aspect and only give raw data at moment of query. > > Performance > > - minimum time to write a message > > - maximum time to write a message > > - average time to write a message > > Within last .. day? hour? minute? .. Concerning "message write time": the time the last message had to be written. In general the stats update interval should be configurable in order to adapt it to the overall system performance. Makes no sense to bring down the server by gathering stats every nano second unless one likes self-induced DOS. ;) It would probably be a useful strategy to update internal data on every event and answer SNMP queries from memory but write the data to disc every once in a while to have them when the server restarts. Besides that I don't see a use case for sharing such data between processes such as exporting them to memcache or anything alike. Do you? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From lists at wildgooses.com Sat Jun 2 12:20:14 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:20:14 +0100 Subject: [Dovecot] interesting stats pattern In-Reply-To: <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> References: <3B402F75-31CE-47C1-8107-9F7C33D58A77@xs4all.nl> <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> Message-ID: <4FC9DACE.3010909@wildgooses.com> On 29/05/2012 19:13, Timo Sirainen wrote: > On 29.5.2012, at 21.03, Cor Bosman wrote: > >> es, I am getting a list of sessions/users every 5 minutes through cron. Im already using "doveadm stats dump session/user connected" > Actually that's not really correct behavior either, since it ignores all the connections that happened during the 5 minutes if they don't exist at the time when you're asking for them. I'm not sure what the most correct way to do this kind of a graph would be :) I muttered about some ideas for enhanced login/logout tracking some months back. Perhaps this would be another example of a motivation to use it for something? Could either the login scripting or a plugin be used to build this type of login tracking? (My goal is to eventually do per user "are you logged in" tracking) Just a thought Ed W From lists at wildgooses.com Sat Jun 2 12:23:50 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:23:50 +0100 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC649FC.2010703@mssl.ucl.ac.uk> References: <4FC649FC.2010703@mssl.ucl.ac.uk> Message-ID: <4FC9DBA6.80601@wildgooses.com> On 30/05/2012 17:25, Alan Brown wrote: >> Is any problem with epoll on 3.2.x kernels? > > Yes - and it's been discussed here. > > Some "bright spark" rewrote the kernel epoll code to prevent DoS > attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? Can't find it immediately in the list? Cheers Ed W From lists at wildgooses.com Sat Jun 2 12:53:36 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:53:36 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <1337013487.4384.58.camel@innu> References: <1337013487.4384.58.camel@innu> Message-ID: <4FC9E2A0.9070905@wildgooses.com> On 14/05/2012 17:38, Timo Sirainen wrote: > On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> I have seen some emails servers that if I send a email to other >> person I can see if that person have read our emails and with a option >> to delete the email if the person hasn't read our email. >> >> Does dovecot have some like this feature? > This doesn't really work with IMAP/POP3 protocols. It requires Exchange > or something else. > > What would be possible is to check if a user has _downloaded_ your > message, but many clients download messages immediately when they arrive > so it might not be very useful. And in any case Dovecot has no such > feature. Just to register interest, but at some point I will need to consider writing a plugin or similar to achieve exactly this. Situation is that several of our competitors offer such a feature, ie known pool of users on dialup or intermittently connected systems, provide an alert back to the sender when your email has been "accessed/downloaded" by the remote user. Personally I don't think it's a great feature and my competitor's implementations often cause mail loops and other nasties. However, bottom line is that you can't win the bid if you can't offer the feature... Feels like a plugin rather than core functionality, but would be cool if someone wanted to produce something... Cheers Ed W From h.reindl at thelounge.net Sat Jun 2 13:02:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 02 Jun 2012 12:02:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FC9E4CF.9070108@thelounge.net> Am 02.06.2012 11:53, schrieb Ed W: > On 14/05/2012 17:38, Timo Sirainen wrote: >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: >> >>> I have seen some emails servers that if I send a email to other >>> person I can see if that person have read our emails and with a option >>> to delete the email if the person hasn't read our email. >>> >>> Does dovecot have some like this feature? >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange >> or something else. >> >> What would be possible is to check if a user has _downloaded_ your >> message, but many clients download messages immediately when they arrive >> so it might not be very useful. And in any case Dovecot has no such >> feature. > > Situation is that several of our competitors offer such a feature others doing something stupid is not a good argument > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. you realize that this is only possible if the RCPT is on your own server and not remote mails? > Personally I don't think it's a great feature and my competitor's implementations > often cause mail loops and other nasties which should be enough for argumentation why such things are making more damage as they solve problems and they are only working for non-relay mails > However, bottom line is that you can't win the bid if you can't offer the feature... surely YOU can win, you must learn to sell quality and explain why you are not doing anything someone wishes if you are sure that it is a bd idea why would i want a customer which enforces me to impelement a solution where i am sure that it is stupid - if he does not understand my argumentation he better is not my customer -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Sat Jun 2 13:32:28 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 02 Jun 2012 06:32:28 -0400 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC9DBA6.80601@wildgooses.com> References: <4FC649FC.2010703@mssl.ucl.ac.uk> <4FC9DBA6.80601@wildgooses.com> Message-ID: <4FC9EBBC.4060207@Media-Brokers.com> On 2012-06-02 5:23 AM, Ed W wrote: > On 30/05/2012 17:25, Alan Brown wrote: >>> Is any problem with epoll on 3.2.x kernels? >> >> Yes - and it's been discussed here. >> >> Some "bright spark" rewrote the kernel epoll code to prevent DoS >> attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? > Can't find it immediately in the list? http://dovecot.org/list/dovecot/2012-February/064004.html -- Best regards, Charles From anmeyer at anup.de Sat Jun 2 14:43:45 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 13:43:45 +0200 Subject: [Dovecot] sieve with dovecot v1.x Message-ID: <20120602134345.022f4473@itx.bitcorner.intern> Hello! Is there a chance to have sieve working with dovecot version 1.0.5? /usr/lib/dovecot looks like this: -rwxr-xr-x 1 root root 43932 22. Sep 2007 checkpassword-reply -rwxr-xr-x 1 root root 538996 22. Sep 2007 deliver -rwxr-xr-x 1 root root 127728 22. Sep 2007 dict -rwxr-xr-x 1 root root 270248 22. Sep 2007 dovecot-auth -rwxr-xr-x 1 root root 43952 22. Sep 2007 gdbhelper -rwxr-xr-x 1 root root 48080 22. Sep 2007 idxview -rwxr-xr-x 1 root root 596364 22. Sep 2007 imap -rwxr-xr-x 1 root root 135912 22. Sep 2007 imap-login -rwxr-xr-x 1 root root 43952 22. Sep 2007 logview drwxr-xr-x 5 root root 4096 23. Dez 2008 modules -rwxr-xr-x 1 root root 529512 22. Sep 2007 pop3 -rwxr-xr-x 1 root root 127660 22. Sep 2007 pop3-login -rwxr-xr-x 1 root root 69056 22. Sep 2007 rawlog -rwxr-xr-x 1 root root 134748 22. Sep 2007 sievec -rwxr-xr-x 1 root root 68748 22. Sep 2007 sieved -rwxr-xr-x 1 root root 44116 22. Sep 2007 ssl-build-param so there is a sievec and a sieved, but in the dovecot.conf there is no mention about sieve. I would compile the latest version of dovecot if I knew, how the running 1.0.5 was built. I need it for an openSUSE 10.3 Kind regards Andreas From stephan at rename-it.nl Sat Jun 2 14:51:50 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 13:51:50 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602134345.022f4473@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> Message-ID: <4FC9FE56.10701@rename-it.nl> On 6/2/2012 1:43 PM, Andreas Meyer wrote: > Hello! > > Is there a chance to have sieve working with dovecot version 1.0.5? Yes, the old CMUSieve plugin should work for that. By the looks of it, it is already installed, so you'll only need to configure it: http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Regards, Stephan. From anmeyer at anup.de Sat Jun 2 15:22:55 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 14:22:55 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FC9FE56.10701@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> Message-ID: <20120602142255.2486c724@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > On 6/2/2012 1:43 PM, Andreas Meyer wrote: > > Hello! > > > > Is there a chance to have sieve working with dovecot version 1.0.5? > > Yes, the old CMUSieve plugin should work for that. By the looks of it, > it is already installed, so you'll only need to configure it: > > http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Ok, I have done that. How can I know, if sieve now works with dovecot? When I login with roundcube, in the settings I have a "Filter-Tab" but when I click on it it says "not possible to connect to server" or somesuch. > Regards, > > Stephan. Andreas From stephan at rename-it.nl Sat Jun 2 15:33:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:33:05 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120601182659.GA19340@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Message-ID: <4FCA0801.9040409@rename-it.nl> Hi Matthijs, On 6/1/2012 8:27 PM, Matthijs Kooijman wrote: > I'm setting up a dovecot server with managesieve support. I'd like to > offer spamfiltering through a Sieve script to my users by default, > but still allow them to modify the filtering rules through Managesieve. > > I found the sieve_global_path configuration option, which seems perfect > for what I want. I can configure a default script there, which will work > for all users until they set upload their own sieve script using > managesieve. > > However, when configured like this, the user experience isn't quite > perfect. When users open the managesieve interface on their client, > there is no trace of the default filters, so users might think the > spamfiltering is done in some other manner. Now, when they create a > filtering rule (e.g., to sort out mail to mailing lists), that rule will > overwrite the default spamfiltering rule causing all the spam to spill > into the user's mailbox. I'm afraid that most users won't realize they > have to manually recreate the spamfiltering rule to fix this. Also, they > might not know how to write the rule, even if they do... You asked this one on IRC a while back right? > I've considered a few existing ways to fix this: > - Use sieve_before / sieve_after to make sure that the default script > is always executed, in addition to any user-supplied scripts. This > removes the surprise, but removes the option for users to tweak the > spamfiltering rules. Right. > - Don't use sieve_global_path, but instead distribute the default > script to each user's homedir on user creation. This prevents making > changes to the default script for existing users and in my setup, > user creation and (mail)homedir creation are nicely separated through > an LDAP directory, I'd rather not go this route. Well, we could achieve something that looks very similar from the outside: we could do some sort of copy-on-write scheme in which users see the default script as the active one, until they first modify their Sieve configuration through ManageSieve. Once they modify their default script, they'll get their own copy. If they activate a script different from the default and then later decide to deactivate it, their default will not return as the (implicit) active one. This would be very different from the current global default script behavior. It is more like an initial placeholder and template, than something that is always active when the user has no active script of its own. > - When using the Roundcube webmail application as the IMAP client, I > can point Roundcube at the default sieve script. Now, when Roundcube > sees there are no scripts through ManageSieve, it shows a (fake) > "default" script with the correct contents. As soon as the user > changes this script or creates a new script, it is actually uploaded > to Dovecot, causing the edited script to be used instead of the > global script > > This option has the user experience I'm looking for, but having this > out-of-band connection from Roundcube to the default script > configured with dovecot is ugly (and tricky, since these run on > different hosts in my setup). The biggest problem is of course that > this only works for Roundcube, not for any other IMAP client my users > might use. Agreed, this is ugly since it uses a side-channel. Client dependence is also very bad. > So, I was wondering: Wouldn't it make sense for the managesieve plugin > to do something similar to roundcube: When the user has no sieve script > configured, let it fake a single "default" script, showing the contents > of the global script? > > Since the ManageSieve protocol doesn't seem to support any way to flag > this situation, it would be fooling the clients a bit, but I'm not sure > if that's really a problem. > > While the user has not script named "default" in his sieve_dir: > - include a script called "default" in the LISTSCRIPTS output. > - return the contents of the sieve_global_path in the GETSCRIPT > "default" command. > - remove any sieve symlink after a SETACTIVE "default" command (as if > SETACTIVE "" was given). This causes dovecot to fall back to the > sieve_global_path script. > - the DELETESCRIPT "default" command should fail. This might confuse > clients and users, since it is listed in LISTSCRIPTS but cannot be > deleted, but I think most users will understand they can't delete the > default script. > - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path > script into the user's sieve_dir. This will effectively copy the > script instead of renaming it (since it will still be magically > listed in LISTSCRIPTS), so that might be confusing. > > All other commands work just like they do now (in particular, > PUTSCRIPT "default" uploads a script called "default" into the user's > sieve_dir, preventing all of the above from applying. This looks sensible. The only thing that may be an issue is the DELETESCRIPT "default" situation you describe above, but I'm confident most - if not all clients - will handle that gracefully. > As noted above, this change might cause some confusion, but I think that > is manageable. On additional thing is that running SETACTIVE "" will not > completely disable sieve processing (as would be expected), but will > (again) cause the sieve_global_path script to be run. This is already > the case currently, though, and should probably be considered a separate > problem (whose root cause is the lack of a difference between "no script > script configured yet" and "active script disabled", both remove the > sieve symlink). Also, this problem might be a feature in some setups, so > fixing it might not be so easy... The copy-on-write scheme I describe above may solve this, as it remembers (somehow) the status of the account: either an untouched/unconfigured account or an account with no active scripts. This behavior could be combined with the solution you describe above. > Any fundamental problems I'm missing? (Not-so) obvious alternatives? None that I see right now. In my last release of Pigeonhole I added support for putting scripts inside a dict database (or any other storage facility once implemented). Support for ManageSieve accessing such alternative data stores is lacking still, but, once I implement that, I also intend to address the issue you describe here. I'm probably going to structure it very similar to Dovecot's own mail storage library, meaning that plugins can override certain aspects of the storage's behavior. This should allow for all kinds of magic in the script storage, including what you describe above. As always, such big changes will take some time... Regards, Stephan. From stephan at rename-it.nl Sat Jun 2 15:40:18 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:40:18 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602142255.2486c724@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> Message-ID: <4FCA09B2.9070900@rename-it.nl> On 6/2/2012 2:22 PM, Andreas Meyer wrote: > Ok, I have done that. How can I know, if sieve now works with dovecot? > When I login with roundcube, in the settings I have a "Filter-Tab" but > when I click on it it says "not possible to connect to server" or > somesuch. Oh, you didn't mention using RoundCube earlier. That implies the need of ManageSieve. You'll need to configure the following as well: http://wiki1.dovecot.org/ManageSieve Your earlier directory listing indicates that it is not installed on your system; the managesieve and managesieve-login binaries would be located there if it were. Check whether that version of opensuse has a package for dovecot-managesieve or compile it yourself if it is missing. If that is difficult, the following could be an alternative: http://www.gitorious.net/pysieved/pages/Home Regards, Stephan. From anmeyer at anup.de Sat Jun 2 16:50:22 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 15:50:22 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FCA09B2.9070900@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> Message-ID: <20120602155022.46d523f8@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > Oh, you didn't mention using RoundCube earlier. That implies the need of > ManageSieve. You'll need to configure the following as well: > > http://wiki1.dovecot.org/ManageSieve > > Your earlier directory listing indicates that it is not installed on > your system; the managesieve and managesieve-login binaries would be > located there if it were. Check whether that version of opensuse has a > package for dovecot-managesieve or compile it yourself if it is missing. > If that is difficult, the following could be an alternative: > > http://www.gitorious.net/pysieved/pages/Home I think pysieved is the only chance I have. I have installed it and activated by xinetd. But now I have the problem that the dovecot.conf says: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } and the install howto of pysieved says: auth default { socket listen { client { path = /var/run/dovecot/auth-client mode = 0666 } } } pysieved.ini : [Dovecot] mux = /var/run/dovecot/auth-client what can I do now? > > Regards, > > Stephan. Andreas From el07694 at mail.ntua.gr Sat Jun 2 17:52:05 2012 From: el07694 at mail.ntua.gr (el07694) Date: Sat, 02 Jun 2012 17:52:05 +0300 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp Message-ID: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Hi to all, I have tryed a few days to configure postfix/dovecot to run into a VPS machine (CentOs) -->The machine has 2 domains (but more in the future) -->i want info at mail.domain1.com and info at mail.domain2.com to be seperated mailboxes -->i want to use lmtp protocol to connect dovecot with postfix -->It will be perfect if i can use the system users for authentication I /etc/postfix/main.cf file looks like this smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 masquerade_domains = mail.going-on.com mail.commundi.de masquerade_exceptions = root, papinhio relocated_maps = hash:/etc/postfix/relocated smtpd_client_restrictions = check_client_access hash:/etc/postfix/access virtual_mailbox_domains = mail.going-on.com mail.commundi.de virtual_mailbox_base = /var/spool/virtual_hosts virtual_mailbox_maps = hash:/etc/postfix/virtual virtual_uid_maps = static:0 virtual_gid_maps = static:0 mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" dovecot_destination_recipient_limit = 1 mailbox_transport = lmtp:unix:private/dovecot-lmtp /etc/postfix/relocated file has only comments the same for /etc/postfix/access file i have made /var/spool/virtual_hosts folder with chmod 777 inside this folder i have made mail.going-on.com folder and mail.commundi.de folder cat /etc/postfix/virtual produce this: papinhio at mail.going-on.com mail.going-on.com/papinhio papinhio is a system_user!! uid,gid = 0 (the root user) master.cf file # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/virtual pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient dovecot unix - n n - - pipe flags=DRhu user=root:root argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} Ok, the /etc/dovecot/dovecot.conf file looks like this: !include conf.d/*.conf !include_try local.conf protocols = imap lmtp service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } protocol lmtp { mail_plugins = quota sieve } mail_location = mbox:/var/spool/virtual_hosts/%d/%n Both of the services can start this no errors/warnings I can send mail from bash with this command : /bin/mail -s "Hello" "el07694 at mail.ntua.gr" < /etc/dovecot/dovecot.conf Can anyone help me, plz? I don't know what i do wrong Thanks in advance, Chris Pappas From christian.rohmann at frittentheke.de Sat Jun 2 17:57:50 2012 From: christian.rohmann at frittentheke.de (Christian Rohmann) Date: Sat, 02 Jun 2012 16:57:50 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <4FCA29EE.80206@frittentheke.de> On 01.06.2012 22:58, Patrick Ben Koetter wrote: > [...] I sat down and put together a list of stat items we think to be useful in daily > dovecot usage. Quite a list. But I believe most of those values are quite useful and I would also love to see such a rich set of measurements being available. > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. Yes, I second that. Otherwise quite a few installation will just hook the dovecot commands to netsnmp handlers, which is not a pretty solution. Maybe dovecot could also do the SNMP for statistics that plugins provide? I'm thinking managesieve access, sieve processing or expire here. Regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4076 bytes Desc: S/MIME Cryptographic Signature URL: From arne at drlinux.no Sat Jun 2 18:33:32 2012 From: arne at drlinux.no (Arne K. Haaje) Date: Sat, 02 Jun 2012 17:33:32 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602155022.46d523f8@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> <20120602155022.46d523f8@itx.bitcorner.intern> Message-ID: <4FCA324C.4070201@drlinux.no> Den 02.06.2012 15:50, skrev Andreas Meyer: [snip] > > what can I do now? > >> >> Regards, >> >> Stephan. > > Andreas You also need to tell roundcube which port to connect to managesieve with. Depending on which plugin you use for roundcube, find it's config-file and loook for an option like this; $rcmail_config['managesieve_port'] = 4190; With such an old verion, it may be that your port is 2000. Regards, Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From me at junc.org Sun Jun 3 01:12:40 2012 From: me at junc.org (Benny Pedersen) Date: Sun, 03 Jun 2012 00:12:40 +0200 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp In-Reply-To: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> References: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Message-ID: Den 2012-06-02 16:52, el07694 skrev: > virtual_uid_maps = static:0 > virtual_gid_maps = static:0 dont do this > uid,gid = 0 (the root user) root user cant read email > dovecot unix - n n - - pipe > flags=DRhu user=root:root > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d > ${recipient} dont use root:root http://wiki2.dovecot.org/LDA/Postfix show postfix/dovecot logs for more help From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 02:53:12 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 01:53:12 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120602235311.GA10756@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > [...] what isn't in v2.0 is the larger rewrite of the LMTP > proxying code in v2.1, which I hope fixes also this timeout problem. This Friday I did about 50 "sendmail -bv" commands in a loop to check some postfix aliases, which resulted in a lot of mails to the postmaster alias (which is distributed to about 10 people). The result was about 11 bounces of the following type: ##################################################################### Return-Path: <> Received: from mail01.example.org ([10.129.3.233]) by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA ; Fri, 01 Jun 2012 14:15:49 +0200 Return-Path: <> Received: from mx01.example.org ([127.0.0.1]) by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA ; Fri, 01 Jun 2012 14:15:49 +0200 RSET RSET ##################################################################### At the same time, the dovecot lmtp timeout errors occurred and not all "sendmail -bv" mails got delivered. Seems like a serious error and I will need to consider upgrading to 2.1 if the bug cannot get fixed in 2.0. Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:10:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:10:49 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120603001049.GA10970@daniel.localdomain> Patrick Ben Koetter wrote: > following our discussion on dovecot stats at the LinuxTag 2012 my team and I > sat down and put together a list of stat items we think to be useful in daily > dovecot usage. > > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. This should be done via SNMP subagent, but how could you differentiate different dovecot instances on the same machine, different snmp ports for the subagent, or different snmp trees? > Here are the stats we believe to be useful: > [...] Here are the stats which I also consider to be useful: Login/Logout: - Hits/Misses for Logins via userdb cache System resources: - detailed memory usage of dovecot services (imap, worker, userdb cache) - dovecot connections to mysql database - dovecot connections to ldap - director connections vs. backend connections Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:18:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:18:18 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603001817.GB10970@daniel.localdomain> Here are some additional errors from the logs: # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fa0d849c7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fa0d849c816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fa0d8475e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7fa0d84a8224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7fa0d84a8e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7fa0d84a7e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa0d8495d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7fa0d7cf1c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f18ec25b7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f18ec25b816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f18ec234e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f18ec267224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18ec267e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18ec266e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18ec254d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f18ebab0c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f97f07fe7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f97f07fe816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f97f07d7e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f97f080a224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f97f080ae3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f97f0809e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f97f07f7d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f97f0053c4d] -> dovecot/lmtp() [0x404339] Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:37:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:37:09 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603003709.GA11672@daniel.localdomain> Daniel Parthey wrote: > This Friday I did about 50 "sendmail -bv" commands in a loop to > check some postfix aliases, which resulted in a lot of mails to > the postmaster alias (which is distributed to about 10 people). > > The result was about 11 bounces > > ##################################################################### > Return-Path: <> > Received: from mail01.example.org ([10.129.3.233]) > by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA > ; Fri, 01 Jun 2012 14:15:49 +0200 > Return-Path: <> > Received: from mx01.example.org ([127.0.0.1]) > by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA > ; Fri, 01 Jun 2012 14:15:49 +0200 > RSET > RSET > ##################################################################### > > At the same time, the dovecot lmtp timeout errors occurred and > not all "sendmail -bv" mails got delivered. Here's the backtrace which might be related to the bounces/timeout errors: Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Transaction log /mail/dovecot/example.de/username/mail/mailboxes/INBOX/postmaster/dbox-Mails/dovecot.index.log: duplicate transaction log sequence (31) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Panic: file mail-transaction-log-file.c: line 187 (mail_transaction_log_file_add_to_list): assertion failed: ((*p)->hdr.file_seq < file->hdr.file_seq) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fbf514427ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fbf51442816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fbf5141be4a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9e0aa) [0x7fbf5192e0aa] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x1f8) [0x7fbf5192e328] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9b363) [0x7fbf5192b363] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_find_file+0x3f) [0x7fbf5192b81f] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_view_set+0xcb) [0x7fbf5192fe3b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0xbe) [0x7fbf5192713e] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_map+0x86) [0x7fbf51918976] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_refresh+0xe) [0x7fbf5191322e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x80a65) [0x7fbf51910a65] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_field_want_add+0x20) [0x7fbf51910c00] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header_init+0x198) [0x7fbf518d0d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_cache_parse_init+0x68) [0x7fbf518d11d8] -> /usr/lib/dovecot/libdovecot-storage.so.0(dbox_save_begin+0x68) [0x7fbf518eaf38] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_save_begin+0x85) [0x7fbf518e4b45] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb827) [0x7fbf5064a827] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_save_begin+0x46) [0x7fbf518ba0d6] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_copy+0xa8) [0x7fbf518b45e8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_copy+0x44) [0x7fbf518e4694] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb630) [0x7fbf5064a630] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5a) [0x7fbf518ba03a] -> /usr/lib/dovecot/libdovecot-sieve.so.0(+0x33293) [0x7fbf501f Jun 1 14:16:16 10.129.3.233 dovecot: master: Error: service(lmtp): child 12093 killed with signal 6 (core dumps disabled) Regards Daniel From brett.maxfield at gmail.com Sun Jun 3 05:15:59 2012 From: brett.maxfield at gmail.com (Brett @Google) Date: Sun, 3 Jun 2012 12:15:59 +1000 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E4CF.9070108@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FC9E4CF.9070108@thelounge.net> Message-ID: On Sat, Jun 2, 2012 at 8:02 PM, Reindl Harald wrote: > > Am 02.06.2012 11:53, schrieb Ed W: > > On 14/05/2012 17:38, Timo Sirainen wrote: > >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> > >>> I have seen some emails servers that if I send a email to other > >>> person I can see if that person have read our emails and with a option > >>> to delete the email if the person hasn't read our email. > >>> > >>> Does dovecot have some like this feature? > >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange > >> or something else. > >> > >> What would be possible is to check if a user has _downloaded_ your > >> message, but many clients download messages immediately when they arrive > >> so it might not be very useful. And in any case Dovecot has no such > >> feature. > As general thoughts.. This sounds more like a workgroup collaboration functionality. It assumes that users in said workgroup all use the same outlook server (or they are in an equivalent security domain or trust). Outlook only lets you retract an email if the user is on the same outlook server, and it has not been read/downloaded?. If the user is a different email server or the mail has been read/downloaded?, the retract will always fail. So it would be no different in for dovecot. If the mail to be retracted was on the local mailer spool then in theory it could be removed.. but it is basically allowing a third party to delete things out of some other user's mail spool, with the precondition that they sent the original email AND the mail has not been read (downloaded) from the dovecot server. This would mean that dovecot would need to somehow securely tag when an email is authorized and delivered by dovecot, say from a the postfix lda, such that it could later match up a subsequent request to retract said email, to the user that sent it. Outlook is more like IMAP than POP, in that mail stays on the server but is locally cached / downloaded. Outlook can do this as it is both a mail sending agent and a mail receiving agent, it unambiguously knows when a mail comes from an authenticated user, and that it is a locally destined mail. Dovecot may or may not be responsible for putting a mail from a user into the mail spool (in some configurations postfix/sendmail can do this) so it cannot absolutely relate who sent the email, to who wants to retract it. So for this even to be possible, retractable messages would need be present, and dovecot to unambiguously be able to relate an email received by dovecot with it's original sender, which seems unlikely. Even then there is a question of how you would provide the request for deletion for dovecot to perform. This implies that there would be a new command to POP/IMAP to trigger and authorize such a retraction also. Then this new command would need to be standards-track so mail user agents would know a server has such a feature to call it. Sounds very difficult. I think outlook sends a specially crafted email, i doubt it is standards track as it is all happening within the same application in the case out outlook. Cheers Brett -- *The only thing that interferes with my learning is my education.* * Albert Einstein* From dovecot at tlinx.org Sun Jun 3 11:06:18 2012 From: dovecot at tlinx.org (Linda Walsh) Date: Sun, 03 Jun 2012 01:06:18 -0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FCB1AFA.3040200@tlinx.org> Ed W wrote: > > Just to register interest, but at some point I will need to consider > writing a plugin or similar to achieve exactly this. > > Situation is that several of our competitors offer such a feature, ie > known pool of users on dialup or intermittently connected systems, > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. --- My dentist used a service that claimed to provide a read-notification. It was just an embedded web-bug in the email that I could choose to display or not ... if the client doesn't want to cooperate, you can't tell when the person read it. All you could do is tell when a client downloaded it from dovecot...which doesn't say much for clients that are left on 24/7... From lists at wildgooses.com Sun Jun 3 11:43:43 2012 From: lists at wildgooses.com (Ed W) Date: Sun, 03 Jun 2012 09:43:43 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB1AFA.3040200@tlinx.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> Message-ID: <4FCB23BF.20300@wildgooses.com> On 03/06/2012 09:06, Linda Walsh wrote: > Ed W wrote: >> >> Just to register interest, but at some point I will need to consider >> writing a plugin or similar to achieve exactly this. >> >> Situation is that several of our competitors offer such a feature, ie >> known pool of users on dialup or intermittently connected systems, >> provide an alert back to the sender when your email has been >> "accessed/downloaded" by the remote user. > --- > My dentist used a service that claimed to provide a read-notification. > > It was just an embedded web-bug in the email that I could choose to > display or not ... if the client doesn't want to cooperate, you can't > tell when the person read it. All you could do is tell when a client > downloaded it from dovecot...which doesn't say much for clients that > are left on 24/7... > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for providing them service then I have to give it to them if I want the business. The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly can't trigger web bugs to trigger read receipts. Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the customer demands it, and at present that prevents me bidding for certain types of business... Basically the customer just wants to repro what they got with Exchange Cheers for ideas though! Ed W From h.reindl at thelounge.net Sun Jun 3 12:49:08 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 11:49:08 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3314.8030008@thelounge.net> Am 03.06.2012 10:43, schrieb Ed W: > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the > person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for > providing them service then I have to give it to them if I want the business. > > The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly > can't trigger web bugs to trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the > customer demands it, and at present that prevents me bidding for certain types of business... Basically the > customer just wants to repro what they got with Exchange kiss him goodbye with exchange what do you expect? only some idiots are using such "features" even if you find a opensource solution yiu can imagine how well tested it would be and how many troubles you will have after the setup "if I want the business" -> do you need this business to survive? if no -> kiss him goodbye, if yes -> i doubt you will not survive -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 12:50:48 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 11:50:48 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3378.3060402@schetterer.org> Am 03.06.2012 10:43, schrieb Ed W: > On 03/06/2012 09:06, Linda Walsh wrote: >> Ed W wrote: >>> >>> Just to register interest, but at some point I will need to consider >>> writing a plugin or similar to achieve exactly this. >>> >>> Situation is that several of our competitors offer such a feature, ie >>> known pool of users on dialup or intermittently connected systems, >>> provide an alert back to the sender when your email has been >>> "accessed/downloaded" by the remote user. >> --- >> My dentist used a service that claimed to provide a read-notification. >> >> It was just an embedded web-bug in the email that I could choose to >> display or not ... if the client doesn't want to cooperate, you can't >> tell when the person read it. All you could do is tell when a client >> downloaded it from dovecot...which doesn't say much for clients that >> are left on 24/7... >> > > Please folks - don't argue with me - I'm the wrong person! The > recipient who is receiving these emails, ie the person being "bugged" is > demanding that they are "buggable". If they demand it and it's a > requirement for providing them service then I have to give it to them if > I want the business. > > The users are on satellite dialup and barely have enough bandwidth to > download a few KB of emails, they certainly can't trigger web bugs to > trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange > > Cheers for ideas though! > > Ed W Hi Ed, you can have dsn http://www.postfix.org/DSN_README.html you can have mdn http://en.wikipedia.org/wiki/Return_receipt so this is internet (smtp ) standards and has nearly nothing to do with imap/dovecot also whatever solution you use there is no way to find out if a user has read a mail unless you asked him in person ( and then you might find out if the recipient has understood what he had read *g) the maximum you may reach is get notice if a mail has tec side reached the recipient, the user must not accept your wish to notice you if he opens the mail ( which also would not mean he has read the mail ) this is with internet mail, by intranet mail systems ( which means the recipient is on the same mail system and storage) typical for company mail sites with exchange and/or notes etc you have a dediacted client i.e outlook for exchange , so here its possible to implement inside actions whatever tec of this system is able to do. But as soon as you mail to internet, this features may get useless , cause you never know what tec is used on the recipient side so nobody may invest time in create useless internet standards however youre free to code or pay someone to code for you what you want specially for your wanted feature. But i see no real relate to dovecot, cause mail is recent sent via smtp Dont compare mail systems this way, they are totally different however they do imap/pop3/smtp specially with echange some stuff will only work with outlook and active directory -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Sun Jun 3 16:46:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 03 Jun 2012 09:46:15 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB6AA7.4050200@Media-Brokers.com> On 2012-06-03 4:43 AM, Ed W wrote: > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, and if it does, it requires the explicit cooperation of the other systems admin). Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as you are beginning to see... -- Best regards, Charles From michael at orlitzky.com Sun Jun 3 17:24:53 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 10:24:53 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB73B5.9020807@orlitzky.com> On 06/03/12 04:43, Ed W wrote: > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange I for one think the plugin is a good idea. I think read receipts are dumb, of course. But if the customer won't be persuaded, I would rather have them give their money to you than to the guy who thinks they're a great solution. Plus, it will make Dovecot a little bit better as a side effect. From robert at schetterer.org Sun Jun 3 19:06:45 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 18:06:45 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB73B5.9020807@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> Message-ID: <4FCB8B95.3000301@schetterer.org> Am 03.06.2012 16:24, schrieb Michael Orlitzky: > On 06/03/12 04:43, Ed W wrote: >> >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > > I for one think the plugin is a good idea. what the hell , should the plugin do and how ? there is smtp dsn, nothing more makes sense looking to the thread subject , you need to have new internet standard called "braindump over tcp" this doesnt exist on exchange too mail is smtp, dovecot is no smtp server > > I think read receipts are dumb, of course. But if the customer won't be > persuaded, I would rather have them give their money to you than to the > guy who thinks they're a great solution. > > Plus, it will make Dovecot a little bit better as a side effect. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From michael at orlitzky.com Sun Jun 3 20:21:56 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 13:21:56 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB8B95.3000301@schetterer.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> Message-ID: <4FCB9D34.7060902@orlitzky.com> On 06/03/12 12:06, Robert Schetterer wrote: > Am 03.06.2012 16:24, schrieb Michael Orlitzky: >> >> I for one think the plugin is a good idea. > > what the hell , should the plugin do and how ? > there is smtp dsn, nothing more makes sense > > looking to the thread subject , you need to have new internet standard > called > > "braindump over tcp" > > this doesnt exist on exchange too > > mail is smtp, dovecot is no smtp server > You could trigger on the 'seen' flag, and Dovecot is more than capable of generating messages, especially to mailboxes under its control (see: sieve). But... who cares? The worst possible thing that can happen is that he writes it and makes his customers happy and you pretend it doesn't exist. From h.reindl at thelounge.net Sun Jun 3 20:26:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 19:26:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9D34.7060902@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> Message-ID: <4FCB9E5F.9010709@thelounge.net> Am 03.06.2012 19:21, schrieb Michael Orlitzky: > On 06/03/12 12:06, Robert Schetterer wrote: >> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>> >>> I for one think the plugin is a good idea. >> >> what the hell , should the plugin do and how ? >> there is smtp dsn, nothing more makes sense >> >> looking to the thread subject , you need to have new internet standard >> called >> >> "braindump over tcp" >> >> this doesnt exist on exchange too >> >> mail is smtp, dovecot is no smtp server >> > > You could trigger on the 'seen' flag, and Dovecot is more than capable > of generating messages, especially to mailboxes under its control (see: > sieve) and now tell us how you "connect" YOUR sent message over SMTP to any seen fleeg of another user? > But... who cares? people which cares about reality? > The worst possible thing that can happen is that he > writes it and makes his customers happy if it is his business make people happy with lies, ok my business is make people happy by telling them the truth -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From michael at orlitzky.com Sun Jun 3 21:11:55 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 14:11:55 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBA8EB.8020203@orlitzky.com> On 06/03/12 13:26, Reindl Harald wrote: > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > Dovecot could write directly to their mailbox. Otherwise, it could do whatever the sieve vacation plugin does. >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth I don't think he plans to lie. I think he explained the limitations and they don't care. People have different tastes. I wouldn't personally use ~100% of the things that I fix for other people. From h.reindl at thelounge.net Sun Jun 3 21:19:20 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 20:19:20 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBA8EB.8020203@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> Message-ID: <4FCBAAA8.2020107@thelounge.net> Am 03.06.2012 20:11, schrieb Michael Orlitzky: > On 06/03/12 13:26, Reindl Harald wrote: >> >> and now tell us how you "connect" YOUR sent message over SMTP >> to any seen fleeg of another user? >> > Dovecot could write directly to their mailbox. Otherwise, it could do > whatever the sieve vacation plugin does. oh yeah, explain this the customers MUA when he clicks on "sent mail" it is naive to believe some weird solution which only works as long the sune shines is useable >>> The worst possible thing that can happen is that he >>> writes it and makes his customers happy >> >> if it is his business make people happy with lies, ok >> my business is make people happy by telling them the truth > > I don't think he plans to lie. I think he explained the limitations and > they don't care. if they don't care i would refuse them as customer i saw way too often people saying "i do not care" but later "oh but you did not explain THIS result exactly" > People have different tastes. I wouldn't personally use ~100% of the > things that I fix for other people people are mostly to stupid to realize what they are trying to accomplish and why it it a bad idea this is why we professionals exist and if people refuse what you are explaining them kiss them goodbye - irt will be better for you over the long -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From jerry at seibercom.net Sun Jun 3 21:54:32 2012 From: jerry at seibercom.net (Jerry) Date: Sun, 3 Jun 2012 14:54:32 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBAAA8.2020107@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> Message-ID: <20120603145432.4229f957@scorpio> On Sun, 03 Jun 2012 20:19:20 +0200 Reindl Harald articulated: >people are mostly to stupid to realize what they >are trying to accomplish and why it it a bad idea > >this is why we professionals exist and if people >refuse what you are explaining them kiss them >goodbye - irt will be better for you over the long No offense, but considering your business attitude and disdain for potential clients and your opinion of them, it would be a far better thing if they steered clear of you all together. There are many considerate, intelligent, compassionate professionals out there who would be willing to take on the difficult client. Any "asshole" can service the routine, run of the mill, client. It takes a true professional to work with and service a difficult one. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From h.reindl at thelounge.net Sun Jun 3 22:07:47 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 21:07:47 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <20120603145432.4229f957@scorpio> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> <20120603145432.4229f957@scorpio> Message-ID: <4FCBB603.5090106@thelounge.net> Am 03.06.2012 20:54, schrieb Jerry: > On Sun, 03 Jun 2012 20:19:20 +0200 > Reindl Harald articulated: > >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far better > thing if they steered clear of you all together. by business attidue is perfectly OK i do not offer things where i know they will not work i the real world > There are many considerate, intelligent, compassionate professionals > out there who would be willing to take on the difficult client. it is not intelligent to discuss about "can we know when a user read our email?" - tis question has only one answer: no, forget it if a customer thinks he must have any half baken solution to make him happy i am fine he is the custoerm of someone which is not interested in quality at all because both are matching togehter > Any "asshole" can service the routine, run of the mill, client. > It takes a true professional to work with and service a difficult > one you need not to tell me about routine, really not i have written admin-backends for nearly all types of services including mail-backends (partly for options most people even do not know that they exist) in the last years and after that i know what is NOT possible in a acceptable service quality often it is much more important to know and realize what you CAN NOT implement in acceptable quality as what you can -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 22:13:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 21:13:21 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBB751.9070301@schetterer.org> Am 03.06.2012 19:26, schrieb Reindl Harald: > > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> >>>> I for one think the plugin is a good idea. >>> >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > >> But... who cares? > > people which cares about reality? > >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth > the maximun with multi clients which "may" be goaled is a notice , if a mail was/has seen-flagged-opened/downloaded ( pop3), as long as sender and recipient are on the same server/storage/system but seen-opened-flagged a mail is not "read the mail by the adressed human recipient" and human read a mail means not understand the content of the mail nobody grant ever that is was the adressed recipient human in person that opened the mail and did set the seen flag "seen-flagged" means opened for display as/from a tec process !!! by the way this differnce seems not to care by customers who want this feature or may think its included elsewhere i would recommand Mind melds over the wire like http://en.wikipedia.org/wiki/Vulcan_%28Star_Trek%29#Mind_melds as an ultimate solution for this problem *g -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From matthijs at stdin.nl Sun Jun 3 23:57:30 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Sun, 3 Jun 2012 22:57:30 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <4FCA0801.9040409@rename-it.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> Message-ID: <20120603205730.GY4023@login.drsnuggles.stderr.nl> Hi Stephan, > You asked this one on IRC a while back right? Yup, that was me. > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. Yeah, the copy-on-write approach is probably a good idea. A downside of the copy-on-write approach is that if you change the global script later on, it doesn't affect users that made any changes to their sieve configuration (as opposed to my proposal, where only changes to the actual "default" script would prevent this). However, I mentioning this just for completeness, since I don't really think this is much of a problem. Also, the "no sieve configured" case could be detected by the existence of a sieve_directory, perhaps? > In my last release of Pigeonhole I added support for putting scripts > inside a dict database (or any other storage facility once implemented). > Support for ManageSieve accessing such alternative data stores is > lacking still, but, once I implement that, I also intend to address the > issue you describe here. I'm probably going to structure it very similar > to Dovecot's own mail storage library, meaning that plugins can override > certain aspects of the storage's behavior. This should allow for all > kinds of magic in the script storage, including what you describe above. Would it make sense to implement such magin inside the script storage, or on top of it? The latter means the magic will work for every storage implemented, which would be an advantage? In any case, if there is some lookout onto this feature, I might configure the Roundcube plugin thing now and upgrade to a real solution at some later point. Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From stephan at rename-it.nl Mon Jun 4 01:16:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 00:16:54 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120603205730.GY4023@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> <20120603205730.GY4023@login.drsnuggles.stderr.nl> Message-ID: <4FCBE256.6040903@rename-it.nl> On 6/3/2012 10:57 PM, Matthijs Kooijman wrote: > > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. > Yeah, the copy-on-write approach is probably a good idea. > > A downside of the copy-on-write approach is that if you change the > global script later on, it doesn't affect users that made any changes to > their sieve configuration (as opposed to my proposal, where only changes > to the actual "default" script would prevent this). However, I > mentioning this just for completeness, since I don't really think this > is much of a problem. > > Also, the "no sieve configured" case could be detected by the existence > of a sieve_directory, perhaps? Something like that, yes. >> In my last release of Pigeonhole I added support for putting scripts >> inside a dict database (or any other storage facility once implemented). >> Support for ManageSieve accessing such alternative data stores is >> lacking still, but, once I implement that, I also intend to address the >> issue you describe here. I'm probably going to structure it very similar >> to Dovecot's own mail storage library, meaning that plugins can override >> certain aspects of the storage's behavior. This should allow for all >> kinds of magic in the script storage, including what you describe above. > Would it make sense to implement such magic inside the script storage, > or on top of it? The latter means the magic will work for every storage > implemented, which would be an advantage? Definitely on top. Regards, Stephan. From inbound-dovecot at listmail.innovate.net Mon Jun 4 01:20:10 2012 From: inbound-dovecot at listmail.innovate.net (Richard) Date: Sun, 03 Jun 2012 22:20:10 +0000 Subject: [Dovecot] Can we know when a user read our email? Message-ID: <708007F287205FE8EB554EB9@ritz.innovate.net> > Date: Sunday, June 03, 2012 02:54:32 PM -0400 > From: Jerry > >> On Sun, 03 Jun 2012 20:19:20 +0200 >> Reindl Harald articulated: >> >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far > better thing if they steered clear of you all together. There are > many considerate, intelligent, compassionate professionals out > there who would be willing to take on the difficult client. Any > "asshole" can service the routine, run of the mill, client. It > takes a true professional to work with and service a difficult > one. Something that seems to be missing from this discussion are considerations of privacy and (personal) security. There are fairly serious implications of a sender being able to tell that/when someone has downloaded/opened a message -- including discovery of daily patterns and potentially where the recipient is, or isn't. I think it is our responsibility to understand these issues and explain them to managers/clients in order to bring them along if we refuse (as I would) to provide a capability such as this. [I always set the sendmail "noreceipts" PrivacyOptions so it doesn't respond to these disposition requests.] One approach is to point out to managers/clients that if their system is configured to return read receipts, anyone sending mail to them on that system will be able to get these same types of receipts. When they think about that they may not like the implications and may reconsider their request. Just because it is technically possible to do something (and even if other vendors provide the capability) does not mean that it is the ethically or legally responsible thing to do. - Richard From dovecot-list at mohtex.net Mon Jun 4 04:17:20 2012 From: dovecot-list at mohtex.net (Tamsy) Date: Mon, 04 Jun 2012 08:17:20 +0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <708007F287205FE8EB554EB9@ritz.innovate.net> References: <708007F287205FE8EB554EB9@ritz.innovate.net> Message-ID: <4FCC0CA0.6000003@mohtex.net> Richard wrote the following on 04.06.2012 05:20: > >> Date: Sunday, June 03, 2012 02:54:32 PM -0400 >> From: Jerry >> >>> On Sun, 03 Jun 2012 20:19:20 +0200 >>> Reindl Harald articulated: >>> >>> people are mostly to stupid to realize what they >>> are trying to accomplish and why it it a bad idea >>> >>> this is why we professionals exist and if people >>> refuse what you are explaining them kiss them >>> goodbye - irt will be better for you over the long >> No offense, but considering your business attitude and disdain for >> potential clients and your opinion of them, it would be a far >> better thing if they steered clear of you all together. There are >> many considerate, intelligent, compassionate professionals out >> there who would be willing to take on the difficult client. Any >> "asshole" can service the routine, run of the mill, client. It >> takes a true professional to work with and service a difficult >> one. > Something that seems to be missing from this discussion are > considerations of privacy and (personal) security. There are fairly > serious implications of a sender being able to tell that/when > someone has downloaded/opened a message -- including discovery of > daily patterns and potentially where the recipient is, or isn't. > > I think it is our responsibility to understand these issues and > explain them to managers/clients in order to bring them along if we > refuse (as I would) to provide a capability such as this. [I always > set the sendmail "noreceipts" PrivacyOptions so it doesn't respond > to these disposition requests.] > > One approach is to point out to managers/clients that if their > system is configured to return read receipts, anyone sending mail to > them on that system will be able to get these same types of > receipts. When they think about that they may not like the > implications and may reconsider their request. > > Just because it is technically possible to do something (and even if > other vendors provide the capability) does not mean that it is the > ethically or legally responsible thing to do. > > > - Richard > > I totally agree with Richard's point of few. I would consider it as intrusive and even intimidating if the sender of an E-Mail can monitor whether and when I open/read his mail. Just imagine this would happen with the good old hard printed mail the postman put into the mailbox at our door: As soon as we open the envelope and unfold the letter a microchip sends a note to the sender that his letter has been opened and read. I can already see the public outcry if something like this would happen some day... If somebody sends me a mail, it is up to me whether I want to open and read its content or whether I just want to bin it without having opened it. This is my right since the moment that mail has reached my mailbox, no matter whether it is a hardcopy mail or an E-Mail, it belongs to me and I can do with it whatever I like without letting the sender know how it has finally ended. From jeetuindian at gmail.com Mon Jun 4 13:20:06 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 4 Jun 2012 15:50:06 +0530 Subject: [Dovecot] Frequently login problem Message-ID: Hi, I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few days I need to restart or reload dovecot service because at that time users are not able to login. Each time I am getting information from doveco.log is as : Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 of existing connection Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From joshua at hybrid.pl Mon Jun 4 14:44:11 2012 From: joshua at hybrid.pl (Jacek Osiecki) Date: Mon, 4 Jun 2012 13:44:11 +0200 (CEST) Subject: [Dovecot] Vacation stopped working Message-ID: Hi, I'm sure that it WAS working, but I can't guarantee... On a system with dovecot 2.0.16 and dovecot-pigeonhole-2.0_0.2.5. Today a user reported that vacation autoreponse did not work for him. As I have checked the dovecot logs, I see such a message: Jun 04 13:39:51 lmtp(9986, user at xxx.com): Info: ZumtCleezE8CJwAAA1GDYg: sieve: msgid=: discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers (recipient=, and additional `:addresses' are specified) Any idea what actually went wrong? I was browsing for this error message, but found only dovecot sources :( Greetings, -- Jacek Osiecki joshua at ceti.pl GG:3828944 I don't want something I need. I want something I want. From lists at wildgooses.com Mon Jun 4 16:36:35 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:36:35 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB6AA7.4050200@Media-Brokers.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> Message-ID: <4FCCB9E3.3060702@wildgooses.com> On 03/06/2012 14:46, Charles Marcus wrote: > On 2012-06-03 4:43 AM, Ed W wrote: >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > Then tell them their only option is to buy Exchange Server and Outlook > for everyone - but explain that this 'feature' *still* will not work > for recipients that are outside of your control (ie, it will only work > for local recipients - and I *think* it is possible to set up Trusts > with other external Exchange Servers, but not sure, and if it does, it > requires the explicit cooperation of the other systems admin). > > Bottom line: do NOT promise the impossible to a client just to win the > business. It is a losing proposition, as you are beginning to see... > You have the situation backwards. I think you know about the MailASail business. We run small ISP selling mail accounts to customers. *our customers* want to voluntarily tell senders when they have downloaded an email via POP. The basic requirement is when the message is accessed via POP, then the sender (presumably defined by the FROM address) is sent a notification. Please don't argue about the spam aspects, etc - we are all on the same page here. However, it's not an entirely foolish request - because the customer is on dialup MDN implemented by the mail client isnt really feasible, and DSN doesn't help us realise that the remote user has at least connected and accessed the mail. So they are kind of asking for a limited server side implementation of MDN. In fact this isn't that unreasonable, it's just problematic and unusual. Ed W From lists at wildgooses.com Mon Jun 4 16:49:08 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:49:08 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCCBCD4.8090503@wildgooses.com> On 03/06/2012 18:26, Reindl Harald wrote: > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> I for one think the plugin is a good idea. >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > I think we are talking cross purposes about the design here In my case I have a customer base on *dialup* who connect very infrequently. They kind of want MDN to work, however, at least my understanding is that this is typically implemented by first the MUA downloading all messages, then generating MDN responses which need to be sent out - however, in the case of dialup this may be very far after the fact. Therefore they request a kind of server side MDN. So when the message is downloaded from the POP server, the POP server generates some form of MDN-a-like response on their behalf. There are clearly limitations here, but equally the limitations are quite clearly explained - all we learn is that the message was downloaded, but in the case of very infrequent dialup users, this at least teaches us the earliest time that the user could have read the message. Many of these users are corporate and have defined processes, so they may require the user to actually read and action all the emails which have been downloaded, hence it might be inferred that usually the message will be read soon after we learn it's downloaded - I don't think the goal is to get 100% knowledge of read time though, just an estimate and that it did actually arrive at this remote user is helpful To put some meat on this type of user, we are talking about a group of users who might be mid-ocean or perhaps hanging around north/south pole or somewhere similarly remote. They would be using satellite dialup devices which have significant costs. So for example if we see the user dial in we learn: - They aren't dead... - With some confidence that the message has crossed the most uncertain part of the link and is at least now close enough to the user we just need to hope they actually read it - This type of user is typically only receiving a small handful of messages. At 2.4Kbit you are struggling to receive emails, it's not assume that this type of user is getting the kind of volumes that you or I get This is a niche user, however, I think the basic feature is actually not entirely stupid. My competitors implement this feature quite crudely with just a generic message mailed out to the sender the first time the recipient (ie on our server) accesses and downloads and accesses the email. I don't see anyone trying to send MDN compatible receipts, they literally just send a "Your message was downloaded by the recipient" message Cheers Ed W From h.reindl at thelounge.net Mon Jun 4 17:14:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 04 Jun 2012 16:14:49 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCC2D9.3010209@thelounge.net> Am 04.06.2012 15:36, schrieb Ed W: >> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >> and if it does, it requires the explicit cooperation of the other systems admin). >> >> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >> you are beginning to see... >> > > We run small ISP selling mail accounts to customers. *our customers* want to > voluntarily tell senders when they have downloaded an email via POP. and the sender for sure wants this too for every single message? i doubt not > The basic requirement is when the message is accessed via POP, then the > sender (presumably defined by the FROM address) is sent a notification. have fun if ONE user has enabled "leave messages on server" and his machine crashs - the next time he will setup his account again he would self-DOS the mail-system > Please don't argue about the spam aspects, etc - we are all on the same page here wait until one of the company get fired and leave you a little "present" with a lot of forged senders > However, it's not an entirely foolish request it IS a entirely foolish request each mail client in this world supports "acknowledgment of receipt" the sender has only to configure his account correctly and the rcpt can decide if his client should send confirmations * always * per confirm on each message * alaways for specific senders * or even not send this bullshit at all such things has CLEARLY not to be implemented on the server side if the users are too stupid to user their mail-client and the admins missing any knowledge to do this for the users solve this problem by educate them in e-mail baiscs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From devurandom at gmx.net Mon Jun 4 17:32:04 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Mon, 04 Jun 2012 16:32:04 +0200 Subject: [Dovecot] dovecot-metadata-9 released Message-ID: <2115082.gk9Y8Dam5O@ernie> Hello everyone! I just released dovecot-metadata-8, which is an implementation of RFC 5464 (IMAP METADATA), allowing to add comments/annotations/metadata to folders of an email account. 2012-06-04: Version 9 * Added Dovecot 2.1 compatibility * Fixed compliance with RFC 5464 Section 3.2 * Separated backend code into library * Synced code of imap-annotatemore with imap-metadata * Improved error messages * Several bugfixes (incl. segfaults) * Minor cleanups Please get the code from [1] and send me an email for any problem you find. For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 +0200 titled "dovecot-metadata-8 released". Kind regards, Dennis [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From stephan at rename-it.nl Mon Jun 4 18:08:19 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 17:08:19 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <2115082.gk9Y8Dam5O@ernie> References: <2115082.gk9Y8Dam5O@ernie> Message-ID: <4FCCCF63.3040703@rename-it.nl> Op 6/4/2012 4:32 PM, Dennis Schridde schreef: > For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 > +0200 titled "dovecot-metadata-8 released". http://www.dovecot.org/list/dovecot/2011-June/059630.html Regards, Stephan. From malloc4k at gmail.com Mon Jun 4 19:44:01 2012 From: malloc4k at gmail.com (Malloc Kilobyte) Date: Mon, 4 Jun 2012 18:44:01 +0200 Subject: [Dovecot] Customization of "Rejected" message. Message-ID: Helo, I'm using Dovecot 2.1.1 with Postfix 2.3.3. I've enabled the quota plugin, so that Dovecot LDA reject e-mails, when user's mailbox is out of space. By default, when mailbox is near quota, and someone tries to send huge message, a reply is automatically send to the sender. It's being send from postmaster named as Mail Delivery Subsystem. And here is my question: Is there some way to customize that auto-reply, so that it is not only being send to the sender but also to recipient gets some notice about failed attempt ? I've also noticed, that this reply has attachment, which is rejected message, but it appears to be empty. Can I configure Dovecot to send back whole rejected message ? Regards malloc4k From robert at schetterer.org Mon Jun 4 20:23:27 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 04 Jun 2012 19:23:27 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCEF0F.3050708@schetterer.org> Am 04.06.2012 15:36, schrieb Ed W: > I think you know about the MailASail business. We run small ISP selling > mail accounts to customers. *our customers* want to voluntarily tell > senders when they have downloaded an email via POP. The basic > requirement is when the message is accessed via POP, then the sender > (presumably defined by the FROM address) is sent a notification. this isnt what you asked in the subject "Can we know when a user read our email?" the best and true answer: "never" ---snip as long all senders and users are on the same mailsystem/storage you might wrote i.e some watch daemon on your smtp mailsystem with if mail in storage with "Disposition-Notification-To" from "your sender" grepped by sasl header "Authenticated sender:" has gone from new to cur in "your recipients" storage maildir and subfolders you may also try use complex smtp transport header_checks combis with i.e /(^Disposition-Notification-To:.*)/ REPLACE X-$1 to mark mail etc and/or policy servers , milters etc perhaps with writings in dbs and comparing verbose dovecot logs etc cause there are uni ways to setup smtp and dovecot servers you must find your way fitting your setup as i said , i see only small relates to dovecot cause the only header which is standard in mail clients is Message Disposition Notification, so the sender has to use it anyway and you have to filter this mails by it additional only for "your senders" and "your recipients" then you have to find a way checking status of this mails in "your storage" if you allready have amavis included, you might code it there somehow or look at http://mailfud.org/postpals/ policy server for ideas who you might goal another way..... perhaps you might include a sieve global filter rule with filtering Disposition-Notification-To only from "your sender domains" and doing a simple mail notify action about it was delivered, or using some no official sieve plugins for actions with external binaries ( procmail etc ) -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeep at rahul.net Tue Jun 5 05:33:19 2012 From: jeep at rahul.net (Jeff Lacki) Date: Mon, 04 Jun 2012 19:33:19 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail Message-ID: <20120605023319.7664B1298B0@aqua.rahul.net> Im trying to figure out how to get dovecot to deliver to my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) AND work with squirrelmail. Ive worked on this for hours reading the docs etc with no luck so far. I get dovecot-lda to deliver to: /opt/imapdata/j/jeff/INBOX/inbox but when I use squirrelmail, I see the following in the log: dovecot: imap(jeff): Debug: Effective uid=1006, gid=999, home=/opt/imapdata/j/jeff/INBOX/inbox dovecot: imap(jeff): Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory dovecot: imap(jeff): Debug: Namespace : type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/opt/imapdata/j/jeff:INBOX=/opt/imapdata/j/jeff/INBOX:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes It complains that 'inbox' isnt a directory, but I want it to use: /opt/imapdata/j/jeff/INBOX What parameter do I need to tweak to get this to work? Ive tried the 'folder options' in squirrelmail but that doesnt appear to have any effect here (or at least at this point in my testing). It seems that the only parameter to tweak is 'mail_location' which Im having no luck getting to work correctly. Also namespace may play a part but every combination Ive tried does not result in getting it work thus far. On a sidenote when I send more than 1 email, it doesnt seem to honor 'maildir', it seems its doing 'mbox' instead? I get one flat file. Im lost and confused. my variables: mail_location = maildir:/opt/imapdata/%1n/%n:INBOX=/opt/imapdata/%1n/%n:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes namespace { type = private separator = / prefix = INBOX/ inbox = yes } Your help is appreciated! Thanks, Jeff /mf/home/jeep/shell/.signature From jtam.home at gmail.com Tue Jun 5 05:45:59 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 4 Jun 2012 19:45:59 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English writes: > I'm getting a lot of what I think is a local socket asking > dovecot:auth to verify username/passwords: > >> May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= If dovecot-auth is getting input from a local socket, then rhost information is irrelevant since the host doing the asking is the server itself (maybe from another daemon connected to a remote host). Maybe someone is brute forcing your server's Postfix authenticated SMTP service since Postfix can be configured to use Dovecot's SASL authentication framework. Joseph Tam From a.kostyrev at serverc.ru Tue Jun 5 06:14:44 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 14:14:44 +1100 Subject: [Dovecot] best practises for mail systems Message-ID: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> hello! Can someone point me to some best practices in building high-available scalable mail system or! share your own success stories. I've read article in LJ "Building a Scalable High-Availability E-Mail System with Active Directory and More" but it seemed to be outdated and there's a single point of failure (Master node). What I want to achieve: high-available, horizontaly scalable, with no single point of failure mail solution. Available hardware: intel mfsys25 modular server with 2 storage controllers, 2 switches, 4 power supply blocks with - 2 blade-servers in mfsys with: 2xIntel Xeon E5620 @ 2.40GHz with 8 cores each - promise vtrak e610s (2 storage controllers, 2 power supply blocks) - 6x 2TB SATA Hitachi HDS72302 We decided to go for KVM virtualization and glusterfs for live migration for vm image but that's not what this is all about :) We installed centos on host systems. for now while we could think of two ways to go: The first way (currently at testing stage): On each host system we created one VM and passed through 3x2TB disks into it. In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. so it looks like this: vm1??? replicate???? vm2 disk1 ------------> disk4 disk2 ------------> disk5 disk3 ------------> disk6 in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. also we use exim as smtp. So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 'cause LVS points them to working smtp and imap4 servers and they get their mail 'cause of glusterfs. Pros: - high-available - horizontaly scalable - with no single point of failure Cons: - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. The second way: split up the users mail with: two back-end VMs each other on DIFFERENT host system with - fat mailstorage with raid1+linear mode (mdadm)+XFS - dovecot/exim-back-ends and two VMs for nginx-based proxy servers for imap4 and smtp - nginx can redirect user to right back-end through HTTP-php-based logic. Pros: - we split up not only load for exim/dovecot but users mail IOs too - no split-brains Cons: - If one of the host systems (hence one of back-end VMs with storage) goes down, half of our users is unhappy P.S. Sorry if this place is way wrong to ask for such things. From johannes at sipsolutions.net Tue Jun 5 11:09:27 2012 From: johannes at sipsolutions.net (Johannes Berg) Date: Tue, 05 Jun 2012 10:09:27 +0200 Subject: [Dovecot] Different but probably related issue In-Reply-To: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> Message-ID: <1338883767.4514.23.camel@jlt3.sipsolutions.net> Hi Marc, [+list since I'm unlikely to be able to solve this problem myself] > I am trying to setup a debian testing (wheeze) mail server using > postfix, dovecot and amavisd-new with spamassassin. I have everything > working fine, using mdbox mailboxes and system users. As a final touch > for this setup, I wanted to be able to train the (global) bayes > database directly through IMAP. > > Hence, I installed your plugin (directly from the official debian > repositories) and set it up to report mails to spamassassin. I am > using the "pipe" backend to call a wrapper script, that stores the > mail into a temporary file and launches sa-learn to learn it. My tests > indicate that this is working properly. Ok, nice. > However, when the dovecot-antispam plugin is enabled, I have a weird > problem sending emails. This is, whenever my MUA tries to save the > just sent message to the "Sent" folder, dovecot shows the following > error: Hmm, ok, let's see > > --------------------------------------------------- > > Dovecot's error log: > > --------------------------------------------------- > > Jun 4 22:35:14 aiur dovecot: imap(user): Error: mdbox /home/user/.mdbox/mailboxes/Sent/dbox-Mails: map uid lost for uid 0 > > Jun 4 22:36:06 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/Spam/dbox-Mails/dovecot.index reset, view is now inconsistent > > Jun 4 22:36:09 aiur dovecot: imap(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:09 aiur dovecot: lda(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:10 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent > > > As a result, the MUA hangs for a while (some minute and a half). After > that it closes the IMAP session properly, but I am left with two > copies of the sent email in the "Sent" folder: one that is marked as > unread and one that is not. Curious. I think the problem is likely the mdbox storage... There have always been some issues with it and the antispam plugin when combined. The first issue was that we couldn't access the raw text or something ... not sure what's up now. > > IMAP Conversation (as logged by roundcube webmail) > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: A0005 APPEND INBOX.Sent (\Seen) {519+} > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: Received: from cpe-76-169-183-245.socal.res.rr.com ([76.169.183.245]) > > by server.domain.tld > > with HTTP (HTTP/1.1 POST); Mon, 04 Jun 2012 22:35:14 +0200 > > MIME-Version: 1.0 ... > > [04-Jun-2012 22:36:10 +0200]: [4A68] S: A0005 OK [APPENDUID > 1338488996 4274] Append completed. That looks ... pretty normal. > At this point, I do not know what else to try or how to fix this > problem. Thus, I have had to disable your plugin for now. Do you have > any ideas on how to proceed? I can give you access to this machine if > need be (it's a personal server). Unfortunately, I don't. I can only suggest, as a test, trying with some other storage format -- I only use Maildir -- to see if the problem is really in the interaction with mdbox. I'm fairly sure that's likely the problem, maybe the plugin doesn't pass something through append that is needed by mdbox, but I've never even attempted to understand mdbox. Maybe Timo can comment. Timo, you can find the latest code here: http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary johannes From tss at iki.fi Tue Jun 5 13:02:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 5 Jun 2012 13:02:10 +0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: On 5.6.2012, at 6.14, ???????? ????????? ?????????? wrote: > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up Last I've heard glusterfs causes corruption problems with Dovecot. You should try stress testing it with imaptest: http://imapwiki.org/ImapTest From me at junc.org Tue Jun 5 14:23:02 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 13:23:02 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605023319.7664B1298B0@aqua.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: Den 2012-06-05 04:33, jeep at rahul.net skrev: > Im trying to figure out how to get dovecot to deliver to > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > AND work with squirrelmail. Ive worked on this for hours > reading the docs etc with no luck so far. namespace is set to "" in squirrelmail, but it must be "INBOX." run conf.pl and fix it :=) From devurandom at gmx.net Tue Jun 5 14:35:18 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Tue, 05 Jun 2012 13:35:18 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <4FCDD13B.5080204@bunbun.be> References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> Message-ID: <4102204.vJ4X8dIaYX@samson> Hello Nick! I am sorry - I forgot to mention that you need attached patch for dovecot. Kind regards, Dennis Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: > Hi Dennis, > > I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get > the following error: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF > .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o > .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator > before token "(" > mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: > error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) > mailbox-ext.c:32: error: (Each undeclared identifier is reported only > once mailbox-ext.c:32: error: for each function it appears in.) > mailbox-ext.c:33: warning: implicit declaration of function > 'mailbox_get_guid' > *** Error code 1 > Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error > code 1 > > Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes > that (I couldn't find anywhere where that macro was defined). > > Next I get another error, again caused by the DOVECOT_PREREQ: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP > -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC > -DPIC -o .libs/imap-metadata-plugin.o > imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': > imap-metadata-plugin.c:162: warning: comparison is always false due to > limited range of data type > imap-metadata-plugin.c:513:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_getmetadata': > imap-metadata-plugin.c:516: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > imap-metadata-plugin.c: In function 'setmetadata_helper': > imap-metadata-plugin.c:596: warning: 'return' with a value, in function > returning void > imap-metadata-plugin.c:672:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_setmetadata': > imap-metadata-plugin.c:675: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > *** Error code 1 > > Am I missing something on my system? > > Rgds, > N. > > Dennis Schridde wrote: > > Hello everyone! > > > > I just released dovecot-metadata-8, which is an implementation of RFC 5464 > > (IMAP METADATA), allowing to add comments/annotations/metadata to folders > > of an email account. > > > > 2012-06-04: Version 9 > > > > * Added Dovecot 2.1 compatibility > > * Fixed compliance with RFC 5464 Section 3.2 > > * Separated backend code into library > > * Synced code of imap-annotatemore with imap-metadata > > * Improved error messages > > * Several bugfixes (incl. segfaults) > > * Minor cleanups > > > > Please get the code from [1] and send me an email for any problem you > > find. > > > > For more information please refer to my email from Sun, 12 Jun 2011 > > 15:55:57 +0200 titled "dovecot-metadata-8 released". > > > > Kind regards, > > Dennis > > > > [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.1-b144c7d3bb67+4ee2e23710fb-dovecot-prereq.patch Type: text/x-patch Size: 2036 bytes Desc: not available URL: From pw at wk-serv.de Tue Jun 5 15:03:14 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 05 Jun 2012 14:03:14 +0200 Subject: [Dovecot] dsync backup doubles quota Message-ID: <4FCDF582.5050004@wk-serv.de> Hi everyone, I recognized a very strange behavior when doing backups of my mdbox mailboxes. After the backup the quota for each mailbox is twice as much as before the backup and I have to recalculate the quota to get the former/correct information. root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - root at mb01:~# doveadm backup -u test at example.com mdbox:/home/example.com/test root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 10 10240 User quota MESSAGE 22 - root at mb01:~# doveadm quota get -u test at example.com root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - Is this a bug or normal behavior? Regards Patrick From ott at mirix.org Tue Jun 5 15:27:30 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 14:27:30 +0200 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: <4FCDFB32.2080302@mirix.org> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From a.kostyrev at serverc.ru Tue Jun 5 15:59:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 23:59:47 +1100 Subject: [Dovecot] best practises for mail systems In-Reply-To: <4FCDFB32.2080302@mirix.org> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> Message-ID: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 servers: active master --> and standby slave. LVS supports real time replication of connections from master to slave, so if master dies slave knows which IP was connected to which dovecot server. I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Matthias-Christian Ott Sent: Tuesday, June 05, 2012 11:28 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] best practises for mail systems On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From sf.rique at gmail.com Tue Jun 5 16:02:47 2012 From: sf.rique at gmail.com (Henrique Santos Fernandes) Date: Tue, 5 Jun 2012 10:02:47 -0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: We once try to use similar solution as your first. 3 servers for LVS -HA This master server redirect users for 2 or 3 dovecot backends.. The mail storage were maildir ontop of OCFS2 Our problem were that OCFS2 were too slow. We could not handle many users. So we took an step back and now use only user one server. But still thinking in go back to the first one. with LVS When using LVS try to sticky user to the same backend, LVs can do ths by source ip. Where i work we have problens on testign storage. If you have any advices for testing disk performance, i will be thankfull. I wil be glad to answer anything else. []'sf.rique On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < a.kostyrev at serverc.ru> wrote: > I think LVS is just fine and it is not a SPOF 'cause it is actually 2 > servers: > active master --> and standby slave. > LVS supports real time replication of connections from master to slave, > so if master dies slave knows which IP was connected to which dovecot > server. > > I'm more worried about right design of mailstorage.. should I use some > cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long > downtime if one of servers goes down. > > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Matthias-Christian Ott > Sent: Tuesday, June 05, 2012 11:28 PM > To: dovecot at dovecot.org > Subject: Re: [Dovecot] best practises for mail systems > > On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > > On each host system we created one VM and passed through 3x2TB disks > into it. > > > > > > > > In guests vms on top of this disks we made XFS and fired up glusterfs > with distributed replicated volumes for our mailstorage. > > > > so it looks like this: > > > > > > > > vm1 replicate vm2 > > > > disk1 ------------> disk4 > > > > disk2 ------------> disk5 > > > > disk3 ------------> disk6 > > > > > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail > creation (as ltmp) and imap4 user access. > > > > also we use exim as smtp. > > > > > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing > for exim and dovecot. > > > > so wherenever one of host systems (hence one of mail vms) goes down, > users don't notice that > > > > 'cause LVS points them to working smtp and imap4 servers > > > > and they get their mail 'cause of glusterfs. > > [...] > > Cons: > > > > - not quite sure if glusterfs is production ready solution 'cause I've > experienced split-brains during setting it up > > > > - IO performance issue. Though we didn't yet run any io tests, but > glusterfs uses fuse to mount on clients. And guys on #gluster told me > writing to the glusterfs mount will not be strictly local io. > > I'm not familiar with LVS, but from the project description it seems > that you need a "front server" that does the load balancing, so you > either have to run at least two of these servers in parallel or add to > your cons that you introduced a single point of failure. But you > mentioned that you only have two servers, so you really can do this. > > I would rather ensure high availability by running the two servers as > masters and using either IP address takeover or DNS failover (with > dynamic DNS) and either use Dovecot's replication (I haven't tested it > yet and I'm not sure what happens in case of IP address takeover) or a > file system that can handle these kinds of errors (e.g. Coda). You could > do load balancing via round-robin DNS. This only protects you against > the failure of single machine and because IMAP sessions are not > replicated between the servers, connections will get reset if one server > fails, but it's cost-effective and uses software that already exists. > > Regards, > Matthias-Christian > From jeep at rahul.net Tue Jun 5 16:41:54 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 06:41:54 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: <20120605134154.2FBC616D400@maya.rahul.net> Benny Pedersen wrote: > Den 2012-06-05 04:33, jeep at rahul.net skrev: > > Im trying to figure out how to get dovecot to deliver to > > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > > AND work with squirrelmail. Ive worked on this for hours > > reading the docs etc with no luck so far. > > namespace is set to "" in squirrelmail, but it must be "INBOX." > > run conf.pl and fix it :=) > > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, but if you meant Folder Defaults->Default Folder Prefix = INBOX. I just tried that and I still get: Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory Was that the setting you meant or was there another I missed? Thanks /mf/home/jeep/shell/.signature From jeep at rahul.net Tue Jun 5 18:03:22 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 08:03:22 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <20120605150322.44ED616D414@maya.rahul.net> jeep at rahul.net (Jeff Lacki) wrote: > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, > but if you meant Folder Defaults->Default Folder Prefix = INBOX. > > I just tried that and I still get: > > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory > > Was that the setting you meant or was there another I missed? > Thanks > Nevermind, I found the problem after your suggestion. Turns out my DB was returning a home directory of: /opt/imapdata/j/jeff/INBOX/inbox from when I was playing with something earlier, that got me past that issue, however I still dont know why its not giving me maildir instead of mbox. But thank you for helping me fix that issue! Jeff /mf/home/jeep/shell/.signature From me at junc.org Tue Jun 5 18:33:34 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:33:34 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <26bcc28cf6b7385e1326e2c8ec019448@junc.org> Den 2012-06-05 15:41, jeep at rahul.net skrev: > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a > directory this error is not squirrelmail :=) # dovecot.conf namespace: type: private inbox: yes list: yes subscriptions: yes if you use sql auth in dovecot then the maildir must not end in / else it will be a mbox file mail_location: maildir:/home/vmail/%d/%u/.maildir ~ must be set to mail_location: maildir:/home/vmail/%d/%u/ and the .maildir comes from sql concat if i remember my own setup :=) squirrelmail will work without INBOX. but namespace in dovecot must math it From andrei.michescu at miau.ca Tue Jun 5 18:33:03 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 11:33:03 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] Message-ID: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Hello, If disk space and bandwidth are affordable (and from your setup it seems that they are affordable as you have everything locally) I would split the mail storage completely and use replication in between n-master servers (n=2 for your case). The replication is not yet fully tested, but Timo is actively working on this feature. The fear of lossing the imap session does not make sense (at least to me) as the client will reconnect automatically in the background. Like this you have no SPOF and no split-brain and you get the flexibility (if needed) to geographically distribute your servers in the the future. Keep each server with its own ip, connect to them via DNS (round robin etc etc). We are currently experimenting with a setup similar to this one, but with geographically distributed servers (trans-continental) (bandwidth limited and high cost). Best regards, Andrei > We once try to use similar solution as your first. > > 3 servers for LVS -HA > > This master server redirect users for 2 or 3 dovecot backends.. > > The mail storage were maildir ontop of OCFS2 > > Our problem were that OCFS2 were too slow. We could not handle many users. > > So we took an step back and now use only user one server. > > But still thinking in go back to the first one. with LVS > > When using LVS try to sticky user to the same backend, LVs can do ths by > source ip. > > Where i work we have problens on testign storage. If you have any advices > for testing disk performance, i will be thankfull. > > I wil be glad to answer anything else. > > []'sf.rique > > > On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < > a.kostyrev at serverc.ru> wrote: > >> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 >> servers: >> active master --> and standby slave. >> LVS supports real time replication of connections from master to slave, >> so if master dies slave knows which IP was connected to which dovecot >> server. >> >> I'm more worried about right design of mailstorage.. should I use some >> cluster fs with all mail of all users >> or should I split mailstorage across servers and somehow avoid long >> downtime if one of servers goes down. >> >> >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] >> On >> Behalf Of Matthias-Christian Ott >> Sent: Tuesday, June 05, 2012 11:28 PM >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] best practises for mail systems >> >> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: >> > On each host system we created one VM and passed through 3x2TB disks >> into it. >> > >> > >> > >> > In guests vms on top of this disks we made XFS and fired up glusterfs >> with distributed replicated volumes for our mailstorage. >> > >> > so it looks like this: >> > >> > >> > >> > vm1 replicate vm2 >> > >> > disk1 ------------> disk4 >> > >> > disk2 ------------> disk5 >> > >> > disk3 ------------> disk6 >> > >> > >> > >> > in each vm we mounted glusterfs and pointed dovecot to that dir for >> mail >> creation (as ltmp) and imap4 user access. >> > >> > also we use exim as smtp. >> > >> > >> > >> > So, with glusterfs as mailstorage we can go for LVS to load balancing >> for exim and dovecot. >> > >> > so wherenever one of host systems (hence one of mail vms) goes down, >> users don't notice that >> > >> > 'cause LVS points them to working smtp and imap4 servers >> > >> > and they get their mail 'cause of glusterfs. >> > [...] >> > Cons: >> > >> > - not quite sure if glusterfs is production ready solution 'cause I've >> experienced split-brains during setting it up >> > >> > - IO performance issue. Though we didn't yet run any io tests, but >> glusterfs uses fuse to mount on clients. And guys on #gluster told me >> writing to the glusterfs mount will not be strictly local io. >> >> I'm not familiar with LVS, but from the project description it seems >> that you need a "front server" that does the load balancing, so you >> either have to run at least two of these servers in parallel or add to >> your cons that you introduced a single point of failure. But you >> mentioned that you only have two servers, so you really can do this. >> >> I would rather ensure high availability by running the two servers as >> masters and using either IP address takeover or DNS failover (with >> dynamic DNS) and either use Dovecot's replication (I haven't tested it >> yet and I'm not sure what happens in case of IP address takeover) or a >> file system that can handle these kinds of errors (e.g. Coda). You could >> do load balancing via round-robin DNS. This only protects you against >> the failure of single machine and because IMAP sessions are not >> replicated between the servers, connections will get reset if one server >> fails, but it's cost-effective and uses software that already exists. >> >> Regards, >> Matthias-Christian >> > > > !DSPAM:4fce037e104291424646138! > From me at junc.org Tue Jun 5 18:36:14 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:36:14 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605150322.44ED616D414@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> <20120605150322.44ED616D414@maya.rahul.net> Message-ID: <685aa8d8214058f45df1457c67f0acc5@junc.org> Den 2012-06-05 17:03, jeep at rahul.net skrev: > from when I was playing with something earlier, that got me > past that issue, however I still dont know why its not > giving me maildir instead of mbox. remove last / in sql query auth path (concated here) dovecot have it well explained in wiki From ghe at slsware.com Tue Jun 5 18:38:49 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 09:38:49 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > If dovecot-auth is getting input from a local socket, then rhost > information is irrelevant since the host doing the asking is the server > itself (maybe from another daemon connected to a remote host). Thanks for the confirmation of my suspicions.... > Maybe someone is brute forcing your server's Postfix authenticated > SMTP service since Postfix can be configured to use Dovecot's SASL > authentication framework. and for the suggestion -- I do have Postfix using Dovecot-Auth checking for SASL. I think I'm going to re-install and run Tripwire... -- Glenn English hand-wrapped from my Apple Mail From ott at mirix.org Tue Jun 5 22:15:39 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 21:15:39 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Message-ID: <4FCE5ADB.8090208@mirix.org> On 2012-06-05 17:33, Michescu Andrei wrote: > The fear of lossing the imap session does not make sense (at least to me) > as the client will reconnect automatically in the background. I agree, in practice this is not an issue compared to the unavailability of the service, but on longer IMAP sessions (e.g. transferring a big file) the connection loss is noticeable. > Like this you have no SPOF and no split-brain and you get the flexibility > (if needed) to geographically distribute your servers in the the future. > > Keep each server with its own ip, connect to them via DNS (round robin etc > etc). This depends on the resolver, operating systems and clients you want to support, because I read that not all networks generate proper ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the packets, so that the clients first try to connect to the failed server until timeout and then connects to the second server. Since IMAP is a stateful protocol the latency of the initial connect to the failed server can be ignored, but if you want to eliminate this, you can use dynamic DNS to automatically remove the corresponding RRs (depending on your situation you need an external monitoring server for this to avoid problems in case of net splits). > We are currently experimenting with a setup similar to this one, but with > geographically distributed servers (trans-continental) (bandwidth limited > and high cost). I also have some plans for a similar setup in the near future. Can you share your results on the mailing list? I'm especially interested if failover via DNS works in practice (I did some searches, but I'm not fully convinced of it, but it seems quite simple compared to other solutions). Regards, Matthias-Christian From andrei.michescu at miau.ca Tue Jun 5 23:33:25 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 16:33:25 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCE5ADB.8090208@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: Hello, > I agree, in practice this is not an issue compared to the unavailability > of the service, but on longer IMAP sessions (e.g. transferring a big > file) the connection loss is noticeable. It is noticeable for somebody that really waits for a large email. For the standard user there is nothing visible because the synchronization starts / fails and starts again... In corporate environment the servers are "close" and the network is generally configured to have proper Destination Unreachable. For road-warriors, the main concern is the uplink/downlink and generally not the couple of seconds lost due to time-out. For the DNS... use "fast-flux"-like configuration and any proper resolver will behave correctly (at least in my experience). For the road-warrior setup: DNS with geoip, and all locations with split-dns (internally HA setup with failover on external locations). Unfortunately the classical HA setup (with heart-beat monitor, update DNS etc etc) it is not designed to be "internet-proof" (internet like in WAN). The initial design of the internet was to be able to operate even when significant segments are unavailable. Picture the following scenario: master servers on each continent. Catastrophic failure of the trans-continental network => 5 big disconnected chunks of network fully functional. Any HA setup that I saw will fail miserably. The simplest design with fully replicated masters will continue to work. Obviously planning for the scenario above is an overkill for most of the companies out there. Once you trow in the advantage of have the emails close to you anywhere where you go, then it starts making sense. And you can top it up by segmenting you user base to replicate only the users that are on the go, or are important enough. As for the current status of the ideal implementation: waiting for Timo to finalize the refactoring of dsync. As a temporary solution: rsync replication with master-slave model (not master-master). This design makes sense to us, but I'm sure that it is under-optimal for most other uses. Andrei > >> Like this you have no SPOF and no split-brain and you get the >> flexibility >> (if needed) to geographically distribute your servers in the the future. >> >> Keep each server with its own ip, connect to them via DNS (round robin >> etc >> etc). > > This depends on the resolver, operating systems and clients you want to > support, because I read that not all networks generate proper > ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the > packets, so that the clients first try to connect to the failed server > until timeout and then connects to the second server. Since IMAP is a > stateful protocol the latency of the initial connect to the failed > server can be ignored, but if you want to eliminate this, you can use > dynamic DNS to automatically remove the corresponding RRs (depending on > your situation you need an external monitoring server for this to avoid > problems in case of net splits). > >> We are currently experimenting with a setup similar to this one, but >> with >> geographically distributed servers (trans-continental) (bandwidth >> limited >> and high cost). > > I also have some plans for a similar setup in the near future. Can you > share your results on the mailing list? I'm especially interested if > failover via DNS works in practice (I did some searches, but I'm not > fully convinced of it, but it seems quite simple compared to other > solutions). > > Regards, > Matthias-Christian > > !DSPAM:4fce5ae0149132093961185! > > From tss at iki.fi Wed Jun 6 00:43:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 6 Jun 2012 00:43:38 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: On 5.6.2012, at 23.33, Michescu Andrei wrote: >> I agree, in practice this is not an issue compared to the unavailability >> of the service, but on longer IMAP sessions (e.g. transferring a big >> file) the connection loss is noticeable. > > It is noticeable for somebody that really waits for a large email. And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. From rob0 at gmx.co.uk Wed Jun 6 00:53:25 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Tue, 5 Jun 2012 16:53:25 -0500 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <20120605215325.GC3672@harrier.slackbuilds.org> On Tue, Jun 05, 2012 at 09:38:49AM -0600, Glenn English wrote: > On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > > If dovecot-auth is getting input from a local socket, then rhost > > information is irrelevant since the host doing the asking is the > > server itself (maybe from another daemon connected to a remote > > host). > > Thanks for the confirmation of my suspicions.... What suspicions were confirmed? > > Maybe someone is brute forcing your server's Postfix > > authenticated SMTP service since Postfix can be configured to > > use Dovecot's SASL authentication framework. And these brute force attempts would be logged, each one. > and for the suggestion -- I do have Postfix using Dovecot-Auth > checking for SASL. > > I think I'm going to re-install and run Tripwire... I think you are overreacting. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From jtam.home at gmail.com Wed Jun 6 01:21:51 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 5 Jun 2012 15:21:51 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English wrote: >> Maybe someone is brute forcing your server's Postfix authenticated >> SMTP service since Postfix can be configured to use Dovecot's SASL >> authentication framework. > > and for the suggestion -- I do have Postfix using Dovecot-Auth checking > for SASL. > > I think I'm going to re-install and run Tripwire... Tripwire? If the purpose of your query is to automate blocking of brute forcers, this software is not what you want (which detects tampering of critical system files). I suggest trying to find where Postfix failed login reports go, then use your fail2ban or what-have-you to detect and block hosts that repeatedly fail authentication. (First Google hit I did on this subject) http://scottlinux.com/2011/05/26/prevent-postfix-brute-force/ The log entries might look like {timestamp} {servername} postfix/smtpd[{pid}]: lost connection after AUTH from {remote-hostname}[{remote-ip}] Joseph Tam From ghe at slsware.com Wed Jun 6 02:08:07 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 17:08:07 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <20120605215325.GC3672@harrier.slackbuilds.org> References: <20120605215325.GC3672@harrier.slackbuilds.org> Message-ID: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> On Jun 5, 2012, at 3:53 PM, /dev/rob0 wrote: > What suspicions were confirmed? At first I thought that somebody was TCP'ing in and somehow turning off the remote IP in the log so I couldn't block it. Then an answer from another mailing list, and a little thinking, made it occur to me that maybe my server had been penetrated. > And these brute force attempts would be logged, each one. They are, with no rhost. And there are other brute force attempts that *do* have IPs. > I think you are overreacting. I really hope so. What's your thinking? Have you seen this before? And most important: what is it, how does it work, and how do I get rid of it and keep it from coming back? -- Glenn English hand-wrapped from my Apple Mail From achekalin at lazurit.com Wed Jun 6 08:40:43 2012 From: achekalin at lazurit.com (Alexander Chekalin) Date: Wed, 06 Jun 2012 08:40:43 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FCEED5B.90105@lazurit.com> 05.06.2012 23:33, Michescu Andrei ???????: > Picture the following scenario: master servers on each continent. > Catastrophic failure of the trans-continental network => 5 big > disconnected chunks of network fully functional. Any HA setup that I saw > will fail miserably. The simplest design with fully replicated masters > will continue to work. Dispute the original topic, I'd say this looks like a good service idea, as many company may pay for such a service if it can be set up specifically for their needs (routing, logs, backups, redirections). Gmail (and other big guys like them) won't be that fine-tunable (having point to service many customers with the same type of control), and companies sometime just won't deal with such a Big Brother to store their corporate mail due to internal regulations (read - 'corporate paranoia'). But the replication between "points of presence" (5 big datacenters, one per continent, won't be good topology) will be painful and we easily face split-brain situation, whichever replicaton scheme I can imagine. Yours, Alexander From joseba.torre at ehu.es Wed Jun 6 16:01:19 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Wed, 06 Jun 2012 15:01:19 +0200 Subject: [Dovecot] Director problems Message-ID: <4FCF549F.70404@ehu.es> Hi, I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: $ sudo doveadm director map user mail server ip expire time 158.227.4.186 2012-06-06 13:34:12 158.227.4.186 2012-06-06 13:34:27 158.227.4.186 2012-06-06 13:34:34 (I don't know if that is good or not) I've tried with 3 different users and ips to no change, users are always directed to the same host. Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Jun 6 14:52:27 director dovecot: director: Error: director: User test1 host lookup failed: Timeout - queued for 30 secs (Ring not synced for 73 secs) Jun 6 14:52:31 director dovecot: imap-login: Aborted login (auth failed, 1 attempts in 34 secs): user=<>, method=PLAIN, rip=158.227.4.186, lip=158.227.4.185, TLS, session= Any clue? This is the dovecot config -n output: # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) director_mail_servers = dovecot1.example dovecot2.example director_servers = director.example lmtp_proxy = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = proxy=y nopassword=y starttls=any-cert driver = static } service auth { unix_listener auth-userdb { group = mail mode = 0660 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director service_count = 0 } service lmtp { client_limit = 1 inet_listener lmtp { port = 24 } unix_listener /var/lib/dovecot/lmtp-socket { group = root mode = 0600 user = root } } service pop3-login { executable = pop3-login director service_count = 0 } service pop3 { process_limit = 5000 } shutdown_clients = no ssl_cert = References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> <4102204.vJ4X8dIaYX@samson> Message-ID: <4FCF612E.4060303@bunbun.be> Hi Dennis, This fixed the problem. Thanks! Rgds, N. Dennis Schridde wrote: > Hello Nick! > > I am sorry - I forgot to mention that you need attached patch for dovecot. > > Kind regards, > Dennis > > Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: >> Hi Dennis, >> >> I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get >> the following error: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF >> .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o >> .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator >> before token "(" >> mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: >> error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) >> mailbox-ext.c:32: error: (Each undeclared identifier is reported only >> once mailbox-ext.c:32: error: for each function it appears in.) >> mailbox-ext.c:33: warning: implicit declaration of function >> 'mailbox_get_guid' >> *** Error code 1 >> Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error >> code 1 >> >> Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes >> that (I couldn't find anywhere where that macro was defined). >> >> Next I get another error, again caused by the DOVECOT_PREREQ: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP >> -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC >> -DPIC -o .libs/imap-metadata-plugin.o >> imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': >> imap-metadata-plugin.c:162: warning: comparison is always false due to >> limited range of data type >> imap-metadata-plugin.c:513:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_getmetadata': >> imap-metadata-plugin.c:516: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> imap-metadata-plugin.c: In function 'setmetadata_helper': >> imap-metadata-plugin.c:596: warning: 'return' with a value, in function >> returning void >> imap-metadata-plugin.c:672:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_setmetadata': >> imap-metadata-plugin.c:675: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> *** Error code 1 >> >> Am I missing something on my system? >> >> Rgds, >> N. >> >> Dennis Schridde wrote: >>> Hello everyone! >>> >>> I just released dovecot-metadata-8, which is an implementation of RFC 5464 >>> (IMAP METADATA), allowing to add comments/annotations/metadata to folders >>> of an email account. >>> >>> 2012-06-04: Version 9 >>> >>> * Added Dovecot 2.1 compatibility >>> * Fixed compliance with RFC 5464 Section 3.2 >>> * Separated backend code into library >>> * Synced code of imap-annotatemore with imap-metadata >>> * Improved error messages >>> * Several bugfixes (incl. segfaults) >>> * Minor cleanups >>> >>> Please get the code from [1] and send me an email for any problem you >>> find. >>> >>> For more information please refer to my email from Sun, 12 Jun 2011 >>> 15:55:57 +0200 titled "dovecot-metadata-8 released". >>> >>> Kind regards, >>> Dennis >>> >>> [1] http://hg.dovecot.org/dovecot-metadata-plugin From mm at msfree.org Wed Jun 6 17:47:59 2012 From: mm at msfree.org (Marco) Date: Wed, 6 Jun 2012 07:47:59 -0700 (PDT) Subject: [Dovecot] No ports listening Message-ID: <20120606144801.C218C1AE876B@dovecot.org> Please forgive my newbie post but this has me stumped. I've been a happy Dovecot 0.X and 1.X admin for years but something in my first 2.X configuration is oddly broken. It loads fine, logs no errors, but doesn't listen to any network ports! Thanks in advance for any help. Marco # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.14 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login first_valid_gid = 111 first_valid_uid = 111 login_greeting = example.com pop/imap ready mail_location = mbox:/var/mail/%u.imap:INBOX=/var/mail/%u passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0666 } } service imap-login { inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 } process_limit = 50 } service pop3-login { inet_listener pop3 { address = * port = 110 } inet_listener pop3s { address = * port = 995 } process_limit = 50 } ssl_cert = References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: <20120606150516.GA27555@dibs.tanso.net> On Tue, Jun 05, 2012 at 11:59:47PM +1100, ???????? ????????? ?????????? wrote: > > I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. A clusterfs gives you active/active high availability and balanced distribution of users over your servers, at the cost of somewhat degraded I/O performance all the time. If a single node will be able to serve your load, I think it's much more sensible to create a passive/standby availability solution based on a local filesystem (XFS). If you need to split your mailstorage across servers, you can do active/standby server pairs -- but then it gets difficult to balance your users over your servers, and you *might* want to cheat and use a clusterfs instead.. -jf From andrei.michescu at miau.ca Wed Jun 6 18:22:05 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:22:05 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCEED5B.90105@lazurit.com> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FCEED5B.90105@lazurit.com> Message-ID: <6ce224c850798d4551d678fdd4b13b78.squirrel@web.miau.ca> Hello Alexander, > > But the replication between "points of presence" (5 big datacenters, one > per continent, won't be good topology) will be painful and we easily > face split-brain situation, whichever replication scheme I can imagine. The split-brain is indeed the biggest problem of common replication schema. But IMAP was designed to work in disconnected mode most of the time and have only quick synchronizations. So by design IMAP standard works in master-master models. Getting back to the above picture (catastrophic failure of all the transcontinental links): one synchronizes his laptop in Europe (EU), crosses the ocean to North America (NA) and synchronizes again his laptop. In this moment all the changes on the EU hub up to the point of last synchronization are merged into the NA hub. This is the beauty of IMAP. The biggest challenge on the the above scenario is the post-catastrophic synchronization which would move huge amounts of data across the links. Best wishes, Andrei > Yours, > Alexander > > > !DSPAM:4fceed61217344232183410! > > From andrei.michescu at miau.ca Wed Jun 6 18:27:29 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:27:29 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <97ebe4043a16aa82e668e24202d3892d.squirrel@web.miau.ca> Hello Timo, > > And there is actually some (any!) way this could be avoided?... One server > dies, another continues sending the mail? > > I have had some thoughts about transferring idling Dovecot connections > between processes / servers so that clients wouldn't notice it, but I > haven't even thought about moving active (long-running) connections. > Here it is to be researched if this is specified in the IMAP standard (if there any RFC that mentions this?), or if we propose a new RFC with such an extension. Until there is an RFC, even if you implement such a feature, there will be no clients out there that will support it. A good start, if there is no RFC, is the http protocol, that has implemented the resume option. Like this you could even support parallel download from couple of imap servers that are synchronized, getting from each a small chunk (BitTorrent like with the seeds list being set to only the servers). Best regards, Andrei From jaldeguer at safnow.org Wed Jun 6 19:19:41 2012 From: jaldeguer at safnow.org (Joe V Aldeguer) Date: Wed, 6 Jun 2012 12:19:41 -0400 Subject: [Dovecot] Email auto purging applied to all mail folders Message-ID: Hello, Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. The dovecot version I have installed is version 2.0.19. Thanks in advance. - Joe From lists at wildgooses.com Thu Jun 7 00:59:57 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 06 Jun 2012 22:59:57 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCC2D9.3010209@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> Message-ID: <4FCFD2DD.7030109@wildgooses.com> On 04/06/2012 15:14, Reindl Harald wrote: > > Am 04.06.2012 15:36, schrieb Ed W: >>> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >>> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >>> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >>> and if it does, it requires the explicit cooperation of the other systems admin). >>> >>> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >>> you are beginning to see... >>> >> We run small ISP selling mail accounts to customers. *our customers* want to >> voluntarily tell senders when they have downloaded an email via POP. > and the sender for sure wants this too for every single message? > i doubt not > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification which says that there must be a notification sent back to the sender whenever they download their emails. I cannot currently bid for their business. A spec is a spec - either you can meet the spec or you can't bid for the business... Ed W From fxmulder at gmail.com Thu Jun 7 01:07:36 2012 From: fxmulder at gmail.com (James Devine) Date: Wed, 6 Jun 2012 16:07:36 -0600 Subject: [Dovecot] Dovecot over NFS Message-ID: I'm playing with running dovecot over NFS and I am running into some issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my setup includes 1 nfs server and 1 client running postfix/dovecot. In testing I am running postal via the command: postal -t 10 -c 10 localhost users399 The test file has a list of 399 users to deliver to. I've provided a sample of the errors I'm receiving and my configuration below, I am running dovecot 2.0.19. Any idea what I might be doing wrong and what I might do to resolve it? My ultimate goal is to setup multiple clients with director so each user is still handled on a single machine, however with a single machine I still seem to be having issues. Here is a sample of some of the errors I'm seeing: Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:14 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:18 test-gluster-client1 dovecot: lmtp(12133, testuser138): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser138/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11928, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(11954, testuser192): Error: mdbox /mnt/testuser192/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12211, testuser60): Error: mdbox /mnt/testuser60/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12112, testuser190): Error: mdbox /mnt/testuser190/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(11937, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:28 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:30 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 My dovecot config is: auth_debug = yes auth_debug_passwords = yes auth_username_format = %Ln auth_verbose = yes base_dir = /var/run/dovecot-service/ disable_plaintext_auth = no instance_name = dovecot-service mail_debug = yes mail_fsync = always mail_location = mdbox:~/mdbox mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = quota mdbox_rotate_size = 16 M mmap_disable = yes passdb { driver = pam } plugin { quota = dict:User quota::file:%h/mdbox/dovecot-quota } protocols = " imap lmtp pop3" service auth { unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 10143 } } service lmtp { inet_listener lmtp { port = 10024 } } service pop3-login { inet_listener pop3 { port = 10110 } } ssl = no ssl_cert = Dovecot 2.x on Ubuntu Message-ID: We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users mboxes we will be migrating. My question is regarding the index files. Should we remove those after the migration, but before we open it up to users so Dovecot can create new ones? I did a test migration of a single user, and Dovecot detects the architecture change and put out some panic errors, corrupt files and backtrace messages in syslog on Ubuntu. The messages are shown below. If every user is going to generate these types of errors, I'm thinking maybe it makes sense to remove all the .imap directories and let Dovecot create new clean ones. I realize that may slow things down for awhile while Dovecot is rebuilding new files. Thanks for any info. Jackie Hunt Acad Computing & Networking Srvcs Colorado State University Jun 6 13:43:02 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19593, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19597, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19600, TLS Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=107/441 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=1676/2724868 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=129/759 Jun 6 13:51:49 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19657, TLS Jun 6 13:51:49 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/INBOX/dovecot.index: CPU architecture changed Jun 6 13:51:58 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19662, TLS Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Corrupted transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log seq 16777216: log file shrank (1428 < 6144) (sync_offset=6144) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Panic: file buffer.c: line 295 (buffer_set_used_size): assertion failed: (used_size <= buf->alloc) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x374fa) [0x7f3ada59c4fa] -> /usr/lib/dovecot/libdovecot.so.0(+0x3753e) [0x7f3ada59c53e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3ada576837] -> /usr/lib/dovecot/libdovecot.so.0(+0x35319) [0x7f3ada59a319] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x21e) [0x7f3ada87acee] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_open+0xb8) [0x7f3ada877a68] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_open+0xe5) [0x7f3ada860e75] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0xbc) [0x7f3ada826eac] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x5f7fb) [0x7f3ada8417fb] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x28c4c) [0x7f3ada80ac4c] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_enable+0x24) [0x7f3ada827584] -> dovecot/imap(imap_status_get+0xfd) [0x7f3adacead8d] -> doveco t/imap(cmd_status+0x182) [0x7f3adace1f92] -> dovecot/imap(+0x1105d) [0x7f3adace405d] -> dovecot/imap(+0x11135) [0x7f3adace4135] -> dovecot/imap(client_handle_input+0x125) [0x7f3adace4385] -> dovecot/imap(client_input+0x65) [0x7f3adace4c35] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x48) [0x7f3ada5a8048] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f3ada5a90c7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f3ada5a7fd8] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3ada5962c3] -> dovecot/imap(main+0x2f4) [0x7f3adacdc544] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f3ada1e530d] -> dovecot/imap(+0x95d5) [0x7f3adacdc5d5] Jun 6 13:51:59 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19664, TLS Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log: marked corrupted Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/Trash/dovecot.index: CPU architecture changed From trever.adams at gmail.com Thu Jun 7 09:05:25 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Thu, 07 Jun 2012 00:05:25 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 Message-ID: <4FD044A5.2000000@gmail.com> Hello Everyone, I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH The cronjob is: 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. Any help would be greatly appreciated. Thank you, Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tlx at leuxner.net Thu Jun 7 11:15:57 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 7 Jun 2012 10:15:57 +0200 Subject: [Dovecot] dsync backup doubles quota In-Reply-To: <4FCDF582.5050004@wk-serv.de> References: <4FCDF582.5050004@wk-serv.de> Message-ID: Am 05.06.2012 um 14:03 schrieb Patrick Westenberg: > Is this a bug or normal behavior? There's an older thread regarding this: http://www.dovecot.org/list/dovecot/2012-February/063585.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From fumiyas at osstech.jp Thu Jun 7 06:06:03 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Thu, 07 Jun 2012 12:06:03 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <1338305505.8270.10.camel@hurina> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> Message-ID: <87txynzuqs.wl%fumiyas@osstech.jp> At Tue, 29 May 2012 18:31:45 +0300, Timo Sirainen wrote: > > > If Dovecot passdb is configured with LDAP (no TLS/SSL), > > > it is no problem. But if Dovecot passdb is configured with > > > LDAPS (or LDAP+TLS), Dovecot auth process has a problem > > > that Dovecot auth delays exiting about between 20 and > > > 60 seconds when Dovecot dovecot (master) process is already > > > terminated by an administrator. > > > > I can reproduce this problem with LDAP (no TLS/SSL) passdb. > > And I suppose you can reproduce it even when not using LDAP? Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) with PAM passdb. This PAM environment is configured for local UNIX passwd file only (no LDAP). > All of the Dovecot processes are supposed to close all listeners > immediately when the master process dies. If this doesn't happen then > something strange is going on. My dovecot config (PAM version) is below: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid namespace inbox { inbox = yes location = prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/dovecot-auth { mode = 0666 } } ssl_cert = References: Message-ID: <4FD06F3A.6030903@ehu.es> El 06/06/12 18:19, Joe V Aldeguer escribi?: > Hello, > > Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. > Something like doveadm expunge -A mailbox '*' savedbefore 1m should do that, depending on your userdb. But check with doveadm search before expunging anything! HTH From amateo at um.es Thu Jun 7 14:52:51 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 07 Jun 2012 13:52:51 +0200 Subject: [Dovecot] director and IPs shown at the backends Message-ID: <4FD09613.6000405@um.es> Hello, I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead of the director IP? From bind at enas.net Thu Jun 7 15:12:32 2012 From: bind at enas.net (Urban Loesch) Date: Thu, 07 Jun 2012 14:12:32 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09613.6000405@um.es> References: <4FD09613.6000405@um.es> Message-ID: <4FD09AB0.6020500@enas.net> Hi, try it with "login_trusted_networks" option on the backends: # Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. login_trusted_networks = But for POP this will only working with version 2.1.x regards Urban On 07.06.2012 13:52, Angel L. Mateo wrote: > Hello, > > I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends > are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead > of the director IP? > From h.reindl at thelounge.net Thu Jun 7 15:36:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 07 Jun 2012 14:36:58 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCFD2DD.7030109@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> Message-ID: <4FD0A06A.50008@thelounge.net> Am 06.06.2012 23:59, schrieb Ed W: > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification > which says that there must be a notification sent back to the sender whenever they download their emails. I cannot > currently bid for their business. > > A spec is a spec - either you can meet the spec or you can't bid for the business... i'm not sure why it is so hard to believe that nobody should bid for such idiotic specs - techs should act professional and not like whores while try impossible and stupid things which can sovle each mail-client since > 10 years and is not the job of a mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From phil25lsbin at gmail.com Thu Jun 7 16:33:34 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 15:33:34 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user Message-ID: Hi, I run a mail server on debian squeeze system , i installed the following software postfix dovecot spamassassin postgrey I configured a virtual domain and virtual mailbox but postfix don't pipe mail in dovecot. In log, it's appear that the relay mode is local and the delivery message is delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: client=localhost.localdomain[127.0.0.1] Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< E1Sccg1-00029S-9I at ns231581.ovh.net> Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed My dovecot.conf: protocols = imap imaps pop3 pop3s log_timestamp = "%Y-%m-%d %H:%M:%S " log_path = /var/log/dovecot/dovecot.log info_log_path = /var/log/dovecot/dovecot-info.log mail_privileged_group = mail disable_plaintext_auth = no mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes protocol imap { } protocol pop3 { } protocol managesieve { } protocol lda { postmaster_address = admlb at XXX.FR mail_plugin_dir = /usr/lib/dovecot/modules/lda auth_socket_path = /var/run/dovecot/auth-master } auth default { userdb sql { args = /etc/dovecot/dovecot-mysql.conf } passdb sql { args = /etc/dovecot/dovecot-mysql.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = smtp } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } dict { } plugin { } My main.cf myhostname = smtp.XXX.FR alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = XXX.FR mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost relayhost = mynetworks = 172.16.0.0/12 127.0.0.0/8 mailbox_size_limit = 0 inet_interfaces = all virtual_uid_maps = static:3000 virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_transport = dovecot virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings inet_protocols = ipv4 The end of master.cf file dovecot unix - n n - - pipe flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 Thanks From CMarcus at Media-Brokers.com Thu Jun 7 17:02:53 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 07 Jun 2012 10:02:53 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <4FD0B48D.9090200@Media-Brokers.com> Please do not provide copy/paste from conf files... Always ONLY provide UNEDITED output of: doveconf -n postconf -n On 2012-06-07 9:33 AM, phil25lsbin wrote: > Hi, > > I run a mail server on debian squeeze system , i installed the following > software > > postfix > dovecot > spamassassin > postgrey > > I configured a virtual domain and virtual mailbox but postfix don't pipe > mail in dovecot. > > In log, it's appear that the relay mode is local and the delivery message > is delivered to mailbox) > > Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: > client=localhost.localdomain[127.0.0.1] > Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< > E1Sccg1-00029S-9I at ns231581.ovh.net> > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< > admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) > Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< > admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, > status=sent (delivered to mailbox) > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed > > > My dovecot.conf: > > protocols = imap imaps pop3 pop3s > log_timestamp = "%Y-%m-%d %H:%M:%S " > log_path = /var/log/dovecot/dovecot.log > info_log_path = /var/log/dovecot/dovecot-info.log > mail_privileged_group = mail > disable_plaintext_auth = no > mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes > protocol imap { > } > > protocol pop3 { > } > protocol managesieve { > } > protocol lda { > postmaster_address = admlb at XXX.FR > mail_plugin_dir = /usr/lib/dovecot/modules/lda > auth_socket_path = /var/run/dovecot/auth-master > } > auth default { > userdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > passdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0600 > user = smtp > } > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > dict { > } > plugin { > } > > > My main.cf > > myhostname = smtp.XXX.FR > alias_maps = hash:/etc/aliases > alias_database = hash:/etc/aliases > myorigin = XXX.FR > mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost > relayhost = > mynetworks = 172.16.0.0/12 127.0.0.0/8 > mailbox_size_limit = 0 > inet_interfaces = all > virtual_uid_maps = static:3000 > virtual_gid_maps = static:3000 > virtual_mailbox_base = /home/smtp > virtual_transport = dovecot > virtual_mailbox_domains = mysql:/etc/postfix/ > mysql_virtual_mailbox_domains.cf > virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf > virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf > relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf > > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unauth_destination, > reject_unauth_pipelining, > check_policy_service inet:127.0.0.1:10023, > reject_invalid_hostname > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > content_filter = amavis:[127.0.0.1]:10024 > receive_override_options = no_address_mappings > inet_protocols = ipv4 > > The end of master.cf file > > dovecot unix - n n - - pipe > flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d > ${user}@${nexthop} > amavis unix - - - - 2 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > > 127.0.0.1:10025 inet n - - - - smtpd > -o content_filter= > -o local_recipient_maps= > -o relay_recipient_maps= > -o smtpd_restriction_classes= > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o mynetworks=127.0.0.0/8 > -o strict_rfc821_envelopes=yes > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks > -o smtpd_bind_address=127.0.0.1 > > Thanks From at_hacker at mail.ru Thu Jun 7 17:28:02 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Thu, 07 Jun 2012 18:28:02 +0400 Subject: [Dovecot] =?utf-8?q?Problem_with_Dovecot_and_AD_LDAP_auth?= Message-ID: <1339079282.133745848@f31.mail.ru> Hi. Seems it's a bug in dovecot auth. I have??FreeBSD 8.1-RELEASE-p1 and I tried 1.2.17 and 2.1.7 versions of Dovecot, and still no luck. The problem: when I set in dovecot-ldap.conf:?base = CN=Users,DC=domain,DC=local everything works fine. But if I set:?base = DC=domain,DC=local mail client can't authorize. /var/log/dovecot.log says: ===============================================? Jun 07 18:07:17 auth: Debug: auth client connected (pid=14611) Jun 07 18:08:11 auth: Debug: client in: AUTH 1 PLAIN service=imap session=G1//aeLB6wAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55787 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:18 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 127 secs): user=<>, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= Jun 07 18:10:18 auth: Debug: client in: CANCEL 1 Jun 07 18:10:18 auth: Debug: auth client connected (pid=14706) Jun 07 18:10:26 auth: Debug: client in: AUTH 1 PLAIN service=imap session=n6IBcuLB7AAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55788 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Connection appears to be hanging, reconnecting Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Request lost Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): ldap_search(base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))) failed: Operations error Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:13:18 imap-login: Info: Disconnected: Inactivity (auth failed, 1 attempts in 172 secs): user=, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= ============================================ My dovecot-ldap.conf: =============================== ldap_version = 3 hosts = ad.domain.local base = DC=hrom,DC=local scope = subtree dn = CN=mailserver,CN=Users,DC=domain,DC=local dnpass = here_is_pass auth_bind = yes pass_attrs = uid=user pass_filter = "(&(objectClass=person)(sAMAccountName=%u))" user_attrs = name=mail=maildir:/var/mail/virtual/hrom.local/%n user_filter = "(&(objectClass=person)(sAMAccountName=%u))" ===================================================? ? ?I need base = DC=domain,DC=local for searching for user's accounts in different OU of my AD. If I set base = CN=Users,DC=domain,DC=local, Dovecot can't authorize user accounts from OU. P.S.: Postfix with base = DC=domain,DC=local works perfectly, so the problem is not with our domain controller (LDAP server as well) . From jerry at seibercom.net Thu Jun 7 17:41:48 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 7 Jun 2012 10:41:48 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <20120607104148.6254a7e8@scorpio> On Thu, 7 Jun 2012 15:33:34 +0200 phil25lsbin articulated: >I run a mail server on debian squeeze system , i installed the >following software > >postfix >dovecot >spamassassin >postgrey > >I configured a virtual domain and virtual mailbox but postfix don't >pipe mail in dovecot. {SNIP} 1) Do not paste & copy your config files. Use: dovecot -n postconf -n Paste the output of those commands in you post. If Postfix is not relaying the mail you would probably be better served on the Postfix forum. Its not that no one here could help you, I am sure they will; however, it is really not a dovecot problem. For Postfix, you might want to investigate the page, specifically: Check out the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. Also, be sure to state the versions of the software that you are using and you OS system version as well. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From karl.oulmi at ibl.fr Thu Jun 7 18:26:59 2012 From: karl.oulmi at ibl.fr (Karl Oulmi) Date: Thu, 07 Jun 2012 17:26:59 +0200 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace Message-ID: <4FD0C843.4070503@ibl.fr> Hi, I've the following setup : - FreeBSD 9.0 / Dovecot 2.1.7 - Maildir storage over iSCSI (Dell MD3200i) - Virtual users over LDAP to render the storage snapshots available through dovecot (to allow my users to browse their mail history). Here is my conf : namespace { type = private inbox = yes list = yes prefix = INBOX. location = maildir:/home/%u/Maildir:CONTROL=/home/dovecot/control/%u:INDEX=/home/dovecot/indexes/%u } namespace snap { prefix = INBOX.snapshot.h0. hidden = no inbox = no list = yes location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u type = private } The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! Inbox cur|new are is /da1/%u/Maildir/ If anyone have a tip, It would be nice... Regards, Karl. -- _______________________________________________________________ Karl OULMI Centre de Ressources Informatiques Institut de Biologie de Lille - CNRS GDS3366 _______________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2879 bytes Desc: S/MIME Cryptographic Signature URL: From weber at zackbummfertig.de Thu Jun 7 18:53:00 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Thu, 07 Jun 2012 17:53:00 +0200 Subject: [Dovecot] auth-worker problem here. Message-ID: <1e9f63c2b3bdacfe8f03c89eca19d6a4@zackbummfertig.de> hello, in howto for gentoo i found this: To tell Postfix about the maps that you've just set up, add the following (substituting mysql for pgsql if you're on PostgreSQL) to the bottom of /etc/postfix/main.cf: virtual_alias_maps = mysql:/etc/postfix/sql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/sql_virtual_domain_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/sql_virtual_mailbox_maps.cf Tip: Because this is using the Dovecot's LDA, all results from virtual_mailbox_maps are ignored beyond checking if they exist. I added in the mysql db an alias postmaster at domainn.tld that should be forwarded to name at domainn.tld. The tip above tells me when using dovecot lda the virtual_alias_maps is ignored by dovecot. now when i send a mail to postmaster at domainn.tld the mail is not transported to name at domainn.tld. in logfile i see this: dovecot: auth-worker: sql(postmaster at zbfmail.de): Unknown user how can i tell dovecot to also use the virtual_alias_maps? thank you marko From phil25lsbin at gmail.com Thu Jun 7 19:05:25 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 18:05:25 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: <20120607104148.6254a7e8@scorpio> References: <20120607104148.6254a7e8@scorpio> Message-ID: Sorry, dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6- 64 x86_64 Debian 6.0.5 ext3 log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 lda: postmaster_address: admlb at XXX.fr mail_plugin_dir: /usr/lib/dovecot/modules/lda auth_socket_path: /var/run/dovecot/auth-master auth default: passdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf userdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: smtp postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 mydestination = XXX.fr, smtp.XXX.fr, localhost.XXX.fr, localhost myhostname = smtp.XXX.fr mynetworks = 172.16.0.0/12 127.0.0.0/8 myorigin = XXX.fr receive_override_options = no_address_mappings relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf relayhost = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:3000 Thanks for help 2012/6/7 Jerry > On Thu, 7 Jun 2012 15:33:34 +0200 > phil25lsbin articulated: > > >I run a mail server on debian squeeze system , i installed the > >following software > > > >postfix > >dovecot > >spamassassin > >postgrey > > > >I configured a virtual domain and virtual mailbox but postfix don't > >pipe mail in dovecot. > > {SNIP} > > 1) Do not paste & copy your config files. Use: > dovecot -n > postconf -n > > Paste the output of those commands in you post. > > If Postfix is not relaying the mail you would probably be better served > on the Postfix forum. Its not that no one here could help you, I am > sure they will; however, it is really not a dovecot problem. For > Postfix, you might want to investigate the > page, specifically: > Check out the > postfinger tool. This can be found at > http://ftp.wl0.org/SOURCES/postfinger. > > Also, be sure to state the versions of the software that you are using > and you OS system version as well. > > -- > Jerry ? > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the Reply-To header. > __________________________________________________________________ > > From rago at lal.in2p3.fr Thu Jun 7 20:56:19 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Thu, 07 Jun 2012 19:56:19 +0200 Subject: [Dovecot] Authentication issue Message-ID: <4FD0EB43.8070104@lal.in2p3.fr> Hi, I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth The first is easily satisfied with auth_mechanisms = plain cram-md5 disable_plaintext_auth = yes but I don't know how to satisfy the second condition, if it's possible. Thanks for help, Emiliano Rago From toml at engr.orst.edu Fri Jun 8 03:34:29 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Thu, 07 Jun 2012 17:34:29 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix Message-ID: <4FD14895.8040707@engr.orst.edu> We're using dovecot 2.1.3 and I've been doing some testing with 2.1.7. We have shared mail (maildir) folders working along with our default mbox mailboxes. Our problem is trying to get this to work in a reasonable fashion with our iPhone or iPad mail.app clients. It's well known that they don't honor the subscription list; they show all available mail folders and do not collapse trees of folders. I have 381 folders in directories under mail. Normal clients are fine, but this is unmanageable in IOS. What we have been doing is changing the mail prefix for the iPhone to a subfolder, then using soft links to point to the most commonly used folders we use. This works, but when one changes the mail prefix, any shared folders are not presented. I'm suspicious that this is a design decision. If there is some way to make it work, I'd be very grateful. Note the two 'sharedimap' folders listed in the first 'list'. Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). But, it does show that somewhere in the code it's checking the mail prefix against namespaces and not displaying shared folders in non-default prefixes. I wish this were a configurable option. thank you Tom Lieuallen Oregon State University . list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" . OK List completed. . list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" . OK List completed. =============== # 2.1.7: /private/dovecot/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_verbose = yes default_client_limit = 10245 default_process_limit = 5120 first_valid_uid = 100 mail_location = mbox:~/mail:INBOX=/var/mail/%u:INDEX=/a2/imap-index/%u mail_nfs_storage = yes mail_plugins = quota acl namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = shared } passdb { driver = pam } passdb { args = scheme=CRYPT username_format=%u /private/dovecot/etc/passwd driver = passwd-file } plugin { acl = vfile quota = fs:INBOX:mount=/a1 quota2 = fs:Home quota:mount=%h } protocols = imap lmtp service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 16 service_count = 1 } service imap { process_limit = 2048 } ssl_ca = Hello! I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, I'm aware of poolmon by Brad Davidson but I think it's kind of must-have feature out of box. thanks From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 8 06:16:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 8 Jun 2012 05:16:22 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user is logged in via IMAP Message-ID: <20120608031622.GA13898@daniel.localdomain> Hi, we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: Error: Recent flags state corrupted for mailbox Error: Corrupted dbox file Error: Corrupted transaction log file It looks like a LMTP director problem. The user has IMAP IDLE connections open and lmtp delivers to another host. This leads to nfs corruption problems. The user is logged into mail04 and has some IMAP IDLE mailbox connections open: mail04:~# ps -ef|grep someuser vmail 5217 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.190 IDLE] vmail 8623 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.233 IDLE] vmail 20279 23918 0 00:37 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.213 IDLE] If postfix on mail01/dcmailbox01 receives an incoming mail now, the director on mail01 does NOT direct LMTP to the responsible host mail04/dcmailbox04 (10.129.3.190), but delivers it locally to mail01 (10.129.3.193), which leads to file corruption. mail01:~# doveadm -c /etc/dovecot-director/dovecot-director.conf director status someuser at example.de Current: not assigned Hashed: 10.129.3.193 Initial config: 10.129.3.193 mail01:~# host 10.129.3.193 193.3.129.10.in-addr.arpa domain name pointer dcmailbox01.example.net. mail01 runs the lmtp proxy and lmtp delivery, even though the user is logged in via IMAP IDLE on mail04: mail01:~# grep "^Jun 8 03:36:.*someuser at example.de" /var/log/server/dovecot.log Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23404): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): jOv8JgJX0U/0aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1Rc024891 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23406): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): gWijMAJX0U/1aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1t0024890 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' The "user logged on via IMAP on mail04" and "lmtp delivery on mail01" seems to lead to corruption of mdbox indexes: Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 offset=32856 Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 -> 83 Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: marked corrupted How to enable the LMTP director to deliver to the correct mailbox host? Configuration of mailbox and director of mail01 is attached. Regards, Daniel -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 19143 } } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } -------------- next part -------------- # 2.0.20: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = proxy=y nopassword=y user=%n at dovecotmail.%d driver = static } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From a.kostyrev at serverc.ru Fri Jun 8 07:39:13 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 8 Jun 2012 15:39:13 +1100 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> *sorry, accidently send to soon. continue: but with imap it's ok I've read thread "Dovecot Proxy and environment variables" and as I understood there was no solution. yes, I use v.2.1.1 on both director and backends and yes, I've added login_trusted_networks = 192.168.5.0/24 on all of them but it didn't help. any workarounds? thanks -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Friday, June 08, 2012 3:33 PM To: dovecot at dovecot.org Subject: [Dovecot] Director pop3 real ips v2.1.1 good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From amateo at um.es Fri Jun 8 12:34:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:34:19 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09AB0.6020500@enas.net> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> Message-ID: <4FD1C71B.4040109@um.es> El 07/06/12 14:12, Urban Loesch escribi?: > > Hi, > > try it with "login_trusted_networks" option on the backends: > > # Space separated list of trusted network ranges. Connections from these > # IPs are allowed to override their IP addresses and ports (for logging and > # for authentication checks). disable_plaintext_auth is also ignored for > # these networks. Typically you'd specify your IMAP proxy servers here. > login_trusted_networks = > > But for POP this will only working with version 2.1.x > I didn't find that option in any example config file, but it's working. Maybe it must be documented in somewhere. Thank you. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Fri Jun 8 12:41:52 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:41:52 +0200 Subject: [Dovecot] director and doveadm server Message-ID: <4FD1C8E0.4010807@um.es> Hi, I've been reading doc at http://wiki2.dovecot.org/Director to configure my servers. My question is regarding configuration of doveadm server. I have configured both, director and backend servers, as described in that doc, but I don't know how to run doveadm commands in director servers. doveadm is working, because I can run commands, but they are executed in local (director) server. For example: root at myotis40:/etc/dovecot/conf.d# doveadm director status mail server ip vhosts users 155.54.211.169 100 1 but doveadm who seems to be executed just in local: (backend server) root at myotis30:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) angel.luis 2 imap (11931 11936) (155.54.67.5) (director server) root at myotis40:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) And another question about this... what is the local config option? I haven't found it documented anywhere. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 8 13:05:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 08 Jun 2012 06:05:09 -0400 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <4FD1CE55.4050701@Media-Brokers.com> On 2012-06-08 12:39 AM, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends The first/obvious answer is, did you try 2.1.7? 2.1 introduced a lot of changes, so you should *expect* to be sure and test the latest version before assuming it is/may be a bug... From amateo at um.es Fri Jun 8 13:24:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 12:24:37 +0200 Subject: [Dovecot] difference between client_limit and process_limit Message-ID: <4FD1D2E5.3020901@um.es> Hi, What is the real difference between client and process limit? According to documentation (http://wiki2.dovecot.org/Services#Service_limits): client_limit: Maximum number of simultaneous client connections. If set to 0, default_client_limit is used instead. process_limit: Maximum number of processes that can exist for this service. If set to 0, default_process_limit is used instead. But what does "client connection" exactly means? Is a user (login)? Is a user opens a few TCP connections (as many clients do) are they count as different connections? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From anmeyer at anup.de Fri Jun 8 14:05:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 13:05:11 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 Message-ID: <20120608130511.1d55d814@itx.bitcorner.intern> Hello! I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely ? Thanks for help! Andreas From amateo at um.es Fri Jun 8 14:12:25 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 13:12:25 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1D2E5.3020901@um.es> References: <4FD1D2E5.3020901@um.es> Message-ID: <4FD1DE19.4050903@um.es> El 08/06/12 12:24, Angel L. Mateo escribi?: > Hi, > > What is the real difference between client and process limit? According > to documentation (http://wiki2.dovecot.org/Services#Service_limits): > > client_limit: Maximum number of simultaneous client connections. If set > to 0, default_client_limit is used instead. > process_limit: Maximum number of processes that can exist for this > service. If set to 0, default_process_limit is used instead. > > But what does "client connection" exactly means? Is a user (login)? Is a > user opens a few TCP connections (as many clients do) are they count as > different connections? > Sorry, it's friday, my mind is on the weekend :-( I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From acrow at integrafin.co.uk Fri Jun 8 14:13:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 12:13:57 +0100 Subject: [Dovecot] 2.1.7 altmove not working Message-ID: <4FD1DE75.5000606@integrafin.co.uk> Hi list, I've just set up a 2.1.7 server, and have migrated a couple of accounts across from a 2.0.15 server, keeping the old configs. I have a strange problem on the new box in that altmove just doesn't work. I have my main storage under /home/email, indexes under /home/indexes and ALT under /home/email_archive. When I run the altmove command, the following broken symlink is created in /home/email/integrafin.co.uk/acrow: lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes But nothing is created in the archive other than the empty directory: /home/email_archive/integrafin.co.uk/a/acrow. My mail_location is: mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n This worked perfectly on the older server. I have attached my doveconf -a output. Any help much appreciated. Regards Alex -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.el6.x86_64 x86_64 CentOS release 6.2 (Final) ext4 auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@' auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = mail_access_groups = mail_attachment_dir = /home/email_archive/attachments mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = never mail_full_filesystem_access = no mail_gid = email mail_home = mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = email mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = yes mdbox_rotate_interval = 1 days mdbox_rotate_size = 2 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = INBOX/ separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = children location = mdbox:/home/email/%%d/%%n:ALT=/home/email_archive/%%d/%%1n/%%n:INDEX=/home/indexes/%d/%1n/%n/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/mail/dovecot/shared-mailboxes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 8524 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = email mode = 0600 user = email } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = pop3 service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <4FD1E24C.1030906@thelounge.net> Am 08.06.2012 13:05, schrieb Andreas Meyer: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > The section at line 217 looks like this: > > auth default { > mechanisms = plain > passdb passwd-file { > args = /etc/dovecot/passwd > } > userdb passwd-file { > args = /etc/dovecot/passwd > } > > How do I change it to fullfill the new needs? > > And how do I handle line 217? > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely what exactly are you not understanding here? this is a very clear message below a partly output from a working 2.1.7 auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz auth_debug = no auth_debug_passwords = no auth_verbose = no -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From voytek at sbt.net.au Fri Jun 8 14:34:39 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 08 Jun 2012 21:34:39 +1000 Subject: [Dovecot] Restoring older messages to new server? Message-ID: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> I had Dovcot 1.x setup, all was working well (till...) Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. I have recovered data from Maildirs messages from the old server, As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) Thanks for pointers, Voytek -- Swyped on my Motrix with K-9 Mail. Please excuse my brevity. From h.reindl at thelounge.net Fri Jun 8 14:37:12 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 13:37:12 +0200 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> Message-ID: <4FD1E3E8.8020103@thelounge.net> Am 08.06.2012 13:34, schrieb Voytek Eymont: > I had Dovcot 1.x setup, all was working well (till...) > > Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. > > I have recovered data from Maildirs messages from the old server, > As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) imapsync is your friend -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From trever.adams at gmail.com Fri Jun 8 16:11:50 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Fri, 08 Jun 2012 07:11:50 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 In-Reply-To: <4FD044A5.2000000@gmail.com> References: <4FD044A5.2000000@gmail.com> Message-ID: <4FD1FA16.7090004@gmail.com> On 06/07/2012 12:05 AM, Trever L. Adams wrote: > Hello Everyone, > > I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. > > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > > The cronjob is: > > 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D > > > What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. > > Any help would be greatly appreciated. > > Thank you, > Trever > > Sorry everyone. Trash was the right name. This used to work. The other boxes I am seeing the problem on are created when used. I am sorry to have sounded an alarm. Trever -- "Advise your legislators, when they make laws for larceny, burglary, or any felony, to make the penalty applicable to work upon roads, public works, or any place where the culprit can be taught more wisdom and more virtue, and become more enlightened. Rigor and seclusion will never do as much to reform the propensities of men as reason and friendship." -- Joseph Smith, Jr. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From mcbdovecot at robuust.nl Fri Jun 8 16:12:41 2012 From: mcbdovecot at robuust.nl (Maarten Bezemer) Date: Fri, 8 Jun 2012 15:12:41 +0200 (CEST) Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FD0A06A.50008@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> <4FD0A06A.50008@thelounge.net> Message-ID: On Thu, 7 Jun 2012, Reindl Harald wrote: > Am 06.06.2012 23:59, schrieb Ed W: >> I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification >> which says that there must be a notification sent back to the sender whenever they download their emails. I cannot >> currently bid for their business. >> >> A spec is a spec - either you can meet the spec or you can't bid for the business... > > i'm not sure why it is so hard to believe that nobody should > bid for such idiotic specs - techs should act professional > and not like whores while try impossible and stupid things > which can sovle each mail-client since > 10 years and is not > the job of a mailserver Does the spec say how to conform to it? I mean: does "the system" have to support the transmission of receipts? Most bidding rounds I've been part of only had very rough descriptions of what should be possible. Not exactly how. (Too detailed specs, pointing heavily in the direction of one type of solution provider, can be easily challenged!) So, even without Dovecot supporting DSN-stuff, it would be possible to bid for these types of clients. The system as a whole does support DSN's, when MUA is conforming to relevant specs. Most MUA's support some form of DSN of read notification. What's more: whatever choice you make, server side or client side, handling of these status messages (and ways to request them) heavily depend on the remote party's technology as well. So, claiming you conform to the read-notification spec can be as easy as saying "yes, as long as you use a proper MUA". -- Maarten From anmeyer at anup.de Fri Jun 8 16:33:07 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 15:33:07 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD1E24C.1030906@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> Message-ID: <20120608153307.751e3865@itx.bitcorner.intern> Reindl Harald wrote: > > > Am 08.06.2012 13:05, schrieb Andreas Meyer: > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > > > The section at line 217 looks like this: > > > > auth default { > > mechanisms = plain > > passdb passwd-file { > > args = /etc/dovecot/passwd > > } > > userdb passwd-file { > > args = /etc/dovecot/passwd > > } > > > > How do I change it to fullfill the new needs? > > > > And how do I handle line 217? > > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > what exactly are you not understanding here? > this is a very clear message I find the message very confusing. It says to do all settings inside auth {} and then to remove the auth {} section. With v1.0.5 I do have an auth default {} section and a section ## Authentication processes. > below a partly output from a working 2.1.7 > > auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN > auth_worker_max_count = 100 > auth_cache_size = 32768 > auth_cache_ttl = 1800 > auth_cache_negative_ttl = 1800 > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% > auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz > auth_debug = no > auth_debug_passwords = no > auth_verbose = no > Thank you! I found section ## Authentication processes but when I add auth_passdb { args = /etc/dovecot/passwd driver = passwd-file } auth_userdb { args = /etc/dovecot/passwd driver = passwd-file } I get an error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 709: Unknown setting: auth_passdb Where do I put the passdb and userdb sections? Andreas From weber at zackbummfertig.de Fri Jun 8 16:56:34 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 15:56:34 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= Message-ID: hello list, i need help. dovecot dont look into my virtual_alias_maps . i set via postzfixadmin an alias postmaster at domain.tld to newmail at domainother.tld. when i send mails to postmaster at domain.tld mails are rejected. dovecot authworker tells me in log: user unknown. but i can request the data via postmap -v -q postmaster at domain.tld mysql:/etc/postfix/mysql_virtual_alias.cf and get result "newmail at domainother.tld". any ideas, hwo to get dovecot to look into my alias maps? marko From steeeeeveee at gmx.net Fri Jun 8 17:12:01 2012 From: steeeeeveee at gmx.net (Steve) Date: Fri, 08 Jun 2012 16:12:01 +0200 Subject: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda In-Reply-To: References: Message-ID: <20120608141201.318640@gmx.net> -------- Original-Nachricht -------- > Datum: Fri, 08 Jun 2012 15:56:34 +0200 > Von: Marko Weber > An: Dovecot > Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda > > hello list, > i need help. dovecot dont look into my virtual_alias_maps . > i set via postzfixadmin an alias postmaster at domain.tld to > newmail at domainother.tld. > when i send mails to postmaster at domain.tld mails are rejected. dovecot > authworker tells > me in log: user unknown. > but i can request the data via postmap -v -q postmaster at domain.tld > mysql:/etc/postfix/mysql_virtual_alias.cf > and get result "newmail at domainother.tld". > This is postfix related. You need to look into your /etc/dovecot/conf.d/10-auth.conf and there you have referenced (probably with an !include) a auth-sql.conf.ext file. The content of that file is important to us. Probably there you have a userdb {} entry with an driver = sql and an args entry. The file you reference there in the args entry is important to us too. Can you post the content of those files? > any ideas, hwo to get dovecot to look into my alias maps? > > marko > // Steve -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From h.reindl at thelounge.net Fri Jun 8 17:35:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:35:49 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608153307.751e3865@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> Message-ID: <4FD20DC5.7000500@thelounge.net> Am 08.06.2012 15:33, schrieb Andreas Meyer: > Reindl Harald wrote: > >> >> >> Am 08.06.2012 13:05, schrieb Andreas Meyer: >>> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 >>> Now I get the following executing >>> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf >>> >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } >>> >>> The section at line 217 looks like this: >>> >>> auth default { >>> mechanisms = plain >>> passdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> userdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> >>> How do I change it to fullfill the new needs? >>> >>> And how do I handle line 217? >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >> >> what exactly are you not understanding here? >> this is a very clear message > > I find the message very confusing. It says to do all settings inside auth {} and > then to remove the auth {} section. no, it says you should MOVE all settings OUT from auth {} in the main part and add a prefix auth_ to them you quoted your auth{} section in a pure 2.x setup this would not exist -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 17:50:51 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 16:50:51 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD20DC5.7000500@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> Message-ID: <20120608165051.6001b856@itx.bitcorner.intern> Reindl Harald wrote: > >>> The section at line 217 looks like this: > >>> > >>> auth default { > >>> mechanisms = plain > >>> passdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> userdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> > >>> How do I change it to fullfill the new needs? > >>> > >>> And how do I handle line 217? > >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > >> > >> what exactly are you not understanding here? > >> this is a very clear message > > > > I find the message very confusing. It says to do all settings inside auth {} and > > then to remove the auth {} section. > > no, it says you should MOVE all settings OUT from auth {} > in the main part and add a prefix auth_ to them > > you quoted your auth{} section > > in a pure 2.x setup this would not exist > I get this output when I move the passwd settings to the main section: # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section, the auth-passwdfile.conf weems to be ignored. It has the following content: passdb { driver = passwd-file #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd } userdb { driver = passwd-file #args = username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd # Default fields that can be overridden by passwd-file #default_fields = quota_rule=*:storage=1G # Override fields from passwd-file #override_fields = home=/home/virtual/%u } I don't know where to put the passwd section. Andreas From h.reindl at thelounge.net Fri Jun 8 17:58:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:58:53 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608165051.6001b856@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> Message-ID: <4FD2132D.1090302@thelounge.net> Am 08.06.2012 16:50, schrieb Andreas Meyer: > Reindl Harald wrote: > >>>>> The section at line 217 looks like this: >>>>> >>>>> auth default { >>>>> mechanisms = plain >>>>> passdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> userdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> >>>>> How do I change it to fullfill the new needs? >>>>> >>>>> And how do I handle line 217? >>>>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>>> >>>> what exactly are you not understanding here? >>>> this is a very clear message >>> >>> I find the message very confusing. It says to do all settings inside auth {} and >>> then to remove the auth {} section. >> >> no, it says you should MOVE all settings OUT from auth {} >> in the main part and add a prefix auth_ to them >> >> you quoted your auth{} section >> >> in a pure 2.x setup this would not exist >> > > I get this output when I move the passwd settings to the main section: > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb because this does not belong here consider take a look at dovecot2 manuals http://wiki2.dovecot.org/AuthDatabase/ http://wiki2.dovecot.org/AuthDatabase/PasswdFile below the auth/passdb config of a 2.1.7 dovecot.conf which was dovecot 1.x until upgraded to 2.x a very long time ago within a few minutes by reading error-messages and docs in this case it is a proxy-only setup accessing dbmail's user-database for authentication ___________________________ # authentication process auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz # debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no # configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf } # we are not using local users userdb { driver = static args = static uid=5000 gid=5000 home=/dev/null } # configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 18:36:41 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 17:36:41 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2132D.1090302@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> Message-ID: <20120608173641.329d4c79@itx.bitcorner.intern> Reindl Harald wrote: > Am 08.06.2012 16:50, schrieb Andreas Meyer: > > Reindl Harald wrote: > >> you quoted your auth{} section > >> > >> in a pure 2.x setup this would not exist > >> > > > > I get this output when I move the passwd settings to the main section: > > > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb > > because this does not belong here > consider take a look at dovecot2 manuals > > http://wiki2.dovecot.org/AuthDatabase/ > http://wiki2.dovecot.org/AuthDatabase/PasswdFile thanks again! I think I got this one right now. I risked to restat dovecot with the new version and got this in the logfile now: Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: undefined symbol: mail_storage_module_id Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [84.179.59.203] The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to /usr/lib/dovecot/modules/lib10_quota_plugin.so What can I do? Wouldn't it be great to get the new dovecot working with my users and the old passwd file? Andreas From weber at zackbummfertig.de Fri Jun 8 18:44:32 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 17:44:32 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= In-Reply-To: <20120608141201.318640@gmx.net> References: <20120608141201.318640@gmx.net> Message-ID: <6b4775adce81aa5a7b9a8e7ccfe4a372@zackbummfertig.de> Am 08.06.2012 16:12, schrieb Steve: > -------- Original-Nachricht -------- >> Datum: Fri, 08 Jun 2012 15:56:34 +0200 >> Von: Marko Weber >> An: Dovecot >> Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps >> when using dovecot lda > >> >> hello list, >> i need help. dovecot dont look into my virtual_alias_maps . >> i set via postzfixadmin an alias postmaster at domain.tld to >> newmail at domainother.tld. >> when i send mails to postmaster at domain.tld mails are rejected. >> dovecot >> authworker tells >> me in log: user unknown. >> but i can request the data via postmap -v -q postmaster at domain.tld >> mysql:/etc/postfix/mysql_virtual_alias.cf >> and get result "newmail at domainother.tld". >> > This is postfix related. You need to look into your > /etc/dovecot/conf.d/10-auth.conf and there you have referenced > (probably with an !include) a auth-sql.conf.ext file. The content of > that file is important to us. Probably there you have a userdb {} > entry with an driver = sql and an args entry. The file you reference > there in the args entry is important to us too. Can you post the > content of those files? 10-auth.conf: auth_mechanisms = plain login digest-md5 cram-md5 !include auth-system.conf.ext !include auth-sql.conf.ext (thats all in the 10-auth.conf file) auth-sql.conf.ext: passdb { driver = sql # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } /etc/dovecot/dovecot-sql.conf.ext: connect = \ host=/var/run/mysqld/mysqld.sock \ dbname=postfixadmin \ user=wurst \ password=irgendetwaspasswort default_pass_scheme = MD5 user_query = \ SELECT \ CONCAT('/home/vmail/',maildir) AS home, \ CONCAT('maildir:/home/vmail/',maildir) AS mail, \ maildir, 5000 AS uid, 5000 AS gid, \ CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule \ FROM mailbox \ WHERE username = '%u' AND active = '1' LIMIT 1 password_query = \ SELECT \ username AS user, \ password, \ CONCAT('/home/vmail',maildir) AS userdb_home, \ CONCAT('maildir:/home/vmail/',maildir) AS userdb_mail, \ 5000 AS userdb_uid, \ 5000 AS userdb_gid \ FROM mailbox \ WHERE username='%u' AND active='1' LIMIT 1 thats all. do you need more information , lemme know. marko > > >> any ideas, hwo to get dovecot to look into my alias maps? >> >> marko >> > // Steve From tss at iki.fi Fri Jun 8 19:12:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:12:44 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608130511.1d55d814@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> On 8.6.2012, at 14.05, Andreas Meyer wrote: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } .. > How do I change it to fullfill the new needs? doveconf should have done all of those changes for you and placed them to dovecot-2.conf From tss at iki.fi Fri Jun 8 19:15:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:15:24 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608173641.329d4c79@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: On 8.6.2012, at 18.36, Andreas Meyer wrote: > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > What can I do? Wouldn't it be great to get the new dovecot working with > my users and the old passwd file? The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. From tss at iki.fi Fri Jun 8 19:17:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:17:48 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1DE19.4050903@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: On 8.6.2012, at 14.12, Angel L. Mateo wrote: >> What is the real difference between client and process limit? According >> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >> > Sorry, it's friday, my mind is on the weekend :-( > > I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. From tss at iki.fi Fri Jun 8 19:20:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:20:09 +0300 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <1415FF99-54F4-4D17-BC8A-7ACC9E0FE6F4@iki.fi> On 8.6.2012, at 7.39, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends > and yes, I've added > login_trusted_networks = 192.168.5.0/24 on all of them > but it didn't help. Missing feature: v2.1.2 2012-03-15 Timo Sirainen + Proxying: POP3 now supports sending remote IP+port from proxy to backend server via Dovecot-specific XCLIENT extension. From tss at iki.fi Fri Jun 8 19:25:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:25:50 +0300 Subject: [Dovecot] auth trouble In-Reply-To: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> Message-ID: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> On 6.6.2012, at 2.08, Glenn English wrote: >> And these brute force attempts would be logged, each one. > > They are, with no rhost. And there are other brute force attempts > that *do* have IPs. I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. From rnalrd at gmail.com Fri Jun 8 17:53:21 2012 From: rnalrd at gmail.com (Leonardo) Date: Fri, 08 Jun 2012 16:53:21 +0200 Subject: [Dovecot] ntlm_auth in Dovecot Message-ID: <1339167201.4285.90.camel@df1844j> Hi, I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. I'm getting the following error: Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not authenticated: NT_STATUS_UNSUCCESSFUL "wbinfo -u" reports all the users of the domain and "ntlm_auth --username=%name% --domain="%domain%" gets authenticated successfully. Debugging winbind I can see the following error: [2012/06/08 14:18:11.129611, 10] winbindd/winbindd.c:651(process_request) process_request: unknown request fn number 14 [2012/06/08 14:18:11.129671, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[2822:unknown request]: delivered response to client My dovecot.conf is the following: auth_mechanisms = plain ntlm login auth_username_format = %n auth_verbose = yes auth_winbind_helper_path = /usr/bin/ntlm_auth auth_use_winbind = yes auth_debug = yes disable_plaintext_auth = no info_log_path = /var/log/dovecot-info.log log_path = /var/log/dovecot.log mail_location = maildir:/var/mail/domains/%d/%n plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } protocols = imap ssl = no userdb { driver = static args = uid=100 gid=101 home=/var/mail/domains/%d/%n first_valid_uid=100 } passdb ldap { driver = ldap args = /etc/dovecot/dovecot-ldap.conf } protocol imap { mail_plugins = autocreate } Sounds like there is an issue when Dovecot runs "ntlm_auth". It doesn't appear to be a permission issue (perms are 755). Any help is appreciated. Thank you in advance. -- leonardo. From at_hacker at mail.ru Fri Jun 8 19:32:54 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Fri, 08 Jun 2012 20:32:54 +0400 Subject: [Dovecot] =?utf-8?q?Fwd=3A__ntlm=5Fauth_in_Dovecot?= Message-ID: <1339173174.822111746@f215.mail.ru> Try to delete your server from domain and add it again by "net ads join..." > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL From h.reindl at thelounge.net Fri Jun 8 19:33:26 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 18:33:26 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: <4FD22956.20904@thelounge.net> Am 08.06.2012 18:17, schrieb Timo Sirainen: > On 8.6.2012, at 14.12, Angel L. Mateo wrote: > >>> What is the real difference between client and process limit? According >>> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >>> >> Sorry, it's friday, my mind is on the weekend :-( >> >> I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? > > Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. depends on the usecase / workload having dovecot as proxy for other imap-backends and 1 process per connection will heavily raise up process-count and memory-overhead while memory may be needed for the imap-backend (like dbmail) and datanases process_limit = 15 client_limit = 300 this way you can have 4500 proxy-connections and use most time not more than 4-5 processes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Fri Jun 8 19:43:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:43:16 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD22956.20904@thelounge.net> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> Message-ID: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> On 8.6.2012, at 19.33, Reindl Harald wrote: >> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. > > depends on the usecase / workload > > having dovecot as proxy for other imap-backends and 1 process per connection > will heavily raise up process-count and memory-overhead while memory > may be needed for the imap-backend (like dbmail) and datanases > > process_limit = 15 > client_limit = 300 > > this way you can have 4500 proxy-connections and use most time > not more than 4-5 processes Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. From anmeyer at anup.de Fri Jun 8 19:57:21 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 18:57:21 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> References: <20120608130511.1d55d814@itx.bitcorner.intern> <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> Message-ID: <20120608185721.46b98e9f@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 14.05, Andreas Meyer wrote: > > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. Yes, it did. I was wondering, it just containes a few lines. ;) Took it and placed it in /usr/etc as dovecot.conf. But then I got this error with the quota_plugin, see they other thread. > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > .. > > How do I change it to fullfill the new needs? > > doveconf should have done all of those changes for you and placed them to dovecot-2.conf > Yes, it did. Andreas From l.messner at physik.tu-berlin.de Fri Jun 8 19:59:02 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Fri, 8 Jun 2012 18:59:02 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? Message-ID: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Hi list, i noticed that when doing imap gssapi authentication with kerberos, dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf and doveconf -n also show this setting. If i combine the keytabs in krb5.keytab it works. Is there another location where i should put my configuration regarding gssapi/kerberos ? Thanks, Leon logs: 18:48_root at mail3:/root# cat /var/log/dovecot.log | tail -n 8 Jun 08 18:48:16 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=gexTxPjBZACClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=31076 Jun 08 18:48:16 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 08 18:48:16 auth: Debug: client out: CONT 1 Jun 08 18:48:16 auth: Debug: client in: CONT Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 08 18:48:18 auth: Debug: client out: FAIL 1 Jun 08 18:48:23 imap-login: Info: Aborted login (auth failed, 1 attempts in 7 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p3 amd64 auth_debug = yes auth_gssapi_hostname = mail3.physik-pool.tu-berlin.de auth_krb5_keytab = /etc/mail3.krb5.keytab auth_mechanisms = gssapi plain login auth_verbose = yes auth_worker_max_count = 120 first_valid_gid = 300 first_valid_uid = 200 lda_mailbox_autocreate = yes listen = mail3.physik.tu-berlin.de log_path = /var/log/dovecot.log mail_fsync = always mail_location = maildir:~/maildir mail_nfs_index = yes mail_nfs_storage = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = mbox:~/mail prefix = mail/ separator = / type = private } passdb { args = session=yes failure_show_msg=yes max_requests=100 dovecot driver = pam } plugin { quota = fs sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0660 } unix_listener auth-master { mode = 0600 } user = root } service imap-login { inet_listener imap { port = 0 } process_limit = 256 process_min_avail = 6 } service managesieve-login { process_limit = 256 process_min_avail = 6 } service pop3-login { inet_listener pop3 { port = 0 } process_limit = 256 process_min_avail = 6 } ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: <20120608190243.1ccf5aa8@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 18.36, Andreas Meyer wrote: > > > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > > > What can I do? Wouldn't it be great to get the new dovecot working with > > my users and the old passwd file? > > The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. > I wonder ./configure, make and make install went through, but for some reason the /usr/lib/dovecot/modules directory was not updated. Could it be because there was the old version 1.0.5 still running while installing the new one? I'll try to do a make install again while the dovecot is stopped and then start the new version and see what happens. Andreas From h.reindl at thelounge.net Fri Jun 8 20:10:35 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:10:35 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608190243.1ccf5aa8@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> Message-ID: <4FD2320B.6070107@thelounge.net> Am 08.06.2012 19:02, schrieb Andreas Meyer: > Timo Sirainen wrote: > >> On 8.6.2012, at 18.36, Andreas Meyer wrote: >> >>> Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: >>> >>> What can I do? Wouldn't it be great to get the new dovecot working with >>> my users and the old passwd file? >> >> The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. >> > > I wonder ./configure, make and make install went through, but for some > reason the /usr/lib/dovecot/modules directory was not updated. Could > it be because there was the old version 1.0.5 still running while > installing the new one? ouch - why are you doing such rough installs instead taking some time to learn how to build packages for your OS? the benefit of package-systems like rpm/deb is that obsolete files are removed on updates and you have clean installs over many years and major upgrades of any software as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a recent src.rpm and replace rebuild new versions for older releases the additional benefit is that you can do this on a dedicated virtual machine with devel-packages, GCC and so on which is all not needed on the production systems AND you can easily use this packages on testing machines followed by a crontrolled rollout even for software with a handful of scripts -> on my servers and workstations NEVER get any software installed without a package and there are only two exceptions: VMware Workstation and ZendStudio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 20:31:02 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 19:31:02 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2320B.6070107@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> Message-ID: <20120608193102.37d4662d@itx.bitcorner.intern> Reindl Harald wrote: > > I wonder ./configure, make and make install went through, but for some > > reason the /usr/lib/dovecot/modules directory was not updated. Could > > it be because there was the old version 1.0.5 still running while > > installing the new one? > > ouch - why are you doing such rough installs instead taking some time > to learn how to build packages for your OS? > > the benefit of package-systems like rpm/deb is that obsolete files > are removed on updates and you have clean installs over many years > and major upgrades of any software > > as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a > recent src.rpm and replace rebuild new versions for older releases > > the additional benefit is that you can do this on a dedicated virtual > machine with devel-packages, GCC and so on which is all not needed on > the production systems AND you can easily use this packages on > testing machines followed by a crontrolled rollout > > even for software with a handful of scripts -> on my servers and > workstations NEVER get any software installed without a package > and there are only two exceptions: VMware Workstation and ZendStudio ;-) I never ever built a rpm using sources since years. I always build and install from the sources. So ok, made a fresh make install and found out that the directory /usr/lib/dovecot/modules and its contents were not created after deleting manually the old /usr/lib/dovecot directory. Got this snipped from the make install output: make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' Making install in trash make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: F?r das Ziel ?install-exec-am? ist nichts zu tun. test -z "/usr/lib/dovecot" || /bin/mkdir -p "/usr/lib/dovecot" /bin/sh ../../../libtool --mode=install /usr/bin/install -c lib11_trash_plugin.la '/usr/lib/dovecot' libtool: install: warning: relinking `lib11_trash_plugin.la' libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh /home/mail1/dovecot-2.1.7/libtool --tag CC --mode=relink gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath /usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt ) *** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! libtool: relink: gcc -shared -fPIC -DPIC .libs/trash-plugin.o -Wl,-rpath -Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt -O2 -Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT /usr/lib/dovecot/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai /usr/lib/dovecot/lib11_trash_plugin.la libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a libtool: finish: PATH="/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin" ldconfig -n /usr/lib/dovecot Andreas From h.reindl at thelounge.net Fri Jun 8 20:36:18 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:36:18 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608193102.37d4662d@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> Message-ID: <4FD23812.4070204@thelounge.net> Am 08.06.2012 19:31, schrieb Andreas Meyer: > Reindl Harald wrote: >> even for software with a handful of scripts -> on my servers and >> workstations NEVER get any software installed without a package >> and there are only two exceptions: VMware Workstation and ZendStudio > > ;-) I never ever built a rpm using sources since years. I always > build and install from the sources a good time to start again :-) i missed to tell another benefit: you have to specify every installed file in the %files section, so you are aware of changes in any folder-structure, as long it builds wtihout complaining with a new source-version you can be pretty sure all is sane this time virtualization is a real improvement * build packages outside production environment * provide local repos in the own LAN * setup testing machins with real data * test upgrades with real data in this life i will never ever setup a server on bare metal without having VMware ESXi as backend (clone, snapshots..) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From acrow at integrafin.co.uk Fri Jun 8 20:58:24 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 18:58:24 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD1DE75.5000606@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> Message-ID: <4FD23D40.2050001@integrafin.co.uk> On 08/06/12 12:13, Alex Crow wrote: > Hi list, > > I've just set up a 2.1.7 server, and have migrated a couple of > accounts across from a 2.0.15 server, keeping the old configs. I have > a strange problem on the new box in that altmove just doesn't work. I > have my main storage under /home/email, indexes under /home/indexes > and ALT under /home/email_archive. > > When I run the altmove command, the following broken symlink is > created in /home/email/integrafin.co.uk/acrow: > > lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> > /home/email_archive/integrafin.co.uk/a/acrow/mailboxes > > But nothing is created in the archive other than the empty directory: > /home/email_archive/integrafin.co.uk/a/acrow. > > My mail_location is: > > mail_location = > mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n > > This worked perfectly on the older server. I have attached my doveconf > -a output. > > Any help much appreciated. > > Regards > > Alex > BTW I need to add that even with -v -D there were no complaints from dovecot altmove, and nothing untoward in /var/log/maillog. I also forgot to specify that I'm running on Centos6.2, all updates applied, package was built with a combo of the spec file from ATRPMs and the latest source tarball. I previously had the ATRPMS 2.1.1 package installed, same issue. Please feel free to tell me if I'm doing something wrong (ie something has changed between 2.0 and 2.1 re ALT: storage. Cheers Alex From anmeyer at anup.de Fri Jun 8 21:49:26 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 20:49:26 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD23812.4070204@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> <4FD23812.4070204@thelounge.net> Message-ID: <20120608204926.3fbf6344@itx.bitcorner.intern> Reindl Harald wrote: > > ;-) I never ever built a rpm using sources since years. I always > > build and install from the sources > > a good time to start again :-) > > i missed to tell another benefit: you have to specify every > installed file in the %files section, so you are aware of > changes in any folder-structure, as long it builds wtihout > complaining with a new source-version you can be pretty sure > all is sane > > this time virtualization is a real improvement > > * build packages outside production environment > * provide local repos in the own LAN > * setup testing machins with real data > * test upgrades with real data > > in this life i will never ever setup a server on bare metal > without having VMware ESXi as backend (clone, snapshots..) > I have that beast running. There was an entry in the docecot.conf like this, created by doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf protocol imap { mail_plugin_dir = /usr/lib/dovecot/modules/imap mail_plugins = quota imap_quota } protocol pop3 { mail_plugin_dir = /usr/lib/dovecot/modules/pop3 mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } I commented it out and I can retrieved mail furthermore. :-) Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve running. Thank you everybody for the help and that great piece of software! Andreas From ghe at slsware.com Fri Jun 8 22:27:43 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 8 Jun 2012 13:27:43 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> Message-ID: On Jun 8, 2012, at 10:25 AM, Timo Sirainen wrote: > I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. Will do. What you say fits with what I see in the logs and is a lot simpler than many other suggestions. And you do have some credibility in this area :-) Thanks. -- Glenn English hand-wrapped from my Apple Mail From anmeyer at anup.de Fri Jun 8 23:34:32 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 22:34:32 +0200 Subject: [Dovecot] per user quota Message-ID: <20120608223432.390c71d0@itx.bitcorner.intern> Hello! I activated quota plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% } But when I want to do per user quota in the passwd-file ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G I get this in the logfile and can't login: Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. Same with 'storage' in the passwd-file. What's wrong? Andreas From acrow at integrafin.co.uk Sat Jun 9 00:25:39 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 22:25:39 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD23D40.2050001@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> <4FD23D40.2050001@integrafin.co.uk> Message-ID: <4FD26DD3.10109@integrafin.co.uk> > > BTW I need to add that even with -v -D there were no complaints from > dovecot altmove, and nothing untoward in /var/log/maillog. I also > forgot to specify that I'm running on Centos6.2, all updates applied, > package was built with a combo of the spec file from ATRPMs and the > latest source tarball. > > I previously had the ATRPMS 2.1.1 package installed, same issue. > > Please feel free to tell me if I'm doing something wrong (ie something > has changed between 2.0 and 2.1 re ALT: storage. > > Cheers > > Alex > I don't know how I did it (I didn't change *any* config directive) but now it magically seems to work after a reboot and umount/remount of the ALT storage area. However I still have that dangling symlink: lrwxrwxrwx 1 email email 54 Jun 8 22:05 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes Where the target doesn't exist... Cheers Alex From agt at ucsd.edu Sat Jun 9 00:53:02 2012 From: agt at ucsd.edu (Adam G Tilghman) Date: Fri, 8 Jun 2012 14:53:02 -0700 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x Message-ID: <20120608215302.GA29690@acsmail.ucsd.edu> We're planning to upgrade our site from 1.2.17 to 2.1.x within the next few months, but we must ensure our ability to revert to 1.2.17 if problems arise. I don't expect our maildir storage would present a problem, but am less certain about 2.1.x index/control files remaining readable under 1.2.17. Should I have any reason to worry? -- Adam Tilghman Systems Support / Academic Computing & Media Services agt at ucsd.edu 858-822-0711 University of California, San Diego From freebsd at grem.de Sat Jun 9 03:58:15 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 02:58:15 +0200 Subject: [Dovecot] Maildir filename has wrong S value In-Reply-To: <20120515102352.GA24117@uil.winnipeg.nl> References: <20120515102352.GA24117@uil.winnipeg.nl> Message-ID: <4FD29FA7.8040300@grem.de> On 15.5.12 12:23, Wouter de Geus wrote: > Hello folks, > > This morning I tried to open an old archive mail folder using Mutt. > However, while fetching headers it aborted. > Checking the dovecot log gave me this: > > @400000004fb21996267d37d4 imap(benv): Error: Cached message size smaller than expected (9115 < 9420) > @400000004fb21996267e8bac imap(benv): Error: Maildir filename has wrong S value, renamed the file from /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S to /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9420:2,S > @400000004fb21996267e937c imap(benv): Error: Corrupted index cache file /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/dovecot.index.cache: Broken physical size for mail UID 294 > @400000004fb21996267eaaec imap(benv): Error: read(/home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S) failed: Input/output error (uid=294) > @400000004fb219962680683c imap(benv): Info: Disconnected: Internal error occurred. Refer to server log for more information. [2012-05-15 10:53:32] in=6503 out=192718 > > I've retried opening this folder several times, but each time Dovecot only fixes 1 file and then aborts. > (the folder apparently has a lot more files with incorrect sizes). > My question here is: Why does dovecot abort? Isn't the issue fixed after the rename? > > Also: The files are not corrupted or unreadable, reading them through the commandline works fine. > I've looked through my backups and saw that at least half a year ago this mismatch in size was already present. > > I've been running dovecot for quite a while, so the cause of this size mismatch might very well be a issue in an older version of dovecot / my configuration. > Right now I'm running dovecot 2.1.6, but I've been running the v1.2 version for quite a while before that. > > Is this something that can be improved in dovecot so it doesn't abort after 1 rename? > (of course I could script a rename operation, but that seems like a workaround to me) > > Thanks for reading. > > Wouter. > > > > > My current configuration: > ========================= > # 2.1.6: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32.32-g3d14ce7 x86_64 Slackware 11.0.0 > base_dir = /var/run/dovecot2/ > disable_plaintext_auth = no > first_valid_uid = 89 > info_log_path = /dev/stderr > last_valid_uid = 89 > log_path = /dev/stderr > log_timestamp = > mail_debug = yes > mail_location = maildir:~/Maildir > mail_max_userip_connections = 50 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify e > nvironment mailbox date > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > type = private > } > passdb { > driver = vpopmail > } > plugin { > autocreate = INBOX.Spam > quota = maildir > sieve = ~/.sieve/dovecot.sieve > sieve_dir = ~/.sieve > sieve_global_dir = /etc/dovecot/sieve/ > sieve_subaddress_sep = -+ > } > protocols = imap pop3 sieve > service auth { > unix_listener auth-master { > group = vchkpw > mode = 0660 > } > unix_listener auth-userdb { > group = vchkpw > mode = 0660 > } > } > service imap-login { > inet_listener imap { > address = [::] * > port = 143 > } > inet_listener imaps { > address = [::] * > port = 993 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service managesieve-login { > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service pop3-login { > inet_listener pop3 { > address = [::] * > port = 110 > } > inet_listener pop3s { > address = [::] * > port = 995 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > ssl_cert = ssl_cipher_list = ALL:!LOW > ssl_key = userdb { > driver = vpopmail > } > verbose_proctitle = yes > protocol lda { > hostname = mail.benv.junerules.com > info_log_path = /var/log/dovecot/dovecot2-deliver.log > log_path = /var/log/dovecot/dovecot2-deliver-errors.log > mail_plugins = sieve > postmaster_address = postmaster at benv.junerules.com > sendmail_path = /var/qmail/bin/sendmail > } > protocol imap { > imap_max_line_length = 64 k > mail_plugins = quota imap_quota autocreate > } > protocol pop3 { > mail_plugins = quota autocreate > pop3_no_flag_updates = no > pop3_uidl_format = %v-%u > } > ================================= > I've been facing the same issue today in a similar setup (qmail + vpopmail + dovecot) and figured, that the qmail maildir++ patch I'm using miscalculates the size of mail, since it ignores Delivered-To and Return-Path in the size calculation. Fixing this and reinstalling qmail-local ( plus fixing existing mail using doveadm fetch -u username text all > /dev/null ) solved the problem for me. The problematic line in qmail-local.c is: s += fmt_ulong(s,st.st_size); *s++ = 0; which should be: s += fmt_ulong(s,st.st_size+rpline.len+dtline.len); *s++ = 0; (for FreeBSD users: I submitted a patch to the qmail port, fixing this) http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/168870 Fixing this also fixed fts_squat for me (dovecot 2.1.7) -- Michael From freebsd at grem.de Sat Jun 9 04:07:56 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 03:07:56 +0200 Subject: [Dovecot] squat not working in 2.1 In-Reply-To: <4F4DF7F7.8020405@in.tum.de> References: <4F3FA5D3.8050101@jkart.de> <761E2C44-272D-4F6A-8A33-7FAFB1F011E1@leuxner.net> <4F428323.8050404@fastmail.fm> <6A93411B-4058-4A7D-9F94-452403AE83ED@iki.fi> <4F4DF7F7.8020405@in.tum.de> Message-ID: <4FD2A1EC.4000304@grem.de> On 29.2.12 11:03, Christoph Bu?enius wrote: > On 21.02.2012 01:18, Timo Sirainen wrote: >> On 20.2.2012, at 19.30, Metro Domain Admin wrote: >> >>> Squat is apparently deprecated: >>> http://dovecot.org/list/dovecot/2011-December/062630.html >> >> Yes, but it should still work.. > > As far as I can tell from my tests, squat has stopped working in 2.1. > > Let's take a user who does not have any mails yet, and deliver a first > mail to him: > > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now create an IMAP session, select INBOX, and do a search: > > * 1 EXISTS > * 1 RECENT > * OK [UNSEEN 1] First unseen. > * OK [UIDVALIDITY 1330509552] UIDs valid > * OK [UIDNEXT 2] Predicted next UID > * OK [HIGHESTMODSEQ 1] Highest > . OK [READ-WRITE] Select completed. > >>> . search text test > * SEARCH > . OK Search completed (0.006 secs). > > (Should have returned 1 message.) > > Deliver the same message again: > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now in the existing session, run the search command three more times: > > >>> . search text test > * SEARCH > * 2 EXISTS > * 2 RECENT > . OK Search completed (0.000 secs). > >>> . search text test > * SEARCH 2 > . OK Search completed (0.002 secs). > >>> . search text test > * SEARCH > . OK Search completed (0.000 secs). > > It found the message once, but the next time it didn't. So the squat > search does not actually seem to work any more. I know it's > deprecated, I just wanted to note this. > > Cheers, > Christoph > I had the same symptoms (dovecot 2.1.7), but in my case the reason were corrupted Maildir filenames (S=xxxx and the actual file size differed, which among other things also caused trouble in fts_squat). Those files were a result of a bug in the qmail-maildir++ patch. For details see http://www.dovecot.org/list/dovecot/2012-June/066281.html -- Michael From ott at mirix.org Sat Jun 9 04:55:12 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 03:55:12 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FD2AD00.2050805@mirix.org> On 2012-06-05 23:43, Timo Sirainen wrote: > On 5.6.2012, at 23.33, Michescu Andrei wrote: > >>> I agree, in practice this is not an issue compared to the unavailability >>> of the service, but on longer IMAP sessions (e.g. transferring a big >>> file) the connection loss is noticeable. >> >> It is noticeable for somebody that really waits for a large email. > > And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? Yes, there is. You have to replicate the entire state of the IMAP session (protocol states, buffers, TLS state etc.) and the TCP state of the connection. The state of the IMAP session is (in theory) easily replicable (although you probably have to rely on internals of the TLS implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via i2d_SSL_SESSION, though this is meant to resume session via TLS) and for TCP there is RTCP [1]. RTCP intercepts the TCP session is able to recover the TCP state. It works without any modification of the operating system (at the moment limited to Linux). If this would be implemented in Dovecot it would really set it apart from other IMAP servers and software that I've seen so far. Being able to transparently handle failover of a TCP connection is unique. > I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. Load rebalancing would probably be another feature that separates Dovecot from other IMAP servers. Regards, Matthias-Christian [1] http://rtcp.sourceforge.net/ From rnalrd at gmail.com Sat Jun 9 16:04:13 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 15:04:13 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339247053.4285.92.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL BTW I forgot to say that I've already disjoined and rejoined the server to the domain. I saw someone suggested that on the list (I wasn't subscribe until now). -- leonardo From tss at iki.fi Sat Jun 9 17:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 9 Jun 2012 17:11:07 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FD2AD00.2050805@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> Message-ID: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > Yes, there is. You have to replicate the entire state of the IMAP > session (protocol states, buffers, TLS state etc.) and the TCP state of > the connection. The state of the IMAP session is (in theory) easily > replicable (although you probably have to rely on internals of the TLS > implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via > i2d_SSL_SESSION, though this is meant to resume session via TLS) Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? > and for > TCP there is RTCP [1]. RTCP intercepts the TCP session is able to > recover the TCP state. It works without any modification of the > operating system (at the moment limited to Linux). Thanks for this too. > If this would be implemented in Dovecot it would really set it apart > from other IMAP servers and software that I've seen so far. Being able > to transparently handle failover of a TCP connection is unique. Yes. From ott at mirix.org Sat Jun 9 17:35:42 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 16:35:42 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> Message-ID: <4FD35F3E.8040901@mirix.org> On 2012-06-09 16:11, Timo Sirainen wrote: > On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > >> Yes, there is. You have to replicate the entire state of the IMAP >> session (protocol states, buffers, TLS state etc.) and the TCP state of >> the connection. The state of the IMAP session is (in theory) easily >> replicable (although you probably have to rely on internals of the TLS >> implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via >> i2d_SSL_SESSION, though this is meant to resume session via TLS) > > Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? The Apache httpd module mod_ssl uses it. GnuTLS has similar functions with gnutls_db_*, although it's also only intended to be used to resume a session. Have look at the Apache httpd module mod_gnutls. Regards, Matthias-Christian From rnalrd at gmail.com Sat Jun 9 18:49:41 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 17:49:41 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339256981.4285.99.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL > > > "wbinfo -u" reports all the users of the domain and "ntlm_auth > --username=%name% --domain="%domain%" gets authenticated successfully. > > > Debugging winbind I can see the following error: > > > [2012/06/08 14:18:11.129611, 10] > winbindd/winbindd.c:651(process_request) > process_request: unknown request fn number 14 > [2012/06/08 14:18:11.129671, 10] > winbindd/winbindd.c:738(winbind_client_response_written) > winbind_client_response_written[2822:unknown request]: delivered > response to client Upgrading to Dovecot 2.1.5 did not help. -- leo From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 19:51:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 18:51:27 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user [solved] is logged in via IMAP In-Reply-To: <20120608031622.GA13898@daniel.localdomain> References: <20120608031622.GA13898@daniel.localdomain> Message-ID: <20120609165127.GA9833@daniel.localdomain> Daniel Parthey wrote: > we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: > > Error: Recent flags state corrupted for mailbox > Error: Corrupted dbox file > Error: Corrupted transaction log file > > It looks like a LMTP director problem. The user has IMAP IDLE connections > open and lmtp delivers to another host. This leads to nfs corruption problems. > > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- > Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 > offset=32856 > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 > -> 83 > Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: > marked corrupted > > How to enable the LMTP director to deliver to the correct mailbox host? The reason were different usernames for different protocols (lmtp and imap) of the same user, which resulted in different target hosts in the director: LMTP director was using username at example.org -> Host mail01 IMAP director was using username at dovecotmail.example.org -> Host mail04 > # 2.0.20: /etc/dovecot-director/dovecot-director.conf > passdb { > args = proxy=y nopassword=y user=%n at dovecotmail.%d > driver = static > } Removing the user mapping in the static imap passdb solved the problem: passdb { args = proxy=y nopassword=y driver = static } Now the user is directed to the same host for all protocols again. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 20:09:30 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 19:09:30 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120608223432.390c71d0@itx.bitcorner.intern> References: <20120608223432.390c71d0@itx.bitcorner.intern> Message-ID: <20120609170930.GA10032@daniel.localdomain> Hello Andreas, Andreas Meyer wrote: > I activated quota > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=+10%% > } > > But when I want to do per user quota in the passwd-file > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G It looks like you are at least missing a space between userdb_mail=maildir:~/ and userdb_quota_rule. > I get this in the logfile and can't login: > > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. > > Same with 'storage' in the passwd-file. What's wrong? You forgot to attach your "doveconf -n" output. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:20:47 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:20:47 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD1C71B.4040109@um.es> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> <4FD1C71B.4040109@um.es> Message-ID: <20120609182047.GA10833@daniel.localdomain> Angel L. Mateo wrote: > El 07/06/12 14:12, Urban Loesch escribi?: > ># Space separated list of trusted network ranges. Connections from these > ># IPs are allowed to override their IP addresses and ports (for logging and > ># for authentication checks). disable_plaintext_auth is also ignored for > ># these networks. Typically you'd specify your IMAP proxy servers here. > >login_trusted_networks = > > > I didn't find that option in any example config file, but it's > working. Maybe it must be documented in somewhere. This command lists all available options of your release: doveconf Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:40:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:40:18 +0200 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <20120609184018.GA10990@daniel.localdomain> James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. Have a look at http://wiki2.dovecot.org/Director > Here is a sample of some of the errors I'm seeing: > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > Error: Log synchronization error at seq=2,offset=556 for > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > next_uid = 3 mdbox format requires a correct index and you will lose flags, if you lose the index file. The index will be automatically tried to restore from mails in the storage. You should avoid accessing the same user directory from different NFS clients, since this often leads to corruptions or invalid files. You need a director which ensures that one directory is only accessed from one host at the same time. This applies to IMAP, POP3, LMTP etc, which are all writing to the mailbox. Then you should access all mailboxes only via the director listener ports. > My dovecot config is: You posted only the configuration of your mailbox instance and might have a look your director configuration too: doveconf -c /etc/dovecot-director/dovecot-director.conf -n (or wherever your director configuration is located) Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:48:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:48:53 +0200 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <20120609184853.GA11176@daniel.localdomain> root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and > backtrace messages in syslog on Ubuntu. The messages are shown below. If > every user is going to generate these types of errors, I'm thinking maybe > it makes sense to remove all the .imap directories and let Dovecot create > new clean ones. I realize that may slow things down for awhile while > Dovecot is rebuilding new files. Which mail storage format (mbox,maildir,sdbox,mdbox) are you using and is it stored on NFS? Would you provide your "doveconf -n" output for dovecot 2.0.13, please? You might also have a look at imapsync[1] for clean mass migration from one architecture to another. Regards Daniel [1] http://imapsync.lamiral.info/ From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:11:04 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:11:04 +0200 Subject: [Dovecot] Deliver quota-warning via director Message-ID: <20120609191104.GA11812@daniel.localdomain> Hi there, I'm using NFS with Dovecot 2.0.20 and would like to deliver a quota warning to the user using the LMTP director. I have configured quota warnings according to http://wiki2.dovecot.org/Quota/Configuration But it seems that lda delivers the mail directly to the local filesystem and is not using our lmtp director, which prevents NFS mailboxes from getting corrupted. Is there a way to tell lda to use LMTP or the director and ignore the quota while delivering the notification? Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:19:58 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:19:58 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <4FD0EB43.8070104@lal.in2p3.fr> References: <4FD0EB43.8070104@lal.in2p3.fr> Message-ID: <20120609191958.GA12009@daniel.localdomain> Hi Emiliano, Emiliano Rago wrote: > I need to set up a weird dovecot configuration: > > 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme > 2) inside a ssl tunnel I'd like to authenticate only with plain auth You might try to set up two instances of dovecot, one for plain, one for ssl: http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 23:04:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 22:04:53 +0200 Subject: [Dovecot] director and doveadm server In-Reply-To: <4FD1C8E0.4010807@um.es> References: <4FD1C8E0.4010807@um.es> Message-ID: <20120609200453.GA12401@daniel.localdomain> Hello Angel, Angel L. Mateo wrote: > I've been reading doc at http://wiki2.dovecot.org/Director to > configure my servers. My question is regarding configuration of > doveadm server. > > I have configured both, director and backend servers, as described > in that doc, but I don't know how to run doveadm commands in > director servers. > > doveadm is working, because I can run commands, but they are > executed in local (director) server. See http://wiki2.dovecot.org/Tools/Doveadm/Mailbox doveadm help doveadm help who A few doveadm commands allow the -S socket_path argument where socket_path can be a hostname:port combination of your director doveadm service: altmove [-u |-A] [-S ] [-r] expunge [-u |-A] [-S ] fetch [-u |-A] [-S ] force-resync [-u |-A] [-S ] import [-u |-A] [-S ] index [-u |-A] [-S ] move [-u |-A] [-S ] purge [-u |-A] [-S ] search [-u |-A] [-S ] The http://wiki2.dovecot.org/Director article explains how to set up a "Doveadm server" on a specific port. After you have set up your doveadm server correctly, an example command might look like this: doveadm search -A -S director:24245 mailbox "*" all > but doveadm who seems to be executed just in local: For "doveadm who" however, you need a local anvil socket, which provides the necessary information: doveadm who -a /var/run/dovecot/anvil Remember there is also the proxy list command, since the director is just a proxy with a hash table which always proxies the same username to the same backend: doveadm proxy list > And another question about this... what is the local config option? > I haven't found it documented anywhere. I assume the local { } section is to restrict the inside options to client IPs located in a specific subnet. Regards Daniel From anmeyer at anup.de Sat Jun 9 23:22:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 9 Jun 2012 22:22:11 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120609170930.GA10032@daniel.localdomain> References: <20120608223432.390c71d0@itx.bitcorner.intern> <20120609170930.GA10032@daniel.localdomain> Message-ID: <20120609222211.375f54d3@itx.bitcorner.intern> Daniel Parthey wrote: > Hello Andreas, > > Andreas Meyer wrote: > > I activated quota > > > > plugin { > > quota = maildir:User quota > > quota_rule = *:storage=1GB > > # 10% of 1GB = 100MB > > quota_rule2 = Trash:storage=+10%% > > } > > > > But when I want to do per user quota in the passwd-file > > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G > > It looks like you are at least missing a space between userdb_mail=maildir:~/ > and userdb_quota_rule. Wow, great! The space was missing and now it works. > You forgot to attach your "doveconf -n" output. ok, next time. > Regards, > Daniel Andreas From tss at iki.fi Sun Jun 10 00:00:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:00:52 +0300 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <073BC709-698B-4C65-B06E-05ED5D0E7343@iki.fi> On 6.6.2012, at 23.27, root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and Yeah, there's still some problem with properly handling index file recreation when CPU architecture (endianess) change is detected. Better just delete your index files, since they have to be regenerated anyway. From tss at iki.fi Sun Jun 10 00:10:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:10:23 +0300 Subject: [Dovecot] Deliver quota-warning via director In-Reply-To: <20120609191104.GA11812@daniel.localdomain> References: <20120609191104.GA11812@daniel.localdomain> Message-ID: <80D54D29-C13A-405C-9528-2591F2296108@iki.fi> On 9.6.2012, at 22.11, Daniel Parthey wrote: > But it seems that lda delivers the mail directly to > the local filesystem and is not using our lmtp director, > which prevents NFS mailboxes from getting corrupted. > > Is there a way to tell lda to use LMTP or the director > and ignore the quota while delivering the notification? That's a bit tricky problem. Even if LDA used LMTP, it couldn't ignore quota since LMTP server is the one enforcing it. Perhaps you need to create two LMTP ports, one with a "quota ignored" configuration. Then you need to somehow get the mail delivered there (maybe send it to your MTA and route it from there). Or write a script that sends the mail directly to the LMTP port on director. From tss at iki.fi Sun Jun 10 00:12:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:12:57 +0300 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x In-Reply-To: <20120608215302.GA29690@acsmail.ucsd.edu> References: <20120608215302.GA29690@acsmail.ucsd.edu> Message-ID: On 9.6.2012, at 0.53, Adam G Tilghman wrote: > > We're planning to upgrade our site from 1.2.17 to 2.1.x within the > next few months, but we must ensure our ability to revert to 1.2.17 > if problems arise. > > I don't expect our maildir storage would present a problem, > but am less certain about 2.1.x index/control files remaining > readable under 1.2.17. > > Should I have any reason to worry? 1.2.17 can read v2.0 indexes without problems (it has some forwards compatibility code). I don't think I added any incompatible changes to v2.1 either, at least nothing major.. From tss at iki.fi Sun Jun 10 00:17:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:17:14 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FCF549F.70404@ehu.es> References: <4FCF549F.70404@ehu.es> Message-ID: On 6.6.2012, at 16.01, Joseba Torre wrote: > I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. > > First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: > > $ sudo doveadm director map > user mail server ip expire time > 158.227.4.186 2012-06-06 13:34:12 > 158.227.4.186 2012-06-06 13:34:27 > 158.227.4.186 2012-06-06 13:34:34 > > (I don't know if that is good or not) > > I've tried with 3 different users and ips to no change, users are always directed to the same host. Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status " to see where they should go. > Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: > > Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Looks like there's a bug when only one director is used. I'll try and fix it later.. From tss at iki.fi Sun Jun 10 00:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:19:15 +0300 Subject: [Dovecot] director: backend health monitoring In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> Message-ID: <289A7537-83E1-4EBF-BCF8-C06C67403839@iki.fi> On 8.6.2012, at 4.25, ???????? ????????? ?????????? wrote: > I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, but it's not a very high priority right now. From petr at bravenec.eu Sat Jun 9 23:23:05 2012 From: petr at bravenec.eu (Petr Bravenec) Date: Sat, 09 Jun 2012 22:23:05 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message Message-ID: <1543861.4fk9cArhjB@hrabos> It is few months ago I requested help with combination dovecot - dovecot- antispam plugin and dspam. Now I got into troubles with a lot of spam delivering to users inbox. Problem described bellow is now better hidden but stil remains: When moving a message from INBOX to Junk, dspam got an empty message. I made a wrapper about dspamc and there is no input on stdio. The dspam was not trained (got an empty message). Looking to source code of dspam and antispam plugin I suspect the dovecot not to sending any content to plugin when moving from inbox to junk. Petr Bravenec Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > On 25-01-12 08:05, Petr Bravenec wrote: > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > my Junk folder. In the maillog I have found this message: > > > > dspam[25060]: empty message (no data received) > > Gentoo has included the antispam plugin from Johannes historically, but > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > really made clear by the gentoo ebuild is that the forked plugin needs a > slightly different config. > > I use the config below with dovecot 2.0.17 and a git checkout for > dovecot-antispam: > > ===8<======== > plugin { > antispam_signature = X-DSPAM-Signature > antispam_signature_missing = move > antispam_spam_pattern_ignorecase = Junk;Junk.* > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > Messages > > # Backend specific > antispam_backend = dspam > antispam_dspam_binary = /usr/bin/dspamc > antispam_dspam_args = > --user;%u;--deliver=;--source=error;--signature=%%s > antispam_dspam_spam = --class=spam > antispam_dspam_notspam = --class=innocent > #antispam_dspam_result_header = X-DSPAM-Result > } > > > -- > Regards, > Tom From yggdrasil at gmx.co.uk Sun Jun 10 01:09:57 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Sat, 09 Jun 2012 23:09:57 +0100 Subject: [Dovecot] Dovecot setup fails w. multiple mail locations (gnus/dovecot/offlineimap) Message-ID: <87vcj087d6.fsf@gmx.co.uk> Hi, I am trying to setup a Gnus - Dovecot - Offlineimap - Webmail (Gmail / Fastmail) chain and cannot configure the correct behaviour. Any advice to get this working properly would be very appreciated! I have set up Offlineimap to synchronise two mail accounts into separate folders under ~/Maildir. After running Offlineimap, the folders look as below. Maildir/ |-- Gmail | |-- cur | |-- dovecot.index.log | |-- dovecot-uidlist | |-- dovecot-uidvalidity | |-- dovecot-uidvalidity.4fd3b80e | |-- [Gmail].All\ Mail | |-- [Gmail].Drafts | |-- [Gmail].Important | |-- [Gmail].Sent\ Mail | |-- [Gmail].Spam | |-- [Gmail].Starred | |-- [Gmail].Trash | |-- INBOX | |-- new | |-- Personal | |-- Receipts | |-- tmp | |-- Travel | `-- Work `-- Fastmail |-- cur |-- dovecot.index.log |-- dovecot.mailbox.log |-- dovecot-uidlist |-- dovecot-uidvalidity |-- dovecot-uidvalidity.4fd3b75e |-- INBOX |-- INBOX.Drafts |-- INBOX.Sent\ Items `-- INBOX.Trash The Dovecot config is below. (I have set up a blank "MailTest" directory as inbox, believing that this may preserve the two imap directories better for offlineimap synching (not sure if this is correct)). ,---- | mail_location = maildir:~/Maildir:LAYOUT=fs | | namespace inbox { | location = maildir:~/MailTest | inbox = yes | } | | namespace mygmail { | type = private | separator = . | prefix = "mygmail." | location = maildir:%h/Maildir/Gmail/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } | | namespace myfastmail { | type = private | separator = . | prefix = "myfastmail." | location = maildir:%h/Maildir/FASTMAIL/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } `---- Accessing dovecot through gnus with this setup only sees the files in the directories that are not prefixed (e.g. under Fastmail, INBOX is the only seen folder, all INBOX.subfolder are not there). Removing the prefix manually they can be seen again however (e.g. INBOX.subfolder -> subfolder). If I remove LAYOUT=fs in the dovecot config, nothing is seen at all, although the directories look like proper Maildirs! A second issue is that running Offlineimap a second time seems to work ok for gmail, but Fastmail complains that "cannot create directory '.'"? Thanks! -- Johnny Dovecot 2.1.6 Offlineimap 6.5.2.1 Ma Gnus v0.6 From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 10 02:56:03 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 10 Jun 2012 01:56:03 +0200 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication Message-ID: <20120609235603.GA17490@daniel.localdomain> Hi doveadm search -u user at example.org -S localhost:19000 all produces the following error in the logs: dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication What am I missing? * tcpdump of tcp communication on port 19000 is attached * dovecot.conf is attached Regards Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: dump Type: application/octet-stream Size: 1239 bytes Desc: tcpdump.dat URL: -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = bf79a088601795554d6d428ece2ea92a1c91ae11 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From voytek at sbt.net.au Sun Jun 10 05:41:33 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Sun, 10 Jun 2012 12:41:33 +1000 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <4FD1E3E8.8020103@thelounge.net> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> <4FD1E3E8.8020103@thelounge.net> Message-ID: <057f0c34-b168-4d1d-885d-4de87f969f4c@email.android.com> Reindl >imapsync is your friend Thanks for suggestion. After a few false starts, with impasync saying source server dropped connection, it seemed to have worked. But, now, my K9 email client seems to download entire inbox... rather than last 25 messages... Also, in Squirrel, recent messages before sync seems preceded by old messages, then, messages since sync... any tips on this..? Voytek -- Sent from my Moom with K-9 Mail. Please excuse my brevity. From a.kostyrev at serverc.ru Sun Jun 10 13:48:36 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 21:48:36 +1100 Subject: [Dovecot] director userdb problem Message-ID: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:05:28 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:05:28 +1100 Subject: [Dovecot] director userdb problem In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:30:49 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:30:49 +1100 Subject: [Dovecot] director userdb problem [solved] In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EE@Delta.sc.local> Faxe on #dovecot helped me: iterate_query = select MBOX_NAME AS username from M_MAILBOX; with no where clause sorry for wasting your time. -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 10:05 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] director userdb problem It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From dovecot at bravenec.eu Sun Jun 10 14:41:51 2012 From: dovecot at bravenec.eu (Petr Bravenec) Date: Sun, 10 Jun 2012 13:41:51 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message In-Reply-To: <1543861.4fk9cArhjB@hrabos> References: <1543861.4fk9cArhjB@hrabos> Message-ID: <1664144.As4LCKexvr@hrabos> It looks that I have misconfigured the dovecot plugin: plugin { antispam_dspam_binary = /usr/bin/dspam # should be dspam # antispam_dspam_binary = /usr/bin/dspamc # does not work antispam_signature = X-DSPAM-Signature antispam_signature_missing = move antispam_spam_pattern_ignorecase = Junk;Junk.* antispam_trash_pattern_ignorecase = Trash;Deleted Items antispam_backend = dspam antispam_dspam_args = --user;%u;--deliver=;--source=error;-- signature=%%s antispam_dspam_spam = --class=spam antispam_dspam_notspam = --class=innocent } Petr Bravenec Dne So 9. ?ervna 2012 22:23:05 Petr Bravenec napsal(a): > It is few months ago I requested help with combination dovecot - dovecot- > antispam plugin and dspam. > > Now I got into troubles with a lot of spam delivering to users inbox. > Problem described bellow is now better hidden but stil remains: > > When moving a message from INBOX to Junk, dspam got an empty message. > I made a wrapper about dspamc and there is no input on stdio. The dspam was > not trained (got an empty message). > > Looking to source code of dspam and antispam plugin I suspect the dovecot > not to sending any content to plugin when moving from inbox to junk. > > Petr Bravenec > > Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > > On 25-01-12 08:05, Petr Bravenec wrote: > > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > > my Junk folder. In the maillog I have found this message: > > > > > > dspam[25060]: empty message (no data received) > > > > Gentoo has included the antispam plugin from Johannes historically, but > > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > > really made clear by the gentoo ebuild is that the forked plugin needs a > > slightly different config. > > > > I use the config below with dovecot 2.0.17 and a git checkout for > > dovecot-antispam: > > > > ===8<======== > > plugin { > > > > antispam_signature = X-DSPAM-Signature > > antispam_signature_missing = move > > antispam_spam_pattern_ignorecase = Junk;Junk.* > > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > > > > Messages > > > > # Backend specific > > antispam_backend = dspam > > antispam_dspam_binary = /usr/bin/dspamc > > antispam_dspam_args = > > > > --user;%u;--deliver=;--source=error;--signature=%%s > > > > antispam_dspam_spam = --class=spam > > antispam_dspam_notspam = --class=innocent > > #antispam_dspam_result_header = X-DSPAM-Result > > > > } > > > > > > -- > > Regards, > > > > Tom From fxmulder at gmail.com Mon Jun 11 06:38:09 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:38:09 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: <20120609184018.GA10990@daniel.localdomain> References: <20120609184018.GA10990@daniel.localdomain> Message-ID: On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < daniel.parthey at informatik.tu-chemnitz.de> wrote: > James Devine wrote: > > I'm playing with running dovecot over NFS and I am running into some > > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and > my > > setup includes 1 nfs server and 1 client running postfix/dovecot. In > > testing I am running postal via the command: > > > > postal -t 10 -c 10 localhost users399 > > > > The test file has a list of 399 users to deliver to. I've provided a > > sample of the errors I'm receiving and my configuration below, I am > running > > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > > to resolve it? My ultimate goal is to setup multiple clients with > director > > so each user is still handled on a single machine, however with a single > > machine I still seem to be having issues. > > Have a look at > http://wiki2.dovecot.org/Director > > > Here is a sample of some of the errors I'm seeing: > > > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > > dbox header size: 0 > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > > Error: Log synchronization error at seq=2,offset=556 for > > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > > next_uid = 3 > > mdbox format requires a correct index and you will lose flags, > if you lose the index file. The index will be automatically tried > to restore from mails in the storage. > > You should avoid accessing the same user directory from different > NFS clients, since this often leads to corruptions or invalid files. > > You need a director which ensures that one directory is only accessed > from one host at the same time. This applies to IMAP, POP3, LMTP etc, > which are all writing to the mailbox. > > Then you should access all mailboxes only via the director listener ports. > > > My dovecot config is: > > You posted only the configuration of your mailbox instance > and might have a look your director configuration too: > > doveconf -c /etc/dovecot-director/dovecot-director.conf -n > > (or wherever your director configuration is located) > > Regards > Daniel > Right now there is no director, I am only trying to get a single client running postfix/dovecot talking to a single nfs server without error and that's where I am having trouble From fxmulder at gmail.com Mon Jun 11 06:41:49 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:41:49 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: <20120609184018.GA10990@daniel.localdomain> Message-ID: By client I meant NFS client running postfix/dovecot servers On Sun, Jun 10, 2012 at 9:38 PM, James Devine wrote: > > On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < > daniel.parthey at informatik.tu-chemnitz.de> wrote: > >> James Devine wrote: >> > I'm playing with running dovecot over NFS and I am running into some >> > issues. I have followed the guide at http://wiki2.dovecot.org/NFSand my >> > setup includes 1 nfs server and 1 client running postfix/dovecot. In >> > testing I am running postal via the command: >> > >> > postal -t 10 -c 10 localhost users399 >> > >> > The test file has a list of 399 users to deliver to. I've provided a >> > sample of the errors I'm receiving and my configuration below, I am >> running >> > dovecot 2.0.19. Any idea what I might be doing wrong and what I might >> do >> > to resolve it? My ultimate goal is to setup multiple clients with >> director >> > so each user is still handled on a single machine, however with a single >> > machine I still seem to be having issues. >> >> Have a look at >> http://wiki2.dovecot.org/Director >> >> > Here is a sample of some of the errors I'm seeing: >> > >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): >> > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid >> > dbox header size: 0 >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): >> > Error: Log synchronization error at seq=2,offset=556 for >> > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but >> > next_uid = 3 >> >> mdbox format requires a correct index and you will lose flags, >> if you lose the index file. The index will be automatically tried >> to restore from mails in the storage. >> >> You should avoid accessing the same user directory from different >> NFS clients, since this often leads to corruptions or invalid files. >> >> You need a director which ensures that one directory is only accessed >> from one host at the same time. This applies to IMAP, POP3, LMTP etc, >> which are all writing to the mailbox. >> >> Then you should access all mailboxes only via the director listener ports. >> >> > My dovecot config is: >> >> You posted only the configuration of your mailbox instance >> and might have a look your director configuration too: >> >> doveconf -c /etc/dovecot-director/dovecot-director.conf -n >> >> (or wherever your director configuration is located) >> >> Regards >> Daniel >> > > Right now there is no director, I am only trying to get a single client > running postfix/dovecot talking to a single nfs server without error and > that's where I am having trouble > From werb at hasos.com Mon Jun 11 08:20:47 2012 From: werb at hasos.com (Roland) Date: Mon, 11 Jun 2012 07:20:47 +0200 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix Message-ID: <201206110720.47881.werb@hasos.com> Hello everybody, I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: checking for pam_start in -lpam... no configure: error: Can't build with PAM support: libpam not found The same or a similar problem seems to have appeared 4 years ago: http://www.dovecot.org/list/dovecot/2008-February/028750.html Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Thanks in advance, Roland From jeetuindian at gmail.com Mon Jun 11 08:56:48 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 11 Jun 2012 11:26:48 +0530 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: Hi guys, Any updates on it. I observed that when no of connections increasing then its getting disconnected. Means when increasing no of users then its happening. On Mon, Jun 4, 2012 at 3:50 PM, Jitendra Bhaskar wrote: > Hi, > > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 > of existing connection > Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > > > > > -- > * Thanks & Regards * > *Jitendra Kumar Bhaskar* > Cell:- +91 7306311531 > +91 8102997821 > > -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From jesper at dahlnyerup.dk Mon Jun 11 11:09:07 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 10:09:07 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <4FB8FFD7.5040301@enas.net> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> Message-ID: <20120611080907.GA11882@jespernyerup.dk> On May 20 16:29, Urban Loesch wrote: > I checked my kernel and the patch mentioned in > https://bugzilla.redhat.com/show_bug.cgi?id=681578 > > (comment 31) is not applied. It comes in version 3.0.30 and 3.2.17. > > I will see what tomorrow happens under more load. > If I have the problem again, I give 3.2.17 a chance. We've seen similar behavior on a similar system with a similar workload. We've tried a 3.0.31 - after the epoll patch was applied upstream - without seeing a difference. Right now we're running a 3.3.7 with vs2.3.3.4, and this has reduced the problem quite a bit, but not eliminated it completely. Stracing the processes in D state from before they hang has just revealed something interesting, however, pointing to an issue with inotify rather than epoll. [snip] [...] 15414 23:27:36 inotify_init() = 12 <0.000024> [...] 15414 23:27:36 close(12 15414 23:28:51 <... close resumed> ) = 0 <74.593917> 15414 23:28:51 close(9 15414 23:28:51 <... close resumed> ) = 0 <0.000080> 15414 23:28:51 exit_group(0) = ? [/snip] In short, as far as we can tell, all the processes in D state appear to be waiting to close the file handle they got from their inotify_init(), and eventually all these close()s go through almost simultaneously. Right now we're trawling for locking issues related to inotify, with our focus mainly at the VServer patch set. I would very much appreciate updates on your - or anyone else's - findings and progress. Yours, Jesper Nyerup. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From a.kostyrev at serverc.ru Mon Jun 11 12:27:01 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 20:27:01 +1100 Subject: [Dovecot] director: non standart ports at backends Message-ID: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> hello, I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. For example, pop3 is at 1110 and pop3s at 1995 (on backend side). is it possible? how should I separate this ports in director's config? it's easy for one port: for example lmtp - you just use passdb in protocol lmtp {} From amateo at um.es Mon Jun 11 13:19:39 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 11 Jun 2012 12:19:39 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> Message-ID: <4FD5C63B.7040904@um.es> El 08/06/12 18:43, Timo Sirainen escribi?: > On 8.6.2012, at 19.33, Reindl Harald wrote: > >>> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. >> >> depends on the usecase / workload >> >> having dovecot as proxy for other imap-backends and 1 process per connection >> will heavily raise up process-count and memory-overhead while memory >> may be needed for the imap-backend (like dbmail) and datanases >> >> process_limit = 15 >> client_limit = 300 >> >> this way you can have 4500 proxy-connections and use most time >> not more than 4-5 processes > > Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? From joseba.torre at ehu.es Mon Jun 11 13:43:03 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 12:43:03 +0200 Subject: [Dovecot] Director problems In-Reply-To: References: <4FCF549F.70404@ehu.es> Message-ID: <4FD5CBB7.9010301@ehu.es> El 09/06/12 23:17, Timo Sirainen escribi?: > On 6.6.2012, at 16.01, Joseba Torre wrote: > >> I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. >> >> First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: >> >> $ sudo doveadm director map >> user mail server ip expire time >> 158.227.4.186 2012-06-06 13:34:12 >> 158.227.4.186 2012-06-06 13:34:27 >> 158.227.4.186 2012-06-06 13:34:34 >> >> (I don't know if that is good or not) >> >> I've tried with 3 different users and ips to no change, users are always directed to the same host. > > Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. > >> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >> >> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced > > Looks like there's a bug when only one director is used. I'll try and fix it later.. Thanks a lot for your support From trybowski at aeropolis.pl Mon Jun 11 14:23:23 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 13:23:23 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? Message-ID: Hello all, it is strange, but Dovecot 2.x still didn't make it into Debian (not even backports). It exists in testing, but that's still a long wait. OTOH there are official packages built every day (referenced from the download page). This puzzles me: why isn't there a build created from each stable, released version of Dovecot, so that users of Debian Stable could benefit from the new version, and run it on production environment? Could you (I mean ? the Dovecot team) provide such packages? This wouldn't require any major amount of work, since you already have daily builds produced. You would just have to run that building system once per each released version and keep it available for download. The reason for this is relatively simple: I'm about to implement a new mail server, and I'd like to keep to Debian Stable while using Dovecot 2.x. This will make future updates much easier, as I won't have to face 1.2 -> 2.0 migration on a production system. Regards, KT From tss at iki.fi Mon Jun 11 14:45:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:45:43 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD5C63B.7040904@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: On 11.6.2012, at 13.19, Angel L. Mateo wrote: >> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >> > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Yes. > Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. > > What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. From tss at iki.fi Mon Jun 11 14:48:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:48:33 +0300 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: <49EE70D0-58D7-462D-82A8-FB56B02986CA@iki.fi> On 4.6.2012, at 13.20, Jitendra Bhaskar wrote: > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of > existing connection This happens before restart, not during it? doveconf -n output? Are you using Dovecot auth for anything external, like Postfix/Exim? From tss at iki.fi Mon Jun 11 14:51:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:51:48 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611080907.GA11882@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > Stracing the processes in D state from before they hang has just > revealed something interesting, however, pointing to an issue with > inotify rather than epoll. > > [snip] > [...] > 15414 23:27:36 inotify_init() = 12 <0.000024> > [...] > 15414 23:27:36 close(12 > 15414 23:28:51 <... close resumed> ) = 0 <74.593917> > 15414 23:28:51 close(9 > 15414 23:28:51 <... close resumed> ) = 0 <0.000080> > 15414 23:28:51 exit_group(0) = ? > [/snip] > > In short, as far as we can tell, all the processes in D state appear to > be waiting to close the file handle they got from their inotify_init(), > and eventually all these close()s go through almost simultaneously. Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: echo 0 > /proc/sys/fs/inotify/max_user_watches echo 0 > /proc/sys/fs/inotify/max_user_instances From tss at iki.fi Mon Jun 11 14:55:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:55:32 +0300 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <708F1898-C96C-4F01-88D6-61833EFBF531@iki.fi> On 7.6.2012, at 1.07, James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. Which NFS server? Which NFS client (Linux)? > In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. .. > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 Yeah, something's broken. I'd try: 1. Try Dovecot v2.1.7. I don't think v2.0.19 had these problems anymore but wouldn't hurt to try. 2. Try if you can reproduce the same problem with local filesystem. 3. Try another NFS server or client.. From tss at iki.fi Mon Jun 11 14:59:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:59:06 +0300 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix In-Reply-To: <201206110720.47881.werb@hasos.com> References: <201206110720.47881.werb@hasos.com> Message-ID: <191E7B2A-41D1-4595-A584-C13DC8076CFF@iki.fi> On 11.6.2012, at 8.20, Roland wrote: > I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: > > checking for pam_start in -lpam... no > configure: error: Can't build with PAM support: libpam not found > > The same or a similar problem seems to have appeared 4 years ago: > http://www.dovecot.org/list/dovecot/2008-February/028750.html > > Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Dovecot doesn't expect anything. gcc/ld expects things. You'll need to use the generic options to tell where the PAM files are, something like: LDFLAGS=-L/where/is/pam/lib CPPFLAGS=-I/where/is/pam/include ./configure From tss at iki.fi Mon Jun 11 15:01:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:01:27 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:09:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:09:04 +0300 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication In-Reply-To: <20120609235603.GA17490@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> Message-ID: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> On 10.6.2012, at 2.56, Daniel Parthey wrote: > doveadm search -u user at example.org -S localhost:19000 all > produces the following error in the logs: > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > What am I missing? It's possible that this is just broken in v2.0. Try v2.1. From tss at iki.fi Mon Jun 11 15:16:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:16:16 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120608165902.GI89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Message-ID: <1339416976.5967.29.camel@hurina> On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > Hi list, > > i noticed that when doing imap gssapi authentication with kerberos, > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > and doveconf -n also show this setting. If i combine the keytabs in > krb5.keytab it works. Is there another location where i should put my > configuration regarding gssapi/kerberos ? Try if this works: import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME Then start Dovecot with: KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME environment is being called too late. From tss at iki.fi Mon Jun 11 15:21:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:21:08 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD14895.8040707@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> Message-ID: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> On 8.6.2012, at 3.34, Tom Lieuallen wrote: > Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). You should be able to use prefix=iphonemail/shared/ From oni-neko at gmx.net Mon Jun 11 15:28:37 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Mon, 11 Jun 2012 14:28:37 +0200 Subject: [Dovecot] question about changing certificate Message-ID: <20120611122837.317410@gmx.net> Good day! I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. next I get from managesieve-login, pop3-login and imap-login the following log entries: Fatal: Can't load private key file /etc/ssl/private/dovecot.pem: Key is for a different cert than /etc/ssl/certs/dovecot.pem some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? I'm pretty sure I'm just overlooking something completely obvious, but what? =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From tss at iki.fi Mon Jun 11 15:30:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:30:59 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87txynzuqs.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> Message-ID: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> On 7.6.2012, at 6.06, SATOH Fumiyasu wrote: >>>> Dovecot auth process has a problem >>>> that Dovecot auth delays exiting about between 20 and >>>> 60 seconds when Dovecot dovecot (master) process is already >>>> terminated by an administrator. > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > with PAM passdb. This PAM environment is configured for > local UNIX passwd file only (no LDAP). I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: /etc/init.d/dovecot start telnet localhost 143 x login foo bar x logout /etc/init.d/dovecot stop No dovecot processes left. From tss at iki.fi Mon Jun 11 15:33:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:33:32 +0300 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace In-Reply-To: <4FD0C843.4070503@ibl.fr> References: <4FD0C843.4070503@ibl.fr> Message-ID: On 7.6.2012, at 18.26, Karl Oulmi wrote: > namespace snap { > prefix = INBOX.snapshot.h0. > hidden = no > inbox = no > list = yes > location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u > type = private > } > > > The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! The INBOX should be accessible as the INBOX.snapshot.h0 itself. From a.kostyrev at serverc.ru Mon Jun 11 15:39:00 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 23:39:00 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> thanks Timo, for you time but I still don't get it) should I return "port" with just "port_num1,port_num2" value or how? I've tried to google an example but with no success. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:01 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:43:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:43:52 +0300 Subject: [Dovecot] Different but probably related issue In-Reply-To: <1338883767.4514.23.camel@jlt3.sipsolutions.net> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> <1338883767.4514.23.camel@jlt3.sipsolutions.net> Message-ID: On 5.6.2012, at 11.09, Johannes Berg wrote: > Unfortunately, I don't. I can only suggest, as a test, trying with some > other storage format -- I only use Maildir -- to see if the problem is > really in the interaction with mdbox. I'm fairly sure that's likely the > problem, maybe the plugin doesn't pass something through append that is > needed by mdbox, but I've never even attempted to understand mdbox. > > Maybe Timo can comment. Timo, you can find the latest code here: > http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary I don't see anything obviously wrong in there.. Perhaps antispam_save_finish() returns failure for some reason and dbox doesn't handle that properly? From tss at iki.fi Mon Jun 11 15:47:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:47:50 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> Message-ID: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From tss at iki.fi Mon Jun 11 16:16:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:16:06 +0300 Subject: [Dovecot] fts_lucene crashing In-Reply-To: References: Message-ID: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> On 30.5.2012, at 22.13, Joe Beaubien wrote: >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file >>>>>> lucene-wrapper.cc: line 196: unreached > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed my > specific issue. I got you a gdb trace like you asked in a previous mail. I > hope that can help. If I didn't get the correct backtrace, or if you need > some other info from gdb let me know. Thanks. The problem was pretty far away from where I thought it was. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 From tss at iki.fi Mon Jun 11 16:25:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:25:37 +0300 Subject: [Dovecot] dsync migration with preserving pop3 uidl In-Reply-To: <4FBE0A9C.8090406@stable.cz> References: <4FBE0A9C.8090406@stable.cz> Message-ID: On 24.5.2012, at 13.17, Tom?? Herceg wrote: > I'm trying to migrate messages from icewarp (merak) mailserver to dovecot via > dsync, IMAP migration is looking fine, but I'm unable to migrate pop3 uidls from > originating server, probably is something wrong with configuration, but I don't > know what. The only documentation i found is on the wiki: > http://wiki2.dovecot.org/Migration/Dsync where is bad writen mail_plugins = > pop3-migration, i corrected it to mail_plugins = pop3_migration, but it still > didn't work, here is my configuration: .. > namespace { > hidden = yes > list = yes list=no would be better so clients don't accidentally access this. > location = pop3c: > prefix = POP3/ > } > I'm runnig dsync this way: > /usr/bin/time -f "%E" doveadm -vD -o imapc_user=test1 at irock.cz -o > imapc_password=***** backup -u test1 at irock.cz -f -R imapc:/tmp-ram/imapc-test1 You need to change pop3c_user and pop3c_password also in this command line. > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address I wonder what these are. Also I wonder why the weren't any messages about missing/wrong user+pass for pop3c. From tss at iki.fi Mon Jun 11 16:32:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:32:11 +0300 Subject: [Dovecot] multi-instance doveadm user -m woes In-Reply-To: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> References: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> Message-ID: On 11.5.2012, at 18.06, David Warden wrote: > I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens: > > [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden > doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) Thanks, fixed: http://hg.dovecot.org/dovecot-2.1/rev/98f2c12eccdb From tss at iki.fi Mon Jun 11 16:56:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:56:31 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FD5CBB7.9010301@ehu.es> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> Message-ID: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> On 11.6.2012, at 13.43, Joseba Torre wrote: >>> I've tried with 3 different users and ips to no change, users are always directed to the same host. >> >> Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. > > I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. The "randomness" is basically md5(username)%2. >>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>> >>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >> >> Looks like there's a bug when only one director is used. I'll try and fix it later.. > > Thanks a lot for your support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 From tomislav.mihalicek at gmail.com Mon Jun 11 17:03:46 2012 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Mon, 11 Jun 2012 07:03:46 -0700 (PDT) Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <33993325.post@talk.nabble.com> Here you go... cat /etc/apt/sources.list # latest dovecot # apt-get install debian-dovecot-auto-keyring deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Krzysztof Trybowski wrote: > > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. > > Regards, KT > > -- View this message in context: http://old.nabble.com/Dovecot-2.1-stable-packages-for-Debian--tp33992548p33993325.html Sent from the Dovecot mailing list archive at Nabble.com. From joseba.torre at ehu.es Mon Jun 11 17:15:36 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 16:15:36 +0200 Subject: [Dovecot] Director problems In-Reply-To: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> Message-ID: <4FD5FD88.6000005@ehu.es> >>>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>>> >>>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >>> >>> Looks like there's a bug when only one director is used. I'll try and fix it later.. >> >> Thanks a lot for your support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 > Works perfectly, thank you From trybowski at aeropolis.pl Mon Jun 11 17:31:10 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 16:31:10 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Hello Tomislav, it doesn't seem to be what I'm looking for. These repositories are referenced from the download site, but with an information that these are built hourly and thus include any newest changes to the source. Also a warning follows: ?Needless to say: do NOT use these repositories for systems that need to be STABLE.? What I'm looking for are packages of a released versions of 2.1, that can be used in a production environment. Regards, KT From gedalya at gedalya.net Mon Jun 11 17:36:31 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 10:36:31 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD6026F.4070704@gedalya.net> On 6/11/2012 10:31 AM, Krzysztof Trybowski wrote: > On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek > wrote: >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > Hello Tomislav, > it doesn't seem to be what I'm looking for. These repositories are > referenced from the download site, but with an information that these > are built hourly and thus include any newest changes to the source. > Also a warning follows: ?Needless to say: do NOT use these > repositories for systems that need to be STABLE.? > > What I'm looking for are packages of a released versions of 2.1, that > can be used in a production environment. > > Regards, KT http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592959 http://www.prato.linux.it/~mnencia/debian/dovecot-squeeze/ - I'm using this and can say it works http://people.debian.org/~morph/dovecot2-bpo60/ From nerijus.kislauskas at ktu.lt Mon Jun 11 17:38:51 2012 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Mon, 11 Jun 2012 17:38:51 +0300 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: <4FD602FB.1030406@ktu.lt> On 06/11/2012 05:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main They are not official packages. As I understand, questioner asks for official ones. As a matter of fact - there are none for stable. You can try to use it from testing with apt pinning and package priorities. For example: /etc/apt/apt.conf or /etc/apt/apt.conf.d/99stable: APT::Default-Release "stable"; /etc/apt/preferences.d/dovecot Package: dovecot* Pin: release a=testing Pin-Priority: 999 and use "apt-policy show dovecot-" to check. Testing packages still receives a lot of changes, so it will be a little bit annoying for frequent updates. Let me know if you choose that way and if it works for you. -- Sincerely, Nerijus Kislauskas From l.messner at physik.tu-berlin.de Mon Jun 11 17:43:45 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 16:43:45 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <1339416976.5967.29.camel@hurina> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> Message-ID: <20120611144345.GK89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 03:16:16PM +0300, Timo Sirainen wrote: > On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > > Hi list, > > > > i noticed that when doing imap gssapi authentication with kerberos, > > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > > and doveconf -n also show this setting. If i combine the keytabs in > > krb5.keytab it works. Is there another location where i should put my > > configuration regarding gssapi/kerberos ? > > Try if this works: > > import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > Then start Dovecot with: > > KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > environment is being called too late. It's still looking inside the default krb5.keytab . /var/log/dovecot.log: Jun 11 16:26:55 master: Info: Dovecot v2.1.7 starting up Jun 11 16:26:55 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Jun 11 16:26:55 auth: Debug: auth client connected (pid=82646) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82648) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82647) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82649) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82651) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82653) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82655) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82652) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82656) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82657) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82650) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82654) Jun 11 16:27:05 auth: Debug: auth client connected (pid=82669) Jun 11 16:27:06 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=DLX+JDPCLwCClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=29743 Jun 11 16:27:06 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 11 16:27:06 auth: Debug: client out: CONT 1 Jun 11 16:27:06 auth: Debug: client in: CONT Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 11 16:27:08 auth: Debug: client out: FAIL 1 Jun 11 16:27:18 auth: Debug: auth client connected (pid=82673) Jun 11 16:27:18 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:22 imap-login: Info: Aborted login (auth failed, 1 attempts in 16 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= Jun 11 16:27:38 auth: Debug: auth client connected (pid=82681) Jun 11 16:27:38 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:45 master: Warning: Killed with signal 15 (by pid=82684 uid=0 code=kill) From michael at orlitzky.com Mon Jun 11 18:07:52 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Mon, 11 Jun 2012 11:07:52 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <4FD609C8.9060809@orlitzky.com> On 06/11/12 07:23, Krzysztof Trybowski wrote: > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. To wind up in Debian stable, a package has to go through a bunch of testing, and that takes a long time. So you're never going to have official packages for new software in Debian stable. That's kind of the point of stable =) From joe.beaubien at gmail.com Mon Jun 11 18:13:17 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Mon, 11 Jun 2012 11:13:17 -0400 Subject: [Dovecot] fts_lucene crashing In-Reply-To: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> References: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> Message-ID: Thank you sir for the fix. On Mon, Jun 11, 2012 at 9:16 AM, Timo Sirainen wrote: > On 30.5.2012, at 22.13, Joe Beaubien wrote: > > >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file > >>>>>> lucene-wrapper.cc: line 196: unreached > > > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed > my > > specific issue. I got you a gdb trace like you asked in a previous mail. > I > > hope that can help. If I didn't get the correct backtrace, or if you need > > some other info from gdb let me know. > > > Thanks. The problem was pretty far away from where I thought it was. > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 > > From fumiyas at osstech.jp Mon Jun 11 18:24:44 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 00:24:44 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> Message-ID: <87d3557txf.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 15:30:59 +0300, Timo Sirainen wrote: > >>>> Dovecot auth process has a problem > >>>> that Dovecot auth delays exiting about between 20 and > >>>> 60 seconds when Dovecot dovecot (master) process is already > >>>> terminated by an administrator. > > > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > > with PAM passdb. This PAM environment is configured for > > local UNIX passwd file only (no LDAP). > > I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: > > /etc/init.d/dovecot start > telnet localhost 143 > x login foo bar > x logout > /etc/init.d/dovecot stop > > No dovecot processes left. If an auth client remains a connection to dovecot/auth, dovecot/auth does NOT exit immediately when dovecot master exits. (1) Install Postfix and Dovecot. # apt-get install postfix dovecot (2) Configure Postfix /etc/postfix/main.cf with the following: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: service auth { unix_listener auth-userdb { } unix_listener /var/spool/postfix/private/auth { mode = 0666 } } (4) Start postfix and dovecot service. # /etc/init.d/dovecot start # /etc/init.d/postfix start (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. $ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 sugar.osstech.co.jp ESMTP Postfix AUTH PLAIN dummy 535 5.7.8 Error: authentication failed: QUIT 221 2.0.0 Bye Connection closed by foreign host. Or use netcat-openbsd to connect to dovecot/auth socket: # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & (6) Stop dovecot service. # /etc/init.d/dovecot stop -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ From tss at iki.fi Mon Jun 11 18:26:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:26:57 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611144345.GK89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: On 11.6.2012, at 17.43, Leon Me?ner wrote: >> Try if this works: >> >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME >> >> Then start Dovecot with: >> >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot >> >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME >> environment is being called too late. > > It's still looking inside the default krb5.keytab . Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. From tss at iki.fi Mon Jun 11 18:32:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:32:35 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87d3557txf.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: On 11.6.2012, at 18.24, SATOH Fumiyasu wrote: > If an auth client remains a connection to dovecot/auth, > dovecot/auth does NOT exit immediately when dovecot master exits. Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > (1) Install Postfix and Dovecot. > > # apt-get install postfix dovecot > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = > smtpd_sasl_type = dovecot > smtpd_sasl_path = private/auth > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > service auth { > unix_listener auth-userdb { > } > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > > (4) Start postfix and dovecot service. > > # /etc/init.d/dovecot start > # /etc/init.d/postfix start > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > $ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 sugar.osstech.co.jp ESMTP Postfix > AUTH PLAIN dummy > 535 5.7.8 Error: authentication failed: > QUIT > 221 2.0.0 Bye > Connection closed by foreign host. > > Or use netcat-openbsd to connect to dovecot/auth socket: > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > (6) Stop dovecot service. > > # /etc/init.d/dovecot stop And (7) /etc/init.d/dovecot start fails? From l.messner at physik.tu-berlin.de Mon Jun 11 18:51:24 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 17:51:24 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: <20120611155124.GM89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > >> Try if this works: > >> > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > >> > >> Then start Dovecot with: > >> > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > >> > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > >> environment is being called too late. > > > > It's still looking inside the default krb5.keytab . > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . I will update the machine to 8.3 (which is the latest release in 8.x), recompile and report my findings tomorrow. thanks, Leon From fumiyas at osstech.jp Mon Jun 11 19:39:47 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 01:39:47 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: <87bokp7qgc.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 18:32:35 +0300, Timo Sirainen wrote: > > If an auth client remains a connection to dovecot/auth, > > dovecot/auth does NOT exit immediately when dovecot master exits. > > Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: > > May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? Yes: AIX 6.1, 7.1 No: Debian GNU/Linux stable, testing, unstable / Solaris 10 -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ > > (1) Install Postfix and Dovecot. > > > > # apt-get install postfix dovecot > > > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_security_options = > > smtpd_sasl_type = dovecot > > smtpd_sasl_path = private/auth > > > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > > > service auth { > > unix_listener auth-userdb { > > } > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > } > > > > (4) Start postfix and dovecot service. > > > > # /etc/init.d/dovecot start > > # /etc/init.d/postfix start > > > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > > > $ telnet localhost 25 > > Trying 127.0.0.1... > > Connected to localhost. > > Escape character is '^]'. > > 220 sugar.osstech.co.jp ESMTP Postfix > > AUTH PLAIN dummy > > 535 5.7.8 Error: authentication failed: > > QUIT > > 221 2.0.0 Bye > > Connection closed by foreign host. > > > > Or use netcat-openbsd to connect to dovecot/auth socket: > > > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? From acrow at integrafin.co.uk Mon Jun 11 22:05:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 20:05:57 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued Message-ID: <4FD64195.5070006@integrafin.co.uk> Hi, Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Disconnected: Internal error occurred. Refer to server log for more information. [2012-06-11 19:57:43] in=308 out=820 Jun 11 19:57:43 alsace dovecot: auth: Debug: auth client connected (pid=1957) Ideally I'd like shared mailboxes to work in the first click - any ideas? Cheers Alex From gedalya at gedalya.net Mon Jun 11 22:39:39 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 15:39:39 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120611122837.317410@gmx.net> References: <20120611122837.317410@gmx.net> Message-ID: <4FD6497B.6090007@gedalya.net> On 06/11/2012 08:28 AM, oni-neko at gmx.net wrote: > Good day! > > I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). > When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) > > Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. > As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. Are both files identical, do they both contain the private key? Why keep two copies of the same file? That's confusing. If you don't want to use separate files for the certificate and the private key then just concatenate them both in a single file, private key first, and make sure it's owned by root and readable by no one but root. Then just point ssl_cert_file and ssl_key_file to the same file. That should be more clear and consistent. Your file should look like this: -----BEGIN PRIVATE KEY----- ....etc... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- ....etc... -----END CERTIFICATE----- Followed by any intermediate CA certificates that might be necessary. > some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? If there's no reference to this file in dovecot's configuration then dovecot isn't using it. Maybe someone else e.g. postfix, maybe someone used to use it.. does it matter? It doesn't look like this is the source of your trouble. From tss at iki.fi Mon Jun 11 22:56:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:56:06 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87bokp7qgc.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> <87bokp7qgc.wl%fumiyas@osstech.jp> Message-ID: <6DEAF109-1B51-4060-BD38-D05BEC09BABB@iki.fi> On 11.6.2012, at 19.39, SATOH Fumiyasu wrote: > At Mon, 11 Jun 2012 18:32:35 +0300, > Timo Sirainen wrote: >>> If an auth client remains a connection to dovecot/auth, >>> dovecot/auth does NOT exit immediately when dovecot master exits. >> >> Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: >> >> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > >>> (6) Stop dovecot service. >>> >>> # /etc/init.d/dovecot stop >> >> And (7) /etc/init.d/dovecot start fails? > > Yes: AIX 6.1, 7.1 > No: Debian GNU/Linux stable, testing, unstable / Solaris 10 OK, so this is AIX specific. Two problems: 1) I have no access to AIX to test and debug this, 2) even if I did, I'm not very motivated in debugging possibly hours for a system that is very rarely used in email servers.. (If any AIX user wanted to buy one of the Dovecot support services, I could look into this and get it fixed in some way.) It would also be possible to modify the sources a bit to get the pending processes killed immediately at shutdown. From tss at iki.fi Mon Jun 11 22:58:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:58:03 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD64195.5070006@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> Message-ID: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> On 11.6.2012, at 22.05, Alex Crow wrote: > Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: > > Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U > nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox From acrow at integrafin.co.uk Mon Jun 11 23:35:33 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 21:35:33 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> Message-ID: <4FD65695.1030100@integrafin.co.uk> On 11/06/12 20:58, Timo Sirainen wrote: > On 11.6.2012, at 22.05, Alex Crow wrote: > >> Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: >> >> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 > http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox > > Thanks Timo, So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? I would like the person viewing the shared box to be able to see the message status set by the sharing party. Cheers Alex From jesper at dahlnyerup.dk Tue Jun 12 00:37:13 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 23:37:13 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: <20120611213713.GA28704@jespernyerup.dk> On Jun 11 14:51, Timo Sirainen wrote: > On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > > > In short, as far as we can tell, all the processes in D state appear to > > be waiting to close the file handle they got from their inotify_init(), > > and eventually all these close()s go through almost simultaneously. > > Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: > > echo 0 > /proc/sys/fs/inotify/max_user_watches > echo 0 > /proc/sys/fs/inotify/max_user_instances I can confirm that this removes the symptoms, and that it doesn't affect the service. Obviously IDLEing users are now only notified upon polling of the file system, but the I/O overhead of doing this seems minimal. It may be important to note, that even though load on our servers surpass 2000, both Dovecot and the server as a whole is responsive and servicing requests, up until the point where Dovecot reaches its configured maximal number of child processes. We're still chasing the root cause in the kernel or the VServer patch set. We'll of course make sure to post our findings here, and I'd very much appreciate to hear about other people's progress. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From tss at iki.fi Tue Jun 12 00:51:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:51:32 +0300 Subject: [Dovecot] v2.0.21 released Message-ID: http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig + dict: file backend supports now also fcntl/flock locking optionally - imap-login: Memory leak fixed - imap: Non-UTF8 input on SEARCH command parameters could have crashed - auth: Fixed crash with DIGEST-MD5 when attempting to do master user login without master passdbs. - sdbox: Don't use more fds than necessary when copying mails. - mdbox kept the user's storage locked a bit longer than it needed to From tss at iki.fi Tue Jun 12 00:55:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:55:00 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD65695.1030100@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: On 11.6.2012, at 23.35, Alex Crow wrote: >>> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >>> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 >> http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox >> >> > > Thanks Timo, > > So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. From tss at iki.fi Tue Jun 12 00:57:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:57:21 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <722AEC19-15CD-4569-ADDD-CEDB355E1EAB@iki.fi> On 12.6.2012, at 0.37, Jesper Dahl Nyerup wrote: >> Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: >> >> echo 0 > /proc/sys/fs/inotify/max_user_watches >> echo 0 > /proc/sys/fs/inotify/max_user_instances > > I can confirm that this removes the symptoms, and that it doesn't affect > the service. Obviously IDLEing users are now only notified upon polling > of the file system, but the I/O overhead of doing this seems minimal. It actually doesn't increase I/O overhead at all. Dovecot always does polling, even with inotify, since inotify doesn't necessarily work with shared filesystems (e.g. NFS). The main difference is that users don't get immediate notifications of new mails now, but have to wait for mailbox_idle_check_interval. From lists at sfricke.de Tue Jun 12 02:32:45 2012 From: lists at sfricke.de (Stefan Fricke) Date: Tue, 12 Jun 2012 01:32:45 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist Message-ID: <1660278.PoqUOhb7Bf@x> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. It works well but I can't get Sieve working. I always get the error that the target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to create it? Here is my doveconf -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } ssl_cert = was automatically rejected:%n%r } From walkerrichardj at gmail.com Tue Jun 12 06:44:10 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:44:10 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles Message-ID: I'm attempting to replace (a) a very old setup that has POP (qpopper) access to inboxes and a separate UW IMAP server that provides folders, with (b) a shiny new mail setup with dovecot providing both inboxes and IMAP support. For the new mail server I created a virtual machine running a minimal Fedora 16 installation and installed sendmail, MIMEDefang, SpamAssassin, ClamAV, procmail, and dovecot. I have kept installing updates as they become available. For now I'm running the old and new mail setups in parallel; I have configured the original sendmail server to forward copies of incoming messages to the new sendmail running on the virtual machine. I then compare the results (e.g., how spam filtering is working). I've kept as much as possible of the original _style_ of setup as possible, which in particular means using sendmail, and message delivery through procmail to mbox files in /var/spool/mail. The key difference is the use of dovecot to provide IMAP access to the inbox and IMAP folders. Because of the legacy setup, my desktop access to email is via Thunderbird 2.0.0.22 on a very old Mac PowerBook G4 to work with both old and new setups and I have two windows open to make comparison possible. (Yes, both mail servers are on separate computers, not on this notebook.) Mostly this is working fine (after a fair bit of tweaking, including adding custom SELinux rules to get rid of all AVCs). I put the notebook to sleep overnight, and in the morning I open it up and see what happens. After a few minutes, the window with the old setup does its POP fetch; the window with the new setup almost straightaway shows the new messages in its version of the inbox. Not quite: again, for legacy reasons I have some Thunderbird filters, and I have duplicated those (still within Thunderbird) for the new setup. The filters are: 1. Move messages tagged as spam by SpamAssassin to the Junk folder. 2. Move messages from GeoNetwork-related senders to a "GeoNetwork" folder. 3. Move all remaining messages to the "In" folder. Most mornings this works just fine. But not always. Sometimes I get duplicates in the "In" and "GeoNetwork" folders of the new dovecot-based setup. I used to get _garbled_ duplicates (with extra random bits of other messages at the end of the duplicates) in the new setup, which I presumed must be due to a locking configuration mismatch. Having fixed that (see below) I no longer get garbled duplicates, but I do still sometimes (including today) get identical duplicates. This seems to happen when one of the incoming messages has a very large attachment - but you may wish to treat that as hearsay. I attach below: 0. The line from /etc/mtab on the new server that covers the filesystem (i.e., including /var/spool and /home). 1. Output of "doveconf -n" and a note about how I modified locking from the Fedora default. 2. Output of "procmail -v". 3. Sendmail procmail mailer config (for good measure; I don't think you need this). 4. An excerpt from /var/log/maillog on the new server showing the beginning of dovecot processing this morning when I opened my notebook. 5. A link to the dovecot raw log files of my "INBOX" and "In" folder processing from this morning. You'll see from the dovecot log files that Thunderbird sends expunge commands, but the expunged messages hang around -- indeed, the same messages get expunged several times! And eventually they get fetched again -- hence the duplicates I see in Thunderbird. Given that INBOX.out contains: 08:56:53.765423 * 537 EXISTS 08:56:53.765423 * 533 RECENT and then, after many expunges: 08:56:58.441341 * 16 EXPUNGE 08:56:58.441341 * 11 EXPUNGE 08:56:58.441341 * 3 EXPUNGE 08:56:58.441341 * 539 EXISTS 08:56:58.441341 * 536 RECENT 08:56:58.441341 9 OK Expunge completed. it looks like I still have a locking problem. I have tried very hard to understand the locking options in dovecot.conf and to match dovecot with procmail -- apparently, there is more to do. 0. The line from /etc/mtab for the filesystem: ---------- /dev/mapper/vg_f16i386serverbasic-lv_root / ext4 rw,seclabel,relatime,user_xattr,acl,barrier=1,data=ordered 0 0 ---------- 1. doveconf -n says: ---------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.3.6-3.fc16.i686.PAE i686 Fedora release 16 (Verne) mail_debug = yes mail_privileged_group = mail namespace { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u prefix = "#mbox/" separator = / type = private } namespace { inbox = no location = maildir:~/Maildir prefix = separator = / type = private } passdb { driver = pam } service imap-login { inet_listener imap { address = localhost } } service imap { executable = imap postlogin } service pop3-login { inet_listener pop3 { address = localhost } } service postlogin { executable = script-login -d rawlog -t } ssl_cert = Copyright (c) 1997-2001, Philip A. Guenther Submit questions/answers to the procmail-related mailinglist by sending to: And of course, subscription and information requests for this list to: Locking strategies: dotlocking, fcntl() Default rcfile: $HOME/.procmailrc It may be writable by your primary group Your system mailbox: /var/spool/mail/rw ---------- (There is no $HOME/.procmailrc or other system-wide procmailrc.) 3. The mailer as defined in sendmail.cf says: ---------- Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=procmail -t -Y -a $h -d $u ---------- 4. The relevant lines from /var/log/maillog: ---------- Jun 12 08:56:53 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21618, TLS Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:56:58 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21625, TLS Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:57:03 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21632, TLS Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= ---------- 5. dovecot raw logs for "INBOX" and "In". Because I have trouble comparing times in epoch format, I've run the logs through a little filter that replaces the timestamps at the beginning of each line with a timestamp in HH:MM:SS.nanosecond format in local time. I've carefully deleted lots of (what I hope are) lines you don't need from the logs. E.g., I deleted the middle section of a block of FETCH statements, leaving the first few and the last few. Please let me know if I deleted too much -- I was trying to be helpful. And of course I replaced e-mail address/subject lines/etc with XXXXXXXXXX. Although the Thunderbird filters are "supposed" to be run in the order I listed above, it seems that Thunderbird fetches all headers, works out what messages should be filtered to which folders, and then sends corresponding IMAP commands that copy the messages to the other folders in a _different_ order of the filters. (I.e., the INBOX log shows copy/store/expunge operations in the order "In", "Junk", then "GeoNetwork", rather than "Junk", "GeoNetwork", "In".) I have renamed the in/out log files as INBOX.in, INBOX.out, In.in, In.out and uploaded them to: https://sites.google.com/site/rwdownloadssite/dovecot-logs Thanks in advance to anyone who is willing to take a look and advise what I need to do. From walkerrichardj at gmail.com Tue Jun 12 06:58:33 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:58:33 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles In-Reply-To: References: Message-ID: On 12/06/2012, Richard Walker wrote: > 1. Output of "doveconf -n" and a note about how I modified locking > from the Fedora default. Oops, I can send more of the config if necessary -- again, I was trying to be "helpful" by cutting out the default settings. The output of "doveconf | grep lock" is: dotlock_use_excl = yes lock_method = fcntl mail_max_lock_timeout = 0 mbox_dotlock_change_timeout = 2 mins mbox_lock_timeout = 5 mins mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl pop3_lock_session = no From a.kostyrev at serverc.ru Tue Jun 12 10:29:03 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 12 Jun 2012 18:29:03 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Message-ID: <213B51F00051AE48A9F0E112880177178F79F1@Delta.sc.local> Thanks, that worked! I ended up with: password_query = select 'y' as proxy, \ NULL AS password, \ 'y' as nopassword, \ case '%a' \ when 110 then 2110 \ when 995 then 2995 \ when 143 then 2143 \ when 993 then 2993 \ when 24 then 224 \ when 4190 then 24190 end \ as port, \ case '%a' \ when 995 then 'any-cert' \ when 993 then 'any-cert' end \ as `ssl`; -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:48 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From rago at lal.in2p3.fr Tue Jun 12 12:41:47 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 11:41:47 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <20120609191958.GA12009@daniel.localdomain> References: <4FD0EB43.8070104@lal.in2p3.fr> <20120609191958.GA12009@daniel.localdomain> Message-ID: <4FD70EDB.6060105@lal.in2p3.fr> On 06/09/2012 09:19 PM, Daniel Parthey wrote: > Hi Emiliano, > > Emiliano Rago wrote: >> I need to set up a weird dovecot configuration: >> >> 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme >> 2) inside a ssl tunnel I'd like to authenticate only with plain auth > > You might try to set up two instances of dovecot, one for plain, one for ssl: > > http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Uhmmm, I don't like too much that solution, anyway, thank you very much! Regards, Emiliano From amateo at um.es Tue Jun 12 13:23:28 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:23:28 +0200 Subject: [Dovecot] Problem with lmtp director proxy Message-ID: <4FD718A0.50605@um.es> Hi, I have a timeout problem only when I have heavy load in my system. I have two director servers directing to 4 backend servers. The problem is when my smtp relays tries to deliver mail to my users via lmtp (proxied with director). In the smtp logs I have: Jun 12 11:41:18 xenon13 postfix/lmtp[4248]: 4433E5D5A0: to=, relay=pop.um.es[155.54.212.106]:24, delay=31, delays=0.41/0.06/0/30, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) If I look for this connection in the director servers I have: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) and in one of the final server (the one for the user in question): Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) So the mail seems to be correctly delivered in about 30 seconds. All my postfix timeouts are bigger than this time: lmtp_connect_timeout = 0s lmtp_connection_cache_time_limit = 2s lmtp_connection_reuse_time_limit = 300s lmtp_data_done_timeout = 600s lmtp_data_init_timeout = 120s lmtp_data_xfer_timeout = 180s lmtp_lhlo_timeout = 300s lmtp_mail_timeout = 300s lmtp_pix_workaround_delay_time = 10s lmtp_pix_workaround_threshold_time = 500s lmtp_quit_timeout = 300s lmtp_rcpt_timeout = 300s lmtp_rset_timeout = 20s lmtp_sasl_auth_cache_time = 90d lmtp_starttls_timeout = 300s lmtp_tls_session_cache_timeout = 3600s lmtp_xforward_timeout = 300s So... why do I have this error? As a side effect this mail was delivered twice in the user's mailbox, this is one and the other when postfix retries again. Any help? Thank you -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From janfrode at tanso.net Tue Jun 12 13:38:54 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 12 Jun 2012 12:38:54 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <20120612103854.GA29754@dibs.tanso.net> On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: > I have two director servers directing to 4 backend servers. Which dovecot version are you running on your directors and backends? We're running 2.0.14 plus the below linked patches and have not since this problem since applying the last one. http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c -jf From amateo at um.es Tue Jun 12 13:47:40 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:47:40 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <20120612103854.GA29754@dibs.tanso.net> References: <4FD718A0.50605@um.es> <20120612103854.GA29754@dibs.tanso.net> Message-ID: <4FD71E4C.1010509@um.es> El 12/06/12 12:38, Jan-Frode Myklebust escribi?: > On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: >> I have two director servers directing to 4 backend servers. > > Which dovecot version are you running on your directors and backends? > 2.1.5 > We're running 2.0.14 plus the below linked patches and have not > since this problem since applying the last one. > > > http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c > I have checked if those patchs are included: * The first one seems not to apply, because it's for lmtp-proxy.c and this file seems completely different than the one in the patch * The second is already applied -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From rago at lal.in2p3.fr Tue Jun 12 15:08:31 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 14:08:31 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders Message-ID: <4FD7313F.9060406@lal.in2p3.fr> Hi, I'd like to subscribe folder with doveadm: doveadm mailbox subscribe -u rago public.Conferences This command doesn't work, while it works with an ordinary folder. However it's possible to subscribe to the folder with an imap connection: 1 login rago "mypasswd" 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in 2 LSUB "" * * LSUB () "." "INBOX" 2 OK Lsub completed. 3 SUBSCRIBE "public.Conferences" 3 OK Subscribe completed. 4 LSUB "" * * LSUB () "." "INBOX" * LSUB () "." "public.Conferences" 4 OK Lsub completed. Am I doing anything wrong? This is my conf, thx for help, Emiliano # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 5 (Tikanga) ext4 auth_cache_size = 128 M auth_master_user_separator = * auth_mechanisms = plain cram-md5 mail_location = maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = . type = private } namespace { list = children location = maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } namespace { list = children location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC prefix = public. separator = . subscriptions = no type = public } passdb { args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt driver = passwd-file } passdb { args = /etc/dovecot/master-shared driver = passwd-file master = yes } passdb { args = /etc/dovecot/master-shared driver = passwd-file } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db sieve = /data/MAIL/SIEVE/%u/dovecot.sieve sieve_dir = /data/MAIL/SIEVE/%u } postmaster_address = root protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = mailreader mode = 0600 user = mailreader } } service imap-login { process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /etc/dovecot/postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = good day! Did anybody in here decide to go for commercial support from Dovecot Solutions Oy ? I'd like to know if you are satisfied with what they provide? if time of support reaction is really as what is stated at their site and stuff like that. From forall at stalowka.info Tue Jun 12 16:15:13 2012 From: forall at stalowka.info (For@ll) Date: Tue, 12 Jun 2012 15:15:13 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On 11.06.2012 16:03, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > I'm looking the same version but for Ubuntu Server 12.04. From lists at kokelnet.de Tue Jun 12 16:49:33 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Tue, 12 Jun 2012 15:49:33 +0200 Subject: [Dovecot] =?utf-8?q?Dovecot_2=2E1_stable_packages_for_Debian=3F?= In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: Am 12.06.2012 15:15, schrieb For at ll: > I'm looking the same version but for Ubuntu Server 12.04. I use the packages from https://launchpad.net/~christian-roessner-net/+archive/ppa in production. Also the description of this ppa warns to use these packages only if you're able to help youself and it's a development ppa. But I have had no problems yet with these packages. I think there aren't packages out there someone would provide support for. So, compile it or use those development/ community packages or wait until dovecot 2.1 will get into debian/ubuntu stable. Regards, Tobias Hachmer From e-frog at gmx.de Tue Jun 12 19:17:54 2012 From: e-frog at gmx.de (e-frog) Date: Tue, 12 Jun 2012 18:17:54 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD76BB2.7040906@gmx.de> On 12.06.2012 15:15, wrote For at ll: > On 11.06.2012 16:03, Tomislav Mihalicek wrote: >> >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> > > I'm looking the same version but for Ubuntu Server 12.04. > 2.1.7 just landed in quantal yesterday: https://launchpad.net/ubuntu/+source/dovecot From user+dovecot at localhost.localdomain.org Tue Jun 12 20:00:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 12 Jun 2012 19:00:27 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <1660278.PoqUOhb7Bf@x> References: <1660278.PoqUOhb7Bf@x> Message-ID: <4FD775AB.8010503@localhost.localdomain.org> On 06/12/2012 01:32 AM Stefan Fricke wrote: > I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. > It works well but I can't get Sieve working. I always get the error that the > target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to > create it? Not with your current configuration. See: http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 > > Here is my doveconf -n: > > # 2.0.19: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS > mail_debug = yes > mail_location = maildir:~/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 sieve > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH: > +MEDIUM > ssl_key = userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 10 > } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > } > protocol lda { > deliver_log_format = msgid=%m: %$ > mail_plugins = sieve > postmaster_address = postmaster > quota_full_tempfail = yes > rejection_reason = Your message to <%t> was automatically rejected:%n%r > } > > > Regards, Pascal -- The trapper recommends today: cafefeed.1216418 at localdomain.org From tss at iki.fi Tue Jun 12 20:15:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 20:15:22 +0300 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <4FD775AB.8010503@localhost.localdomain.org> References: <1660278.PoqUOhb7Bf@x> <4FD775AB.8010503@localhost.localdomain.org> Message-ID: <854C866C-44BB-4EF4-95A3-D765ED980833@iki.fi> On 12.6.2012, at 20.00, Pascal Volk wrote: > On 06/12/2012 01:32 AM Stefan Fricke wrote: >> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. >> It works well but I can't get Sieve working. I always get the error that the >> target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to >> create it? > > Not with your current configuration. See: > http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 Even better (more standard): Use fileinto :create "box"; From toml at engr.orst.edu Tue Jun 12 21:16:52 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Tue, 12 Jun 2012 11:16:52 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> Message-ID: <4FD78794.1030905@engr.orst.edu> On 6/11/12 5:21 AM, Timo Sirainen wrote: > On 8.6.2012, at 3.34, Tom Lieuallen wrote: > >> Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox& maildir). > > You should be able to use prefix=iphonemail/shared/ Timo et all, Unfortunately, that did not work. l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. So, the shared folders are listed twice when I do not include a prefix and neither are shown at all when I do include a prefix. namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = shared } I'm assuming I'm testing this correctly and in the best way. :-) thank you Tom Lieuallen From l.messner at physik.tu-berlin.de Tue Jun 12 21:56:13 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Tue, 12 Jun 2012 20:56:13 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611155124.GM89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> <20120611155124.GM89928@rosa.physik.tu-berlin.de> Message-ID: <20120612185613.GB80625@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 05:51:24PM +0200, Leon Me?ner wrote: > On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > > > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > >> i > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > >> > > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > > >> environment is being called too late. > > > > > > It's still looking inside the default krb5.keytab . > > > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. > > I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . > I will update the machine to 8.3 (which is the latest release in 8.x), Updating and recompiling did not help. I don't know where to look for the problem though. If i use the kerberos utilities with KRB5_KTNAME the environment variable is beeing picked up ok. 19:22_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab ktutil list /etc/mail3.krb5.keytab: Vno Type Principal 1 des-cbc-crc imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md4 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md5 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des3-cbc-sha1 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 19:34_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab kinit -k imap/mail3.physik-pool.tu-berlin.de 19:39_root at mail3:/usr/ports/mail/dovecot# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE Issued Expires Principal Jun 12 19:39:11 Jun 13 05:39:11 krbtgt/PCPOOL.PHYSIK.TU-BERLIN.DE at PCPOOL.PHYSIK.TU-BERLIN.DE From dmiller at amfes.com Tue Jun 12 21:56:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 12 Jun 2012 11:56:45 -0700 Subject: [Dovecot] gnutls support In-Reply-To: <1284640879.3030.460.camel@kurkku.sapo.corppt.com> References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: On 9/16/2010 5:41 AM, Timo Sirainen wrote: > On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >> Other than license issues, is there an advantage to using gnutls vs >> openssl? Or is openssl superior - at least in the current implementations? > Dovecot's GNUTLS support was written long time ago and its API has > changed since. It doesn't work. But a working GNUTLS support would still > be nice some day. I don't much like OpenSSL. > > With 2.1.7 - is GNUTLS supported? -- Daniel From tss at iki.fi Tue Jun 12 21:59:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 21:59:44 +0300 Subject: [Dovecot] gnutls support In-Reply-To: References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: <22E936E6-12A6-449E-A82F-6E1B5061FA9E@iki.fi> On 12.6.2012, at 21.56, Daniel L. Miller wrote: > On 9/16/2010 5:41 AM, Timo Sirainen wrote: >> On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >>> Other than license issues, is there an advantage to using gnutls vs >>> openssl? Or is openssl superior - at least in the current implementations? >> Dovecot's GNUTLS support was written long time ago and its API has >> changed since. It doesn't work. But a working GNUTLS support would still >> be nice some day. I don't much like OpenSSL. > With 2.1.7 - is GNUTLS supported? No, and I have no plans to add it. But I don't mind if someone sends a patch. From acrow at integrafin.co.uk Tue Jun 12 22:34:50 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Tue, 12 Jun 2012 20:34:50 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: <4FD799DA.6020508@integrafin.co.uk> > That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. > > Timo, Thanks, I pointed them both the to same location (I keep my indexes on an SSD array) and now shared folders seem to work fine. Cheers for your help, Alex From anmeyer at anup.de Tue Jun 12 23:41:33 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Tue, 12 Jun 2012 22:41:33 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: References: Message-ID: <20120612224133.6ae2eedb@itx.bitcorner.intern> Timo Sirainen wrote: > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > + dict: file backend supports now also fcntl/flock locking optionally > - imap-login: Memory leak fixed > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > login without master passdbs. > - sdbox: Don't use more fds than necessary when copying mails. > - mdbox kept the user's storage locked a bit longer than it needed to > Please can some soul explain the naming conventions used to release this software? Tue Jun 12 00:51:56 EEST 2012 Released v2.0.21. Tue May 29 22:24:49 EEST 2012 Released v2.1.7. I don't understand the numbering. Andreas From Ralf.Hildebrandt at charite.de Tue Jun 12 23:42:58 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Tue, 12 Jun 2012 22:42:58 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <20120612204258.GE13775@charite.de> * Andreas Meyer : > Timo Sirainen wrote: > > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > > > + dict: file backend supports now also fcntl/flock locking optionally > > - imap-login: Memory leak fixed > > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > > login without master passdbs. > > - sdbox: Don't use more fds than necessary when copying mails. > > - mdbox kept the user's storage locked a bit longer than it needed to > > > > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering. 2.0 and 2.1 are different branches. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From h.reindl at thelounge.net Tue Jun 12 23:45:40 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 12 Jun 2012 22:45:40 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <4FD7AA74.7030504@thelounge.net> Am 12.06.2012 22:41, schrieb Andreas Meyer: > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering the same as PHP http://www.php.net/archive/2012.php#id2012-05-08-1 PHP 5.4.3 and PHP 5.3.13 Released be happy that there is software where you not forced to upgrade as soon as a new manjor/minor version is out -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From amateo at um.es Wed Jun 13 09:58:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 08:58:46 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <4FD83A26.3030209@um.es> Hi, I have checked in almost every error I had that the error is produced whenever happens a timeout of 30 seconds between opening the connection between the director and backend server and the final delivery of the message in the user's mailbox. When I have mails with just a few of recipients, I have no problem because this 30 seconds timeout is never reached. But when I have mails with more recipients and my storage has workload it is sometimes reached. But I haven't found any configuration for this 30 seconds timeout. What could it be this option? Because I have configured proxy_timeout=120 in proxy configuration: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host Looking for this timeout in the code, I have found these defines: director/director.c:#define DIRECTOR_RECONNECT_TIMEOUT_MSECS (30*1000) director/director.c:#define DIRECTOR_USER_MOVE_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_SEND_USERS_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS (30*1000) director/director-request.c:#define DIRECTOR_REQUEST_TIMEOUT_SECS 30 lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) Could it be one of these timeouts? In this case... is there any way to configure it without changing code? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From oni-neko at gmx.net Wed Jun 13 10:47:02 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Wed, 13 Jun 2012 09:47:02 +0200 Subject: [Dovecot] question about changing certificate In-Reply-To: <4FD6497B.6090007@gedalya.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> Message-ID: <20120613074702.115300@gmx.net> thank you for your answer! -------- Original-Nachricht -------- > Datum: Mon, 11 Jun 2012 15:39:39 -0400 > Von: Gedalya > An: dovecot at dovecot.org > Betreff: Re: [Dovecot] question about changing certificate > Are both files identical, do they both contain the private key? umm, no, ok, I think I see at least part of the problem: I have only the certificate, but no key =/ durr, ok, that is way obvious as a problem. next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? thank you for answering my obviously quite, umm, uninformed questions =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From rago at lal.in2p3.fr Wed Jun 13 12:59:15 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 11:59:15 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD7313F.9060406@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> Message-ID: <4FD86473.8010104@lal.in2p3.fr> Hi, what it's happening with the doveadm command below is that the file modified is /data/MAIL/PUBLIC/subscriptions while I'd like to modify the file /data/MAIL/rago/subscriptions With subscriptions=no every user can subscribe to public folder, so perhaps this behaviour is inappropriate; suggestions? Thanks, Emiliano Rago On 06/12/2012 02:08 PM, Emiliano Rago wrote: > Hi, > > I'd like to subscribe folder with doveadm: > > doveadm mailbox subscribe -u rago public.Conferences > > This command doesn't work, while it works with an ordinary folder. > However it's possible to subscribe to the folder with an imap connection: > > 1 login rago "mypasswd" > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > RIGHTS=texk] Logged in > 2 LSUB "" * > * LSUB () "." "INBOX" > 2 OK Lsub completed. > 3 SUBSCRIBE "public.Conferences" > 3 OK Subscribe completed. > 4 LSUB "" * > * LSUB () "." "INBOX" > * LSUB () "." "public.Conferences" > 4 OK Lsub completed. > > Am I doing anything wrong? > > This is my conf, thx for help, > Emiliano > > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > Server release 5 (Tikanga) ext4 > auth_cache_size = 128 M > auth_master_user_separator = * > auth_mechanisms = plain cram-md5 > mail_location = > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date > mbox_write_locks = fcntl > namespace { > inbox = yes > location = > prefix = > separator = . > type = private > } > namespace { > list = children > location = > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > prefix = shared.%%u. > separator = . > subscriptions = no > type = shared > } > namespace { > list = children > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > prefix = public. > separator = . > subscriptions = no > type = public > } > passdb { > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > driver = passwd-file > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > master = yes > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_anyone = allow > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > sieve_dir = /data/MAIL/SIEVE/%u > } > postmaster_address = root > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > unix_listener auth-userdb { > group = mailreader > mode = 0600 > user = mailreader > } > } > service imap-login { > process_min_avail = 8 > service_count = 0 > vsz_limit = 512 M > } > service imap-postlogin { > executable = script-login /etc/dovecot/postlogin.sh > user = $default_internal_user > } > service imap { > executable = imap imap-postlogin > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > userdb { > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > allow_all_users=yes > driver = static > } > protocol lda { > mail_plugins = acl sieve > } > protocol imap { > mail_max_userip_connections = 128 > mail_plugins = acl imap_acl > } From gedalya at gedalya.net Wed Jun 13 13:14:51 2012 From: gedalya at gedalya.net (Gedalya) Date: Wed, 13 Jun 2012 06:14:51 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120613074702.115300@gmx.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> <20120613074702.115300@gmx.net> Message-ID: <4FD8681B.4070609@gedalya.net> On 06/13/2012 03:47 AM, oni-neko at gmx.net wrote: > next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? You certainly can't use the certificate without the key. And I guess dovecot needs ssl_key_file, unless it would be smart enough to figure it out for itself when you omit it. Either way, here is basically how it works. A certificate is not a secret, you in fact push it down to every connecting client. A certificate is something that identifies a server, and the private key is what makes it possible for you to demonstrate that you are the owner of the certificate. When a CA signs your certificate, you send them the public half of your key, and they make a certificate from it, and sign it, and that basically says: we were convinced that the entity that holds this key has a legitimate connection to this domain name. All that remains is for you to prove to the world that you are actually you = you are in possession of the private key. So, dovecot actually needs the key to do this mathematical magic every time a client connects. From amateo at um.es Wed Jun 13 14:15:00 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 13:15:00 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: <4FD87634.9000407@um.es> On 11/06/12 13:45, Timo Sirainen wrote: > On 11.6.2012, at 13.19, Angel L. Mateo wrote: > >>> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >>> >> What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? > > Yes. > >> Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. >> >> What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? > > If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. > I'm trying to configure it this way, so I have configure process_limit to the number of cores and client_limit big enough to attempt the maximum number of connections configured at the backends. In my test environment I have configured (this is extracted from doveconf -n output): service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } When I made the first connection, there's no problem, but if I try a second while the first is still open, I get: Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): client_limit (1) reached, client connections are being dropped Why is telling me that client_limit is reached? What client_limit is used? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Wed Jun 13 15:06:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:06:01 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD87634.9000407@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> Message-ID: <1339589161.25551.0.camel@innu> On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: > In my test environment I have configured (this is extracted from > doveconf -n output): > > service imap-login { > client_limit = 10740 > executable = imap-login director > process_limit = 1 > process_min_avail = 1 > } > > When I made the first connection, there's no problem, but if I try a > second while the first is still open, I get: > > Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): > client_limit (1) reached, client connections are being dropped > > Why is telling me that client_limit is reached? What client_limit is used? Dunno. What Dovecot version? Show the whole doveconf -n? You don't have multiple dovecot.confs, right? From amateo at um.es Wed Jun 13 15:15:30 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 14:15:30 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339589161.25551.0.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> Message-ID: <4FD88462.5070908@um.es> On 13/06/12 14:06, Timo Sirainen wrote: > On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: >> In my test environment I have configured (this is extracted from >> doveconf -n output): >> >> service imap-login { >> client_limit = 10740 >> executable = imap-login director >> process_limit = 1 >> process_min_avail = 1 >> } >> >> When I made the first connection, there's no problem, but if I try a >> second while the first is still open, I get: >> >> Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): >> client_limit (1) reached, client connections are being dropped >> >> Why is telling me that client_limit is reached? What client_limit is used? > > Dunno. What Dovecot version? Show the whole doveconf -n? You don't have > multiple dovecot.confs, right? > > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have multiple.confs but, because I'm managing configuration with puppet, is easier for me to have a few "service imap-login" entries in the 10-master.conf file. In previous checks I did, it seems to be mixed without problems, but I'm going to try to manually mixed them. What I have is: service imap-login { inet_listener imap { #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } # Number of connections to handle before starting a new process. Typically # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 # is faster. #service_count = 1 # Number of processes to always keep waiting for more connections. #process_min_avail = 0 # If you set service_count=0, you probably need to grow this. #vsz_limit = $default_vsz_limit } ... service imap-login { executable = imap-login director client_limit = 10740 process_limit = 1 process_min_avail = 1 } -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-4-amd64 x86_64 Ubuntu 10.04.4 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.187 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/expunged:INDEX=/var/indexes/%n prefix = .EXPUNGED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted:INDEX=/var/indexes/%n prefix = .DELETED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted/expunged:INDEX=/var/indexes/%n prefix = .DELETED/.EXPUNGED/ separator = / subscriptions = no type = private } namespace { inbox = yes location = prefix = separator = / } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } protocols = imap pop3 lmtp imap lmtp pop3 service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } service imap { process_limit = 5120 process_min_avail = 1 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { client_limit = 2500 executable = pop3-login director process_limit = 1 process_min_avail = 1 } service pop3 { process_min_avail = 1 } ssl = no ssl_cert = References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> Message-ID: <1339590528.25551.2.camel@innu> On Wed, 2012-06-13 at 14:15 +0200, Angel L. Mateo wrote: > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have > multiple.confs but, because I'm managing configuration with puppet, is > easier for me to have a few "service imap-login" entries in the > 10-master.conf file. In previous checks I did, it seems to be mixed > without problems, but I'm going to try to manually mixed them. What I > have is: .. > service imap-login { > # Number of connections to handle before starting a new process. > Typically > # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 > # is faster. > #service_count = 1 Oh, right, service_count=1 is the default and that overrides client_limit. Set it to 0. From tss at iki.fi Wed Jun 13 15:39:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:39:47 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339590528.25551.2.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> Message-ID: <1339591187.25551.3.camel@innu> On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: > Oh, right, service_count=1 is the default and that overrides > client_limit. Set it to 0. http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 From tss at iki.fi Wed Jun 13 15:50:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:50:33 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD86473.8010104@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> Message-ID: <1339591833.25551.4.camel@innu> Does it work if you do it via imap? echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > Hi, > > what it's happening with the doveadm command below is that > the file modified is /data/MAIL/PUBLIC/subscriptions > while I'd like to modify the file /data/MAIL/rago/subscriptions > > With subscriptions=no every user can subscribe to public folder, > so perhaps this behaviour is inappropriate; suggestions? > > Thanks, > Emiliano Rago > > > On 06/12/2012 02:08 PM, Emiliano Rago wrote: > > Hi, > > > > I'd like to subscribe folder with doveadm: > > > > doveadm mailbox subscribe -u rago public.Conferences > > > > This command doesn't work, while it works with an ordinary folder. > > However it's possible to subscribe to the folder with an imap connection: > > > > 1 login rago "mypasswd" > > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > > RIGHTS=texk] Logged in > > 2 LSUB "" * > > * LSUB () "." "INBOX" > > 2 OK Lsub completed. > > 3 SUBSCRIBE "public.Conferences" > > 3 OK Subscribe completed. > > 4 LSUB "" * > > * LSUB () "." "INBOX" > > * LSUB () "." "public.Conferences" > > 4 OK Lsub completed. > > > > Am I doing anything wrong? > > > > This is my conf, thx for help, > > Emiliano > > > > # 2.0.9: /etc/dovecot/dovecot.conf > > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > > Server release 5 (Tikanga) ext4 > > auth_cache_size = 128 M > > auth_master_user_separator = * > > auth_mechanisms = plain cram-md5 > > mail_location = > > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > > > maildir_very_dirty_syncs = yes > > managesieve_notify_capability = mailto > > managesieve_sieve_capability = fileinto reject envelope > > encoded-character vacation subaddress comparator-i;ascii-numeric > > relational regex imap4flags copy include variables body enotify > > environment mailbox date > > mbox_write_locks = fcntl > > namespace { > > inbox = yes > > location = > > prefix = > > separator = . > > type = private > > } > > namespace { > > list = children > > location = > > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > > prefix = shared.%%u. > > separator = . > > subscriptions = no > > type = shared > > } > > namespace { > > list = children > > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > > prefix = public. > > separator = . > > subscriptions = no > > type = public > > } > > passdb { > > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > > driver = passwd-file > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > master = yes > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > plugin { > > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > > acl_anyone = allow > > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > > sieve_dir = /data/MAIL/SIEVE/%u > > } > > postmaster_address = root > > protocols = imap sieve > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > unix_listener auth-userdb { > > group = mailreader > > mode = 0600 > > user = mailreader > > } > > } > > service imap-login { > > process_min_avail = 8 > > service_count = 0 > > vsz_limit = 512 M > > } > > service imap-postlogin { > > executable = script-login /etc/dovecot/postlogin.sh > > user = $default_internal_user > > } > > service imap { > > executable = imap imap-postlogin > > } > > ssl_cert = > ssl_key = > userdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > userdb { > > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > > allow_all_users=yes > > driver = static > > } > > protocol lda { > > mail_plugins = acl sieve > > } > > protocol imap { > > mail_max_userip_connections = 128 > > mail_plugins = acl imap_acl > > } > From tss at iki.fi Wed Jun 13 15:59:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:59:29 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD83A26.3030209@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> Message-ID: <1339592369.25551.7.camel@innu> On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: > I have checked in almost every error I had that the error is produced > whenever happens a timeout of 30 seconds between opening the connection > between the director and backend server and the final delivery of the > message in the user's mailbox. > > When I have mails with just a few of recipients, I have no problem > because this 30 seconds timeout is never reached. But when I have mails > with more recipients and my storage has workload it is sometimes reached. Ah, so it's not really a bug. I thought it might be because there had been such problems before. > But I haven't found any configuration for this 30 seconds timeout. What > could it be this option? Because I have configured proxy_timeout=120 in > proxy configuration: > > pass_attrs = > irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host This should work.. > lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) This is the default, but proxy_timeout should override it. What do you get in logs with auth_debug=yes? From rago at lal.in2p3.fr Wed Jun 13 16:24:02 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 15:24:02 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <1339591833.25551.4.camel@innu> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> Message-ID: <4FD89472.2070002@lal.in2p3.fr> It works! Thanks! Emiliano On 06/13/2012 02:50 PM, Timo Sirainen wrote: > Does it work if you do it via imap? > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: >> Hi, >> >> what it's happening with the doveadm command below is that >> the file modified is /data/MAIL/PUBLIC/subscriptions >> while I'd like to modify the file /data/MAIL/rago/subscriptions >> >> With subscriptions=no every user can subscribe to public folder, >> so perhaps this behaviour is inappropriate; suggestions? >> >> Thanks, >> Emiliano Rago >> >> >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: >>> Hi, >>> >>> I'd like to subscribe folder with doveadm: >>> >>> doveadm mailbox subscribe -u rago public.Conferences >>> >>> This command doesn't work, while it works with an ordinary folder. >>> However it's possible to subscribe to the folder with an imap connection: >>> >>> 1 login rago "mypasswd" >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL >>> RIGHTS=texk] Logged in >>> 2 LSUB "" * >>> * LSUB () "." "INBOX" >>> 2 OK Lsub completed. >>> 3 SUBSCRIBE "public.Conferences" >>> 3 OK Subscribe completed. >>> 4 LSUB "" * >>> * LSUB () "." "INBOX" >>> * LSUB () "." "public.Conferences" >>> 4 OK Lsub completed. >>> >>> Am I doing anything wrong? >>> >>> This is my conf, thx for help, >>> Emiliano >>> >>> # 2.0.9: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux >>> Server release 5 (Tikanga) ext4 >>> auth_cache_size = 128 M >>> auth_master_user_separator = * >>> auth_mechanisms = plain cram-md5 >>> mail_location = >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u >>> >>> maildir_very_dirty_syncs = yes >>> managesieve_notify_capability = mailto >>> managesieve_sieve_capability = fileinto reject envelope >>> encoded-character vacation subaddress comparator-i;ascii-numeric >>> relational regex imap4flags copy include variables body enotify >>> environment mailbox date >>> mbox_write_locks = fcntl >>> namespace { >>> inbox = yes >>> location = >>> prefix = >>> separator = . >>> type = private >>> } >>> namespace { >>> list = children >>> location = >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u >>> prefix = shared.%%u. >>> separator = . >>> subscriptions = no >>> type = shared >>> } >>> namespace { >>> list = children >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC >>> prefix = public. >>> separator = . >>> subscriptions = no >>> type = public >>> } >>> passdb { >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt >>> driver = passwd-file >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> master = yes >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> plugin { >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 >>> acl_anyone = allow >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve >>> sieve_dir = /data/MAIL/SIEVE/%u >>> } >>> postmaster_address = root >>> protocols = imap sieve >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> mode = 0666 >>> } >>> unix_listener auth-userdb { >>> group = mailreader >>> mode = 0600 >>> user = mailreader >>> } >>> } >>> service imap-login { >>> process_min_avail = 8 >>> service_count = 0 >>> vsz_limit = 512 M >>> } >>> service imap-postlogin { >>> executable = script-login /etc/dovecot/postlogin.sh >>> user = $default_internal_user >>> } >>> service imap { >>> executable = imap imap-postlogin >>> } >>> ssl_cert =>> ssl_key =>> userdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> userdb { >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u >>> allow_all_users=yes >>> driver = static >>> } >>> protocol lda { >>> mail_plugins = acl sieve >>> } >>> protocol imap { >>> mail_max_userip_connections = 128 >>> mail_plugins = acl imap_acl >>> } >> > > From tss at iki.fi Wed Jun 13 16:38:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:38:43 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD78794.1030905@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> Message-ID: <1339594723.25551.8.camel@innu> On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: > namespace { > hidden = yes > inbox = no > list = children > location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u > prefix = iphonemail/sharedimap/ > separator = / > type = shared type=public and same for the other shared namespace. The type=shared namespaces are for mailboxes shared between users. From tss at iki.fi Wed Jun 13 16:40:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:40:22 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD89472.2070002@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> <4FD89472.2070002@lal.in2p3.fr> Message-ID: <1339594822.25551.9.camel@innu> OK. v2.1 should have fixed this also for doveadm subscribe. On Wed, 2012-06-13 at 15:24 +0200, Emiliano Rago wrote: > It works! Thanks! > > Emiliano > > On 06/13/2012 02:50 PM, Timo Sirainen wrote: > > Does it work if you do it via imap? > > > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > >> Hi, > >> > >> what it's happening with the doveadm command below is that > >> the file modified is /data/MAIL/PUBLIC/subscriptions > >> while I'd like to modify the file /data/MAIL/rago/subscriptions > >> > >> With subscriptions=no every user can subscribe to public folder, > >> so perhaps this behaviour is inappropriate; suggestions? > >> > >> Thanks, > >> Emiliano Rago > >> > >> > >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: > >>> Hi, > >>> > >>> I'd like to subscribe folder with doveadm: > >>> > >>> doveadm mailbox subscribe -u rago public.Conferences > >>> > >>> This command doesn't work, while it works with an ordinary folder. > >>> However it's possible to subscribe to the folder with an imap connection: > >>> > >>> 1 login rago "mypasswd" > >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > >>> RIGHTS=texk] Logged in > >>> 2 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> 2 OK Lsub completed. > >>> 3 SUBSCRIBE "public.Conferences" > >>> 3 OK Subscribe completed. > >>> 4 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> * LSUB () "." "public.Conferences" > >>> 4 OK Lsub completed. > >>> > >>> Am I doing anything wrong? > >>> > >>> This is my conf, thx for help, > >>> Emiliano > >>> > >>> # 2.0.9: /etc/dovecot/dovecot.conf > >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > >>> Server release 5 (Tikanga) ext4 > >>> auth_cache_size = 128 M > >>> auth_master_user_separator = * > >>> auth_mechanisms = plain cram-md5 > >>> mail_location = > >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > >>> > >>> maildir_very_dirty_syncs = yes > >>> managesieve_notify_capability = mailto > >>> managesieve_sieve_capability = fileinto reject envelope > >>> encoded-character vacation subaddress comparator-i;ascii-numeric > >>> relational regex imap4flags copy include variables body enotify > >>> environment mailbox date > >>> mbox_write_locks = fcntl > >>> namespace { > >>> inbox = yes > >>> location = > >>> prefix = > >>> separator = . > >>> type = private > >>> } > >>> namespace { > >>> list = children > >>> location = > >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > >>> prefix = shared.%%u. > >>> separator = . > >>> subscriptions = no > >>> type = shared > >>> } > >>> namespace { > >>> list = children > >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > >>> prefix = public. > >>> separator = . > >>> subscriptions = no > >>> type = public > >>> } > >>> passdb { > >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > >>> driver = passwd-file > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> master = yes > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> plugin { > >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > >>> acl_anyone = allow > >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > >>> sieve_dir = /data/MAIL/SIEVE/%u > >>> } > >>> postmaster_address = root > >>> protocols = imap sieve > >>> service auth { > >>> unix_listener /var/spool/postfix/private/auth { > >>> mode = 0666 > >>> } > >>> unix_listener auth-userdb { > >>> group = mailreader > >>> mode = 0600 > >>> user = mailreader > >>> } > >>> } > >>> service imap-login { > >>> process_min_avail = 8 > >>> service_count = 0 > >>> vsz_limit = 512 M > >>> } > >>> service imap-postlogin { > >>> executable = script-login /etc/dovecot/postlogin.sh > >>> user = $default_internal_user > >>> } > >>> service imap { > >>> executable = imap imap-postlogin > >>> } > >>> ssl_cert = >>> ssl_key = >>> userdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> userdb { > >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > >>> allow_all_users=yes > >>> driver = static > >>> } > >>> protocol lda { > >>> mail_plugins = acl sieve > >>> } > >>> protocol imap { > >>> mail_max_userip_connections = 128 > >>> mail_plugins = acl imap_acl > >>> } > >> > > > > > From amateo at um.es Wed Jun 13 17:57:42 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 16:57:42 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339592369.25551.7.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> Message-ID: <4FD8AA66.7050909@um.es> El 13/06/12 14:59, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: >> I have checked in almost every error I had that the error is produced >> whenever happens a timeout of 30 seconds between opening the connection >> between the director and backend server and the final delivery of the >> message in the user's mailbox. >> >> When I have mails with just a few of recipients, I have no problem >> because this 30 seconds timeout is never reached. But when I have mails >> with more recipients and my storage has workload it is sometimes reached. > > Ah, so it's not really a bug. I thought it might be because there had > been such problems before. > >> But I haven't found any configuration for this 30 seconds timeout. What >> could it be this option? Because I have configured proxy_timeout=120 in >> proxy configuration: >> >> pass_attrs = >> irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host > > This should work.. > >> lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) > > This is the default, but proxy_timeout should override it. > But then, why timeout is reached after only 30 seconds? Could it be other define timeout like DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS? > What do you get in logs with auth_debug=yes? > I've got always auth_debug=yes. In the director server, logs are: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) but I have checked with newer errors, all I see in logs are "Connect from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not produced any more (maybe because director has this information yet?) At backend servers are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' From tss at iki.fi Wed Jun 13 18:17:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 18:17:57 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8AA66.7050909@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> Message-ID: <1339600677.25551.12.camel@innu> On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: > user=user1 proxy host=155.54.211.163 proxy_refresh=450 That says proxy_refresh, not proxy_timeout. > but I have checked with newer errors, all I see in logs are "Connect > from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not > produced any more (maybe because director has this information yet?) Director shouldn't affect it. There should still be auth input lines logged. doveconf -n? From toml at engr.orst.edu Wed Jun 13 19:58:19 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Wed, 13 Jun 2012 09:58:19 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <1339594723.25551.8.camel@innu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> Message-ID: <4FD8C6AB.6040909@engr.orst.edu> On 6/13/12 6:38 AM, Timo Sirainen wrote: > On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: >> namespace { >> hidden = yes >> inbox = no >> list = children >> location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u >> prefix = iphonemail/sharedimap/ >> separator = / >> type = shared > > type=public and same for the other shared namespace. The type=shared > namespaces are for mailboxes shared between users. > Unfortunately, it still isn't working. namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = public } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = public } l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. l list "sharedimap/" * * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" l OK List completed. l list "iphonemail/sharedimap/" * * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. It seems to me like the logic for deciding which namespaces to follow is something like this: * If mail prefix = "", inspect and potentially use all namespaces * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. thank you Tom Lieuallen From tss at iki.fi Wed Jun 13 20:07:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 20:07:23 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD8C6AB.6040909@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: On 13.6.2012, at 19.58, Tom Lieuallen wrote: >> type=public and same for the other shared namespace. The type=shared >> namespaces are for mailboxes shared between users. > > Unfortunately, it still isn't working. .. > It seems to me like the logic for deciding which namespaces to follow is something like this: > > * If mail prefix = "", inspect and potentially use all namespaces > > * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. > > In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? From amateo at um.es Wed Jun 13 20:11:36 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 19:11:36 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339600677.25551.12.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> Message-ID: <4FD8C9C8.6090608@um.es> El 13/06/12 17:17, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: >> user=user1 proxy host=155.54.211.163 proxy_refresh=450 > > That says proxy_refresh, not proxy_timeout. > >> but I have checked with newer errors, all I see in logs are "Connect >> from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not >> produced any more (maybe because director has this information yet?) > > Director shouldn't affect it. There should still be auth input lines > logged. doveconf -n? > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends So, at director servers the only logs I have are the one I have already sent. At the backend server, I have more logs, that are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: none: root=, index=, control=, inbox=, alt= Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: user1 home= uid=261853 gid=1001 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=262339 gid=1001 ... (more recipients for the same message) Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=255606 gid=1001 ... (more recipients for the same message) Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: Effective uid=255606, gid=1001, home= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: maildir++: root=/Maildir, index=/var/indexes/, control=, inbox=/Maildir, alt= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: using sieve path for user's script: /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: opening script /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: script binary /.dovecot.svbin successfully loaded Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: binary save: not saving binary /.dovecot.svbin, because it is already stored Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: executing script from /.dovecot.svbin Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) I have attached output of doveconf -n. What I have observed is that problem ocurrs when I have mails with lot of recipients, and happens to all recipients which data ends more than 30 seconds after the connection was established. Maybe this timeout has to be counted since the begining of the data command, not the establishment of the tcp connection, or, if this is another timer, the first should be greater. -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.185 155.54.211.186 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director } service imap { process_limit = 5120 process_min_avail = 6 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { executable = pop3-login director } ssl = no ssl_cert = Hi Sir/Madam, I am using dovecot with postfix email server to deliver our mails. Our requirement is to save mail file with different name. So Please help me to locate the module which save mail to inbox. -- -- Thanks & regards Neeraj Gupta Software Engineer Email Id : neeraj6117 at gmail.com Mo:+91-9990366116 From CMarcus at Media-Brokers.com Wed Jun 13 22:36:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 13 Jun 2012 15:36:58 -0400 Subject: [Dovecot] Please help me out. In-Reply-To: References: Message-ID: <4FD8EBDA.5080801@Media-Brokers.com> On 2012-06-13 2:02 PM, neeraj gupta wrote: > Hi Sir/Madam, > > I am using dovecot with postfix email server to deliver our mails. > Our requirement is to save mail file with different name. > So Please help me to locate the module which save mail to inbox. No idea what you are asking for... but if you really want to dictate somehow the actual filename(s) that are stored on the filesystem, please don't, and rather explain what problem you are trying to solve that you think this is a good solution to. -- Best regards, Charles From nairda91 at hotmail.com Wed Jun 13 23:46:20 2012 From: nairda91 at hotmail.com (arleal) Date: Wed, 13 Jun 2012 13:46:20 -0700 (PDT) Subject: [Dovecot] Auth password problem Message-ID: <34008289.post@talk.nabble.com> i have debian squeeze. i have installed mds with ldap integration and i want to use dovecot/LDAP but i have problems with login. I have dovecot 1.2. I try all of dovecot wiki but i dont know how to configure it good dovecot.conf protocols = imap imaps pop3 pop3s listen = *, :: auth_verbose = yes auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes login_greeting = royoleal.com mailserver ready. mail_location = maildir:/home/users/%u/Maildir disable_plaintext_auth = no ssl_cert_file = /etc/ssl/certs/mail.pem ssl_key_file = /etc/ssl/private/mail.key log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.log # IMAP configuration protocol imap { mail_plugins = quota imap_quota } # POP3 configuration protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_plugins = quota } # LDA configuration protocol lda { postmaster_address = postmaster auth_socket_path = /var/run/dovecot/auth-master mail_plugins = quota } # LDAP authentication auth default { mechanisms = plain login passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = dovecot group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } And this is dovecot-ldap.conf hosts = 127.0.0.1 auth_bind = yes ldap_version = 3 dn = cn=admin,dc=royoleal,dc=com dnpass = royoleal base = dc=royoleal,dc=com auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com scope = subtree user_attrs = uidNumber=uid,gidNumber=gid user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) pass_attrs = mail=mail,userPassword=password pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) default_pass_scheme = CRYPT When i try login with telnet or other program i have this problem in dovecot.log Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=14 3 rport=55040 resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid credentials (given password: prueba) Jun 13 22:45:13 auth(default): Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): Info: client out: FAIL 1 user=prueba at royoleal.com Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip= 127.0.0.1, secured Thanks. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34008289.html Sent from the Dovecot mailing list archive at Nabble.com. From ben at versang.com Thu Jun 14 10:20:05 2012 From: ben at versang.com (Ben Versang) Date: Thu, 14 Jun 2012 17:20:05 +1000 Subject: [Dovecot] Sieve stopped working Message-ID: Hi, I have installed RoundCube a couple of years ago on a Snow Leopard server. All nice and dandy up to today. Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. When I run ps aux |grep sieve it is not returning anything to me suggesting that the problem is not with sieve it-self but rather with Dovecot not starting the sieve. If anyone could give me some leads I can't think of anyting else. netstat -a |grep 2000 returns returns nothing telnet localhost 2000 Trying ::1... telnet: connect to address ::1: Connection refused Trying fe80::1... telnet: connect to address fe80::1: Connection refused Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused telnet: Unable to connect to remote host The rest of mail functions are working fine (IMAP, SMTP...). Thanks in advance Ben From voytek at sbt.net.au Thu Jun 14 10:34:45 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Thu, 14 Jun 2012 17:34:45 +1000 Subject: [Dovecot] migrating v.1 to v.2 Message-ID: I have a working Dovecot/MySQL with version 1.x I'm looking at setting a new server using ver. 2 I'm currently pre-planning: can I use config files from ver 1 installation on version 2 setup 'as is'; or what's a proper way to do such migration/upgrade ? -- V From nick+dovecot at bunbun.be Thu Jun 14 10:40:44 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Thu, 14 Jun 2012 09:40:44 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: Message-ID: <4FD9957C.9080605@bunbun.be> Voytek Eymont wrote: > I have a working Dovecot/MySQL with version 1.x > > I'm looking at setting a new server using ver. 2 > > I'm currently pre-planning: > can I use config files from ver 1 installation on version 2 setup 'as is'; > or what's a proper way to do such migration/upgrade ? > Hi, this question has been asked numerous times. It's also (in my case) the 1st couple of hits when searching in Google for "dovecot wiki upgrading". Try this http://wiki2.dovecot.org/Upgrading/ Rgds, N. From mikkel at euro123.dk Thu Jun 14 11:14:11 2012 From: mikkel at euro123.dk (Mikkel) Date: Thu, 14 Jun 2012 10:14:11 +0200 Subject: [Dovecot] disable_plaintext_auth = no as no effect on IMAP/POP3 logins Message-ID: <4FD99D53.7010300@euro123.dk> Hello In my installation the disable_plaintext_auth does not appear to take effect. I can see that the value is correct using doveconf -a but it doesn't change anything. Whenever attempting to log in using IMAP I get this: * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. POP3 login attempts give this error: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections Besides adding disable_plaintext_auth=no to dovecot.conf I also tried adding it specifically to the imap section. I also tried to invoke it just for certain networks, like this: remote 0.0.0.0 { disable_plaintext_auth = no } But none of this takes any effect either. Adding the testing network as trusted networks is working fine removing the error. But I would rather not add the whole internet to the trusted network section just to allow plain text logins in imap. I'm in the process of migrating form 1.1 to 2.1 so this configuration is for testing things out and is mainly based on the default configuration files comming with the centos installation. I should add that everything else in this setup is working fine. I did many searches for information on this topic but nothing I could find apply to my case. I'm sorry to post such a long conf but I'm not sure what parts I could have safely omitted. Here goes: # doveconf -a # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 2 mins auth_cache_size = 0 auth_cache_ttl = 2 mins auth_debug = no auth_debug_passwords = no auth_default_realm = plain auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = plain login digest-md5 cram-md5 apop ntlm auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = no doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ first_valid_gid = 1 first_valid_uid = 105 hostname = usrmta01.talkactive.net imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_host = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = /var/log/dovecot/dovecot.run instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = /var/log/dovecot/dovecot.err log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = always mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = yes mail_nfs_storage = yes mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = yes namespace inbox { hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = no special_use = \Drafts } mailbox Junk { auto = no special_use = \Junk } mailbox Sent { auto = no special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Trash { auto = no special_use = \Trash } prefix = separator = subscriptions = yes type = private } passdb { args = /local/config/dovecot-sql.conf default_fields = deny = no driver = sql master = no override_fields = pass = no } plugin { quota = maildir quota_rule2 = Trash:storage=+10M:messages=+100 quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 sieve_extensions = +imapflags +notify trash = /local/config/dovecot-trash.conf } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener /var/spool/postfix/private/auth { group = mode = 0666 user = } unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 256 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 256 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = ssl_cert = References: <4FD99D53.7010300@euro123.dk> Message-ID: <4FD9ABA2.1030908@euro123.dk> I just found the solution by coincidence. It appears there is a configuration file named: /etc/dovecot/conf.d/10-ssl.conf In that file the following line was active ssl = required That setting apparently overrides what disable_plaintext_auth has to say. After commenting out the ssl=required entry everything works as expected :-) Regards, Mikkel Den 14/06/12 10.14, Mikkel skrev: > Hello > > In my installation the disable_plaintext_auth does not appear to take > effect. > I can see that the value is correct using doveconf -a but it doesn't > change anything. > > Whenever attempting to log in using IMAP I get this: > * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but > your client did it anyway. If anyone was listening, the password was > exposed. > ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on > non-secure (SSL/TLS) connections. > > POP3 login attempts give this error: > -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) > connections > > Besides adding disable_plaintext_auth=no to dovecot.conf I also tried > adding it specifically to the imap section. > I also tried to invoke it just for certain networks, like this: > > remote 0.0.0.0 { > disable_plaintext_auth = no > } > > But none of this takes any effect either. Adding the testing network as > trusted networks is working fine removing the error. > But I would rather not add the whole internet to the trusted network > section just to allow plain text logins in imap. > > I'm in the process of migrating form 1.1 to 2.1 so this configuration is > for testing things out and is mainly based on the default configuration > files comming with the centos installation. > I should add that everything else in this setup is working fine. > > > I did many searches for information on this topic but nothing I could > find apply to my case. > > I'm sorry to post such a long conf but I'm not sure what parts I could > have safely omitted. > Here goes: > > > # doveconf -a > # 2.1.1: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) > auth_anonymous_username = anonymous > auth_cache_negative_ttl = 2 mins > auth_cache_size = 0 > auth_cache_ttl = 2 mins > auth_debug = no > auth_debug_passwords = no > auth_default_realm = plain > auth_failure_delay = 2 secs > auth_first_valid_uid = 500 > auth_gssapi_hostname = > auth_krb5_keytab = > auth_last_valid_uid = 0 > auth_master_user_separator = > auth_mechanisms = plain > auth_realms = plain login digest-md5 cram-md5 apop ntlm > auth_socket_path = auth-userdb > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = no > auth_use_winbind = no > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > auth_username_format = %Lu > auth_username_translation = > auth_verbose = no > auth_verbose_passwords = no > auth_winbind_helper_path = /usr/bin/ntlm_auth > auth_worker_max_count = 30 > base_dir = /var/run/dovecot > config_cache_size = 1 M > debug_log_path = > default_client_limit = 1000 > default_idle_kill = 1 mins > default_internal_user = dovecot > default_login_user = dovenull > default_process_limit = 100 > default_vsz_limit = 256 M > deliver_log_format = msgid=%m: %$ > dict_db_config = > director_doveadm_port = 0 > director_mail_servers = > director_servers = > director_user_expire = 15 mins > disable_plaintext_auth = no > dotlock_use_excl = no > doveadm_allowed_commands = > doveadm_password = > doveadm_proxy_port = 0 > doveadm_socket_path = doveadm-server > doveadm_worker_count = 0 > dsync_alt_char = _ > first_valid_gid = 1 > first_valid_uid = 105 > hostname = usrmta01.talkactive.net > imap_capability = > imap_client_workarounds = > imap_id_log = > imap_id_send = > imap_idle_notify_interval = 2 mins > imap_logout_format = in=%i out=%o > imap_max_line_length = 64 k > imapc_host = > imapc_master_user = > imapc_password = > imapc_port = 143 > imapc_rawlog_dir = > imapc_ssl = no > imapc_ssl_ca_dir = > imapc_ssl_verify = yes > imapc_user = %u > import_environment = TZ > info_log_path = /var/log/dovecot/dovecot.run > instance_name = dovecot > last_valid_gid = 0 > last_valid_uid = 0 > lda_mailbox_autocreate = no > lda_mailbox_autosubscribe = no > lda_original_recipient_header = > libexec_dir = /usr/libexec/dovecot > listen = *, :: > lmtp_proxy = no > lmtp_save_to_detail_mailbox = no > lock_method = fcntl > log_path = /var/log/dovecot/dovecot.err > log_timestamp = "%b %d %H:%M:%S " > login_access_sockets = > login_greeting = Dovecot ready. > login_log_format = %$: %s > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c > login_trusted_networks = > mail_access_groups = > mail_attachment_dir = > mail_attachment_fs = sis posix > mail_attachment_hash = %{sha1} > mail_attachment_min_size = 128 k > mail_cache_fields = flags > mail_cache_min_mail_count = 0 > mail_chroot = > mail_debug = no > mail_fsync = always > mail_full_filesystem_access = no > mail_gid = > mail_home = > mail_location = > mail_log_prefix = "%s(%u): " > mail_max_keyword_length = 50 > mail_max_lock_timeout = 0 > mail_max_userip_connections = 10 > mail_never_cache_fields = imap.envelope > mail_nfs_index = yes > mail_nfs_storage = yes > mail_plugin_dir = /usr/lib64/dovecot > mail_plugins = quota > mail_prefetch_count = 0 > mail_privileged_group = > mail_save_crlf = no > mail_temp_dir = /tmp > mail_uid = > mailbox_idle_check_interval = 30 secs > mailbox_list_index = no > maildir_broken_filename_sizes = no > maildir_copy_with_hardlinks = yes > maildir_stat_dirs = no > maildir_very_dirty_syncs = no > master_user_separator = > mbox_dirty_syncs = yes > mbox_dotlock_change_timeout = 2 mins > mbox_lazy_writes = yes > mbox_lock_timeout = 5 mins > mbox_md5 = apop3d > mbox_min_index_size = 0 > mbox_read_locks = fcntl > mbox_very_dirty_syncs = no > mbox_write_locks = fcntl > mdbox_preallocate_space = no > mdbox_rotate_interval = 0 > mdbox_rotate_size = 2 M > mmap_disable = yes > namespace inbox { > hidden = no > ignore_on_failure = no > inbox = yes > list = yes > location = > mailbox Drafts { > auto = no > special_use = \Drafts > } > mailbox Junk { > auto = no > special_use = \Junk > } > mailbox Sent { > auto = no > special_use = \Sent > } > mailbox "Sent Messages" { > auto = no > special_use = \Sent > } > mailbox Trash { > auto = no > special_use = \Trash > } > prefix = > separator = > subscriptions = yes > type = private > } > passdb { > args = /local/config/dovecot-sql.conf > default_fields = > deny = no > driver = sql > master = no > override_fields = > pass = no > } > plugin { > quota = maildir > quota_rule2 = Trash:storage=+10M:messages=+100 > quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 > sieve_extensions = +imapflags +notify > trash = /local/config/dovecot-trash.conf > } > pop3_client_workarounds = > pop3_enable_last = no > pop3_fast_size_lookups = no > pop3_lock_session = no > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_no_flag_updates = no > pop3_reuse_xuidl = no > pop3_save_uidl = no > pop3_uidl_format = %08Xu%08Xv > pop3c_host = > pop3c_password = > pop3c_port = 110 > pop3c_rawlog_dir = > pop3c_ssl = no > pop3c_ssl_ca_dir = > pop3c_ssl_verify = yes > pop3c_user = %u > postmaster_address = > protocols = imap pop3 lmtp > quota_full_tempfail = no > recipient_delimiter = + > rejection_reason = Your message to <%t> was automatically rejected:%n%r > rejection_subject = Rejected: %s > sendmail_path = /usr/sbin/sendmail > service anvil { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = anvil > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 1 > protocol = > service_count = 0 > type = anvil > unix_listener anvil-auth-penalty { > group = > mode = 0600 > user = > } > unix_listener anvil { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = auth -w > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener auth-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = auth > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener /var/spool/postfix/private/auth { > group = > mode = 0666 > user = > } > unix_listener auth-client { > group = > mode = 0600 > user = > } > unix_listener auth-login { > group = > mode = 0600 > user = $default_internal_user > } > unix_listener auth-master { > group = > mode = 0600 > user = > } > unix_listener auth-userdb { > group = > mode = 0666 > user = > } > unix_listener login/login { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service config { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = config > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = config > unix_listener config { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service dict { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dict > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dict { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service director { > chroot = . > client_limit = 0 > drop_priv_before_exec = no > executable = director > extra_groups = > fifo_listener login/proxy-notify { > group = > mode = 00 > user = > } > group = > idle_kill = 4294967295 secs > inet_listener { > address = > port = 0 > ssl = no > } > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener director-admin { > group = > mode = 0600 > user = > } > unix_listener director-userdb { > group = > mode = 0600 > user = > } > unix_listener login/director { > group = > mode = 00 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service dns_client { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dns-client > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dns-client { > group = > mode = 0666 > user = > } > unix_listener login/dns-client { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service doveadm { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = doveadm-server > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener doveadm-server { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service imap-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = imap-login > extra_groups = > group = > idle_kill = 0 > inet_listener imap { > address = > port = 143 > ssl = no > } > inet_listener imaps { > address = > port = 993 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = imap > service_count = 0 > type = login > user = $default_login_user > vsz_limit = 256 M > } > service imap { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = imap > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = imap > service_count = 1 > type = > unix_listener login/imap { > group = > mode = 0666 > user = > } > user = > vsz_limit = 256 M > } > service indexer-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = indexer-worker > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 10 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = > vsz_limit = 18446744073709551615 B > } > service indexer { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = indexer > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service ipc { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = ipc > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener ipc { > group = > mode = 0600 > user = > } > unix_listener login/ipc-proxy { > group = > mode = 0600 > user = $default_login_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service lmtp { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = lmtp > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = lmtp > service_count = 0 > type = > unix_listener lmtp { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service log { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = log > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = log > unix_listener log-errors { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service pop3-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = pop3-login > extra_groups = > group = > idle_kill = 0 > inet_listener pop3 { > address = > port = 110 > ssl = no > } > inet_listener pop3s { > address = > port = 995 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = login > user = $default_login_user > vsz_limit = 18446744073709551615 B > } > service pop3 { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = pop3 > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = > unix_listener login/pop3 { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service ssl-params { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = ssl-params > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = startup > unix_listener login/ssl-params { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service stats { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = stats > extra_groups = > fifo_listener stats-mail { > group = > mode = 0600 > user = > } > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener stats { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > shutdown_clients = yes > ssl = required > ssl_ca = > ssl_cert = ssl_cert_username_field = commonName > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL > ssl_client_cert = > ssl_client_key = > ssl_crypto_device = > ssl_key = ssl_key_password = > ssl_parameters_regenerate = 1 weeks > ssl_protocols = !SSLv2 > ssl_verify_client_cert = no > stats_command_min_time = 1 mins > stats_domain_min_time = 12 hours > stats_ip_min_time = 12 hours > stats_memory_limit = 16 M > stats_session_min_time = 15 mins > stats_user_min_time = 1 hours > submission_host = > syslog_facility = mail > userdb { > args = > default_fields = > driver = prefetch > override_fields = > } > userdb { > args = /local/config/dovecot-sql.conf > default_fields = > driver = sql > override_fields = > } > valid_chroot_dirs = > verbose_proctitle = no > verbose_ssl = no > version_ignore = no > protocol lda { > mail_plugins = quota quota sieve trash > } > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > tb-lsub-flags > imap_logout_format = bytes=%i/%o > mail_plugins = quota quota imap_quota trash > } > protocol pop3 { > mail_plugins = quota quota > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_uidl_format = %08Xu%08Xv > } > > > Regards, Mikkel From branko at majic.rs Thu Jun 14 13:36:25 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 12:36:25 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34008289.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> Message-ID: <20120614123625.68527101@zetkin.int.primekey.se> Now, this answer won't help you, but you might find it useful (I've been fiddling with slapd access controls and what-not, so this helped me a lot). :) The best thing to debug the LDAP issues is to set the olcLogLevel in the slapd configuration tree to 256 - this way you'd get enough information to see what's going on when Dovecot tries to talk with the slapd server, and you won't get overwhelmed by the debugging information. On Debian Squeeze you'll also have to make sure you've set-up the log facility for slapd (by default it uses local4). You could add a file /etc/rsyslog.d/slapd.conf with the following line: local4.* /var/log/slapd.log Did you try logging-in by hand as well to the LDAP server? You could do it with, say: ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) arleal wrote: > > i have debian squeeze. i have installed mds with ldap integration and > i want to use dovecot/LDAP but i have problems with login. I have > dovecot 1.2. > > I try all of dovecot wiki but i dont know how to configure it good > > dovecot.conf > > protocols = imap imaps pop3 pop3s > listen = *, :: > auth_verbose = yes > auth_debug = yes > auth_debug_passwords = yes > mail_debug = yes > verbose_ssl = yes > login_greeting = royoleal.com mailserver ready. > mail_location = maildir:/home/users/%u/Maildir > disable_plaintext_auth = no > ssl_cert_file = /etc/ssl/certs/mail.pem > ssl_key_file = /etc/ssl/private/mail.key > log_path = /var/log/dovecot.log > info_log_path = /var/log/dovecot.log > > # IMAP configuration > protocol imap { > mail_plugins = quota imap_quota > } > > # POP3 configuration > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_plugins = quota > } > > # LDA configuration > protocol lda { > postmaster_address = postmaster > auth_socket_path = /var/run/dovecot/auth-master > mail_plugins = quota > } > > # LDAP authentication > > auth default { > mechanisms = plain login > > passdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > userdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0660 > user = dovecot > group = mail > } > > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > > > And this is dovecot-ldap.conf > > hosts = 127.0.0.1 > auth_bind = yes > ldap_version = 3 > dn = cn=admin,dc=royoleal,dc=com > dnpass = royoleal > base = dc=royoleal,dc=com > auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com > scope = subtree > user_attrs = uidNumber=uid,gidNumber=gid > user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > pass_attrs = mail=mail,userPassword=password > pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > default_pass_scheme = CRYPT > > When i try login with telnet or other program i have this problem in > dovecot.log > > > Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 > PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 > lport=14 3 rport=55040 > resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 > auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid > credentials (given password: prueba) Jun 13 22:45:13 auth(default): > Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): > Info: client out: FAIL 1 user=prueba at royoleal.com > Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=PLAIN, rip=127.0.0.1, > lip= 127.0.0.1, secured > > Thanks. -- Branko Majic Please use only Free formats when sending attachments to me. ?????? ????? ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From amateo at um.es Thu Jun 14 14:32:13 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 14 Jun 2012 13:32:13 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339591187.25551.3.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> <1339591187.25551.3.camel@innu> Message-ID: <4FD9CBBD.2020701@um.es> El 13/06/12 14:39, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: >> Oh, right, service_count=1 is the default and that overrides >> client_limit. Set it to 0. > > http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 > Thank you. This solved my problem. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013988.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013988.html Sent from the Dovecot mailing list archive at Nabble.com. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013987.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013987.html Sent from the Dovecot mailing list archive at Nabble.com. From branko at majic.rs Thu Jun 14 22:51:05 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 21:51:05 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34013987.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> <34013987.post@talk.nabble.com> Message-ID: <20120614215105.7944d8d3@trotsky.home.majic.rs> On Thu, 14 Jun 2012 12:18:35 -0700 (PDT) arleal wrote: > > I forgot see the ldap log. > In the ldap.log i cant see nothing about that user trying to login > with user prueba. > > That autenticate good. > > root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > Enter LDAP Password: > dn:uid=prueba,ou=Users,dc=royoleal,dc=com > > With telnet error of authentication. Hm... Since you're using Dovecot, can you see Dovecot logging-in onto the server and performing queries (for user information)? I'll probably take another look at your config tomorrow (I've got Dovecot talking to my LDAP on Squeeze, although a bit different configuration in my case). -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From voytek at sbt.net.au Fri Jun 15 02:32:28 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:32:28 +1000 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: <4FD9957C.9080605@bunbun.be> References: <4FD9957C.9080605@bunbun.be> Message-ID: Nick, thanks, and, apologies: I did have a brief look at the docs, clearly, not searched enough, my fault. the docs are amazing, and, excellent, and, have precise anwser, mea culpa > upgrading". Try this http://wiki2.dovecot.org/Upgrading/ -- Voytek From voytek at sbt.net.au Fri Jun 15 02:50:52 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:50:52 +1000 Subject: [Dovecot] imap max user ip conn, what's a safe increase? Message-ID: <6d5f54f3b9ba7f071def2453e9c15665.squirrel@sbt.net.au> I have dovecot 1.x, all's working well, thanks now that I'm using K9 mail on Android phone, whenever I try to access emails with an imap collect 'pass' from Snapper mail client on Palm, I get: "max number of connections from user+ip exceeded" I'm currently at default (unspecified) of 10 imap/3 pop what's a reasonable next number of IMAP connections I should up it to ? that won't bite on the backside...? 12 ? 20 ? when I run IMAP pass from Snapper, I only run it over inbox, maybe one other folder, max 2 folders, so 12 should do ? /etc/dovecot# grep max_user * dovecot.conf: #mail_max_userip_connections = 10 dovecot.conf: #mail_max_userip_connections = 3 -- Voytek From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 03:46:16 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 02:46:16 +0200 Subject: [Dovecot] Sieve stopped working In-Reply-To: References: Message-ID: <20120615004616.GA11872@daniel.localdomain> Hi Ben, Ben Versang wrote: > Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. > > netstat -a |grep 2000 returns > returns nothing > > telnet localhost 2000 > Trying 127.0.0.1... > telnet: connect to address 127.0.0.1: Connection refused > telnet: Unable to connect to remote host > > The rest of mail functions are working fine (IMAP, SMTP...). Did you have a look at the wiki article? http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due to the IANA port assignment for the ManageSieve service. Maybe you're looking at the wrong port. Please attach the output of doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From nick+dovecot at bunbun.be Fri Jun 15 10:57:40 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Fri, 15 Jun 2012 09:57:40 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: <4FD9957C.9080605@bunbun.be> Message-ID: <4FDAEAF4.3010908@bunbun.be> Hi Voytek, no apologies needed; Timo created an excellent wiki so that should be the 1st thing to search. But if there's anything unclear just ask. I'm not an expert but made the transitions from 1.2 -> 2.0 -> 2.1 thanks to this documentation. N. Voytek Eymont wrote: > Nick, > > thanks, and, apologies: > > I did have a brief look at the docs, clearly, not searched enough, my fault. > > the docs are amazing, and, excellent, and, have precise anwser, > mea culpa > >> upgrading". Try this http://wiki2.dovecot.org/Upgrading/ > > > From gedalya at gedalya.net Fri Jun 15 21:43:28 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:43:28 -0400 Subject: [Dovecot] doveadm backup panic Message-ID: <4FDB8250.8020600@gedalya.net> using latest auto build didn't help. this happens only with a specific account. # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup -u =----- at domain.com -R imapc: dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(---- at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7627bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7628658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb76e2e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb763a034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb76399d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb76e0297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb76df1e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb76f468b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Aborted From gedalya at gedalya.net Fri Jun 15 21:50:09 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:50:09 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB8250.8020600@gedalya.net> References: <4FDB8250.8020600@gedalya.net> Message-ID: <4FDB83E1.1070302@gedalya.net> On 06/15/2012 02:43 PM, Gedalya wrote: > using latest auto build didn't help. > this happens only with a specific account. > > # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup > -u =----- at domain.com -R imapc: > dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame > changed > dsync(---- at domain.com): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) > [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) > [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) > [0xb7627bf9] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) > [0xb7628658] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) > [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) > [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) > [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) > [0xb76e2e61] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) > [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) > [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) > [0xb763a034] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) > [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) > [0xb76399d0] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) > [0xb76e0297] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) > [0xb76df1e6] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] > -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) > [0xb76f468b] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) > [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> > doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) > [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> > doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> > doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] > Aborted > gdb: Starting program: /usr/bin/doveadm -o imapc_user=mailaccount at domain.com -o imapc_password=******* backup -u mailaccount at domain.com -R imapc: [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". dsync(mailaccount at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(mailaccount at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb7e5f7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7e49bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7e4a658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb7e4a75a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb7efe005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb7f00aa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb7f04e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb7f05a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb7f05aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb7e5c034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb7e5ce8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb7e5b9d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb7f02297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb7f011e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb7efffde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb7f1668b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb7f167cc] -> /usr/bin/doveadm() [0x8072510] -> /usr/bin/doveadm() [0x8072789] -> /usr/bin/doveadm() [0x80729b2] -> /usr/bin/doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> /usr/bin/doveadm() [0x806b6e1] -> /usr/bin/doveadm() [0x806b736] -> /usr/bin/doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> /usr/bin/doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Program received signal SIGABRT, Aborted. 0xb7fe1424 in __kernel_vsyscall () (gdb) bt full #0 0xb7fe1424 in __kernel_vsyscall () No symbol table info available. #1 0xb7cd8941 in raise () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #2 0xb7cdbd72 in abort () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #3 0xb7e4d0b0 in default_fatal_finish (type=, status=) at failures.c:191 backtrace = 0x80930a0 "/usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr"... #4 0xb7e4d1a1 in default_fatal_handler (ctx=0xbfffef94, format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed", args=0xbfffefb4 "U\001") at failures.c:205 status = 0 #5 0xb7e1f99e in i_panic (format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed") at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = 0xbfffefb4 "U\001" #6 0xb7e5f7ce in pool_data_stack_realloc (pool=0x8092fd0, mem=0x8093000, old_size=32, new_size=64) at mempool-datastack.c:118 dpool = 0x8092fd0 #7 0xb7e49bf9 in buffer_alloc (buf=0x8092fe0, size=64) at buffer.c:32 __FUNCTION__ = "buffer_alloc" #8 0xb7e4a658 in buffer_check_limits (data_size=4, pos=32, buf=0x8092fe0) at buffer.c:64 new_size = 36 #9 buffer_get_space_unsafe (_buf=0x8092fe0, pos=32, size=4) at buffer.c:273 buf = 0x8092fe0 #10 0xb7e4a75a in buffer_append_space_unsafe (buf=0x8092fe0, size=4) at buffer.c:279 No locals. #11 0xb7efe005 in array_append_space_i (array=) at ../../../../src/lib/array.h:232 data = #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} kw = _data_stack_cur_id = 6 lseq = 341 rseq = 341 mailp = list = 0x80c72c8 flags_list = 0x80c7458 atom = 0x80c7570 "679" rec = flags = MAIL_SEEN ---Type to continue, or q to quit--- fetch_uid = 679 uid = 679 i = j = keywords = {arr = {buffer = 0x8092fe0, element_size = 4}, v = 0x8092fe0, v_modifiable = 0x8092fe0} seen_flags = __FUNCTION__ = "imapc_untagged_fetch" #13 0xb7f00aa9 in imapc_storage_untagged_cb (reply=0xbffff184, context=0x80c53e8) at imapc-storage.c:170 mcb__foreach_end = 0x80fd648 storage = 0x80c53e8 mbox = 0x80fd2c8 cb = mcb = 0x80fd638 #14 0xb7f04e61 in imapc_connection_input_untagged (conn=0x80c1950) at imapc-connection.c:906 imap_args = 0x80c7228 name = 0x80c72a0 "FETCH" value = parser = 0x80c7170 reply = {name = 0x80c72a0 "FETCH", num = 341, args = 0x80c7228, file_args = 0x80c1b08, file_args_count = 0, resp_text_key = 0x0, resp_text_value = 0x0, untagged_box_context = 0x80fd2c8} ret = #15 0xb7f05a3d in imapc_connection_input_one (conn=0x80c1950) at imapc-connection.c:1061 tag = 0x80c7290 "*" ret = -1 #16 imapc_connection_input_pending (conn=0x80c1950) at imapc-connection.c:1407 _data_stack_cur_id = 5 ret = #17 0xb7f05aac in imapc_connection_input (conn=0x80c1950) at imapc-connection.c:1100 errstr = ret = #18 0xb7e5c034 in io_loop_call_io (io=0x80d3d28) at ioloop.c:379 ioloop = 0x81655e0 t_id = 4 #19 0xb7e5ce8e in io_loop_handler_run (ioloop=0x81655e0) at ioloop-epoll.c:213 ctx = 0x80d3d58 events = 0x0 event = 0x80dec28 list = 0x80e3bb0 io = ---Type to continue, or q to quit--- tv = {tv_sec = 299, tv_usec = 999988} events_count = 1 msecs = ret = 1 i = j = call = #20 0xb7e5b9d0 in io_loop_run (ioloop=0x81655e0) at ioloop.c:398 No locals. #21 0xb7f02297 in imapc_client_run_pre (client=) at imapc-client.c:142 connp = prev_ioloop = 0x80984c8 #22 imapc_client_run (client=0x80c5bf0) at imapc-client.c:161 No locals. #23 0xb7f011e6 in imapc_storage_run (storage=0x80c53e8) at imapc-storage.c:118 No locals. #24 0xb7efffde in imapc_sync_index (ctx=0x80e6bb8) at imapc-sync.c:351 mbox = 0x80fd2c8 sync_rec = {uid1 = 3221222620, uid2 = 3086630900, type = 134997136, add_flags = 244 '\364', remove_flags = 63 '?', keyword_idx = 3085040665, guid_128 = "mK\361\267,\364\377\277\334\364\377\277\060\346\f\b"} seq1 = 3085537268 seq2 = 135130168 #25 imapc_sync_begin (force=, ctx_r=, mbox=0x80fd2c8) at imapc-sync.c:422 ctx = 0x80e6bb8 sync_flags = ret = #26 imapc_sync (mbox=0x80fd2c8) at imapc-sync.c:464 sync_ctx = force = #27 imapc_mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at imapc-sync.c:498 mbox = 0x80fd2c8 capabilities = changes = false ret = #28 0xb7f1668b in mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1320 _data_stack_cur_id = 3 ctx = #29 0xb7f167cc in mailbox_sync (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1368 ctx = ---Type to continue, or q to quit--- status = {sync_delayed_expunges = 0} #30 0x08072510 in local_mailbox_open (guid=0x80e0e18, box_r=0xbffff4dc, worker=) at dsync-worker-local.c:791 lbox = 0x80ce610 box = 0x80fd2c8 metadata = {guid = "\210y\236\267\210\364\377\277\r\r?`\006\000", virtual_size = 13252281656649187328, cache_fields = 0x80fd2b8, precache_fields = 3080616300} #31 0x08072789 in iter_local_mailbox_open (iter=0x80ec1e8) at dsync-worker-local.c:826 worker = 0x80ce348 guid = 0x80e0e18 box = search_args = ret = #32 0x080729b2 in local_worker_msg_iter_next (_iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker-local.c:972 iter = 0x80ec1e8 mail = guid = #33 0x08070a69 in dsync_worker_msg_iter_next (iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker.c:122 _data_stack_cur_id = 2 ret = #34 0x0806b6e1 in dsync_brain_msg_iter_next (iter=0xb79e7960) at dsync-brain-msgs.c:84 ret = 1 #35 0x0806b736 in dsync_brain_msg_sync_mailbox_end (iter1=0xb79e7960, iter2=0xb79e79b8) at dsync-brain-msgs.c:360 ret = #36 0x0806bc7b in dsync_brain_msg_sync_mailbox_more (sync=) at dsync-brain-msgs.c:392 No locals. #37 dsync_brain_msg_sync_more (sync=0xb79e7028) at dsync-brain-msgs.c:407 mailboxes = 0xb79e7070 count = 26 mailbox_idx = #38 0x0806a3ab in dsync_brain_sync_msgs (brain=) at dsync-brain.c:736 mailboxes = {arr = {buffer = 0x80f6ab8, element_size = 88}, v = 0x80f6ab8, v_modifiable = 0x80f6ab8} pool = 0x80f6aa8 ret = #39 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:857 No locals. #40 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #41 0x0806b202 in dsync_brain_subs_list_finished (brain=) at dsync-brain.c:169 No locals. ---Type to continue, or q to quit--- #42 dsync_worker_subs_input (context=0x80ed188) at dsync-brain.c:222 list = 0x80ed188 subs = {vname = 0x0, storage_name = 0x0, ns_prefix = 0x0, last_change = 0} unsubs = {name_sha1 = {guid = '\000' }, ns_prefix = 0x0, last_change = 0} ret = #43 0x0806a715 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:842 No locals. #44 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #45 0x0806b060 in dsync_brain_mailbox_list_finished (brain=) at dsync-brain.c:98 No locals. #46 dsync_worker_mailbox_input (context=0x80d73c8) at dsync-brain.c:125 list = 0x80d73c8 dsync_box = {name = 0x0, name_sep = 0 '\000', name_sha1 = {guid = '\000' }, mailbox_guid = { guid = '\000' }, uid_validity = 0, uid_next = 0, message_count = 0, first_recent_uid = 0, highest_modseq = 0, last_change = 0, flags = 0, cache_fields = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, v_modifiable = 0x0}} dup_box = 0x80d1cd0 ret = #47 0x0806a755 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:833 No locals. #48 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #49 0x0806b298 in dsync_brain_sync_all (brain=0x80c1b70) at dsync-brain.c:897 old_state = DSYNC_STATE_GET_MAILBOXES __FUNCTION__ = "dsync_brain_sync_all" #50 0x08068445 in cmd_dsync_start (ctx=0x809ef98, worker1=, worker2=) at doveadm-dsync.c:342 brain = 0x80c1b70 #51 0x08068aa7 in cmd_dsync_run (_ctx=0x809ef98, user=0x80b4020) at doveadm-dsync.c:387 ctx = 0x809ef98 worker1 = 0x80ce348 worker2 = 0x80ba350 workertmp = lock_path = lock = 0x809efc4 lock_fd = ret = 0 #52 0x08054510 in doveadm_mail_next_user (error_r=0xbffffa5c, ctx=0x809ef98, input=) at doveadm-mail.c:311 ret = 0 ---Type to continue, or q to quit--- #53 doveadm_mail_next_user (ctx=0x809ef98, input=, error_r=0xbffffa5c) at doveadm-mail.c:270 error = ret = #54 0x08054fd0 in doveadm_mail_cmd (cmd=0x809d000, argc=, argv=0x80981e4) at doveadm-mail.c:518 input = {module = 0x0, service = 0x807b55c "doveadm", username = 0x8098245 "mailaccount at domain.com", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = { s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x809ef98 getopt_args = wildcard_user = 0x0 error = 0xb7cbb054 "" ret = c = #55 0x08055489 in doveadm_mail_try_run (cmd_name=0x809823b "backup", argc=5, argv=0x80981d4) at doveadm-mail.c:577 cmd__foreach_end = 0x809d03c cmd = 0x809d000 cmd_name_len = 6 __FUNCTION__ = "doveadm_mail_try_run" #56 0x08054151 in main (argc=5, argv=0x80981d4) at doveadm.c:376 cmd_name = i = quick_init = false c = From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:03:06 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:03:06 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> Message-ID: <20120615200306.GA8276@daniel.localdomain> Timo Sirainen wrote: > On 10.6.2012, at 2.56, Daniel Parthey wrote: > > > doveadm search -u user at example.org -S localhost:19000 all > > produces the following error in the logs: > > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > > > What am I missing? > > It's possible that this is just broken in v2.0. Try v2.1. mail01: 2.0.20 mail02: 2.1.7 mail03: 2.0.20 mail04: 2.0.20 Director for user at example.org currently points to mail02. Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), gettings segfaults on mail02 now. Got a core dump and created a gdb backtrace: mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all [...] 67b3b72453278b4f6a3d000051abeb58 447 67b3b72453278b4f6a3d000051abeb58 448 67b3b72453278b4f6a3d000051abeb58 449 67b3b72453278b4f6a3d000051abeb58 450 67b3b72453278b4f6a3d000051abeb58 451 67b3b72453278b4f6a3d000051abeb58 452 67b3b72453278b4f6a3d000051abeb58 453 67b3b72453278b4f6a3d000051abeb58 454 67b3b72453278b4f6a3d000051abeb58 455 67b3b72453278b4f6a3d000051abeb58 456 Segmentation fault (core dumped) gdb /usr/bin/doveadm /root/core (gdb) bt full #0 0x00007f953cbb9e32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007f953cc6eea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in ?? () No symbol table info available. #3 0x0000000000415667 in doveadm_print () No symbol table info available. #4 0x000000000041638d in ?? () No symbol table info available. #5 0x00007f953cf3f176 in io_loop_call_io () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #6 0x00007f953cf401ff in io_loop_handler_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #7 0x00007f953cf3f118 in io_loop_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #8 0x00007f953cf2b403 in master_service_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #9 0x0000000000414cae in ?? () No symbol table info available. #10 0x0000000000414dd2 in doveadm_mail_server_flush () No symbol table info available. #11 0x000000000041009a in ?? () No symbol table info available. #12 0x0000000000410501 in doveadm_mail_try_run () No symbol table info available. #13 0x0000000000417051 in main () No symbol table info available. Can you help to fix these segfaults, please? Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:11:33 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:11:33 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615200306.GA8276@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> Message-ID: <20120615201133.GA8541@daniel.localdomain> > mail01: 2.0.20 > mail02: 2.1.7 > mail03: 2.0.20 > mail04: 2.0.20 > > Director for user at example.org currently points to mail02. > > Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), > gettings segfaults on mail02 now. > > Got a core dump and created a gdb backtrace: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > [...] > 67b3b72453278b4f6a3d000051abeb58 447 > 67b3b72453278b4f6a3d000051abeb58 448 > 67b3b72453278b4f6a3d000051abeb58 449 > 67b3b72453278b4f6a3d000051abeb58 450 > 67b3b72453278b4f6a3d000051abeb58 451 > 67b3b72453278b4f6a3d000051abeb58 452 > 67b3b72453278b4f6a3d000051abeb58 453 > 67b3b72453278b4f6a3d000051abeb58 454 > 67b3b72453278b4f6a3d000051abeb58 455 > 67b3b72453278b4f6a3d000051abeb58 456 > Segmentation fault (core dumped) (gdb) bt full #0 0x00007ff6c763de32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007ff6c76f2ea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in printf (value=0x64697567
) at /usr/include/bits/stdio2.h:105 No locals. #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 hdr = #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 headers = 0x1c37120 #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 text = 0x0 #6 server_handle_input (conn=0x1c4ab10) at server-connection.c:150 str = 0x1c28938 i = #7 server_connection_input (conn=0x1c4ab10) at server-connection.c:254 data = 0x1c4eae0 "b4f6a3d000051abeb58\t450\t67b3b72453278b4f6a3d000051abeb58\t451\t67b3b72453278b4f6a3d000051abeb58\t452\t67b3b72453278b4f6a3d000051abeb58\t453\t67b3b72453278b4f6a3d000051abeb58\t454\t67b3b72453278b4f6a3d000051ab"... size = 8192 line = reply = #8 0x00007ff6c79c3176 in io_loop_call_io (io=0x1c386d0) at ioloop.c:379 ioloop = 0x1c30820 t_id = 2 #9 0x00007ff6c79c41ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x1c35ff0 event = 0x1c36660 list = 0x1c30350 io = 0x64697567 tv = {tv_sec = 59, tv_usec = 945631} msecs = ret = i = 0 call = false #10 0x00007ff6c79c3118 in io_loop_run (ioloop=0x1c30820) at ioloop.c:398 No locals. #11 0x00007ff6c79af403 in master_service_run (service=0x1c306d0, callback=0xffffe906) at master-service.c:544 No locals. #12 0x0000000000414cae in doveadm_server_flush_one (server=0x1c46b00) at doveadm-mail-server.c:149 count = 0 #13 0x0000000000414dd2 in doveadm_mail_server_flush () at doveadm-mail-server.c:307 server = 0x1c46b00 #14 0x000000000041009a in doveadm_mail_cmd (cmd=0x1c35ca8, argc=4, argv=0x1c303a0) at doveadm-mail.c:529 ctx = 0x1c36cb0 getopt_args = 0x4336e6 "AS:u:" wildcard_user = 0x0 error = ret = 0 c = #15 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x1c303f0 "search", argc=1227192544, argv=0x437727) at doveadm-mail.c:577 cmd__foreach_end = 0x1c35e28 cmd = 0x1c35ca8 cmd_name_len = 0 __FUNCTION__ = "doveadm_mail_try_run" #16 0x0000000000417051 in main (argc=4, argv=0x1c30388) at doveadm.c:373 cmd_name = 0x1c303f0 "search" quick_init = false c = From tss at iki.fi Sat Jun 16 02:04:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:04:21 +0300 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB83E1.1070302@gedalya.net> References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: On 15.6.2012, at 21.50, Gedalya wrote: > #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 > old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d From tss at iki.fi Sat Jun 16 02:13:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:13:47 +0300 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615201133.GA8541@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> Message-ID: <1339802027.5967.31.camel@hurina> On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all .. > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > hdr = > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > headers = 0x1c37120 > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > text = 0x0 Hmm. See if the attached patch fixes it? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1177 bytes Desc: not available URL: From tss at iki.fi Sat Jun 16 02:22:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:22:22 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8C9C8.6090608@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> Message-ID: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> On 13.6.2012, at 20.11, Angel L. Mateo wrote: > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 Director adds proxy_refresh, but preserves proxy_timeout. From gedalya at gedalya.net Sat Jun 16 03:44:55 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 20:44:55 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: <4FDBD707.9030106@gedalya.net> On 06/15/2012 07:04 PM, Timo Sirainen wrote: > On 15.6.2012, at 21.50, Gedalya wrote: > >> #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 >> old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d > Yes, works now! Thank you. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 16 13:55:07 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 16 Jun 2012 12:55:07 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: Message-ID: > When i telnet to imap server and execute by hand > 1 login user password > select foldername > search body "someword" sorry it was 2 and 3 just like 1 at login. > > it works fine, and at blazing speed except first run (indexing). > i already indexed everything by doveadm index offline to prevent server > overload if multiple users (after i tell them) will try fulltext search. > > All great BUT it doesn't work in thunderbird. Just gives zero results. > > i used tcpdump to check how thunderbird executes it and it uses > > search undeleted body "someword" > > tried manually and it DOES NOT WORK. always give empty results. > > even search all body "someword" doesn't work. > > while > > search body "someword" > > > always work very well. > > what's wrong? > > # 2.1.7: /usr/local/etc/dovecot/dovecot.conf > # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no > listen = * > mail_location = maildir:~/Maildir > mail_plugins = fts fts_squat > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = } > passdb { > args = /usr/local/etc/dovecot/deny-users > deny = yes > driver = passwd-file > } > passdb { > driver = pam > } > plugin { > fts = squat > fts_squat = partial=4 full=10 > } > protocols = imap > ssl_cert = ssl_key = userdb { > driver = passwd > } > protocol imap { > mail_plugins = fts fts_squat > } > > From jonrysh at pacbell.net Sat Jun 16 22:08:27 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 12:08:27 -0700 Subject: [Dovecot] Import from Evolution Message-ID: <1339873707.2732.11.camel@amito> I need to import the mail database generated by the evolution mail reader into dovecot. Evolution stores its mail in maildir format (fully standards compatible, I think); I would be using the maildir format in dovecot. Is there anything in the wiki, etc. explaining exactly how to do this? Why do this? Evolution is hopelessly broken, and is not likely to be fixed in the forseeable future, and I would like to keep my mails in maildir form. Reviews of kmail are very bad, and thunderbird uses the mbox format for storage. Thanks in advance - jon From p at state-of-mind.de Sat Jun 16 23:16:36 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 16 Jun 2012 22:16:36 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339873707.2732.11.camel@amito> References: <1339873707.2732.11.camel@amito> Message-ID: <20120616201636.GB6858@state-of-mind.de> * Jonathan Ryshpan : > I need to import the mail database generated by the evolution mail > reader into dovecot. Evolution stores its mail in maildir format (fully > standards compatible, I think); I would be using the maildir format in > dovecot. Is there anything in the wiki, etc. explaining exactly how to > do this? > > Why do this? Evolution is hopelessly broken, and is not likely to be > fixed in the forseeable future, and I would like to keep my mails in > maildir form. Reviews of kmail are very bad, and thunderbird uses the > mbox format for storage. If it is native maildir you can configure that/your account to use maildir and simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it will create the necessary index files and you are ready to use it. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From jonrysh at pacbell.net Sun Jun 17 00:23:38 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 14:23:38 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1339881818.2732.29.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. Sounds good. I'm sure than when you write "mailbox", you mean the folders (and not the index files) in the evolution mail database, located at ~/.local/share/evolution/mail/local and whose contents start: $ ls -lA ..#evolution.Junk.cmeta .jango.ibex.index.data ..#evolution.Trash.cmeta .jfour/ ..cmeta .jfour.cmeta ..maildir++ .jfour.ibex.index .Drafts/ .jfour.ibex.index.data .Drafts.cmeta .joer/ .Outbox/ .joer.cmeta .Outbox.cmeta .joyce/ <...> and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the system (via fetchmail and local sendmail). Please excuse me for double checking; evolution has archived 218,886 messages in 132 folders, and I want to avoid trouble if possible. Thanks for your help - jon From p at state-of-mind.de Sun Jun 17 01:04:31 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sun, 17 Jun 2012 00:04:31 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339881818.2732.29.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1339881818.2732.29.camel@amito> Message-ID: <20120616220430.GB12243@state-of-mind.de> * Jonathan Ryshpan : > On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > > * Jonathan Ryshpan : > > > I need to import the mail database generated by the evolution mail > > > reader into dovecot. Evolution stores its mail in maildir format (fully > > > standards compatible, I think); I would be using the maildir format in > > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > > do this? > > > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > > fixed in the forseeable future, and I would like to keep my mails in > > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > > mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > Sounds good. > > I'm sure than when you write "mailbox", you mean the folders (and not > the index files) in the evolution mail database, located at Yes, I mean the folders and not the index files > ~/.local/share/evolution/mail/local and whose contents start: > $ ls -lA > ..#evolution.Junk.cmeta .jango.ibex.index.data > ..#evolution.Trash.cmeta .jfour/ > ..cmeta .jfour.cmeta > ..maildir++ .jfour.ibex.index > .Drafts/ .jfour.ibex.index.data > .Drafts.cmeta .joer/ > .Outbox/ .joer.cmeta > .Outbox.cmeta .joyce/ > <...> > and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the > system (via fetchmail and local sendmail). I don't mean $MAIL. > Please excuse me for double checking; evolution has archived 218,886 > messages in 132 folders, and I want to avoid trouble if possible. I am a friend of double checking. :) p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From wojtek at wojtek.tensor.gdynia.pl Sun Jun 17 15:04:22 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sun, 17 Jun 2012 14:04:22 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: >> maildir form. Reviews of kmail are very bad, and thunderbird uses the >> mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. if you want to use any of those hopeless programs just turn message caching in them (folder synchronization off in thunderbird) and login to dovecot, even on localhost. kmail v.3 is barely usable, v4 is good. From bradley.giesbrecht at gmail.com Sun Jun 17 18:19:05 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Sun, 17 Jun 2012 08:19:05 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message Message-ID: Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. I have an "doveadm search" that returns the messages that have the attachments I am after. Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? Or is there a doveadm command for this? Regards, Bradley Giesbrecht (pixilla) From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 17 21:33:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 17 Jun 2012 20:33:38 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <1339802027.5967.31.camel@hurina> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> <1339802027.5967.31.camel@hurina> Message-ID: <20120617183338.GA14271@daniel.localdomain> Timo Sirainen wrote: > On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > .. > > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > > hdr = > > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > > headers = 0x1c37120 > > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > > text = 0x0 > > Hmm. See if the attached patch fixes it? > > diff -r a28c8043842d src/doveadm/doveadm-print.c > --- a/src/doveadm/doveadm-print.c Sat Jun 16 02:03:53 2012 +0300 > +++ b/src/doveadm/doveadm-print.c Sat Jun 16 02:13:03 2012 +0300 The patch seems to fix the problem. Thanks. Regards Daniel -- https://plus.google.com/103021802792276734820 From amateo at um.es Mon Jun 18 09:52:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 08:52:37 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> Message-ID: <4FDED035.1010804@um.es> El 16/06/12 01:22, Timo Sirainen escribi?: > On 13.6.2012, at 20.11, Angel L. Mateo wrote: > >> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends > > The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > >> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 > I don't have any log like this. > "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > >> Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 > > Director adds proxy_refresh, but preserves proxy_timeout. > I can find these logs, but they don't include any proxy_timeout option, all of them are like: Jun 18 08:26:26 myotis41 dovecot: lmtp(640): Debug: auth input: user= proxy host=155.54.211.164 proxy_refresh=450 But I have found, I think, the problem... I had configured 2 user backends: !include auth-master.conf.ext !include auth-ldap.conf.ext The first for master password, and the other, to get users from a ldap directory. In my auth-ldap.conf.ext I changed the ldap driver for passdb to static (I can't check user password in the director for other reasons), so I had: passdb { driver = static args = proxy=y nopassword=y } userdb { driver = prefetch } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } so, although in the dovecot-ldap.conf.ext I have: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host it seems that it isn't used and proxy_timeout it's not defined. So I have changed passdb definition to be: passdb { driver = static args = proxy=y nopassword=y proxy_timeout=120 } and now logs are like: Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 Is this correct? From voytek at sbt.net.au Mon Jun 18 09:54:15 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Mon, 18 Jun 2012 16:54:15 +1000 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing Message-ID: I'm trying to setup a new server on centos 6, from old dovecot 1.x I installed 'dovecot --version 2.1.1' from dovecot rpm I converted conf file as per migration specs, also, copied sql conf across when I try to retrieve email, log has *1: dovecot.conf -m *2 and sql conf *3 follows *1------------------------------- dovecot: master: Dovecot v2.1.1 starting up (core dumps disabled) dovecot: auth-worker(26890): mysql(127.0.0.1): Connected to database zzz dovecot: imap-login: Login: user=, method=PLAIN, rip=111.22.33.5, lip=111.22.33.4, mpid=26892, TLS dovecot: imap(name at tld): Error: user name at tld: Initialization failed: namespace configuration error: inbox=yes namespace missing dovecot: imap(name at tld): Error: Invalid user settings. Refer to server log for more information. *2----------------------------------- # doveconf -n # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_cache_size = 1 k auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:~/Maildir mail_privileged_group = mail mbox_write_locks = fcntl namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } user = root } ssl = required ssl_cert = Hi Timo, thank you very much for your quick reply. I tried that but it is not possible to SELECT such a mailbox. I have in dovecot.conf: --- mail_location=maildir:/data/messages%h namespace private { separator = / prefix = location = maildir:/data/messages%h inbox = yes list = yes } namespace public { separator = / prefix = greetings/ location = maildir:/data/greetings%h inbox = no list = yes hidden = yes } --- Messages are coming in from EXIM separated by a special HEADER into this two folders. For INBOX this works fine but not for greetings, although the maildir files are being created upon delivery. Sample IMAP Session AFTER delivering a greeting-type message: --- 01 OK Logged in. >> 02 list "" "*" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "greetings" * LIST (\HasNoChildren) "/" "greetings/INBOX" 02 OK List completed. >> 03 select "greetings/INBOX" 03 NO Mailbox doesn't exist: INBOX >> 04 select greetings 04 NO Mailbox doesn't exist: greetings --- What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? I am very sorry for having to bother you again, but I don't know what we are doing wrong here. (Dovecot version is 1.1.16) Guido Weiler -----Urspr?ngliche Nachricht----- Von: Timo Sirainen [mailto:tss at iki.fi] Gesendet: Montag, 11. Juni 2012 22:48 An: Guido Weiler Betreff: Re: Dovecot Maildir - How to Seperate mail folders You should be able to do this with namespaces. namespace { prefix = INBOX/VeryImportantMessages/ location = maildir:/very/important/messages hidden = yes } On 8.6.2012, at 18.09, Guido Weiler wrote: > Hello Timo, > > for one of our latest dovecot/IMAP-projects, we need to separate physical locations of some special IMAP folders. > So to make, for example the "INBOX/VeryImportantMessages"-Folder is on a completely different volume or mount point than the mails in INBOX or other user generated imap subfolders. > > Can you tell me if there is any possible way to implement this / change it in dovecots maildir implementation, or maybe it is already planned to do so in further versions of dovecot? > > We have to treat all messages in that one special folder with an extended backup scenario, and I think it would be the best if we can implement to have an additional mail_location parameter in dovecot.conf (e.g. important_mail_location). > > We are somewhat familiar with the dovecot source code since we already implemented plugins and other modifications to dovecot 1.1.16 but any advise or information is very appreciated. > > Kind regards, > > > Guido Weiler From amateo at um.es Mon Jun 18 12:56:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 11:56:56 +0200 Subject: [Dovecot] Sieve and fileinto encoding change? Message-ID: <4FDEFB68.7070807@um.es> Hello, I have changed from debian servers (debian lenny 5) running dovecot 1.1.16 to new ones with ubuntu 12.04 and dovecot 2.1.5 and now I'm having problems with sieve filters storing mails in folders with spanish characters (accents). Myh problem is the one described at http://www.dovecot.org/list/dovecot/2009-October/044061.html and http://dovecot.org/list/dovecot/2009-July/041690.html, that is, in my sieve scripts (generated with horde ingo) folder's names are in utf-7 instead of utf-8. Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... From tss at iki.fi Mon Jun 18 16:49:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:49:58 +0300 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message In-Reply-To: References: Message-ID: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. > > I have an "doveadm search" that returns the messages that have the attachments I am after. > > Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? > > Or is there a doveadm command for this? No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. From tss at iki.fi Mon Jun 18 16:50:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:50:53 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FDED035.1010804@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> Message-ID: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> On 18.6.2012, at 9.52, Angel L. Mateo wrote: > El 16/06/12 01:22, Timo Sirainen escribi?: >> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >> >>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >> >> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >> >>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >> > I don't have any log like this. Then you don't have auth_debug=yes. > Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 > > Is this correct? Yeah. From tss at iki.fi Mon Jun 18 16:51:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:51:42 +0300 Subject: [Dovecot] Sieve and fileinto encoding change? In-Reply-To: <4FDEFB68.7070807@um.es> References: <4FDEFB68.7070807@um.es> Message-ID: <51856467-76F5-4B86-9083-3B5DCB27C46B@iki.fi> On 18.6.2012, at 12.56, Angel L. Mateo wrote: > Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... Because v1.1 worked incorrectly and v2.1 works correctly :) From tss at iki.fi Mon Jun 18 16:53:39 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:53:39 +0300 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: On 18.6.2012, at 12.17, Guido Weiler wrote: > 01 OK Logged in. >>> 02 list "" "*" > * LIST (\HasNoChildren) "/" "INBOX" > * LIST (\Noselect \HasChildren) "/" "greetings" > * LIST (\HasNoChildren) "/" "greetings/INBOX" > 02 OK List completed. >>> 03 select "greetings/INBOX" > 03 NO Mailbox doesn't exist: INBOX >>> 04 select greetings > 04 NO Mailbox doesn't exist: greetings > > --- > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > (Dovecot version is 1.1.16) Fixed in newer versions, upgrade. From tss at iki.fi Mon Jun 18 16:55:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:55:34 +0300 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing In-Reply-To: References: Message-ID: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> On 18.6.2012, at 9.54, Voytek Eymont wrote: > I'm trying to setup a new server on centos 6, from old dovecot 1.x > > I installed 'dovecot --version 2.1.1' from dovecot rpm > I converted conf file as per migration specs, also, copied sql conf across .. > dovecot: imap(name at tld): Error: user name at tld: Initialization failed: > namespace configuration error: inbox=yes namespace missing Easiest fix: remove 15-mailboxes.conf Alternative fix: modify this namespace to actually work. Probably adding inbox=yes inside it is enough to do that. From tss at iki.fi Mon Jun 18 17:06:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:06:33 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: Message-ID: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> On 16.6.2012, at 13.55, Wojciech Puchar wrote: > even search all body "someword" doesn't work. > > while > > search body "someword" > > always work very well. > > what's wrong? Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Anyway, fts-lucene backend works better than fts-squat. From kruk at epsilon.eu.org Mon Jun 18 16:45:56 2012 From: kruk at epsilon.eu.org (Mariusz Kruk) Date: Mon, 18 Jun 2012 15:45:56 +0200 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location Message-ID: <4FDF3114.4070704@epsilon.eu.org> I've just stumbled across a strange thing which seems to be a bug. It happens in 2.0.9 as well as 2.0.11 in which I tested it. dovecot -n output: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) listen = * mail_location = maildir:~/mail mail_plugins = " quota listescape" mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = / type = private } passdb { driver = pam } plugin { quota = maildir:User quota quota_rule = *:storage=1G } protocols = imap ssl_cert = &1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 If I either disable listescape or change namespace separator to dot, the path gets resolved correctly (although it's still wrong behaviour with '.' as separator, just happens to give right result in this case). # strace -e trace=stat doveadm quota recalc -u testimap 2>&1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 And in this case quota info gets updated correctly. I believe this is a bug but maybe I'm missing something about listescape configuration. Regards Mariusz Kruk From tss at iki.fi Mon Jun 18 17:08:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:08:46 +0300 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location In-Reply-To: <4FDF3114.4070704@epsilon.eu.org> References: <4FDF3114.4070704@epsilon.eu.org> Message-ID: On 18.6.2012, at 16.45, Mariusz Kruk wrote: > I've just stumbled across a strange thing which seems to be a bug. > It happens in 2.0.9 as well as 2.0.11 in which I tested it. Listescape has some unfixable problems in v2.0. You've most likely hit one of them. v2.1 had some larger changes and fixes listescape to work perfectly. From amateo at um.es Mon Jun 18 17:47:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 16:47:09 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> Message-ID: <4FDF3F6D.2030903@um.es> El 18/06/12 15:50, Timo Sirainen escribi?: > On 18.6.2012, at 9.52, Angel L. Mateo wrote: > >> El 16/06/12 01:22, Timo Sirainen escribi?: >>> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >>> >>>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >>> >>> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >>> >>>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >>> >> I don't have any log like this. > > Then you don't have auth_debug=yes. > I had this option. Relooking I have found these logs. I didn't see them before because of the format and because they aren't related with lmtp. I have them in the form: Jun 18 12:18:30 myotis41 dovecot: auth: Debug: master out: PASS#01160#011user=#011proxy#011proxy_timeout=150 >> Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 >> >> Is this correct? > > Yeah. Anyway, with the last change (defining the proxy_timeout at the static passdb definition, default 30 seconds timeout hasn't been applied anymore. From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 20:21:48 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 19:21:48 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: i repost my question as it probably wasn't received properly - i did it just after subscribing possibly too early. thanks for answers ---------------------------------------------- just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: >> always work very well. >> >> what's wrong? > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Thanks. so - my post actually got right. sorry for repost! just got this delayed! > > Anyway, fts-lucene backend works better than fts-squat. Better in what respect? less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) From tss at iki.fi Mon Jun 18 20:30:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 20:30:21 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: On 18.6.2012, at 20.23, Wojciech Puchar wrote: >> Anyway, fts-lucene backend works better than fts-squat. > Better in what respect? > > less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) Squat index updates are somewhat slow, especially if the index is large. From dovecot at beardz.net Mon Jun 18 20:35:29 2012 From: dovecot at beardz.net (Jase Thew) Date: Mon, 18 Jun 2012 18:35:29 +0100 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 Message-ID: <4FDF66E1.5050009@beardz.net> Hi, I upgraded from Dovecot v2.0.16 to v2.1.7 over night and I noticed this morning that one of my daily reports which lists summarised mailbox sizes per user has started listing nonsense for vsizes. The reporting script at its core calls : doveadm -f flow mailbox status -A -t 'messages vsize' '*' It appears that Dovecot 2.1.7 is not resetting the vsize after collating the sum total of mailboxes sizes for each user, so that vsize just constantly increases as it iterates over each user. Eg: # doveadm -f flow mailbox status -A -t 'messages vsize' '*' accounts at example.com messages=1 vsize=759 adam at example.com messages=0 vsize=759 amy at example.com messages=24 vsize=51699697 andy at example.com messages=5446 vsize=3220940815 anna at example.com messages=50 vsize=3224035563 careers at example.com messages=1 vsize=3224036311 craig at example.com messages=2471 vsize=4421343199 creative at example.com messages=189 vsize=4426884182 david at example.com messages=8 vsize=4440729729 davidw at example.com messages=0 vsize=4440729729 enquiries at example.com messages=1 vsize=4440730491 gemma at example.com messages=4109 vsize=6349098844 gin at example.com messages=86 vsize=6392599904 holly at example.com messages=2000 vsize=7200342663 ian at example.com messages=0 vsize=7200342663 info at example.com messages=4 vsize=7200558689 jackie at example.com messages=2 vsize=7200721146 jade at example.com messages=137 vsize=7210548548 jake at example.com messages=16667 vsize=15260532446 katie at example.com messages=1 vsize=15260533375 mark at example.com messages=0 vsize=15260533375 mike.a at example.com messages=9 vsize=15261474205 mike.s at example.com messages=296 vsize=15314352543 mike at example.com messages=6357 vsize=20631446344 nick at example.com messages=1184 vsize=21038046728 social at example.com messages=65 vsize=21038935461 will at example.com messages=85 vsize=21057572390 [SNIP] The same occurs with -u '*@example.com' in place of -A, and also for 'all' in place of 'messages vsize'. Is this expected behaviour in 2.1.x compared to 2.0.x, or have I stumbled upon a bug? Regards, Jase Thew. From admin at postia.de Mon Jun 18 20:44:38 2012 From: admin at postia.de (Martin Weil) Date: Mon, 18 Jun 2012 19:44:38 +0200 Subject: [Dovecot] dovecot-sieve and LMT Message-ID: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Dear list, My mail server is working perfectly. So I am trying to add feature after feature, until I have all the features I need. This has worked fine until now. I am trying to get dovecot-sieve to work. So I activated dovecot-lda and the sieve plugin and told postfix to use deliver instead of procmail. After restarting all services I then created a test sieve file. Obviously I have not yet understood the whole process completely because, it simply does not work. I suspect some permission problems or misconfiguration of the sieve file, but I am not sure where to look for solutions. -rw-r--r-- 1 2001 2001 116 2012-06-16 21:25 /var/mail/vmail/domain.com/user/dovecot.sieve dovecot.sieve require "fileinto"; if header :contains ["subject"] ["Test"] { fileinto ".Folder1"; } else { fileinto ".Folder2"; } Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) As far as I can tell there are no errors reported anywhere, I checked mail.log and syslog. 2001 is the virtual uid/gid of this particular user. If anyone can help me with this it would be great. The Mailserver works very well apart from this. There was one odd thing apart from this. In the docs I read that auth-master has to be running for deliver to work correctly. I did not know this before, but mails were delivered correctly after I started using deliver. So is there a need for auth-master to be running or not? Thanks a lot Martin dovecot -n output: # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab091.2 i686 Ubuntu 10.04.4 LTS reiserfs log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps lda ssl: required ssl_cert_file: /home/mweil/CA/cert.pem ssl_key_file: /home/mweil/CA/key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 25 mail_privileged_group: mail mail_uid: 10000 mail_gid: 10000 mail_location: maildir:/var/mail/vmail/%d/%n/mail mbox_write_locks: fcntl dotlock lda: postmaster_address: postmaster at domain.com mail_plugins: sieve mail_plugin_dir: /usr/lib/dovecot/modules/lda auth default: user: nobody passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 432 plugin: sieve: /var/mail/vmail/%d/%u/dovecot.sieve postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix inet_interfaces = all mailbox_command = /usr/lib/dovecot/deliver mailbox_size_limit = 0 message_size_limit = 102400000 mydestination = host.domain.net, localhost, mydomain = domain.com myhostname = host.domain.com mynetworks = 127.0.0.1 myorigin = $mydomain readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_client_restrictions = smtpd_error_sleep_time = 1s smtpd_hard_error_limit = 20 smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated reject_unauth_destination reject_unverified_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_login_maps = pgsql:/etc/postfix/lookup/pgsql_sasl_senders.cf smtpd_sender_restrictions = smtpd_soft_error_limit = 10 smtpd_tls_auth_only = yes smtpd_tls_cert_file = /home/mweil/CA/cert.pem smtpd_tls_key_file = /home/mweil/CA/key.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_alias.cf virtual_gid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_gid.cf virtual_mailbox_base = /var/mail/vmail/ virtual_mailbox_domains = domain.com virtual_mailbox_limit = 0 virtual_mailbox_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_accounts.cf virtual_uid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_uid.cf From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 21:06:02 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 20:06:02 +0200 (CEST) Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: thank you very much for help! On Mon, 18 Jun 2012, Timo Sirainen wrote: > On 18.6.2012, at 20.23, Wojciech Puchar wrote: > >>> Anyway, fts-lucene backend works better than fts-squat. >> Better in what respect? >> >> less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) > > Squat index updates are somewhat slow, especially if the index is large. > > > From ms at mur.at Tue Jun 19 01:41:16 2012 From: ms at mur.at (Martin Schitter) Date: Tue, 19 Jun 2012 00:41:16 +0200 Subject: [Dovecot] pop3c_master_user Message-ID: <4FDFAE8C.9000208@mur.at> the configuration keyword "pop3c_master_user" mentioned in the dsync migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does not work for dovecot 2.1.7. a config line like: "pop3c_master_user = cyrus" will produce this error: doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line 33: Unknown setting: pop3c_master_user it's not defined in: src/lib-storage/index/pop3c/pop3c-settings.* is this feature not enabled with intention? btw. another question: will 'doveadm backup' mirror all the IMAP ACL information? thanks martin From alec at alec.pl Tue Jun 19 10:51:56 2012 From: alec at alec.pl (A.L.E.C) Date: Tue, 19 Jun 2012 09:51:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Message-ID: <4FE02F9C.5070208@alec.pl> On 06/18/2012 07:44 PM, Martin Weil wrote: > require "fileinto"; > if header :contains ["subject"] ["Test"] { > fileinto ".Folder1"; > } else { > fileinto ".Folder2"; > } > > Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) Don't add a dot on the beggining of the folder name in sieve scripts. Use fileinto :create "folder" or lda_mailbox_autocreate option to create non-existing folders. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From admin at postia.de Tue Jun 19 11:17:26 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 10:17:26 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE02F9C.5070208@alec.pl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> Message-ID: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Hi. Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. if header :contains ["subject"] ["Test"] { fileinto :create "Folder1"; } else { fileinto :create "Folder2"; } The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Thanks Martin Am 19.06.2012 um 09:51 schrieb A.L.E.C: > On 06/18/2012 07:44 PM, Martin Weil wrote: >> require "fileinto"; >> if header :contains ["subject"] ["Test"] { >> fileinto ".Folder1"; >> } else { >> fileinto ".Folder2"; >> } >> >> Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) > > Don't add a dot on the beggining of the folder name in sieve scripts. > Use fileinto :create "folder" or lda_mailbox_autocreate option to create > non-existing folders. > > -- > Aleksander 'A.L.E.C' Machniak > LAN Management System Developer [http://lms.org.pl] > Roundcube Webmail Developer [http://roundcube.net] > --------------------------------------------------- > PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From stephan at rename-it.nl Tue Jun 19 11:29:23 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 10:29:23 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Message-ID: <4FE03863.6030403@rename-it.nl> Op 6/19/2012 10:17 AM, Martin Weil schreef: > Hi. > > Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. > > if header :contains ["subject"] ["Test"] { > fileinto :create "Folder1"; > } else { > fileinto :create "Folder2"; > } > > The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting Regards, Stephan. From admin at postia.de Tue Jun 19 12:20:21 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 11:20:21 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE03863.6030403@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> Message-ID: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Am 19.06.2012 um 10:29 schrieb Stephan Bosch: > Op 6/19/2012 10:17 AM, Martin Weil schreef: >> Hi. >> >> Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. >> >> if header :contains ["subject"] ["Test"] { >> fileinto :create "Folder1"; >> } else { >> fileinto :create "Folder2"; >> } >> >> The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. > > Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting > > Regards, > > Stephan. Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. But I am afraid sieve is still not working. Mails are still delivered to INBOX. Martin From stephan at rename-it.nl Tue Jun 19 13:44:56 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 12:44:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Message-ID: <4FE05828.6020104@rename-it.nl> Op 6/19/2012 11:20 AM, Martin Weil schreef: > > Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. > > After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. > > But I am afraid sieve is still not working. Mails are still delivered to INBOX. Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. Regards, Stephan. From admin at postia.de Tue Jun 19 16:13:51 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 15:13:51 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE05828.6020104@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > Op 6/19/2012 11:20 AM, Martin Weil schreef: >> >> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >> >> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >> >> But I am afraid sieve is still not working. Mails are still delivered to INBOX. > > Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. > > Regards, > > Stephan. Thanks a lot for this tip. It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. Thanks a lot again. Martin From ef at math.uni-bonn.de Tue Jun 19 16:14:14 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Tue, 19 Jun 2012 15:14:14 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location Message-ID: <20120619131413.GN48358@trav.math.uni-bonn.de> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? I have mail_location = maildir:/import/mail/%n/:INDEX=/var/db/dovecot/indexes/%n and, in the plugin section, home = /import/mail/%n/home sieve = /import/mail/%n/dovecot.sieve sieve_dir = /import/mail/%n/sieve I would like to partially move users to another location (different file server) by using an LDAP entry. I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. The VirtualUsers/Home Wiki enty contains an example for relative paths user_attrs = .., mailDirectory=home=/var/vmail/%$ which I do not understand. From stephan at rename-it.nl Tue Jun 19 16:36:59 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 15:36:59 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: <4FE0807B.9070504@rename-it.nl> Op 6/19/2012 3:13 PM, Martin Weil schreef: > Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > >> Op 6/19/2012 11:20 AM, Martin Weil schreef: >>> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >>> >>> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >>> >>> But I am afraid sieve is still not working. Mails are still delivered to INBOX. >> Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. >> >> Regards, >> >> Stephan. > > Thanks a lot for this tip. > It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. The :create tag doesn't work unless the mailbox extension is active; you need to add the following to the top of your Sieve script to use it: require "mailbox"; Regards, Stephan. From bradley.giesbrecht at gmail.com Tue Jun 19 16:51:06 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Tue, 19 Jun 2012 06:51:06 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message [SOLVED] In-Reply-To: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> References: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> Message-ID: On Jun 18, 2012, at 6:49 AM, Timo Sirainen wrote: > On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > >> Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. >> >> I have an "doveadm search" that returns the messages that have the attachments I am after. >> >> Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? >> >> Or is there a doveadm command for this? > > No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. I used an imap client to create an imap folder named "unpack" , searched for the messages I needed and then moved them into the unpack folder. I then used munpack to unpack the messages from the unpack folder to a local disk directory. http://ftp.andrew.cmu.edu/pub/mpack/ Regards, Bradley Giesbrecht (pixilla) From dovecot at bestewogibt.de Tue Jun 19 20:12:40 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 19:12:40 +0200 Subject: [Dovecot] Trouble with Trash Message-ID: <4FE0B308.4040102@bestewogibt.de> Hi guys and girls, Version: 2.0.19 - running on Ubuntu 12.04 LTS Server dovecot -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.3.1 x86_64 Ubuntu 12.04 LTS mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = was automatically rejected:%n%r } My problem is, that actually old mails in the Thrash-Folder are deleted. This is crap, because I want to look at some mails again. I'm not sure if my Thunderbird does it or Dovecot. I don't think, TB does it, there's actually no option, I think. Any ideas? P.S.: Sorry for the bad english. -- "If you haven?t found it yet, keep looking. Don?t settle." Dominic Pratt Fachinformatiker Systemintegration Handy: +49 173 8371427 From delrio at mie.utoronto.ca Tue Jun 19 20:54:47 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Tue, 19 Jun 2012 13:54:47 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0B308.4040102@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> Message-ID: <4FE0BCE7.6060809@mie.utoronto.ca> On 06/19/12 01:12 PM, Dominic Pratt wrote: > > My problem is, that actually old mails in the Thrash-Folder are > deleted. This is crap, because I want to look at some mails again. I'm > not sure if my Thunderbird does it or Dovecot. I don't think, TB does > it, there's actually no option, I think. > Thunderbird - Accounts - Server settings - Empty Trash on Exit From dovecot at bestewogibt.de Tue Jun 19 21:15:59 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 20:15:59 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0BCE7.6060809@mie.utoronto.ca> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> Message-ID: <4FE0C1DF.1060900@bestewogibt.de> As already said... I don't think it's TB: http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Thanks anyway. Am 19.06.2012 19:54, schrieb Oscar del Rio: > Thunderbird - Accounts - Server settings - Empty Trash on Exit From tss at iki.fi Wed Jun 20 02:36:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 02:36:14 +0300 Subject: [Dovecot] message parser: Fixed infinite loop when parsing a specific message. Message-ID: <1340148974.5967.52.camel@hurina> I committed this change to all hg branches: http://hg.dovecot.org/dovecot-2.1/rev/4461b48fcc1f After that I realized that it doesn't actually matter, because it fixes only a situation where input buffer's size is less than 84 bytes. This happened on a test program where I was using a 64 byte buffer, but the real code in Dovecot always uses much larger buffers. So, don't worry, there's no way to actually DOS Dovecot with this. No need for distro people to create any security releases. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 20 03:32:07 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 20 Jun 2012 02:32:07 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0C1DF.1060900@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: Dominic Pratt schrieb: >As already said... I don't think it's TB: >http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Hi Dominic, since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. Thunderbird might expire the mails in your Trash mailbox if they exceed a specified age or a specified message count. Please check your system date and the retention times of mails in your trash mailbox. Right click on the folder. Regards Daniel From a.kostyrev at serverc.ru Wed Jun 20 05:03:17 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 13:03:17 +1100 Subject: [Dovecot] director map and mysql Message-ID: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> hello! Is "doveadm director map" command suppose to work when I store "host" value in mysql table? It gives me nothing in output with no errors in log. I've successfully setup directors with static passdb, and decided to give a try setup with storing host value in mysql table. The proxying is actually working, I'm just unhappy with no output from "doveadm director map". on the other hand output from "doveadm director map" is not empty, when I configure my password_query not to return host from table. director's settings in dovecot.sql is: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } director_servers = 192.168.5.125 director_mail_servers = 192.168.5.110 192.168.5.111 service doveadm { inet_listener { port = 24245 } } protocol doveadm { auth_socket_path = director-userdb } doveadm_proxy_port = 24245 in /etc/dovecot/dovecot-sql.conf at director there's password_query = SELECT \ NULL AS password,\ 'Y' as nopassword, \ 'Y' AS proxy, \ MBOX_NAME as user, \ host2 as host \ from M_MAILBOX \ where MBOX_NAME = '%u' user_query = SELECT \ MBOX_NAME AS username, \ MAIL_DIRECTORY as home \ from M_MAILBOX \ where MBOX_NAME = '%u'; iterate_query = select MBOX_NAME AS username from M_MAILBOX; backend's conf: service doveadm { inet_listener { port = 24245 } } From tss at iki.fi Wed Jun 20 05:22:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 05:22:25 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From claude at phyto.qc.ca Wed Jun 20 05:28:39 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Tue, 19 Jun 2012 22:28:39 -0400 Subject: [Dovecot] troncated email Message-ID: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Hi, I'm on fc16 with dovecot and Claws Mail version 3.8.0 All email in INBOX are troncated as they arrive. I only get the title, from and date but no more core message could someone guide me so I find a solution for my problem. cannot lose my email Regards, Claude From a.kostyrev at serverc.ru Wed Jun 20 06:40:42 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 14:40:42 +1100 Subject: [Dovecot] director map and mysql In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> thanks! but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? I planned to setup two dovecot storage servers where all mailboxes are mirrored between these two servers with dsync replication like described in http://www.dovecot.org/list/dovecot/2012-March/064243.html but I don't want this user to be redirected to two these servers in round-robin fashion. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: Wednesday, June 20, 2012 1:22 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director map and mysql On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From jesper at dahlnyerup.dk Wed Jun 20 09:35:05 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Wed, 20 Jun 2012 08:35:05 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <20120620063504.GA2187@jespernyerup.dk> On Jun 11 23:37, Jesper Dahl Nyerup wrote: > We're still chasing the root cause in the kernel or the VServer patch > set. We'll of course make sure to post our findings here, and I'd very > much appreciate to hear about other people's progress. We still haven't found a solution, but here's what we've got thus far: - The issue is not VServer specific. We're able to reproduce it on recent vanilla kernels. - The issue has a strong correlation with the number of processor cores in the machine. The behavior is impossible to provoke on a dual core workstation, but is very widespread on 16 or 24 core machines. One of my colleagues has written a snippet of code that reproduces and exposes the problem, and we've sent this to the Inotify maintainers and the kernel mailing list, hoping that someone more familiar with the code will be quicker to figure out what is broken. If anyone's interested - either in following the issue or the code snippet that reproduces it - here's the post: http://thread.gmane.org/gmane.linux.kernel/1315430 As this is clearly a kernel issue, we're going to try to keep the discussion there, and I'll probably not follow up here, until the issue has been resolved. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From klimenko.n at theitidea.ru Wed Jun 20 10:24:47 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Wed, 20 Jun 2012 11:24:47 +0400 Subject: [Dovecot] sieve and namespace Message-ID: <4FE17ABF.5010303@theitidea.ru> HI I'm tryin to set up sieve the way so it will put incoming message into Junk folder, which is described via namespace. Unfortunately rule doesn't work and message is put into Inbox. If i change destination folder to folder not described via namespace in the same rule the message is placed to that folder. please help dovecot 1.2.9 namespace: type: private prefix: Junk/ location: maildir:/opt/mail/Junk/INBOX:LAYOUT=fs hidden: yes list: yes subscriptions: yes From bind at enas.net Wed Jun 20 12:36:33 2012 From: bind at enas.net (Urban Loesch) Date: Wed, 20 Jun 2012 11:36:33 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120620063504.GA2187@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> <20120620063504.GA2187@jespernyerup.dk> Message-ID: <4FE199A1.9090301@enas.net> Hi, yesterday I disabled the inotify as mentioned in the previous post and it works for me also. Thanks to all for the hint. On 20.06.2012 08:35, Jesper Dahl Nyerup wrote: > On Jun 11 23:37, Jesper Dahl Nyerup wrote: >> We're still chasing the root cause in the kernel or the VServer patch >> set. We'll of course make sure to post our findings here, and I'd very >> much appreciate to hear about other people's progress. > > We still haven't found a solution, but here's what we've got thus far: > > - The issue is not VServer specific. We're able to reproduce it on > recent vanilla kernels. > > - The issue has a strong correlation with the number of processor cores > in the machine. The behavior is impossible to provoke on a dual core > workstation, but is very widespread on 16 or 24 core machines. For the records: I have the problem on 2 different machines with different CPU's - PE2950 with 2x Intel Xeon X5450 3.00Ghz (8) CPU's (problem happens not so often as with PER610) - PER610 with 2x Intel Xeon X5650 2.67GHz (24) CPU's > > One of my colleagues has written a snippet of code that reproduces and > exposes the problem, and we've sent this to the Inotify maintainers and > the kernel mailing list, hoping that someone more familiar with the code > will be quicker to figure out what is broken. > > If anyone's interested - either in following the issue or the code > snippet that reproduces it - here's the post: > http://thread.gmane.org/gmane.linux.kernel/1315430 As you described on the kernel maillinglist, I can confirm. The higher the number of cpu's, the worse it gets. > > As this is clearly a kernel issue, we're going to try to keep the > discussion there, and I'll probably not follow up here, until the issue > has been resolved. > > Jesper. Thanks Urban From CMarcus at Media-Brokers.com Wed Jun 20 12:36:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 05:36:56 -0400 Subject: [Dovecot] troncated email In-Reply-To: <20120619222839.0c083529@oligoextra.phyto.qc.ca> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Message-ID: <4FE199B8.5060304@Media-Brokers.com> On 2012-06-19 10:28 PM, Claude G?linas wrote: > I'm on fc16 with dovecot and Claws Mail version 3.8.0 We are much more interested in the dovecot version (and configuration - dovecot -n output is helpful there) than the version of Claws Mail. > All email in INBOX are troncated as they arrive. I only get the title, > from and date but no more core message > > could someone guide me so I find a solution for my problem. cannot lose > my email Since most of our Crystal Balls are broken, you will likely have to be much more precise in your request for help, by providing actual excerpts from logs while accessing mail, and you may even have to resort to enabling debugging... Start here: http://wiki2.dovecot.org/WhyDoesItNotWork Otherwise, you may get more help from a Fedora support list. -- Best regards, Charles From kayasaman at gmail.com Wed Jun 20 12:38:59 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Wed, 20 Jun 2012 10:38:59 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: Hi, I'm trying to setup Dovecot with MS AD and am using this as my guide: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm I can definitely access information on the AD server using wbinfo -g and wbinfo -u..... Currently my dovecot.conf file looks like this: # v1.1: #auth_ntlm_use_winbind = yes # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # If you're using POP3, you'll need this: #pop3_uidl_format = %g # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static allow_all_users=yes } According to the documentation I should be using: userdb static { ... } which seems to be Dovecot v1. config, and additionally the "allow_all_users=yes" statement when added seems again v1. config since Dovecot 2. won't even start? In the meantime when not using "allow_all_users" Dovecot throws up these errors: Jun 20 11:30:40 master: Warning: Killed with signal 15 (by pid=4149 uid=0 code=kill) Jun 20 11:30:48 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:30:48 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:30:59 master: Warning: Killed with signal 15 (by pid=4182 uid=0 code=kill) Jun 20 11:31:13 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:31:13 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:32:38 master: Warning: Killed with signal 15 (by pid=4245 uid=0 code=kill) Jun 20 11:32:58 imap-login: Warning: Auth connection closed with 1 pending requests (max 0 secs, pid=4265, EOF) Jun 20 11:32:58 auth: Fatal: master: service(auth): child 4266 killed with signal 11 (core not dumped - set service auth { drop_priv_before_exec=yes }) -- this was after adding: passdb { driver = static } to the mix. I'm using Dovecot 2.1.3 on FreeBSD 8.2 RELEASE x64. Can anyone help me configuring Dovecot to authenticate? Regards, Kaya From amateo at um.es Wed Jun 20 12:40:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:40:19 +0200 Subject: [Dovecot] dovecot 2.1.5 performance Message-ID: <4FE19A83.8080407@um.es> Hello, I'm migrating from 1.1.16 running in 4 debian lenny servers virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with VMWare, but I'm having lots a performance problems. I don't think that virtualization platform could be the problem, because the new servers running in xenserver has the same problems than running in vmware. I have about 70000 user accounts, most of them without real activity (they are students who doesn't read his email or have its account redirected to other provider). I have about 700-1000 concurrent imap connections. I have storage in nfs (nfsv3, the nfs server is a celerra), but indexes are in local filesystems (each server has its own index fs). Mailboxes are in maildir format. Old servers and actual director servers are load balanced with an radware appdirector load balancer (the new backend servers don't need to be balanced because I'm using a director farm) In the old platform I have scenario number 2 described at http://wiki2.dovecot.org/NFS, but in the new ones I have a director proxy directing all connections from each user to the same server (I don't specify any server for the user, director selects it according to the hash algorithm it has). Some doubts I have for the recommended in that url: * mmap_disable: both single and multi server configurations have mmap_disable=yes but in index file section says that you need it if you have your index files stored in nfs. I have it stored locally. Do I need mmap_disable=yes? What it's the best? * dotlock_use_excl: it is set to no in both configurations, but the comment says that it is needed only in nfsv2. Since I have nfs3, I have it set it to yes. * mail_nfs_storage: In single server is set to no, but in multi server it set to yes. Since I have a director in front of my backend server, what is the recommended? With this configuration, when I have a few connections (about 300-400 imap connections) everything is working fine, but when I disconnect the old servers and direct all my users' connections to the new servers I have lot of errors. server loads increments to over 300 points, with a very high io wait. With atop, I could see that of my 6 cores, I have one with almost 100% waiting for i/o and the other with almost 100% idle, but load of the server is very, very high. With the old servers, I have performance problems, access to mail is slow, but it works. But with the new ones it doesn't work at all. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Wed Jun 20 12:46:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:46:09 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <4FE19BE1.6070702@um.es> On 20/06/12 11:40, Angel L. Mateo wrote: > Hello, > > I'm migrating from 1.1.16 running in 4 debian lenny servers > virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in > 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with > VMWare, but I'm having lots a performance problems. I don't think that > virtualization platform could be the problem, because the new servers > running in xenserver has the same problems than running in vmware. > > I have about 70000 user accounts, most of them without real > activity (they are students who doesn't read his email or have its > account redirected to other provider). I have about 700-1000 concurrent > imap connections. > > I have storage in nfs (nfsv3, the nfs server is a celerra), but > indexes are in local filesystems (each server has its own index fs). > Mailboxes are in maildir format. > > Old servers and actual director servers are load balanced with an > radware appdirector load balancer (the new backend servers don't need to > be balanced because I'm using a director farm) > > In the old platform I have scenario number 2 described at > http://wiki2.dovecot.org/NFS, but in the new ones I have a director > proxy directing all connections from each user to the same server (I > don't specify any server for the user, director selects it according to > the hash algorithm it has). > > Some doubts I have for the recommended in that url: > > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? > > With this configuration, when I have a few connections (about > 300-400 imap connections) everything is working fine, but when I > disconnect the old servers and direct all my users' connections to the > new servers I have lot of errors. server loads increments to over 300 > points, with a very high io wait. With atop, I could see that of my 6 > cores, I have one with almost 100% waiting for i/o and the other with > almost 100% idle, but load of the server is very, very high. > > With the old servers, I have performance problems, access to mail > is slow, but it works. But with the new ones it doesn't work at all. > > Any idea? > I forgot attaching my doveconf. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_verbose = yes default_process_limit = 1000 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_debug = yes mail_fsync = always mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_nfs_storage = yes mail_privileged_group = mail maildir_stat_dirs = yes mdbox_rotate_size = 20 M passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes dovecot driver = pam } plugin { lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = References: <4FE19A83.8080407@um.es> <4FE19BE1.6070702@um.es> Message-ID: <4FE19EAD.4050400@ehu.es> El 20/06/12 11:46, Angel L. Mateo escribi?: > On 20/06/12 11:40, Angel L. Mateo wrote: >> Hello, >> >> I'm migrating from 1.1.16 running in 4 debian lenny servers >> virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in >> 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with >> VMWare, but I'm having lots a performance problems. I don't think that >> virtualization platform could be the problem, because the new servers >> running in xenserver has the same problems than running in vmware. >> >> I have about 70000 user accounts, most of them without real >> activity (they are students who doesn't read his email or have its >> account redirected to other provider). I have about 700-1000 concurrent >> imap connections. >> >> I have storage in nfs (nfsv3, the nfs server is a celerra), but >> indexes are in local filesystems (each server has its own index fs). >> Mailboxes are in maildir format. >> >> Old servers and actual director servers are load balanced with an >> radware appdirector load balancer (the new backend servers don't need to >> be balanced because I'm using a director farm) >> >> In the old platform I have scenario number 2 described at >> http://wiki2.dovecot.org/NFS, but in the new ones I have a director >> proxy directing all connections from each user to the same server (I >> don't specify any server for the user, director selects it according to >> the hash algorithm it has). >> >> Some doubts I have for the recommended in that url: >> >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? >> As I see it, director ensures that only 1 server is accesing any given file, so you don't need any special conf (so mmap_disable=no & mail_nfs_storage=no) From tss at iki.fi Wed Jun 20 13:05:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 13:05:32 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <1340186732.5967.71.camel@hurina> On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? mmap_disable is used only for index files, so with local indexes use "no". (If indexes were on NFS, "no" would probably still work but I'm not sure if the performance would be better or worse. Errors would also trigger SIGBUS crashes.) > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. "yes" is ok. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? With director you can set this to "no". > With this configuration, when I have a few connections (about 300-400 > imap connections) everything is working fine, but when I disconnect the > old servers and direct all my users' connections to the new servers I > have lot of errors. Real errors that show up in Dovecot logs? What kind of errors? > server loads increments to over 300 points, with a > very high io wait. With atop, I could see that of my 6 cores, I have one > with almost 100% waiting for i/o and the other with almost 100% idle, > but load of the server is very, very high. Does the server's disk IO usage actually go a lot higher, or is it simply waiting without doing much of anything? I wonder if this is related to the inotify problems: http://dovecot.org/list/dovecot/2012-June/066474.html Another thought: Since indexes are stored locally, is it possible that the extra load comes simply from building the indexes on the new servers, while they already exist on the old ones? > mail_fsync = always v1.1 did the equivalent of mail_fsync=optimized. You could see if that makes a difference. > maildir_stat_dirs = yes Do you actually need this? It causes unnecessary disk IO and probably not needed in your case. > default_process_limit = 1000 Since you haven't enabled high-performance mode for imap-login processes and haven't otherwise changed the service imap-login settings, this means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. From amateo at um.es Wed Jun 20 13:49:24 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 12:49:24 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE1AAB4.9030404@um.es> On 20/06/12 12:05, Timo Sirainen wrote: > On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? > > mmap_disable is used only for index files, so with local indexes use > "no". (If indexes were on NFS, "no" would probably still work but I'm > not sure if the performance would be better or worse. Errors would also > trigger SIGBUS crashes.) > >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. > > "yes" is ok. > >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? > > With director you can set this to "no". > Ok, I'm going to change it. >> With this configuration, when I have a few connections (about 300-400 >> imap connections) everything is working fine, but when I disconnect the >> old servers and direct all my users' connections to the new servers I >> have lot of errors. > > Real errors that show up in Dovecot logs? What kind of errors? > Lot of errors like: Jun 20 12:42:37 myotis31 dovecot: imap(vlo): Warning: Maildir /home/otros/44/016744/Maildir/.INBOX.PRUEBAS: Synchronization took 278 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts) Jun 20 12:42:38 myotis31 dovecot: imap(vlo): Warning: Transaction log file /var/indexes/vlo/.INBOX.PRUEBAS/dovecot.index.log was locked for 279 seconds and in the relay server, lots of timeout errors delivering to lmtp: un 20 12:38:29 xenon14 postfix/lmtp[12004]: D48D55D4F7: to=, relay=pop.um.es[155.54.212.106]:24, delay=150, delays=0.09/0/0/150, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) >> server loads increments to over 300 points, with a >> very high io wait. With atop, I could see that of my 6 cores, I have one >> with almost 100% waiting for i/o and the other with almost 100% idle, >> but load of the server is very, very high. > > Does the server's disk IO usage actually go a lot higher, or is it > simply waiting without doing much of anything? I wonder if this is > related to the inotify problems: > http://dovecot.org/list/dovecot/2012-June/066474.html > Now we have rollbacked to the old servers, so I don't know. Next time we try, I'll check this. > Another thought: Since indexes are stored locally, is it possible that > the extra load comes simply from building the indexes on the new > servers, while they already exist on the old ones? > I don't think so, because: * In the old servers, we have no "director like" mechanism. One IP is always directed to the same server (during a session timeout, today could be one server and tomorrow another different), but mail is delivered randomly through one of the server. * Since last week (when we started migration) all mail is delivered into the mailboxes by the new servers, passing through director. So new server's indexes should be updated. >> mail_fsync = always > > v1.1 did the equivalent of mail_fsync=optimized. You could see if that > makes a difference. > I'll try this. >> maildir_stat_dirs = yes > > Do you actually need this? It causes unnecessary disk IO and probably > not needed in your case. > My fault. I understood the explanation completely wrong. I thought that yes should do what actually does no. I have fixed it. >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > I know it. I have to tune it. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From wojtek at wojtek.tensor.gdynia.pl Wed Jun 20 14:30:35 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 20 Jun 2012 13:30:35 +0200 (CEST) Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE1AAB4.9030404@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE1AAB4.9030404@um.es> Message-ID: >> > I know it. I have to tune it. > > -- he did not only changed Dovecot but OS. I would bet it is his OS problem - as he stated 100% of single core is used while 6 are available. something definitely not dovecot dependent. i would recommend installing exactly the same version of old dovecot on new OS and test it. From delrio at mie.utoronto.ca Wed Jun 20 16:45:06 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 20 Jun 2012 09:45:06 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: <4FE1D3E2.9010205@mie.utoronto.ca> On 06/19/12 08:32 PM, Daniel Parthey wrote: > Dominic Pratt schrieb: > >> As already said... I don't think it's TB: >> http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg > since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. The only other way I can think of that Dovecot could delete messages would be if there is a "doveadm expunge" cron job running on the server. From weiler.guido at bergersysteme.com Wed Jun 20 17:06:25 2012 From: weiler.guido at bergersysteme.com (Guido Weiler) Date: Wed, 20 Jun 2012 14:06:25 +0000 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: > Date: Mon, 18 Jun 2012 16:53:39 +0300 > From: Timo Sirainen > To: Dovecot Mailing List > Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders > Message-ID: > Content-Type: text/plain; charset=us-ascii > > On 18.6.2012, at 12.17, Guido Weiler wrote: > > > 01 OK Logged in. > >>> 02 list "" "*" > > * LIST (\HasNoChildren) "/" "INBOX" > > * LIST (\Noselect \HasChildren) "/" "greetings" > > * LIST (\HasNoChildren) "/" "greetings/INBOX" > > 02 OK List completed. > >>> 03 select "greetings/INBOX" > > 03 NO Mailbox doesn't exist: INBOX > >>> 04 select greetings > > 04 NO Mailbox doesn't exist: greetings > > > > --- > > > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there > isn't a mailbox with this name? > > > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > > (Dovecot version is 1.1.16) > > Fixed in newer versions, upgrade. > ------------------------------ Thank you. Can you tell me if this bug belongs to the LIST command only? Or is it generally impossible to SELECT such mailboxes with this version? Best Regards, Guido Weiler From CMarcus at Media-Brokers.com Wed Jun 20 17:19:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 10:19:56 -0400 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: <4FE1DC0C.7070008@Media-Brokers.com> Guido, when Timo says its time to upgrade, upgrade. On 2012-06-20 10:06 AM, Guido Weiler wrote: >> Date: Mon, 18 Jun 2012 16:53:39 +0300 >> From: Timo Sirainen >> To: Dovecot Mailing List >> Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders >> Message-ID: >> Content-Type: text/plain; charset=us-ascii >> >> On 18.6.2012, at 12.17, Guido Weiler wrote: >> >>> 01 OK Logged in. >>>>> 02 list "" "*" >>> * LIST (\HasNoChildren) "/" "INBOX" >>> * LIST (\Noselect \HasChildren) "/" "greetings" >>> * LIST (\HasNoChildren) "/" "greetings/INBOX" >>> 02 OK List completed. >>>>> 03 select "greetings/INBOX" >>> 03 NO Mailbox doesn't exist: INBOX >>>>> 04 select greetings >>> 04 NO Mailbox doesn't exist: greetings >>> >>> --- >>> >>> What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there> isn't a mailbox with this name? >>> >>> I am very sorry for having to bother you again, but I don't know what we are doing wrong here. >>> (Dovecot version is 1.1.16) >> >> Fixed in newer versions, upgrade. >> > ------------------------------ > > Thank you. Can you tell me if this bug belongs to the LIST command only? > Or is it generally impossible to SELECT such mailboxes with this version? > > Best Regards, > > Guido Weiler -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From rventura at h-st.com Wed Jun 20 18:50:43 2012 From: rventura at h-st.com (Romer Ventura) Date: Wed, 20 Jun 2012 10:50:43 -0500 Subject: [Dovecot] GlusterFS + Dovecot Message-ID: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From tss at iki.fi Wed Jun 20 19:04:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 19:04:02 +0300 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: On 20.6.2012, at 18.50, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? I've heard Dovecot complains about index corruption once in a while with glusterfs, even when not in multi-master mode. I wouldn't use it without some heavy stress testing first (with imaptest tool). From acrow at integrafin.co.uk Wed Jun 20 19:39:55 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Wed, 20 Jun 2012 17:39:55 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? Message-ID: <4FE1FCDB.6080503@integrafin.co.uk> Hi, I'm trying to access the IMAP archives with Thunderbird but can't seem to get it to work. I have tried an unencrypted connection, SSL and TLS but with no success. Any ideas? Thanks Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From masch at masch.it Wed Jun 20 20:07:44 2012 From: masch at masch.it (Mark Schmale) Date: Wed, 20 Jun 2012 19:07:44 +0200 Subject: [Dovecot] Problem with Dovecot 2.0/2.1 and MySQL 5.1 Message-ID: <20120620190744.4f01672f@mark_laptop> Hi everyone, since some time I got problems with dovecot & mysql. I got the problem with version 2.0.x and upgraded to 2.1.7 to check if its gone. But its not :( The logs just tell me this: dovecot: auth: Error: auth worker: Aborted request: Worker process died unexpectedly If I change to a sqlite setup, everything works fine. Here are some informations. I hope someone can tell me whats wrong with my system/setup. I really dont think that this is a bug because someone else should have hit that before me. doveconf - n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.2-hardened-r1 x86_64 Gentoo Base System release 2.1 auth_verbose = yes mail_location = maildir:~/%d/mail/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail user = vmail } } ssl_cert = module = passdb_result = PASSDB_RESULT_INTERNAL_FAILURE password = 0x0 scheme = ret = __FUNCTION__ = "sql_query_callback" #2 0x00007fb891c3c940 in driver_sqlpool_query_callback (result=0x7fb891e82f60, request=0x7fb891e82e50) at driver-sqlpool.c:635 db = 0x7fb891e66540 conn = 0x0 conndb = 0x7fb891e66910 #3 0x00007fb891c3dbe0 in driver_mysql_query (db=, query=, callback=0x7fb891c3c8c0 , context=0x7fb891e82e50) at driver-mysql.c:296 result = 0x7fb891e82f60 #4 0x00007fb891c3cc41 in driver_sqlpool_query (_db=0x7fb891e66540, query=0x7fb891e561c8 "SELECT CONCAT( u.username, '@', d.name ) AS user, password FROM mail_user AS u LEFT JOIN mail_domains AS d ON u.domain = d.id WHERE u.username = 'masch' AND d.name = 'masch.it'", callback=0x7fb891c31960 , context=0x7fb891e82c08) at driver-sqlpool.c:657 db = 0x7fb891e66540 request = 0x7fb891e82e50 conn = 0x7fb891e667c0 #5 0x00007fb891c23b49 in auth_worker_handle_passv (args=0x7fb891e560b8, id=1, client=) at auth-worker-client.c:200 auth_request = 0x7fb891e82a80 passdb = password = 0x7fb891e55ff2 "somepassword" passdb_id = 1 #6 auth_worker_handle_line (line=, client=) at auth-worker-client.c:559 args = out>0x7fb891e560a8 id = 1 ret = false #7 auth_worker_input (client=0x7fb891e80650) at auth-worker-client.c:647 _data_stack_cur_id = 3 line = ret = true #8 0x00007fb89179f4b6 in io_loop_call_io (io=0x7fb891e80970) at ioloop.c:379 ioloop = 0x7fb891e5e390 t_id = 2 #9 0x00007fb8917a043f in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7fb891e69100 events = event = 0x7fb891e69170 list = 0x7fb891e809c0 io = tv = {tv_sec = 59, tv_usec = 999508} msecs = ret = 1 i = j = call = #10 0x00007fb89179ed50 in io_loop_run (ioloop=0x7fb891e5e390) at ioloop.c:398 No locals. #11 0x00007fb891786a87 in master_service_run (service=0x7fb891e5e240, callback=) at master-service.c:544 No locals. #12 0x00007fb891c289a3 in main (argc=2, argv=0x7fb891e5e080) at main.c:373 c = best regards, Mark Schmale From claude at phyto.qc.ca Thu Jun 21 02:49:16 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Wed, 20 Jun 2012 19:49:16 -0400 Subject: [Dovecot] troncated email In-Reply-To: <4FE199B8.5060304@Media-Brokers.com> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> <4FE199B8.5060304@Media-Brokers.com> Message-ID: <20120620194916.44c68160@oligoextra.phyto.qc.ca> Le Wed, 20 Jun 2012 05:36:56 -0400, Charles Marcus a ?crit : > On 2012-06-19 10:28 PM, Claude G?linas wrote: > > I'm on fc16 with dovecot and Claws Mail version 3.8.0 > > We are much more interested in the dovecot version (and configuration > - dovecot -n output is helpful there) than the version of Claws Mail. > > > All email in INBOX are troncated as they arrive. I only get the > > title, from and date but no more core message > > > > could someone guide me so I find a solution for my problem. cannot > > lose my email > > Since most of our Crystal Balls are broken, you will likely have to > be much more precise in your request for help, by providing actual > excerpts from logs while accessing mail, and you may even have to > resort to enabling debugging... > > Start here: http://wiki2.dovecot.org/WhyDoesItNotWork > > Otherwise, you may get more help from a Fedora support list. > here is the dovecot -n # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.2.7-1.fc16.x86_64 x86_64 Fedora release 16 (Verne) disable_plaintext_auth = no mail_location = maildir:~/mail/INBOX:LAYOUT=fs maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service imap-login { inet_listener imap { address = localhost } } service pop3-login { inet_listener pop3 { address = localhost } } ssl_cert = -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 dear honorable doctor timo reading the list I saw appear a new style for the "writing of INBOX". namely this example mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = I do not know how to use it can you help me now is my config ~]# /usr/sbin/dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-32 i686 CentOS release 5.8 (Final) auth_mechanisms = plain login base_dir = /var/run/dovecot/ lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = [::] log_path = /var/log/maillog log_timestamp = %Y-%m-%d %H:%M:%S login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = maildir:~/Maildir mail_max_userip_connections = 30 mail_plugins = " quota trash zlib" mailbox_list_index = yes maildir_broken_filename_sizes = yes managesieve_notify_capability = mailto managesieve_sieve_capability = comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus virustest namespace { inbox = yes location = prefix = separator = . } passdb { driver = pam } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Sent autosubscribe4 = Drafts deleted_to_trash_folder = Trash plugin = $mail_plugins autocreate managesieve sieve quota quota = maildir:User quota quota_exceeded_message = Quota exceeded, please go to http://www.fakessh.eu/over_quota_help.html for instructions on how to fix this. quota_rule = *:storage=10GB quota_rule2 = Trash:storage=+10% quota_rule3 = Spam:storage=+20% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /var/sieve-scripts/roundcube.sieve sieve_dir = ~/sieve sieve_global_path = whatever trash = /etc/dovecot/dovecot-trash.conf.ext zlib_save = bz2 zlib_save_level = 9 } protocols = sieve imap pop3 service anvil { client_limit = 6000 } service auth { client_limit = 6000 process_limit = 1 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0600 user = postfix } unix_listener auth-master { mode = 0666 } unix_listener auth-userdb { mode = 0666 } vsz_limit = 64 M } service imap-login { client_limit = 0 inet_listener imap { port = 0 } inet_listener imaps { address = * , [::] port = 993 } process_limit = 1024 service_count = 1 vsz_limit = 64 M } service imap { process_limit = 1024 process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve-login { inet_listener managesieve-login { address = * , [::] port = 2000 } process_limit = 1 vsz_limit = 64 M } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { address = * , [::] port = 995 } process_limit = 1 vsz_limit = 64 M } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = mail } user = dovecot } ssl_ca = References: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> Message-ID: Timo, thanks Timo Sirainen wrote: >Easiest fix: remove 15-mailboxes.conf > This didn't seem to fix it, though, perhaps I failed to test it properly >Alternative fix: modify this namespace to actually work. Probably >adding inbox=yes inside it is enough to do that. With some trepidation, I inserted the string where I thought it should go, and, bingo, it started working as expected. I probably should removed the full path from SQL query, and put in the Conf file as docs suggest, but I might leave that for another day. Thank you again, Voytek -- Swyped on Motrix with K-9 Mail. Please excuse my brevity. From p at state-of-mind.de Thu Jun 21 09:32:52 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Thu, 21 Jun 2012 08:32:52 +0200 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <4FE264AB.1090600@smtp.fakessh.eu> References: <4FE264AB.1090600@smtp.fakessh.eu> Message-ID: <20120621063252.GB2417@state-of-mind.de> * ml : > dear honorable doctor timo > > reading the list I saw appear a new style for the "writing of INBOX". > namely this example > > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = This 'new' type of writing defines mailboxes for SPECIAL-USE as defined in http://tools.ietf.org/rfc/rfc6154.txt. > I do not know how to use it can you help me now is my config If your mail clients support it, they will automatically map their mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you have assigned the respective $special_use option to. If they don't nothing will change. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 316 bytes Desc: Digital signature URL: From kayasaman at gmail.com Thu Jun 21 09:36:58 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Thu, 21 Jun 2012 07:36:58 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: I think the issue seems to be the mechanism between Dovecot and AD, so basically PAM..... I adapted my pam.d file to this: # auth auth sufficient pam_krb5.so no_warn try_first_pass debug #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account #account required pam_nologin.so #account required pam_unix.so account required pam_krb5.so in the hope that this config would work: userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static # args = uid=500 gid=500 home=/ZPOOL_1/%u # allow_all_users=yes } passdb { driver = pam } However I am still having issues :-( Regards, Kaya From stan at hardwarefreak.com Thu Jun 21 10:50:02 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 21 Jun 2012 02:50:02 -0500 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D22A.9050200@hardwarefreak.com> On 6/20/2012 10:50 AM, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system? I have not, but can tell you from experience and education that distributed filesystems don't work well with transactional workloads such as IMAP and SMTP. The two reasons are high latency and problems with file locking, as Timo mentioned. Instead of asking if anyone here has tried to use GlusterFS, why not describe your situation and ask for advice on a solution? That usually works much better, and you gain valuable insight. -- Stan From robert at schetterer.org Thu Jun 21 10:57:43 2012 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 21 Jun 2012 09:57:43 +0200 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D3F7.5000709@schetterer.org> Am 20.06.2012 17:50, schrieb Romer Ventura: > Hello, > > > > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? > > > > It says that it can be presented as a NFS, CIFS and as GlusterFS using the > native client, technically using the client would allow the machine to read > and write to it, therefore, I think that Dovecot would not care about it. > Correct? > > > > Anyone out there used this setup?? > > > > Thanks. > > reading the faqs i wouldnt recommend it yet, but as Timo said try with performance tests first -- Best Regards MfG Robert Schetterer From amateo at um.es Thu Jun 21 11:44:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 10:44:56 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE2DF08.7040400@um.es> El 20/06/12 12:05, Timo Sirainen escribi?: > >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > According to http://wiki2.dovecot.org/LoginProcess Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? From zimmys76 at web.de Thu Jun 21 11:46:50 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 21 Jun 2012 10:46:50 +0200 Subject: [Dovecot] public namespace Message-ID: <015301cd4f8a$68b0f0c0$3a12d240$@web.de> Hello, dovecot -n # 2.0.18: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_privileged_group = vmail mail_uid = 5000 namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/%n/public prefix = Public/ separator = / subscriptions = no type = public } i?m a little bit confused but I hope I find help here. The user mailboxes work perfectly just the public mailbox is a little bit tricky I expect that all public maildirs be placed under /var/mail/vhosts/%d/public. ?They are created by defining a public namespace, under which all the shared mailboxes are?. For those special users, I have set the maillocation via passwd file to /%d/public/%n, all other users have /%d/%n. So we have following folder structure \public \public\.info \public\.lager \public\.buchhaltung And so on That?s works fine, but with subfolder start the problems. When the info-?user? loggs on and creates a subfolder under his INBOX(called hust2) then no other people can see this. Otherside, if a ?normal? user creates a folder in public folder info(called hust), the info ?user? can? t see this one. If I look to filesystem, the reason is clear: %d/public/.info# ls -la insgesamt 32 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 cur -rwxrwx---+ 1 vmail vmail 51 Jun 21 09:50 dovecot-uidlist -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:50 dovecot-uidvalidity.4fe04b06 drwx--S---+ 5 vmail vmail 78 Jun 19 11:54 .INBOX.hust2 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 new -rw-rw----+ 1 vmail vmail 18 Jun 19 11:51 subscriptions drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 tmp drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .Trash %d/public# ls -la insgesamt 16 -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:51 dovecot-uidvalidity.4fe04b36 drwx--S---+ 7 vmail vmail 4096 Jun 21 09:50 .info drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .info.hust A look to the info mailbox makes it clear: info at BLABLA \INBOX \hust2 >create by info user in his mailbox \Trash \Public \info >his own public share \hust >create by other user in public folder What I need is: %d/public/lager/cur %d/public/lager/new %d/public/lager/tmp %d/public/lager/.foo %d/public/lager/.foo.bar %d/public/ info /cur %d/public/ info /new %d/public/ info /tmp %d/public/info/.hust %d/public/info/.hust.deeperhust %d/public/info/.hust2 All public maildirs under /%d/public/%n Must I create a namespace for all public maildirs?: namespace { location = maildir:/var/mail/vhosts/%d/public/info } namespace { location = maildir:/var/mail/vhosts/%d/public/lager } I can? t figure out on my own, please give me an explanation. Thanks for soon comment. Daniel From tss at iki.fi Thu Jun 21 12:53:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 12:53:59 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE2DF08.7040400@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> Message-ID: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> On 21.6.2012, at 11.44, Angel L. Mateo wrote: > El 20/06/12 12:05, Timo Sirainen escribi?: >> >>> default_process_limit = 1000 >> >> Since you haven't enabled high-performance mode for imap-login processes >> and haven't otherwise changed the service imap-login settings, this >> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. >> > According to http://wiki2.dovecot.org/LoginProcess > > Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). > > I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? > > If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. I guess you don't have many SSL/TLS connections. From amateo at um.es Thu Jun 21 13:01:10 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 12:01:10 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> Message-ID: <4FE2F0E6.1020406@um.es> El 21/06/12 11:53, Timo Sirainen escribi?: > > Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. > > I guess you don't have many SSL/TLS connections. I'm not using SSL/TLS (it is done by a ssl accelerator, so connections to backend is plain) From CMarcus at Media-Brokers.com Thu Jun 21 14:12:43 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 21 Jun 2012 07:12:43 -0400 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <20120621063252.GB2417@state-of-mind.de> References: <4FE264AB.1090600@smtp.fakessh.eu> <20120621063252.GB2417@state-of-mind.de> Message-ID: <4FE301AB.3070403@Media-Brokers.com> On 2012-06-21 2:32 AM, Patrick Ben Koetter

wrote: > This 'new' type of writing defines mailboxes for SPECIAL-USE as > defined in http://tools.ietf.org/rfc/rfc6154.txt. > > If your mail clients support it, they will automatically map their > mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you > have assigned the respective $special_use option to. > > If they don't nothing will change. Out of curiosity, do you (or does anyone else) know of a list of clients that do (or don't) support this (what I consider to be most *excellent*) feature? Specifically, what about the most problematic clients I know of - Outlook and Apple Mail? Maybe the wiki could be updated with this info, and us users could keep it up to date as time goes on? -- Best regards, Charles From tompru at jla.rutgers.edu Thu Jun 21 17:48:29 2012 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 21 Jun 2012 10:48:29 -0400 Subject: [Dovecot] doveadm proxy kick in director setups Message-ID: <20120621144829.GA8792@hawkeye.rutgers.edu> Something I noticed on a 2.1.7 director test cluster (two directors, three backends): 'doveadm proxy kick user' will kick all connections for that user on that director only. Any additional connections on other directors will remain active unless the command is run on all directors. Are the proxy and director sub-commands intended to be separate and distinct in their operation? If so, then this makes sense, as a proxy isn't necessarily a director. Are there any plans for a proxy kick equivalent that would work across directors? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 145 email: tompru at jla.rutgers.edu phone: (732) 445-2634 From emailbuilder88 at yahoo.com Thu Jun 21 21:05:24 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:05:24 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) Message-ID: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Hi, We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.? It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this.? Am I correct or is it less clear-cut? Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? TIA From tss at iki.fi Thu Jun 21 21:13:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 21:13:21 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> On 21.6.2012, at 21.05, email builder wrote: > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this. Am I correct or is it less clear-cut? If you disable index index files in Dovecot, its performance should be slightly better than Courier. With index files the performance is typically much better in Dovecot, especially if you use a (non-caching) webmail. > Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? If you don't migrate any existing users, I guess this doesn't differ much from any other optimized Dovecot installation. Usually large installations (>1M users) use NetApp NFS + Dovecot director. You might also want to enable full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other things. From emailbuilder88 at yahoo.com Thu Jun 21 21:32:46 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:32:46 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files Message-ID: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. I know Sieve scripts are plain text files, but need to be compiled for use.? I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly.? But a couple questions: * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script?? I would need to replicate this manually. * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user?? Are there issues with this? * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Thank you From emailbuilder88 at yahoo.com Thu Jun 21 23:05:25 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 13:05:25 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> Message-ID: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Thank you very much for the fast reply. >> We are building a new system that will support a large number of users >> (high volume, high concurrent usage, etc).? We have played with Dovecot, but in >> most serious applications we have traditionally used Courier IMAP.? It's my >> (lay) understanding that with indexing and perhaps other things in Dovecot, it >> might perform better than Courier in larger environments like this.? Am I >> correct or is it less clear-cut? > > If you disable index index files in Dovecot, its performance should be slightly > better than Courier. With index files the performance is typically much better > in Dovecot, especially if you use a (non-caching) webmail. Interesting.? What would be the motivations for disabling indexing? Indexing is by default enabled? Do you know what webmails are caching vs. non-caching?? Am I correct that what you're pointing out is that with non-caching webmails you will notice IMAP performance differences more readily but that a caching webmail application might be better no matter which IMAP server because it reduces the need for webmail to make IMAP connections? >> Any tips on making the migration (not migrating an existing system, I mean >> migrating our paradigm - things to consider, things to watch out for)? > > If you don't migrate any existing users, I guess this doesn't differ > much from any other optimized Dovecot installation. Usually large installations > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > things. Ah, I didn't know about Director.? That looks very nice.? I had in mind that we would have to use Perdition, but an integrated solution might be good. Anyone have any thoughts or opinions considering Perdition vs. Director? Full text searches don't hurt performance too bad? Thanks for the other links, I will certainly go read up on them. From tss at iki.fi Thu Jun 21 23:22:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:22:44 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <1340310164.5967.86.camel@hurina> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: > Thank you very much for the fast reply. > > >> We are building a new system that will support a large number of users > > >> (high volume, high concurrent usage, etc). We have played with Dovecot, but in > >> most serious applications we have traditionally used Courier IMAP. It's my > >> (lay) understanding that with indexing and perhaps other things in Dovecot, it > >> might perform better than Courier in larger environments like this. Am I > >> correct or is it less clear-cut? > > > > If you disable index index files in Dovecot, its performance should be slightly > > better than Courier. With index files the performance is typically much better > > in Dovecot, especially if you use a (non-caching) webmail. > > Interesting. What would be the motivations for disabling indexing? > Indexing is by default enabled? Yes, enabled by default. There aren't many good reasons for disabling indexing. > Do you know what webmails are caching vs. non-caching? Nearly all of them are non-caching. (I don't know of any caching ones.) > Am I correct that what you're pointing out is that with non-caching > webmails you will notice IMAP performance differences more readily > but that a caching webmail application might be better no matter > which IMAP server because it reduces the need for webmail to make > IMAP connections? It's not about the IMAP connections themselves, but how often they fetch message (meta)data. http://www.imapwiki.org/Benchmarking should explain this better. Dovecot's indexing can lower the disk I/O usage perhaps by 10x compared to Courier. > >> Any tips on making the migration (not migrating an existing system, I mean > >> migrating our paradigm - things to consider, things to watch out for)? > > > > If you don't migrate any existing users, I guess this doesn't differ > > much from any other optimized Dovecot installation. Usually large installations > > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > > things. > > Ah, I didn't know about Director. That looks very nice. I had in mind that > we would have to use Perdition, but an integrated solution might be good. > > Anyone have any thoughts or opinions considering Perdition vs. Director? Dovecot proxy has several Dovecot-specific features that make it work better than perdition (forwards client IP address to backend, handle CAPABILITY stuff better, maybe other things). > Full text searches don't hurt performance too bad? They should improve the performance, at least from the user's point of view when doing a search on webmail. But yes, the indexing itself does cost CPU cycles, disk I/O and disk usage (perhaps 30% more disk space). From h.reindl at thelounge.net Thu Jun 21 23:34:15 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:34:15 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38547.4060407@thelounge.net> Am 21.06.2012 22:22, schrieb Timo Sirainen: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) roundcube can if configured additionally you should install imapproxy on the webserver wehre your webmail is running and configure the webmail for using 127.0.0.1 - so only one connection per user is persistent instead make a new one for each ajax-request -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From lists at necoro.eu Thu Jun 21 23:37:55 2012 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Thu, 21 Jun 2012 22:37:55 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38623.5050303@necoro.eu> Am 21.06.2012 22:22, schrieb Timo Sirainen: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) At least roundcube (v0.7.1 here) has some caching options: ------------------[excerpt from roundcubes main.inc.php]------------- // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. $rcmail_config['imap_cache'] = null; // Enables messages cache. Only 'db' cache is supported. $rcmail_config['messages_cache'] = false; -------------------------[end]---------------------------------------- But I don't know, whether this is the sort of caching you are referring to. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From bdh at machinehum.com Thu Jun 21 23:37:52 2012 From: bdh at machinehum.com (Brian Hayden) Date: Thu, 21 Jun 2012 15:37:52 -0500 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: On Jun 21, 2012, at 3:22 PM, Timo Sirainen wrote: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Thank you very much for the fast reply. >> >>>> We are building a new system that will support a large number of users >> >>>> (high volume, high concurrent usage, etc). We have played with Dovecot, but in >>>> most serious applications we have traditionally used Courier IMAP. It's my >>>> (lay) understanding that with indexing and perhaps other things in Dovecot, it >>>> might perform better than Courier in larger environments like this. Am I >>>> correct or is it less clear-cut? >>> >>> If you disable index index files in Dovecot, its performance should be slightly >>> better than Courier. With index files the performance is typically much better >>> in Dovecot, especially if you use a (non-caching) webmail. >> >> Interesting. What would be the motivations for disabling indexing? >> Indexing is by default enabled? > > Yes, enabled by default. There aren't many good reasons for disabling > indexing. > >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) Prayer, from University of Cambridge, or Chickadee, a fork of it. It's essentially a proper IMAP client in C that runs on a server, and uses HTTPS (via an embedded server, no external dependency on apache or etc.) to the end user just to deliver the display. When I was on the email project for the University of Minnesota, I modified it heavily for interface and to add some features that admins are used to having in systems where apache is involved (virtual hosts, things like that). I have it available (GPL) as a vanilla, de-branded package--Chickadee. Website is currently offline as I've been switching hosts, anyone who's interested can feel free to drop me a line. -Brian From tss at iki.fi Thu Jun 21 23:44:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:44:33 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38547.4060407@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> Message-ID: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> On 21.6.2012, at 23.34, Reindl Harald wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >>> Do you know what webmails are caching vs. non-caching? >> >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > roundcube can if configured > > additionally you should install imapproxy on the webserver > wehre your webmail is running and configure the webmail for > using 127.0.0.1 - so only one connection per user is > persistent instead make a new one for each ajax-request Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. From h.reindl at thelounge.net Thu Jun 21 23:48:03 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:48:03 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <4FE38883.8000808@thelounge.net> Am 21.06.2012 22:44, schrieb Timo Sirainen: > On 21.6.2012, at 23.34, Reindl Harald wrote: > >> Am 21.06.2012 22:22, schrieb Timo Sirainen: >>>> Do you know what webmails are caching vs. non-caching? >>> >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> roundcube can if configured >> >> additionally you should install imapproxy on the webserver >> wehre your webmail is running and configure the webmail for >> using 127.0.0.1 - so only one connection per user is >> persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. depends on network-latency, parallel users and last but not least count of folders - if you have 30 folders and roundcube refreshs every 20 seconds it will make in the worst case 180 connections for one user per minute maybe a bechmark with high load shows other values but felt performance in our setup is much better with imapproxy in front - roundcube feels like a desktop client -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:52:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:52:22 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? From h.reindl at thelounge.net Thu Jun 21 23:54:23 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:54:23 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> Message-ID: <4FE389FF.2080106@thelounge.net> Am 21.06.2012 22:52, schrieb Timo Sirainen: > On 21.6.2012, at 23.48, Reindl Harald wrote: > >>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. >> >> depends on network-latency, parallel users and last but >> not least count of folders - if you have 30 folders and >> roundcube refreshs every 20 seconds it will make in the >> worst case 180 connections for one user per minute > > Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? not 100% sure i simply tried it with proxy, was happy that it feels faster and last but not least i have lesser entries in maillog which goes to a central mysql-server for self-developed web-interfaces -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:57:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:57:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute > > maybe a bechmark with high load shows other values > > but felt performance in our setup is much better with > imapproxy in front - roundcube feels like a desktop client Oh, and of course it also depends on Dovecot configuration :) Authentication cache is needed and login processes must be in high performance mode. There is still the extra work of forking a new imap process (could also be avoided with yet another config option) and some other extra CPU usage, but those shouldn't cause much of a difference. The extra network latency during login is a good point though. From slusarz at curecanti.org Fri Jun 22 00:07:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:07:52 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <20120621150752.Horde.Mln7K4F5lbhP440ot73xbcA@bigworm.curecanti.org> Quoting Timo Sirainen : > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) IMP is caching (message/mailbox/folder listing), with full QRESYNC/CONDSTORE support. michael From lists at wildgooses.com Fri Jun 22 00:48:31 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:48:31 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE389FF.2080106@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> Message-ID: <4FE396AF.4070309@wildgooses.com> On 21/06/2012 21:54, Reindl Harald wrote: > and last but not least i have lesser entries in maillog which > goes to a central mysql-server for self-developed web-interfaces I recently added imapproxy to my Roundcube installation. Benchmarks showed a very slight slowdown, but as you point out it reduced the login count from dovecot and I use a login script to kind of report last login / length of session and this tallies better with an imap desktop user now I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) On average I think few users should use it.. Or at least benchmark and add it reluctantly... Ed From lists at wildgooses.com Fri Jun 22 00:55:04 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:55:04 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE39838.1030508@wildgooses.com> On 21/06/2012 21:37, Ren? Neumann wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >>> Do you know what webmails are caching vs. non-caching? >> Nearly all of them are non-caching. (I don't know of any caching ones.) > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. > > - Ren? It is caching, but unless your mysql / memcache server is lower latency than your dovecot server, then the caching does very little. I tested it very briefly and it added a lot of latency to my results when adding a mysql cache. However, my setup has the mysql/dovecot/roundcube all on the same machine, so latency is minimal. Roughly I found that the amount of caching is absolutely massive, eg roughly subject headers, message ids and more for every message in every folder. This meant multiple seconds of latency on first login and then slight additional latency on every folder view. I guess this might breakeven in the situation of a roundcube installation in an office and dovecot on the far end of an ADSL line with 60-100ms+ of latency and bandwidth constraints, but it's really, really hard to see it's sensible for two machines in the same datacenter with an uncontended network connection between them This isn't to say that the caching isn't sensible for use with other mail servers, but I don't see it offers any benefit for most Dovecot installations? However, very clever and full featured webmail client! Ed W P.S. Sogo has a kind of caching in that it has a clientside javascript cache. Not what was meant, but for all practical purposes much more useful... From slusarz at curecanti.org Fri Jun 22 00:58:01 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:58:01 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE396AF.4070309@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> Message-ID: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Quoting Ed W : > I think the conclusion is that imapproxy is not necessary. There > are some advantages (eg with high network latency between web and > imap server, and reducing apparent login count), and some > disadvantages (extra complexity, slowdown) Not entirely true. See this thread: http://markmail.org/thread/z7ctwle2go6zafas Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. michael From tss at iki.fi Fri Jun 22 01:12:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 01:12:04 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: On 22.6.2012, at 0.58, Michael M Slusarz wrote: >> I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) > > Not entirely true. See this thread: > > http://markmail.org/thread/z7ctwle2go6zafas > > Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. Well, I had completely forgotten about it :) Reading my old mail: > There isn't a whole lot of state to be saved really. Mailbox GUID, UIDVALIDITY, > HIGHESTMODSEQ gives the mailbox state. Then you have the language/etc. states. > Clients could restore their earlier state from days ago, as long as Dovecot > still has the necessary .log records available (similar to how QRESYNC works). Yeah .. Perhaps something like: 1. if client issues LOGOUT XSTATE 2. And server sees that it can actually save all of the state (some things are a bit tricky, and probably not worth the trouble in initial implementation) 3. Then the server server sends * OK XSTATE * BYE 4. The client can pipeline after LOGIN/AUTHENTICATE: a XSTATERESTORE a OK Yeah! or a NO Not gonna work. Perhaps even a real RFC for this thing? .. If it's worth it.. Would save at least a few X bytes from network traffic :) From yggdrasil at gmx.co.uk Fri Jun 22 02:28:10 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 00:28:10 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve Message-ID: <87y5ng1bzp.fsf@gmx.co.uk> Hi, I am trying to st up Offlineimap to use Dovecots LDA to be able to use Sieve for mail filtering, but am not sure how to get this working. I think the right way would be to use 'preauthtunnel' in .offlineimaprc and try the setup below, which doesn't work. ,----.offlineimaprc | [Repository LocalRepository] | type = IMAP | preauthtunnel = ssh -q localhost '/usr/libexec/dovecot/deliver -d myloginid' `---- If I go via the network card, the snch is fine, but Sieve can't be used? ,---- | [Repository LocalRepository] | type = IMAP | preauthtunnel = MAIL=maildir:$HOME/Maildir/myMailDir /usr/libexec/dovecot/deliver -d mylogonid | remotehost = localhost | port = 143 | remoteuser = mylogonid | remotepass = mypassword `---- Has anyone got any tips on how to get offlineimap to send mail to Dovecot in a way that Siev3e can be used? thanks! -- Johnny From a.kostyrev at serverc.ru Fri Jun 22 05:27:38 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 13:27:38 +1100 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <213B51F00051AE48A9F0E112880177178F7A43@Delta.sc.local> We've considered using gluster for our mail storage a month ago. I've seen index corruption even if mail was delivered by lmtp sequentially some split-brains with no clear reason with more than 2000 mails in box we had to wait for 40sec to open mailbox through roundcube, so we've decided to go for dsync replication instead with common mysql database for user storage and imap/pop3/lmtp proxy. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Romer Ventura Sent: Thursday, June 21, 2012 2:51 AM To: dovecot at dovecot.org Subject: [Dovecot] GlusterFS + Dovecot Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From emailbuilder88 at yahoo.com Fri Jun 22 05:28:50 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 19:28:50 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> Message-ID: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> > Oh, and of course it also depends on Dovecot configuration :) Authentication > cache is needed and login processes must be in high performance mode. I.e., I think: http://wiki2.dovecot.org/LoginProcess http://wiki2.dovecot.org/Authentication/Caching > There is > still the extra work of forking a new imap process (could also be avoided with > yet another config option) Are you referring to client_limit or service_count or something else as yet undeveloped? Speaking of which, I cannot understand the different between those two.? Hints in the configuration file (10-master.conf) and the wiki make them sound like they do the same thing -- ?? From tss at iki.fi Fri Jun 22 05:44:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 05:44:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: On 22.6.2012, at 5.28, email builder wrote: >> Oh, and of course it also depends on Dovecot configuration :) Authentication >> cache is needed and login processes must be in high performance mode. > > I.e., I think: > > http://wiki2.dovecot.org/LoginProcess > http://wiki2.dovecot.org/Authentication/Caching Yes. >> There is >> still the extra work of forking a new imap process (could also be avoided with >> yet another config option) > > Are you referring to client_limit or service_count or something else as yet undeveloped? service imap { service_count = 0 } (default=1) allows imap processes to be reused for more than 1 connection. The downside is that if there are any bugs in Dovecot, they might accidentally expose another user's email data to the wrong user. That's very unlikely to happen but since this isn't a performance problem in most (if any) systems I don't want to enable it by default. Dovecot code is written so that write buffer overflows (= arbitrary code execution) is minimized to be as zero possibility as I could think of, but read buffer overflows (= exposing data within the process) isn't treated nearly as much with paranoia. > Speaking of which, I cannot understand the different between those two. Hints in the > configuration file (10-master.conf) and the wiki make them sound like they do the same > thing -- ?? service_count limits the maximum of client_limit. One connection = one service. Once a process has serviced "service_count" number of connections it disconnects itself. There can never be more than "client_limit" number of simultaneous connections. The important stuff to understand about these are: * service_count=1: The most secure setting for a process. The process serves a single connection and kills itself. No possibility of data leaking to unintended connection. * service_count=0, client_limit=1: The process does blocking operations (e.g. blocking disk IO). You don't want one connection's blocking operation to affect other connections. But you're not paranoid about security, since in case of some bugs some data might leak to unintended connection. * service_count>0: Restart process ever N connections, just in case it leaks some memory. * client_limit>1: Limit the amount of CPU/memory a single process takes. The process should never be blocking on disk I/O or locks or anything else. This means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound processes it's fine. Maybe these could be copy&pasted to the wiki2/Services. From emailbuilder88 at yahoo.com Fri Jun 22 08:27:18 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 22:27:18 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> >>> Oh, and of course it also depends on Dovecot configuration :) >>> Authentication >>> cache is needed and login processes must be in high performance mode. >> >> I.e., I think: >> >> http://wiki2.dovecot.org/LoginProcess >> http://wiki2.dovecot.org/Authentication/Caching > > Yes. > >>> There is >>> still the extra work of forking a new imap process (could also be >>> avoided with >>> yet another config option) >> >> Are you referring to client_limit or service_count or something else as yet >> undeveloped? > > service imap { service_count = 0 } (default=1) allows imap processes to be > reused for more than 1 connection. The downside is that if there are any bugs in > Dovecot, they might accidentally expose another user's email data to the > wrong user. That's very unlikely to happen but since this isn't a > performance problem in most (if any) systems I don't want to enable it by > default. Dovecot code is written so that write buffer overflows (= arbitrary > code execution) is minimized to be as zero possibility as I could think of, but > read buffer overflows (= exposing data within the process) isn't treated > nearly as much with paranoia. > >> Speaking of which, I cannot understand the different between those two.? >> Hints in the >> configuration file (10-master.conf) and the wiki make them sound like they >> do the same >> thing -- ?? > > service_count limits the maximum of client_limit. One connection = one service. > Once a process has serviced "service_count" number of connections it > disconnects itself. There can never be more than "client_limit" number > of simultaneous connections. The important stuff to understand about these are: > > * service_count=1: The most secure setting for a process. The process serves a > single connection and kills itself. No possibility of data leaking to unintended > connection. > * service_count=0, client_limit=1: The process does blocking operations (e.g. > blocking disk IO). You don't want one connection's blocking operation to > affect other connections. But you're not paranoid about security, since in > case of some bugs some data might leak to unintended connection. > * service_count>0: Restart process ever N connections, just in case it leaks > some memory. > * client_limit>1: Limit the amount of CPU/memory a single process takes. The > process should never be blocking on disk I/O or locks or anything else. This > means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound > processes it's fine. So really, a new process is created under *two* circumstances?? 1. when a process reaches client_limit number of *simultaneous* connections or? 2. when a process has serviced service_count number of connections.? Is this correct? So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 Thanks for the help!??? From aerion82 at gmail.com Fri Jun 22 08:49:54 2012 From: aerion82 at gmail.com (Aerion Stevens) Date: Fri, 22 Jun 2012 15:49:54 +1000 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend service on same server Message-ID: Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From a.kostyrev at serverc.ru Fri Jun 22 09:29:25 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 17:29:25 +1100 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server In-Reply-To: References: Message-ID: <213B51F00051AE48A9F0E112880177178F7A46@Delta.sc.local> I've already tortured Timo about that. check this thread out: http://www.dovecot.org/list/dovecot/2012-June/066315.html -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Aerion Stevens Sent: Friday, June 22, 2012 4:50 PM To: dovecot at dovecot.org Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From stephan at rename-it.nl Fri Jun 22 10:08:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:08:05 +0200 Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <4FE419D5.1060409@rename-it.nl> On 6/21/2012 8:32 PM, email builder wrote: > We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. > > I know Sieve scripts are plain text files, but need to be compiled for use. I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly. But a couple questions: > > * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? This is the script file that the sieve= setting points to. The term 'active' only has real meaning when ManageSieve is used. Then, the active script file is a symbolic link that points into the sieve_dir= directory, thereby selecting which script is active. > * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script? I would need to replicate this manually. It makes the symbolic link. Compiling the script is done automatically when the script is first executed at delivery. > * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user? Are there issues with this? You can pre-compile it, but the plaintext script must also exist at the indicated location. Sieve always looks for the plaintext script and only when that is found it checks for the presence of an earlier compiled binary. > * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Yes. Regards, Stephan. From stephan at rename-it.nl Fri Jun 22 10:10:20 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:10:20 +0200 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <87y5ng1bzp.fsf@gmx.co.uk> References: <87y5ng1bzp.fsf@gmx.co.uk> Message-ID: <4FE41A5C.4050609@rename-it.nl> On 6/22/2012 1:28 AM, Johnny wrote: > Hi, > > I am trying to st up Offlineimap to use Dovecots LDA to be able to use > Sieve for mail filtering, but am not sure how to get this working. I > think the right way would be to use 'preauthtunnel' in .offlineimaprc > and try the setup below, which doesn't work. [...] > Has anyone got any tips on how to get offlineimap to send mail to > Dovecot in a way that Siev3e can be used? Could you show your dovecot config (dovecot -n output) here? I'm wondering whether you have enabled the Sieve plugin for LDA. Regards, Stephan. From emailbuilder88 at yahoo.com Fri Jun 22 10:32:12 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:32:12 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <4FE419D5.1060409@rename-it.nl> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> <4FE419D5.1060409@rename-it.nl> Message-ID: <1340350332.34438.YahooMailNeo@web39301.mail.mud.yahoo.com> Thanks for the reply -- >> We have some scripts that take care of some tasks when creating new email > accounts, such as creating some default mail filter rules. >> >> I know Sieve scripts are plain text files, but need to be compiled for >> use.? I see that you can use seivec to compile scripts manually, which can help >> me create .dovecot.svbin which can be placed where needed and permissioned >> correctly.? But a couple questions: >> >> * Sieve has the concept of an active script - is this merely whatever is >> compiled into the .dovecot.svbin file? > > This is the script file that the sieve= setting points to. The term > 'active' only has real meaning when ManageSieve is used. Then, the > active script file is a symbolic link that points into the sieve_dir= directory, > thereby selecting which script is active. > >> * Does dovecot (managesieve) do any other housekeeping when a user sieve >> script is installed and set as the active script?? I would need to replicate >> this manually. > > It makes the symbolic link. Compiling the script is done automatically when the > script is first executed at delivery. > >> * If the default script is always the same (sorry, for us, the solution >> isn't global scripts), would it work to compile that script once, keep the >> compiled version somewhere and merely copy it into the correct place for a new >> user?? Are there issues with this? > > You can pre-compile it, but the plaintext script must also exist at the > indicated location. Sieve always looks for the plaintext script and only when > that is found it checks for the presence of an earlier compiled binary. Oh, so it's even easier.? Our setup script can just put the plain text sieve script in the right place, create the .dovecot.sieve symlink and that's enough? Pasting in a precompiled would save a few CPU cycles upon first delivery? Great, thanks again. From emailbuilder88 at yahoo.com Fri Jun 22 10:42:47 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:42:47 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? Message-ID: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> We're considering a move from Courier to Dovecot.? So far, looks like it's not too bad, but the most challenging obstacle is what to do about our local delivery.? Factors: 1. we use a lot of maildrop "features" that are impossible in sieve without piping to an external program (would rather not re-write our working maildrop scripts in another language) 2. would love to try dbox 3. we use IMAP/Maildir++ quotas (looks like with a little finesse it's possible to get maildrop and dovecot to play nice on this account, yes?) I saw it suggested to just call LDA from maildrop for any maildrop "to" commands (hmmm, what about "cc"?) here: http://article.gmane.org/gmane.mail.imap.dovecot/56120 How much overhead will this take?? Would it be possible or advisable to use LMTP instead if that would help?? Is this idea just too crazy? From emailbuilder88 at yahoo.com Fri Jun 22 11:24:27 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:24:27 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <1340353467.4539.YahooMailNeo@web39306.mail.mud.yahoo.com> > We're considering a move from Courier to Dovecot.? So far, looks like > it's not too bad, but the most challenging obstacle is what to do about > our local delivery.? Factors: > > 1. we use a lot of maildrop "features" that are impossible in sieve > > without piping to an external program (would rather not re-write our > working maildrop scripts in another language) > > 2. would love to try dbox > > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) > > > I saw it suggested to just call LDA from maildrop for any maildrop > "to" commands (hmmm, what about "cc"?) here: > > http://article.gmane.org/gmane.mail.imap.dovecot/56120 > > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? Oh, doing this would also have benefit of updating dovecot indexes upon delivery, and we could ignore point 3 about the quotas and just let dovecot handle deliver time quotas too right?? (remove quota support from maildrop) Also saw a suggestion to do it a little different: http://article.gmane.org/gmane.mail.imap.dovecot/44897 So maildrop to "| foo" to "! foo at bar.com" cc "| foo" cc "! foo at bar.com" are left as is then to "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " to "| /dev/null" or just: to "| /usr/lib/dovecot/dovecot-lda -m " and cc "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " or just: cc "| /usr/lib/dovecot/dovecot-lda -m " and the default end-of-script (INBOX) delivery for maildrop (an assumed "to 'INBOX'" command) can probably be replaced with one or the other of: xfilter "/usr/lib/dovecot/dovecot-lda" to "| /dev/null" or: to "| /usr/lib/dovecot/dovecot-lda" Does any of this make sense?? I wonder how it will look to the MTA (postfix here) when delivery fails.? It's also creating duplicate user lookups for the two delivery agents which isn't great. Maybe it'd be better to consider learning how to re-write our needed maildrop scripts as shell scripts (maildrop is close enough to bash I guess) and making sieve pipe out to them? From Ralf.Hildebrandt at charite.de Fri Jun 22 11:48:32 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 10:48:32 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <20120622084832.GH16499@charite.de> * email builder : > 1. we use a lot of maildrop "features" that are impossible in sieve We're calling deliver from maildropc > 2. would love to try dbox For that you'd need to call deliver from maildropc > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) deliver/dovecot is handling Maildir++ quotas just fine. > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? does maildrop speak LMTP? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From emailbuilder88 at yahoo.com Fri Jun 22 11:59:19 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:59:19 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <20120622084832.GH16499@charite.de> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> Message-ID: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> >> 1. we use a lot of maildrop "features" that are impossible in >> sieve > > We're calling deliver from maildropc Ah, so this is actually sane enough of an idea that someone really uses it?? Is the performance reasonable?? Bounces or deferred mail all work as expected?? What syntax did you use to replace to/cc with calls to LDA? >> 2. would love to try dbox > > For that you'd need to call deliver from maildropc I take it you didn't try this >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse >> it's possible to get maildrop and dovecot to play nice on this >> account, yes?) > > deliver/dovecot is handling Maildir++ quotas just fine. But if you call dovecot LDA you're not limited to Maildir++ quotas, right?? You can strip quota support out of maildrop and just let dovecot LDA and dovecot IMAP enforce quotas which keeps things more simple, no? >> How much overhead will this take?? Would it be possible or >> advisable to use LMTP instead if that would help?? Is this >> idea just too crazy? > > does maildrop speak LMTP? Good point From Ralf.Hildebrandt at charite.de Fri Jun 22 12:27:13 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 11:27:13 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <20120622092713.GJ16499@charite.de> * email builder : > > >> 1. we use a lot of maildrop "features" that are impossible in > > >> sieve > > > > We're calling deliver from maildropc > > Ah, so this is actually sane enough of an idea that someone > really uses it?? Is the performance reasonable?? Bounces or > deferred mail all work as expected?? What syntax did you use > to replace to/cc with calls to LDA? I'll send you my /etc/maildroprc it's working OK. I'm using deliver where I can, only a few things are done by maildrop/mailbot > >> 2. would love to try dbox > > > > For that you'd need to call deliver from maildropc > > I take it you didn't try this Exactly. > >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > >> it's possible to get maildrop and dovecot to play nice on this > >> account, yes?) > > > > deliver/dovecot is handling Maildir++ quotas just fine. > > But if you call dovecot LDA you're not limited to Maildir++ > quotas, right? Correct. > ? You can strip quota support out of maildrop and just let dovecot LDA > and dovecot IMAP enforce quotas which keeps things more simple, no? Since I'm delegating all delivery to deliver, except for pipes, I'm using the quota facilities of deliver/dovecot -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tss at iki.fi Fri Jun 22 12:47:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 12:47:31 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> Message-ID: <33DFF34D-EC88-4DBB-8B10-EA6BA1597F64@iki.fi> On 22.6.2012, at 8.27, email builder wrote: > So really, a new process is created under *two* circumstances? 1. when a > process reaches client_limit number of *simultaneous* connections or 2. when > a process has serviced service_count number of connections. Is this correct? Yes. > So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 It would work, but for login processes the service_count can be 0. I haven't seen them leaking any memory recently. One somewhat annoying thing with service_count>1 is that the processes have to wait until all of the connections have disconnected before shutting down. For processes handling long running connections (especially IMAP) this can mean that you'll end up with a lot of processes that are ready to shutdown but a couple of connections prevent it from doing this. From yggdrasil at gmx.co.uk Fri Jun 22 14:35:09 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 12:35:09 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <4FE41A5C.4050609@rename-it.nl> (Stephan Bosch's message of "Fri, 22 Jun 2012 09:10:20 +0200") References: <87y5ng1bzp.fsf@gmx.co.uk> <4FE41A5C.4050609@rename-it.nl> Message-ID: <87wr2zinpu.fsf@gmx.co.uk> Hi Stephan, Stephan Bosch writes: > On 6/22/2012 1:28 AM, Johnny wrote: >> Hi, >> >> I am trying to st up Offlineimap to use Dovecots LDA to be able to use >> Sieve for mail filtering, but am not sure how to get this working. I >> think the right way would be to use 'preauthtunnel' in .offlineimaprc >> and try the setup below, which doesn't work. > [...] >> Has anyone got any tips on how to get offlineimap to send mail to >> Dovecot in a way that Siev3e can be used? > > Could you show your dovecot config (dovecot -n output) here? I'm > wondering whether you have enabled the Sieve plugin for LDA. > I haven't set up Sieve yet, as I haven't been able to figure out how to use the Dovecot LDA. Or is this not required to run Sieve? Here's my config: ,---- | mbox_write_locks = fcntl | | namespace inbox { | | hidden = no | | inbox = yes | | list = yes | | location = | | mailbox Drafts { | | special_use = \Drafts | | } | | mailbox Junk { | | special_use = \Junk | | } | | mailbox Sent { | | special_use = \Sent | | } | | mailbox "Sent Messages" { | | special_use = \Sent | | } | | mailbox Trash { | | special_use = \Trash | | } | | prefix = | | separator = . | | subscriptions = yes | | type = private | | } | | passdb { | | args = scheme=MD5 username_format=%u /etc/dovecot/users | | driver = passwd-file | | } | | protocols = imap | | service auth { | | unix_listener auth-userdb { | | mode = 0666 | | } | | } | | ssl = required | | ssl_cert = Hi Timo, any idea whats this related too ? dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrbytes 21703727 < 25193928 -- Best Regards MfG Robert Schetterer From tss at iki.fi Fri Jun 22 16:34:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 16:34:33 +0300 Subject: [Dovecot] dovecot stats error In-Reply-To: <4FE46641.4030801@schetterer.org> References: <4FE46641.4030801@schetterer.org> Message-ID: <494CA511-4DC1-402B-9A00-D0678BBB1BF4@iki.fi> On 22.6.2012, at 15.34, Robert Schetterer wrote: > Hi Timo, > any idea whats this related too ? > > dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats > shrank: mrbytes 21703727 < 25193928 Which Dovecot version? I thought I fixed this already.. From Benoit.Branciard at univ-paris1.fr Fri Jun 22 16:59:18 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Fri, 22 Jun 2012 15:59:18 +0200 Subject: [Dovecot] cumulative userdb ? Message-ID: <4FE47A36.5090003@univ-paris1.fr> in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? that is, for all users: - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? This is *different* from the "multiple databases" setup described in http://wiki2.dovecot.org/Authentication/MultipleDatabases, where it is meant as "failover": the second database is looked up only if the user isn't found in the first database. -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From robertcoore at yahoo.com Fri Jun 22 18:46:35 2012 From: robertcoore at yahoo.com (robert coore) Date: Fri, 22 Jun 2012 15:46:35 +0000 (UTC) Subject: [Dovecot] permissions on auth-userdb References: Message-ID: googlemail.com> writes: > > Hi.. > > im still trying to upgrade to 2.0. > Im getting: > dovecot: lda: Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=10000(vmail) egid=10000(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) > > the error is correct caus its owned by root. My Questions is who should own it ? > Im not sure how that works, what process/user calls the auth-userdb ? > The auth-userdb returns the args generated in master.conf, right ? > > i think comment out the user and group setting in master.conf will fix > it but im not sure if that is the securest way. > > the mails come from postfix via dovecot-lda > > Hans > > master.conf > service auth { > # auth_socket_path points to this userdb socket by default. It's typically > # used by dovecot-lda, doveadm, possibly imap process, etc. Its default > # permissions make it readable only by root, but you may need to relax these > # permissions. Users that have access to this socket are able to get a list > # of all usernames and get results of everyone's userdb lookups. > unix_listener auth-userdb { > mode = 0600 > #user = vmail > #group = vmail > } > > auth-ldap.conf.ext > passdb { > driver = ldap > args = /etc/dovecot/dovecot-ldap.conf.ext > } > userdb { > driver = static > args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ > mail=/home/MAILBOXES/%u/mail > } > > Hi all was getting the same errors took me 2 days to understand what it was saying to me but i finally solved it if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the owner and the premissions are srw-------- so vmail has not right to call or even use the process What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb I also did a chmod g+r /var/run/dovecot/auth-userdb ls -l /var/run/dovecot/auth-userdb srw----r-- 1 vmail vmail my unix_listener auth-userdb { mode = 600 { protocol lda { auth_socket_path = /var/run/dovecot/auth-userdb log_path = /home/vmail/dovecot-deliver.log that worked for me 1. havent restarted the dovecot service dont know if it will keep the settings. From tss at iki.fi Fri Jun 22 21:46:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 21:46:06 +0300 Subject: [Dovecot] cumulative userdb ? In-Reply-To: <4FE47A36.5090003@univ-paris1.fr> References: <4FE47A36.5090003@univ-paris1.fr> Message-ID: <643DEB67-BA15-4D0A-B157-5DAAC0A4276D@iki.fi> On 22.6.2012, at 16.59, Benoit Branciard wrote: > in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? > > that is, for all users: > - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), > - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? I've also wanted this a few times. But no, not possible currently. From ncjeffgus at zimage.com Sat Jun 23 00:24:36 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Fri, 22 Jun 2012 14:24:36 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" Message-ID: <1340400276.12426.9.camel@maclinux> I'm getting an error backing up mailboxes. I'm using the mirror command: dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o mail_home=/home/.incoming_mail_migrations/users/bob dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX dsync-remote(vmail): Error: command BOX-LIST failed dsync-local(vmail): Error: Worker server's mailbox iteration failed The mail user doesn't yet exist on the destination yet, thus the use of the mail_home parameter. I found a mailing list message where a person was having a similar problem but I couldn't find confirmation that the issue was resolved. In our case, the backup goes from maildir to mdbox format (we can't to convert to mdbox). Things seemed to be moving along, but there are quite a few examples of dsync failing. I think the issue happens more often with large mailboxes ( > 50GB ). We're running version 2.0.13. doveconf -n: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) auth_mechanisms = plain login default_client_limit = 15000 default_process_limit = 10000 disable_plaintext_auth = no listen = * mail_gid = vmail mail_location = maildir:~/Maildir mail_plugins = zlib mail_uid = vmail mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { zlib_save = gz } protocols = imap pop3 service auth { client_limit = 10000 unix_listener auth-userdb { mode = 0666 } } service imap-postlogin { executable = script-login /usr/bin/postlogin-imap.sh user = $default_internal_user } service imap { drop_priv_before_exec = yes executable = imap process_limit = 10000 } service pop3-postlogin { executable = script-login /usr/bin/postlogin-pop.sh user = $default_internal_user } } service pop3 { drop_priv_before_exec = yes executable = pop3 process_limit = 2500 } ssl_cert = References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340415602.12632.2.camel@amito> On Sun, 2012-06-17 at 14:04 +0200, Wojciech Puchar wrote: > >> maildir form. Reviews of kmail are very bad, and thunderbird uses the > >> mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > if you want to use any of those hopeless programs just turn message > caching in them (folder synchronization off in thunderbird) and login to > dovecot, even on localhost. > > kmail v.3 is barely usable, v4 is good. It looks like you don't like any of the email programs we've discussed. Which email programs do you like? BTW: kmail on my system is 4.8.3 -- In more detail: $ kmail --version Qt: 4.8.2 KDE Development Platform: 4.8.3 (4.8.3) KMail: 4.8.3 Thanks - jon From jonrysh at pacbell.net Sat Jun 23 05:02:55 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Fri, 22 Jun 2012 19:02:55 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340416975.12632.19.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. I have now set up dovecot on my system, and should now be in business, but when Thunderbird connects to Dovecot it doesn't see any folders. Here is the situation. Please excuse the length of this message; I have tried to include all useful information. My system is Fedora-17 Linux with all updates running on x86_64 hardware. Dovecot is installed and running with this configuration: $ dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_location = mbox:~/Dovecot:INBOX=/var/spool/mail/%u mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: <1340400276.12426.9.camel@maclinux> Message-ID: <746A0B68-368B-40D3-ACAB-8A39BDFDA99D@mediatemple.net> Hey, just a point of clarification. In at least some of the cases (possibly all, I'll leave that up to Jeff to state) an initial dsync (as documented in Jeff's message) was completed successfully and the problem occurred when we ran a second (using exactly the same cmd) time to catch any changes since the original sync (since the initial sync took many hours). Doug On Jun 22, 2012, at 2:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > > dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: > 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX > dsync-remote(vmail): Error: command BOX-LIST failed > dsync-local(vmail): Error: Worker server's mailbox iteration failed > > The mail user doesn't yet exist on the destination yet, thus the use of > the mail_home parameter. > I found a mailing list message where a person was having a similar > problem but I couldn't find confirmation that the issue was resolved. > In our case, the backup goes from maildir to mdbox format (we can't to > convert to mdbox). Things seemed to be moving along, but there are quite > a few examples of dsync failing. I think the issue happens more often > with large mailboxes ( > 50GB ). > We're running version 2.0.13. > doveconf -n: > > # 2.0.13: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) > auth_mechanisms = plain login > default_client_limit = 15000 > default_process_limit = 10000 > disable_plaintext_auth = no > listen = * > mail_gid = vmail > mail_location = maildir:~/Maildir > mail_plugins = zlib > mail_uid = vmail > mmap_disable = yes > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > } > passdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > plugin { > zlib_save = gz > } > protocols = imap pop3 > service auth { > client_limit = 10000 > unix_listener auth-userdb { > mode = 0666 > } > } > service imap-postlogin { > executable = script-login /usr/bin/postlogin-imap.sh > user = $default_internal_user > } > service imap { > drop_priv_before_exec = yes > executable = imap > process_limit = 10000 > } > service pop3-postlogin { > executable = script-login /usr/bin/postlogin-pop.sh > user = $default_internal_user > } > } > service pop3 { > drop_priv_before_exec = yes > executable = pop3 > process_limit = 2500 > } > ssl_cert = ssl_key = userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = zlib > } > protocol lda { > mail_plugins = zlib > } > protocol imap { > mail_max_userip_connections = 100 > mail_plugins = zlib > } > protocol pop3 { > mail_max_userip_connections = 30 > mail_plugins = zlib > } > > > ...Jeff > From manu at netbsd.org Sat Jun 23 08:04:30 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Sat, 23 Jun 2012 07:04:30 +0200 Subject: [Dovecot] pop3-throttle Message-ID: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Hello I am having a hard time with users using POP while leaving mailboxes of several gigabyte cumulated. This causes a lot of disk I/O and kills performancs for everyone. I try to encourage people migrating to IMAP, but that migration will take some time, and therefore I am looking for alterantive ways to workaround the problem. I found pop3-throttle-plugin.c, which seems a smart way to solve the problem, unfortunately it comes with no documentation. I was able to build it and load it, bu itsays nothing in the logs. Is there any doc somewhere? Any advices on how to set it up? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu at netbsd.org From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:20:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:20:23 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: > > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). what is large? >? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. >? It's my (lay) understanding that with indexing and perhaps other things >in Dovecot, it might perform better than Courier in larger environments >like this.? Am I correct or is it less clear-cut? No idea how well courier IMAP performs. But have idea how well dovecot performs. I don't have large configs like thousands of users as i don't handle "herd of random users" style cases, but in every place i have dovecot IMAP takes unnoticable amount of server load. Just make a test. Definitely use maildir format, not mbox. dovecot heavily accesses it's index files. they are not large relative to e-mail sizes. With really large case if I/O will limit you i would recommend using SSD storage to keep just indexes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:21:38 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:21:38 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: > > Nearly all of them are non-caching. (I don't know of any caching ones.) which is definite adventage in spite of it's numerous security holes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:22:37 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:22:37 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:30:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:30:18 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: >> kmail v.3 is barely usable, v4 is good. > > It looks like you don't like any of the email programs we've discussed. > Which email programs do you like? it depends whether you ask what I personally use or what i recommend to my clients. I personally use alpine exclusively. I don't like GUI interfaces. And i use alpine directly handling maildir so it's not about IMAP. But if you need mail client over IMAP - alpine can do this, but cannot cache. mutt can cache if you like that program. i don't - in spite of much better functionality. alpine have lowest keypress to amount of word done ratio of any mail program i know. For my clients it depends - windoze: exclusively thunderbird. It's FAR FAR from perfect but still best you can get under windoze. - X11 terminal based config: well... it's funny but too thunderbird. All QT based programs are useless with X11 over network. Thunderbird works fine. I disable "folder synchronization" as well as indexing in it, so it's acceptably fast. The need to connecting over localhost from account X to account X to dovecot-imap is quite stupid but not a problem. For now it is thunderbird 10.0.5esr - both windows and FreeBSD From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:32:39 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:32:39 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: For Jonathan Ryshpan: for no obvious reason my IP is blocked at AT&T mail server you use. From michael at think-for-yourself.org Sat Jun 23 12:20:18 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 02:20:18 -0700 Subject: [Dovecot] Hardware infrastructure for email system Message-ID: <4FE58A52.8050708@think-for-yourself.org> Hi, I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read several threads in the areas of my questions here. While there are some that come close I haven't yet been able to get all my questions answered. I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. So right now both dovecot and roundcube run on the same box which is a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID 6, so only local storage using maildir. So far it's been holding up fine, but it's beginning to show signs of overload now. I also expect an increase in users over the next few months up to somewhere between 10 - 20,000 mail boxes. Hence the re-planning. My first priority in redesigning my setup is reliability. I definitely need something fail-save and as close to always on as possible. Next is performance. And while the budget is of course limited for the moment I'm setting that aside and will worry about that when the time comes. Now here is my question(s): In order to support up to 20,000 mailboxes (distributed over several times-zones so they won't all be used at the same time) with a very reliable service with good performance, what do I actually need? Do I need(ul) SAN or is it just a "would be nice to have"? If yes, why and what would be appropriate for my needs? Or will a setup with a few more servers like the ones I already have, using something like DRBD and distributing services (imap, http, spamd etc) onto different boxes do? I know I have more reading to do on all the different options out there, but would like some input from people that have experience in this area so I can focus on the stuff that's right for my situation. Michael From jonrysh at pacbell.net Sat Jun 23 12:23:35 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 23 Jun 2012 02:23:35 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: <1340443415.20888.8.camel@amito> On Sat, 2012-06-23 at 10:30 +0200, Wojciech Puchar wrote: > >> kmail v.3 is barely usable, v4 is good. > > > > It looks like you don't like any of the email programs we've discussed. > > Which email programs do you like? > > it depends whether you ask what I personally use or what i recommend to my > clients. > > I personally use alpine exclusively. I don't like GUI interfaces. And i > use alpine directly handling maildir so it's not about IMAP. But if you > need mail client over IMAP - alpine can do this, but cannot cache. > > mutt can cache if you like that program. i don't - in spite of much better > functionality. alpine have lowest keypress to amount of word done ratio of > any mail program i know. > > For my clients it depends > > - windoze: exclusively thunderbird. It's FAR FAR from perfect but still > best you can get under windoze. > > - X11 terminal based config: well... it's funny but too thunderbird. All > QT based programs are useless with X11 over network. Thunderbird works > fine. I disable "folder synchronization" as well as indexing in it, so > it's acceptably fast. The need to connecting over localhost from account > X to account X to dovecot-imap is quite stupid but not a problem. > > For now it is thunderbird 10.0.5esr - both windows and FreeBSD I want to be able to read and write HTML, since my correspondents use and expect it, so alpine is out. I had been happy with evolution, but it is now badly broken under KDE, and I am in process of changing to Thunderbird, as you see. Thanks for the advice - jon From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:01:30 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:01:30 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340442919.20888.4.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> <1340442919.20888.4.camel@amito> Message-ID: sorry for replying through that links but - as you may see - replying to Jonathan will not work. If AT&T have such strange policy then i am just sorry. It sings the beginning of end of open internet if more companies will start to do this, and result in few huge corporations handling everything. Not happy world to live. On Sat, 23 Jun 2012, Jonathan Ryshpan wrote: > On Sat, 2012-06-23 at 10:32 +0200, Wojciech Puchar wrote: >> For Jonathan Ryshpan: >> >> for no obvious reason my IP is blocked at AT&T mail server you use. > > I'm not sure what's going on, but I suspect the problem is this: Many US > mail servers refuse to accept mail from any servers that they have not > approved; if mail is coming direct from you to ATT, rather than via some > large ISP, it will likely be refused. This is supposed to reduce the > amount of spam (fat chance). > > Thanks for your reply - jon > > > From lists at wildgooses.com Sat Jun 23 13:21:02 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 23 Jun 2012 11:21:02 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE5988E.3010101@wildgooses.com> On 23/06/2012 09:22, Wojciech Puchar wrote: >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> At least roundcube (v0.7.1 here) has some caching options: >> >> ------------------[excerpt from roundcubes main.inc.php]------------- >> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and >> 'memcache'. >> $rcmail_config['imap_cache'] = null; >> >> // Enables messages cache. Only 'db' cache is supported. >> $rcmail_config['messages_cache'] = false; >> -------------------------[end]---------------------------------------- >> >> But I don't know, whether this is the sort of caching you are >> referring to. > > what's a point of caching imap, except your webmail service is not > locally connected (localhost or LAN) to imap server? Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Ed From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:24:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:24:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: >>> But I don't know, whether this is the sort of caching you are referring >>> to. >> >> what's a point of caching imap, except your webmail service is not locally >> connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an > expensive operation, especially if you just asked for items 585-600 a moment > ago? > fine. how about overhead of cache itself? From p at state-of-mind.de Sat Jun 23 13:25:56 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 23 Jun 2012 12:25:56 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <20120623102555.GA5497@state-of-mind.de> Michael, * Michael Wessel : > I'm currently (re-)planning my email setup and have been doing some > research. I have done some searches and read several threads in the > areas of my questions here. While there are some that come close I > haven't yet been able to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about > 2000 active accounts. I have a separate SMTP server for outbound > mail and auth is done against a separate LDAP server. In front of > the POP/IMAP server I have another SMTP (4 in parallel actually) > server that receives and filters inbound mail through a company > specific, proprietary filter before the mail hits the POP/IMAP > server. LDAP & SMTP servers are ESXi VMs. Do people use 'real' mail clients to connect and IDLE too? > So right now both dovecot and roundcube run on the same box which is > a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in > RAID 6, so only local storage using maildir. So far it's been > holding up fine, but it's beginning to show signs of overload now. I > also expect an increase in users over the next few months up to > somewhere between 10 - 20,000 mail boxes. Hence the re-planning. > > My first priority in redesigning my setup is reliability. I > definitely need something fail-save and as close to always on as > possible. Next is performance. And while the budget is of course > limited for the moment I'm setting that aside and will worry about > that when the time comes. > > Now here is my question(s): > > In order to support up to 20,000 mailboxes (distributed over several > times-zones so they won't all be used at the same time) with a very > reliable service with good performance, what do I actually need? > > Do I need(ul) SAN or is it just a "would be nice to have"? If yes, > why and what would be appropriate for my needs? Or will a setup with > a few more servers like the ones I already have, using something > like DRBD and distributing services (imap, http, spamd etc) onto > different boxes do? Will the server enforce quota? What will be the average mailbox size? Do people share content e.g. mailings with attachments that go out to all recipients? What might be the maximum number of clients using the server at one time? Will all users use the same client product e.g. roundcube? What's your backup strategy? What do you use to backup mailboxes? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From CMarcus at Media-Brokers.com Sat Jun 23 13:29:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:29:26 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340400276.12426.9.camel@maclinux> References: <1340400276.12426.9.camel@maclinux> Message-ID: <4FE59A86.7020208@Media-Brokers.com> On 2012-06-22 5:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > # 2.0.13: /etc/dovecot/dovecot.conf As you are aware (since you participated in the thread discussion about this months ago), Timo is working on a total rewrite of dsync, and if memory serves, it is mainly for 2.1+, and it is not recommend to use it in earlier versions if you need reliability (ie, 2.0.x, as you are using)... So, by all means, update and help timo make it better! Timo? Care to elaborate on where you are with this, and how much of the rewrite is being applied to 2.1 (all of it?), or backported to earlier versions? -- Best regards, Charles From CMarcus at Media-Brokers.com Sat Jun 23 13:34:06 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:34:06 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: References: Message-ID: <4FE59B9E.1050009@Media-Brokers.com> It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... On 2012-06-22 11:46 AM, robert coore wrote: > googlemail.com> writes: > >> >> Hi.. >> >> im still trying to upgrade to 2.0. >> Im getting: >> dovecot: lda: Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=10000(vmail) egid=10000(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) >> >> the error is correct caus its owned by root. My Questions is who should own > it ? >> Im not sure how that works, what process/user calls the auth-userdb ? >> The auth-userdb returns the args generated in master.conf, right ? >> >> i think comment out the user and group setting in master.conf will fix >> it but im not sure if that is the securest way. >> >> the mails come from postfix via dovecot-lda >> >> Hans >> >> master.conf >> service auth { >> # auth_socket_path points to this userdb socket by default. It's typically >> # used by dovecot-lda, doveadm, possibly imap process, etc. Its default >> # permissions make it readable only by root, but you may need to relax > these >> # permissions. Users that have access to this socket are able to get a list >> # of all usernames and get results of everyone's userdb lookups. >> unix_listener auth-userdb { >> mode = 0600 >> #user = vmail >> #group = vmail >> } >> >> auth-ldap.conf.ext >> passdb { >> driver = ldap >> args = /etc/dovecot/dovecot-ldap.conf.ext >> } >> userdb { >> driver = static >> args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ >> mail=/home/MAILBOXES/%u/mail >> } >> >> > > > Hi all was getting the same errors took me 2 days to understand what it was > saying to me but i finally solved it > > > > if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the > owner and the premissions are srw-------- so vmail has not right to call or > even use the process > What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb > I also did a chmod g+r /var/run/dovecot/auth-userdb > ls -l /var/run/dovecot/auth-userdb > srw----r-- 1 vmail vmail > my unix_listener auth-userdb { > mode = 600 > { > > protocol lda { > auth_socket_path = /var/run/dovecot/auth-userdb > log_path = /home/vmail/dovecot-deliver.log > > that worked for me > 1. havent restarted the dovecot service dont know if it will keep the settings. > > > > > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From robert at schetterer.org Sat Jun 23 13:52:26 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 23 Jun 2012 12:52:26 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE59FEA.80002@schetterer.org> Am 23.06.2012 11:20, schrieb Michael Wessel: > So right now both dovecot and roundcube run on the same box which is a > Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID > 6, so only local storage using maildir. So far it's been holding up > fine, but it's beginning to show signs of overload now. I also expect an > increase in users over the next few months up to somewhere between 10 - > 20,000 mail boxes. Hence the re-planning. you should ask for paid support at Timo , or some other dovcot geeks near you -- Best Regards MfG Robert Schetterer From CMarcus at Media-Brokers.com Sat Jun 23 13:53:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:53:26 -0400 Subject: [Dovecot] Import from Evolution In-Reply-To: <1340416975.12632.19.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340416975.12632.19.camel@amito> Message-ID: <4FE5A026.20203@Media-Brokers.com> On 2012-06-22 10:02 PM, Jonathan Ryshpan wrote: > and /var/log/maillog shows the corresponding error: > > Jun 22 18:23:10 amito dovecot: imap(jonrysh): Error: > chown(/home/jonrysh/Dovecot/.imap/INBOX, group=12(mail)) failed: > Operation not permitted (egid=1000(jonrysh), group based on > /var/spool/mail/jonrysh - seehttp://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > As a complete Dovecot/IMAP newbie, I am completely confused. Any > advice will be much appreciated. Obviously a permissions problem... This may help: http://wiki2.dovecot.org/SharedMailboxes/Permissions But again, a dovecot tool to check and/or fix these itself would be nice... -- Best regards, Charles From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 14:09:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 13:09:18 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: > > I'm currently (re-)planning my email setup and have been doing some research. > I have done some searches and read several threads in the areas of my > questions here. While there are some that come close I haven't yet been able > to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about 2000 > active accounts. I have a separate SMTP server for outbound mail and auth is > done against a separate LDAP server. In front of the POP/IMAP server I have > another SMTP (4 in parallel actually) server that receives and filters > inbound mail through a company specific, proprietary filter before the mail > hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. And finally i cannot understand this dividing of servers just to merging it back using VMWare. Finally i would recommend to get rid of RAID6. It's terribly slow on writes and writes are common on mail server. Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. From h.reindl at thelounge.net Sat Jun 23 14:17:44 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:17:44 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A5D8.2050908@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> >> I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read >> several threads in the areas of my questions here. While there are some that come close I haven't yet been able >> to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP >> server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have >> another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, >> proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. > > it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. > And finally i cannot understand this dividing of servers just to merging it back using VMWare. because it is a big difference if you have anything in a single machine or splittet in virtual machines - you can move them at runtime to different hosts and if you run out of ressources for one of them you can buy a phyisclal machine, add it to the cluster and move the virtual machine without any downtime if you have all on one machine or VM you are not scaleable -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Sat Jun 23 14:23:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 14:23:02 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> On 23.6.2012, at 13.21, Ed W wrote: >>> But I don't know, whether this is the sort of caching you are referring to. >> >> what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. From h.reindl at thelounge.net Sat Jun 23 14:23:57 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:23:57 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A74D.2010201@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: > Finally i would recommend to get rid of RAID6. It's terribly slow on writes and > writes are common on mail server. depends, it is slower than RAID5, but safer > Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. oh no please do not recommend SATA crap with RAID1 and think it is faster than RAID6 - the additional writes doe snot matter if the whole disk-system is much faster and RAID1 has no benefit in performance nobody will use SATA disks for high peformance servers in production - really nobody these days! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:20:12 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:20:12 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: >> >> it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources ok - for me it is just likes. You have higher change to have the need to move at the first place doing this :) From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:21:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:21:41 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot matter > if the whole disk-system is much faster and RAID1 has no benefit > in performance OK i would not recommend anything anymore. Normally my advices are for money. > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! > at least one person. and getting a bit of money helping other increasing performance of their setup. guess who. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 16:04:47 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 15:04:47 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: >> >> Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. that is my point. and - esp. with webmail, i see no point to run such service in different place than dovecot server runs. Best - same server. Maybe - other server connected with fast LAN. From joe at tao.org.uk Sat Jun 23 18:18:40 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Sat, 23 Jun 2012 16:18:40 +0100 Subject: [Dovecot] Problems getting auto create plugin to work Message-ID: Hi there, I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? I've got this in my 20-imap.conf file: protocol imap { mail_plugins = $mail_plugins antispam autocreate } and this in my 90-plugins.conf file: plugin { autocreate = Trash autocreate2 = Spam autosubscribe = Trash autosubscribe2 = Spam ... etc } But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. Is there something else that I also need to do? Thanks, Joe From user+dovecot at localhost.localdomain.org Sat Jun 23 19:08:37 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 23 Jun 2012 18:08:37 +0200 Subject: [Dovecot] Problems getting auto create plugin to work In-Reply-To: References: Message-ID: <4FE5EA05.2090804@localhost.localdomain.org> On 06/23/2012 05:18 PM Dr Josef Karthauser wrote: > Hi there, > > I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? > > I've got this in my 20-imap.conf file: > > protocol imap { > mail_plugins = $mail_plugins antispam autocreate > } > > and this in my 90-plugins.conf file: > > plugin { > autocreate = Trash > autocreate2 = Spam > autosubscribe = Trash > autosubscribe2 = Spam > > ... etc > } Don't show us configuration file snippets, always paste `doveconf -n` output. > But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. > > Is there something else that I also need to do? ,--[ http://dovecot.org/doc/NEWS-2.1 ]-- | ? | + Added mailbox {} sections, which deprecate autocreate plugin | ? `-- Have a look at the mailbox definitions configuration file: http://hg.dovecot.org/dovecot-2.1/file/tip/doc/example-config/conf.d/15-mailboxes.conf Regards, Pascal -- The trapper recommends today: deadbeef.1217518 at localdomain.org From acrow at integrafin.co.uk Sat Jun 23 20:00:52 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 18:00:52 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE1FCDB.6080503@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> Message-ID: <4FE5F644.8000606@integrafin.co.uk> On 20/06/12 17:39, Alex Crow wrote: > Hi, > > I'm trying to access the IMAP archives with Thunderbird but can't seem > to get it to work. I have tried an unencrypted connection, SSL and TLS > but with no success. Any ideas? > > Thanks > > Alex > Hi, Still stuck here - would really like to be able to access the archives in my email client... Anyone able to see the mailing list archives in Thunderbird or other IMAP clients? Are they currently down? Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From patrickdk at patrickdk.com Sat Jun 23 20:04:40 2012 From: patrickdk at patrickdk.com (Patrick Domack) Date: Sat, 23 Jun 2012 13:04:40 -0400 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <20120623130440.Horde.n_x2XJLnE6FP5fcoWOKAhaA@mail.patrickdk.com> Quoting Reindl Harald : > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> it is already enormous overshoot in hardware specs. And i do not >> really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to >> merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources > for one of them you can buy a phyisclal machine, add it to the > cluster and move the virtual machine without any downtime > > if you have all on one machine or VM you are not scaleable Personally I found going from real hardware E51xx servers to E56xx servers to give double the performance per same speed and amount of cores for my mail server. Then moving it onto vmware slowed it down approx 15%. Overall still a let win, and using vmware for extra HA and easier maintenance is deferentially worth the slowdown. From tss at iki.fi Sat Jun 23 20:06:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:06:28 +0300 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE5F644.8000606@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> Message-ID: <1340471188.5967.88.camel@hurina> On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: > > I'm trying to access the IMAP archives with Thunderbird but can't seem > > to get it to work. I have tried an unencrypted connection, SSL and TLS > > but with no success. Any ideas? > > > > Thanks > > > > Alex > > > Hi, > > Still stuck here - would really like to be able to access the archives > in my email client... > > Anyone able to see the mailing list archives in Thunderbird or other > IMAP clients? Are they currently down? It works fine as far as I can see, even with Thunderbird. What error do you get? From andrzej.filip at gmail.com Sat Jun 23 20:09:40 2012 From: andrzej.filip at gmail.com (Andrzej A. Filip) Date: Sat, 23 Jun 2012 19:09:40 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: <4FE5F854.4050804@gmail.com> On 06/23/2012 01:23 PM, Reindl Harald wrote: > > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >> writes are common on mail server. > depends, it is slower than RAID5, but safer > >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot mat > if the whole disk-system is much faster and RAID1 has no benefit > in performance > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! Could you specify/define your idea of "high performance servers" land border? It may reduce the flame war. From dmalolepszy at optusnet.com.au Sat Jun 23 20:36:52 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 03:36:52 +1000 Subject: [Dovecot] SQLite dovecot query caching Message-ID: <4FE5FEB4.2050801@optusnet.com.au> Hi, I am wondering if Dovecot caches SQLite queries, and how well it works in high performance setups. I am particularly interested because in the below thread SQLite has been suggested as a means of Dovecot proxying connections to different ports. http://old.nabble.com/director%3A-non-standart-ports-at-backends-td33991991.html Cheers, Dominic. From tss at iki.fi Sat Jun 23 20:39:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:39:07 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE5FEB4.2050801@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> Message-ID: <1340473147.5967.89.camel@hurina> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > Hi, > > I am wondering if Dovecot caches SQLite queries, and how well it works > in high performance setups. I am particularly interested because in the > below thread SQLite has been suggested as a means of Dovecot proxying > connections to different ports. You can enable auth cache: http://wiki2.dovecot.org/Authentication/Caching From acrow at integrafin.co.uk Sat Jun 23 21:10:37 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 19:10:37 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5F854.4050804@gmail.com> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> Message-ID: <4FE6069D.2050703@integrafin.co.uk> On 23/06/12 18:09, Andrzej A. Filip wrote: > On 06/23/2012 01:23 PM, Reindl Harald wrote: >> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >>> writes are common on mail server. >> depends, it is slower than RAID5, but safer >> >>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. >> oh no please do not recommend SATA crap with RAID1 and think >> it is faster than RAID6 - the additional writes doe snot mat >> if the whole disk-system is much faster and RAID1 has no benefit >> in performance >> >> nobody will use SATA disks for high peformance servers in >> production - really nobody these days! > Could you specify/define your idea of "high performance servers" land > border? > It may reduce the flame war. > Hi, With dovecot, you can separate indexes and email, and with dbox/mdbox, have ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. Note: with *dbox your indexes are the only place your mail flags are kept, so don't risk a single drive or even RAID5 for your index store. This is what I am moving into production from dovecot 1.x on a single RAID6 array (hardware, LSI controller, 6 10k SAS drives in RAID10) which has served very well for a while but is not getting too small for all our mail. Performance has been good for up to 350 users, average mailbox size >4G, about 25-35k incoming mails per day. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 21:20:24 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 04:20:24 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340473147.5967.89.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> Message-ID: <4FE608E8.6090106@optusnet.com.au> On 24/06/12 3:39 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >> Hi, >> >> I am wondering if Dovecot caches SQLite queries, and how well it works >> in high performance setups. I am particularly interested because in the >> below thread SQLite has been suggested as a means of Dovecot proxying >> connections to different ports. > You can enable auth cache: > http://wiki2.dovecot.org/Authentication/Caching > > This is a per user caching though, it will still have to perform a sql look up each time a unique user authenticates to determine what port the proxy should forward each connection. Is that accurate? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 21:21:05 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 20:21:05 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE6069D.2050703@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: > ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, > recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go > on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. But at least an improvement From tss at iki.fi Sat Jun 23 21:57:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 21:57:08 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE608E8.6090106@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> Message-ID: <1340477828.5967.91.camel@hurina> On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: > On 24/06/12 3:39 AM, Timo Sirainen wrote: > > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > >> Hi, > >> > >> I am wondering if Dovecot caches SQLite queries, and how well it works > >> in high performance setups. I am particularly interested because in the > >> below thread SQLite has been suggested as a means of Dovecot proxying > >> connections to different ports. > > You can enable auth cache: > > http://wiki2.dovecot.org/Authentication/Caching > > > > > > This is a per user caching though, it will still have to perform a sql > look up each time a unique user authenticates to determine what port the > proxy should forward each connection. Is that accurate? It caches the passdb lookup. The cache key consists of the given % variables in the SQL query. So if your SQL query doesn't contain %n/%u then the cache doesn't add per-user entries. From acrow at integrafin.co.uk Sat Jun 23 22:06:31 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 20:06:31 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <1340471188.5967.88.camel@hurina> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> <1340471188.5967.88.camel@hurina> Message-ID: <4FE613B7.7080809@integrafin.co.uk> On 23/06/12 18:06, Timo Sirainen wrote: > On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: >>> I'm trying to access the IMAP archives with Thunderbird but can't seem >>> to get it to work. I have tried an unencrypted connection, SSL and TLS >>> but with no success. Any ideas? >>> >>> Thanks >>> >>> Alex >>> >> Hi, >> >> Still stuck here - would really like to be able to access the archives >> in my email client... >> >> Anyone able to see the mailing list archives in Thunderbird or other >> IMAP clients? Are they currently down? > It works fine as far as I can see, even with Thunderbird. What error do > you get? > > > Hi Timo, No errors at all, I just never see any folder list or messages - tcpdump shows a few packets only when TLS mode is selected, but nothing after that, Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 22:07:48 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 05:07:48 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340477828.5967.91.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> <1340477828.5967.91.camel@hurina> Message-ID: <4FE61404.1030102@optusnet.com.au> On 24/06/12 4:57 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: >> On 24/06/12 3:39 AM, Timo Sirainen wrote: >>> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >>>> Hi, >>>> >>>> I am wondering if Dovecot caches SQLite queries, and how well it works >>>> in high performance setups. I am particularly interested because in the >>>> below thread SQLite has been suggested as a means of Dovecot proxying >>>> connections to different ports. >>> You can enable auth cache: >>> http://wiki2.dovecot.org/Authentication/Caching >>> >>> >> This is a per user caching though, it will still have to perform a sql >> look up each time a unique user authenticates to determine what port the >> proxy should forward each connection. Is that accurate? > It caches the passdb lookup. The cache key consists of the given % > variables in the SQL query. So if your SQL query doesn't contain %n/%u > then the cache doesn't add per-user entries. > > Thanks Timo, I re-read the link you sent me, and it makes a lot more sense now. I will play around with the different variables (especially the port related ones), to get the desired result. Gah its late I should go to sleep! From lists at svrinformatica.it Sat Jun 23 23:39:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 22:39:43 +0200 Subject: [Dovecot] 2.0.19 segfault Message-ID: <4FE6298F.6050502@svrinformatica.it> Hi, after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): child 6714 killed with signal 11 (core dumps disabled) I tested 2.0.21 and the problem is still here. The problem seems to appear only when the client is ms outlook, thunderbird works fine Here is the captured trace (I hope this is enough and I don't need to install debug symbols for everythings): Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (gdb) bt full #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #5 0x00007f4d01f82bcf in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #6 0x00007f4d01f79e04 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #7 0x00007f4d01f7a134 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true ---Type to continue, or q to quit--- #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = ---Type to continue, or q to quit--- login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #16 0x00007f4d02c2d5a9 in _start () No symbol table info available. Nicola From acrow at integrafin.co.uk Sun Jun 24 00:13:28 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 22:13:28 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: <4FE63178.9040203@integrafin.co.uk> On 23/06/12 19:21, Wojciech Puchar wrote: >> ALT storage, so for instance you could keep your indexes in a RAID10 >> of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and >> older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a >> NAS via NFS. > > far better solution but still about 2-3 times more $/performance than > needed, and more complex than needed. > > But at least an improvement > I'd respectfully disagree. If you only keep the most recent few weeks of email you could use reasonably priced SSDs for the indexes and perhaps downgrade to SATA for your "hot" store, both of which should be max 10% of your total space with more than a few months of email. My driving factor was to have different spindle sets for each purpose. Who knows, I might have overspent and could have done it with 3 separate SATA arrays. OTOH what about an SSD caching kit on your server? Supermicro at least do them (well, my UK vendor offers them). Just have a load of big SATA drives and use the kit for caching. The last time I looked a 256GB kit was about UKP 500. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at svrinformatica.it Sun Jun 24 00:34:47 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 23:34:47 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <4FE63677.9080900@svrinformatica.it> Il 23/06/2012 22:39, Mailing List SVR ha scritto: > Hi, > > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot > 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine > > Here is the captured trace (I hope this is enough and I don't need to > install debug symbols for everythings): > > Core was generated by `dovecot/imap-login -D'. > Program terminated with signal 11, Segmentation fault. > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > (gdb) bt full > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #1 0x0000000000000134 in ?? () > No symbol table info available. > #2 0x00000000000000cd in ?? () > No symbol table info available. > #3 0x00007f4d03e97470 in ?? () > No symbol table info available. > #4 0x00007f4d01c80629 in ?? () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #5 0x00007f4d01f82bcf in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #6 0x00007f4d01f79e04 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #7 0x00007f4d01f7a134 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:499 > ret = > #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:308 > ret = > corked = true > ---Type to continue, or q to quit--- > #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at > ioloop.c:384 > ioloop = 0x7f4d03e3e680 > t_id = 2 > #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) > at ioloop-epoll.c:213 > ctx = 0x7f4d03e505a0 > events = 0x6579351d > event = 0x7f4d03e50610 > list = 0x7f4d03e93690 > io = > tv = {tv_sec = 59, tv_usec = 999832} > msecs = > ret = 1 > i = > call = > #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at > ioloop.c:405 > No locals. > #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, > callback=) at master-service.c:481 > No locals. > #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at > main.c:371 > set_pool = 0x7f4d03e3e880 > allow_core_dumps = > ---Type to continue, or q to quit--- > login_socket = 0x7f4d02800763 "login" > c = > #15 0x00007f4d021d676d in __libc_start_main () > from /lib/x86_64-linux-gnu/libc.so.6 > No symbol table info available. > #16 0x00007f4d02c2d5a9 in _start () > No symbol table info available. > > Nicola > Here is a more detailed trace, Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 RC4 () at rc4-x86_64.s:343 343 rc4-x86_64.s: File o directory non esistente. (gdb) bt full #0 RC4 () at rc4-x86_64.s:343 No locals. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in rc4_hmac_md5_cipher (ctx=, out=0x7f4d03e8d0b8 "\314V\347\335Lc\024\205\221'?\006\177\313\326?\313\317\303c\266\360\347\364\263\242\316z\326\307\320\303?\242`\303\321?\313?\177\315\305\313?\320\307u\307\320\320\303\316?z?\307\314\303\300\316v\242\313\306\316?\321c\030T SORT=DISPLAY\301\021\222RC\005D=R\244\237T\342\004\"\020ES TH\003\246AD=\247\032FS \351ULTIA&\315\025N8\032\341\255\364EZ\376\236\062 CHILDREN\\\b{\250\240\255PACE U\216\331\nLUS LIST-EXTENDED I18NLEVEL=h CO"..., in=, len=0) at e_rc4_hmac_md5.c:163 key = 0x1a rc4_off = 139968754799079 md5_off = blocks = l = plen = #5 0x00007f4d01f82bcf in tls1_enc (s=0x7f4d03e7b700, send=1) at t1_enc.c:828 ---Type to continue, or q to quit--- rec = 0x7f4d03e7bcb8 ds = 0x7f4d03e95cf0 l = 308 bs = 1 i = ii = j = k = pad = enc = 0x7f4d01f4eae0 #6 0x00007f4d01f79e04 in do_ssl3_write (s=0x7f4d03e7b700, type=23, buf=0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"..., len=292, create_empty_fragment=0) at s3_pkt.c:815 p = plen = 0x7f4d03e8d0b6 "" i = mac_size = 0 clear = prefix_len = eivlen = align = ---Type to continue, or q to quit--- wr = 0x7f4d03e7bcb8 wb = 0x7f4d03e7bc68 sess = #7 0x00007f4d01f7a134 in ssl3_write_bytes (s=0x7f4d03e7b700, type=23, buf_=0x7f4d03e7c514, len=) at s3_pkt.c:605 buf = 0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"... tot = 0 n = 292 nw = i = #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) ---Type to continue, or q to quit--- at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main (main=0x7f4d027f7a60

, argc=2, ubp_av=0x7fff37290a68, init=, fini=, ---Type to continue, or q to quit--- rtld_fini=, stack_end=0x7fff37290a58) at libc-start.c:226 result = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -1085834845464457622, 139968735532416, 140734118824544, 0, 0, 1085429787565592170, 1041548453329079914}, mask_was_saved = 0}}, priv = {pad = { 0x0, 0x0, 0x7fff37290a80, 0x1}, data = {prev = 0x0, cleanup = 0x0, canceltype = 925436544}}} not_first_call = #16 0x00007f4d02c2d5a9 in _start () Nicola From bdh at machinehum.com Sun Jun 24 01:01:47 2012 From: bdh at machinehum.com (Brian Hayden) Date: Sat, 23 Jun 2012 17:01:47 -0500 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE63178.9040203@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> <4FE63178.9040203@integrafin.co.uk> Message-ID: > On 23/06/12 19:21, Wojciech Puchar wrote: >>> ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. >> >> far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. >> >> But at least an improvement Wojciech, how many users, does your installation serve? Not raw account numbers, but real users? The things you're saying sound mostly applicable to a small, easily-dictated env. -Brian From tss at iki.fi Sun Jun 24 01:05:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 01:05:09 +0300 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <1340489109.5967.94.camel@hurina> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 > (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine Looks to me more like OpenSSL library bug. The only reason why it could be Dovecot bug is if Dovecot is causing memory corruption. Could you run imap-login via valgrind to see if this is the case? service imap-login { executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login chroot = } Also have you changed any ssl-related settings in dovecot.conf? From lists at svrinformatica.it Sun Jun 24 01:27:45 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 00:27:45 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <1340489109.5967.94.camel@hurina> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE642E1.5070609@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > attached my complete configuration, I hope there is a mistake in my config I looked at the code and there was no relevant change from dovecot 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated openssl too and this could be the problem, however is not clear to me while imap over ssl works fine with thunderdird and I see the crash in the logs for customers that seems to use ms outlook, Nicola > -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.svrinformatica.it last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at svrinformatica.it protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE647FD.4060400@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. the bug seems related to this patch: http://cvs.openssl.org/chngview?cn=22415 I'm applying just now > The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > > > From lists at svrinformatica.it Sun Jun 24 02:05:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 01:05:43 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE647FD.4060400@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE647FD.4060400@svrinformatica.it> Message-ID: <4FE64BC7.7020204@svrinformatica.it> Il 24/06/2012 00:49, Mailing List SVR ha scritto: > Il 24/06/2012 00:05, Timo Sirainen ha scritto: >> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: >> >>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot >>> 2.0.19 >>> (ubuntu precise), in my logs I have a lot of these errors: >>> >>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >>> child 6714 killed with signal 11 (core dumps disabled) >>> >>> I tested 2.0.21 and the problem is still here. The problem seems to >>> appear only when the client is ms outlook, thunderbird works fine >> Looks to me more like OpenSSL library bug. > > the bug seems related to this patch: > > http://cvs.openssl.org/chngview?cn=22415 > > I'm applying just now I can confirm that the patch listed above solve the problem, thanks for pointing me to openssl, Nicola > >> The only reason why it could >> be Dovecot bug is if Dovecot is causing memory corruption. Could you run >> imap-login via valgrind to see if this is the case? >> >> service imap-login { >> executable = /usr/bin/valgrind -q --vgdb=no >> /usr/local/libexec/dovecot/imap-login >> chroot = >> } >> >> Also have you changed any ssl-related settings in dovecot.conf? >> >> >> > > > From dovecot at r.paypc.com Sun Jun 24 02:57:09 2012 From: dovecot at r.paypc.com (Robin) Date: Sat, 23 Jun 2012 16:57:09 -0700 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE642E1.5070609@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE642E1.5070609@svrinformatica.it> Message-ID: <4FE657D5.8060205@r.paypc.com> On 6/23/2012 3:27 PM, Mailing List SVR wrote: > I looked at the code and there was no relevant change from dovecot > 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated > openssl too and this could be the problem, > > however is not clear to me while imap over ssl works fine with > thunderdird and I see the crash in the logs for customers that seems to > use ms outlook, There have been many interactions between OpenSSL (and some other SSL implementations) and some versions of schannel.dll (the system library responsible for SSL connections, used by Outlook and Internet Explorer, amongst other tools). M$ has released hotfixes addressing various problems in schannel.dll in the past, such as: http://support.microsoft.com/kb/933430 There is a fair bit of write-up online about how to configure your SSL servers to avoid problematic ciphers and socket configurations that help you avoid tripping over most of the bugs. For example: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie Whenever SSL is involved in the transaction process, always include it in your debug process as SSL negotiation is non-trivial and has been often fraught with some peril. =R= From spraker at yahoo.com Sun Jun 24 03:10:29 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:10:29 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 Message-ID: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Hello all, Just upgraded from Ubuntu 10.04 to 12.04 on a server today and went through a few issues that I finally got corrected with many different services. However, one of them - I absolutely cannot figure out. I was using Dovecot 1 in Ubuntu 10.04 - but in Ubuntu 12.04, it has been upgraded to Dovecot 2. Finally managed to get the configuration to work and get it to use MySQL as the back-end authentication method (had to install the dovecot-mysql package). But, I cannot get quotas to work. The moment I uncomment a quota line, Dovecot fails to start. Would appreciate any help with this. I am not using any of the individual configuration files on the conf.d folder - simply the dovecot.conf and dovecot-sql.conf file. Here is a copy of those. You can see the one commented line (mail_plugins under imap) simply will not work - but yet the one under POP works (although I don't think it is used): base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 33 last_valid_uid = 33 listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " mail_privileged_group = www-data passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { quota = maildir quota_rule = Trash:storage=100M } protocols = imap pop3 service auth { user = root } service imap-login { executable = /usr/lib/dovecot/imap-login } service imap { executable = /usr/lib/dovecot/imap } ssl = no userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol imap { imap_client_workarounds = mail_plugin_dir = /usr/lib/dovecot/modules/imap # mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } And for the dovecot-sql.conf file (passwords changed, of course): driver = mysql connect = dbname=horde user= password= host=localhost default_pass_scheme = PLAIN password_query = SELECT user_uid as user, user_pass as password FROM horde_users WHERE user_uid = '%u'; user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; I did not update the dovecot-sql.conf file at all - so I don't know if there maybe be some configuration issue with how it is pulling the quota limit from the database. Quotas are in bytes in the database. Certainly would appreciate any help with this. I went through the Dovecot Quota Configuration in the wiki but it wasn't any help - as I basically already have that line in the config file, but it will fail to start Dovecot. Thank you! Brian S. From tss at iki.fi Sun Jun 24 03:23:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:23:16 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.10, Brian Spraker wrote: > plugin { > quota = maildir > quota_rule = Trash:storage=100M This should be quota_rule2. Otherwise you'll just overwrite this here: > } > user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; You didn't update the quota configuration in here. Should be: concat('*:storage=', quota) AS quota_rule. BTW. This change happened during Dovecot v1.0 -> v1.1 change. Years ago for most people. :) From spraker at yahoo.com Sun Jun 24 03:29:47 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:29:47 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:23 PM > On 24.6.2012, at 3.10, Brian Spraker > wrote: > > > plugin { > >? quota = maildir > >? quota_rule = Trash:storage=100M > > This should be quota_rule2. Otherwise you'll just overwrite > this here: > > > } > > > user_query = SELECT uid, gid, home, maildir, > concat('maildir:storage=', quota) AS quota FROM horde_users > WHERE user_uid = '%u'; > > You didn't update the quota configuration in here. Should > be: concat('*:storage=', quota) AS quota_rule. > > BTW. This change happened during Dovecot v1.0 -> v1.1 > change. Years ago for most people. :) > > Thank you, Timo. I have made this change. However, I do remember before when I set set something as "quota_rule2", it was being ignored for some reason. I have updated at your response though. This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. Error in the syslog says: init: dovecot main process (xxxxx) terminated with status 89 Brian S. From tss at iki.fi Sun Jun 24 03:33:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:33:14 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.29, Brian Spraker wrote: > This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. You should also enable quota globally so it will work for doveadm and other tools you may end up using. > Error in the syslog says: > > init: dovecot main process (xxxxx) terminated with status 89 There should be another error message before this. From spraker at yahoo.com Sun Jun 24 03:45:03 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:45:03 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:33 PM > On 24.6.2012, at 3.29, Brian Spraker > wrote: > > > This still didn't correct the issue - and Dovecot won't > start when I have the mail_plugins line under 'protocol > imap' uncommented. > > You should also enable quota globally so it will work for > doveadm and other tools you may end up using. > > > Error in the syslog says: > > > > init: dovecot main process (xxxxx) terminated with > status 89 > > There should be another error message before this. > > Thank you for the fast replies Timo. I'm not sure I understand how to enable quota to work globally..? But what would be preventing it from working under 'protocol imap' as it did before? As for the log, here is the other lines that appeared above it: Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 From tss at iki.fi Sun Jun 24 03:51:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:51:12 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.45, Brian Spraker wrote: > I'm not sure I understand how to enable quota to work globally..? Just put "mail_plugins = quota" outside protocol {} sections. > But what would be preventing it from working under 'protocol imap' as it did before? No idea, the error log should say the reason. > As for the log, here is the other lines that appeared above it: > > Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) These mean that dovecot master process was stopped by init process. Why it's doing that I have no idea. > Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 Status 89 means that Dovecot should have logged an error about it. But I see no error here. I think Ubuntu is doing something weird. See what happens if you start dovecot using "dovecot -F" instead of any init script or such. From spraker at yahoo.com Sun Jun 24 04:01:46 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 18:01:46 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340499706.74316.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:51 PM > On 24.6.2012, at 3.45, Brian Spraker > wrote: > > > I'm not sure I understand how to enable quota to work > globally..? > > Just put "mail_plugins = quota" outside protocol {} > sections. > > >? But what would be preventing it from working > under 'protocol imap' as it did before? > > No idea, the error log should say the reason. > > > As for the log, here is the other lines that appeared > above it: > > > > Jun 23 19:31:13 server dovecot: master: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > Jun 23 19:31:13 server dovecot: log: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > These mean that dovecot master process was stopped by init > process. Why it's doing that I have no idea. > > > Jun 23 19:31:13 server kernel: [100996.340925] init: > dovecot main process (11580) terminated with status 89 > > Status 89 means that Dovecot should have logged an error > about it. But I see no error here. I think Ubuntu is doing > something weird. See what happens if you start dovecot using > "dovecot -F" instead of any init script or such. > > Perfect! doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/imap) failed: No such file or directory I changed it to /usr/lib/dovecot/modules and now it works fine. Thank you for the help again! Brian S. From michael at think-for-yourself.org Sun Jun 24 04:21:34 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 18:21:34 -0700 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <20120623102555.GA5497@state-of-mind.de> References: <4FE58A52.8050708@think-for-yourself.org> <20120623102555.GA5497@state-of-mind.de> Message-ID: <4FE66B9E.1080901@think-for-yourself.org> Hi p at rick and thanks for the response. On 6/23/2012 3:25 AM, Patrick Ben Koetter wrote: > Michael, > > * Michael Wessel : >> I'm currently (re-)planning my email setup and have been doing some >> research. I have done some searches and read several threads in the >> areas of my questions here. While there are some that come close I >> haven't yet been able to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about >> 2000 active accounts. I have a separate SMTP server for outbound >> mail and auth is done against a separate LDAP server. In front of >> the POP/IMAP server I have another SMTP (4 in parallel actually) >> server that receives and filters inbound mail through a company >> specific, proprietary filter before the mail hits the POP/IMAP >> server. LDAP & SMTP servers are ESXi VMs. > Do people use 'real' mail clients to connect and IDLE too? Yes, though not sure of the percentage. Most will likely use webmail, some will use POP and some will use IMAP with "real clients". Right now my guess would be about 20% IMAP with Outlook, Thunderbird and such, 10% POP and the rest webmail. > > >> So right now both dovecot and roundcube run on the same box which is >> a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in >> RAID 6, so only local storage using maildir. So far it's been >> holding up fine, but it's beginning to show signs of overload now. I >> also expect an increase in users over the next few months up to >> somewhere between 10 - 20,000 mail boxes. Hence the re-planning. >> >> My first priority in redesigning my setup is reliability. I >> definitely need something fail-save and as close to always on as >> possible. Next is performance. And while the budget is of course >> limited for the moment I'm setting that aside and will worry about >> that when the time comes. >> >> Now here is my question(s): >> >> In order to support up to 20,000 mailboxes (distributed over several >> times-zones so they won't all be used at the same time) with a very >> reliable service with good performance, what do I actually need? >> >> Do I need(ul) SAN or is it just a "would be nice to have"? If yes, >> why and what would be appropriate for my needs? Or will a setup with >> a few more servers like the ones I already have, using something >> like DRBD and distributing services (imap, http, spamd etc) onto >> different boxes do? > Will the server enforce quota? Yes, default quota is 200MB right now, some have larger quotas and a few of those hit several GB. > > What will be the average mailbox size? Since the quota is probably going to go up some I'd guess around 400MB on average. > > Do people share content e.g. mailings with attachments that go out to all > recipients? No, only on a limited basis (like cc'ing maybe 15 or so people but even that's rare) There will be somewhat large attachments involved (20-30MB) but that's mostly between individual users and users outside my system. > > What might be the maximum number of clients using the server at one time? Hard to say with the data at hand. I have a caching IMAP proxy for webmail and that has so far recorded 50 as the highest concurrent connections. So adding IMAP users to that and then extrapolating this to 20000 total boxes I'd say 4-500. > > Will all users use the same client product e.g. roundcube? No, they have their choice of any POP3/IMAP client or webmail > > What's your backup strategy? What do you use to backup mailboxes? I was afraid someone was going to ask that question... there isn't one (it hurts just writing that!) The only "backup" currently in place is redundancy on the hardware-side plus limited (i.e. only parts of the mail store) to disk backup. The VMs are easily replaced, but if my maildir goes up in smoke tomorrow then I will probably follow shortly after! So that's definitely part of what I'm working out here. Wanted to nail down the general approach first though before looking at that. > > p at rick > From CMarcus at Media-Brokers.com Sun Jun 24 12:24:01 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 05:24:01 -0400 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: <4FE6DCB1.6000807@Media-Brokers.com> On 2012-06-23 8:10 PM, Brian Spraker wrote: > Would appreciate any help with this. I am not using any of the > individual configuration files on the conf.d folder - simply the > dovecot.conf and dovecot-sql.conf file. Here is a copy of those. Please don't just copy/paste from your configs, always provide doveconf -n output. This will prove that you are using the config that you *think* you are using (one problem with debian derivatives is that they often use chroot by default which can cause problems). So, if you have something in one of those other individual conf files in conf.d causing the problem, you'll see it in the doveconf -n output. Then, when providing logs, try not to censor them too much... often the real problem can be evident one or more lines above or below the line that you *think* is the most relevant... -- Best regards, Charles From c at roessner-network-solutions.com Sun Jun 24 12:58:43 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 11:58:43 +0200 Subject: [Dovecot] 2.1.7 TLS issues Message-ID: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Hi, I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? Thanks in advance -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 13:06:07 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 06:06:07 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE6E68F.6080803@Media-Brokers.com> On 2012-06-24 5:58 AM, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for > Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 > or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and > Outlook 2010 can no longer use 143/TLS correctly. Automx delvers > 143/TLS and Outlook tells me that it can not create a secure > connection. I changed automx to use 993/SSL and everything works. > Under Thunderbird 10ESR, I get a box that tells me that I need to > change settings. When I sent mail, TB told me that it could not copy > the mail to the sent folder. I also changed to 993/SSL and everything > is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over > 143/TLS. So my guess is that it has to do with OpenSSL. Did something > change in dovecot concerning TLS? Can I change options in the built > process? Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html ? -- Best regards, Charles From ckubu at so36.net Sun Jun 24 13:21:15 2012 From: ckubu at so36.net (ckubu) Date: Sun, 24 Jun 2012 12:21:15 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 Message-ID: <201206241221.16044.ckubu@so36.net> Hello, after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work properly. something went wrong in dict service connecting the postgres backend. that happens not on every connection. the db connection data are correct, no difference connecting via tcp or linux socket. dovecot log entries: Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db- >cur_result == NULL) Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) [0x7ffc7d8e578a] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) [0x7ffc7d8e57d6] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> dovecot/dict(main+0x169) [0x4059f9] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() [0x404b59] Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 killed with signal 6 (core dumps disabled) Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota calculation error Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database maybe i have missconfigured the dovecot system, but i don't find the mistake. can anybody give me a hint ? best wiches christoph ----- doveconf -n # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 auth_mechanisms = plain login digest-md5 cram-md5 apop auth_socket_path = /var/run/dovecot/auth-userdb auth_username_translation = %@ auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ dict { acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext } disable_plaintext_auth = no first_valid_gid = 5000 first_valid_uid = 5000 hostname = mx.warenform.de last_valid_gid = 5000 last_valid_uid = 5000 listen = 178.63.63.151 2a01:4f8:121:c5::2 mail_gid = vmail mail_location = maildir:/var/vmail/%d/%n/Maildir mail_plugins = autocreate quota expire acl mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { special_use = \Junk } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Spam autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autosubscribe = Spam autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts expire = Trash expire2 = Trash.* expire3 = Spam expire_dict = proxy::expire quota = dict:User quota::proxy::quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = sieve = ~/.dovecot.sieve sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ } postmaster_address = admin at warenform.de protocols = imap pop3 sieve lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { inet_listener imap { address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener imaps { address = 178.63.63.151 2a01:4f8:121:c5::2 } process_min_avail = 16 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { address = 127.0.0.1 port = 4190 } } service pop3-login { inet_listener pop3 { address = 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener pop3s { address = 178.63.63.151 2a01:4f8:121:c5::2 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } shutdown_clients = no ssl_cert = References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> Message-ID: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> > Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: > > http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html well, the packages I built are still running under 10.04 and therefor the library has not been upgraded to 1.0.1. This is the reason for this post. My question is, if doevcot got some code or anything else that focuses on the newer 1.0.1 library, and maybe broke something in older versions? -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 14:22:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 07:22:58 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> Message-ID: <4FE6F892.5010004@Media-Brokers.com> On 2012-06-24 6:42 AM, Christian R??ner wrote: >> Maybe related to the OpenSSL bug that caused the problem (it >> sometimes helps to read/search emails on this list before posting) >> discussed just yesterday in this thread: >> >> http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html > well, the packages I built are still running under 10.04 and therefor > the library has not been upgraded to 1.0.1. This is the reason for > this post. My question is, if doevcot got some code or anything else > that focuses on the newer 1.0.1 library, and maybe broke something in > older versions? Ah, ok, missed that... Well, sorry I can't help, hopefully Timo will have an answer for you... -- Best regards, Charles From tss at iki.fi Sun Jun 24 17:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 17:19:15 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: On 24.6.2012, at 12.58, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? What was the Dovecot version you were using previously which worked? From r.vicinus at metaways.de Sun Jun 24 18:57:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Sun, 24 Jun 2012 17:57:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup Message-ID: <4FE738E9.6040706@metaways.de> Hi, i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: http://wiki2.dovecot.org/Migration/Dsync i first tried (local-mailbox port 18143 is the non dovecot imap server): /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: and got the following error: dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Sometimes (every other time?) i got the following segmentation fault: bt #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 #2 0x00007f15e32853fe in imapc_command_reply_free (conn=0x72f040) at imapc-connection.c:946 #3 imapc_connection_input_tagged (conn=0x72f040) at imapc-connection.c:1039 #4 0x00007f15e3285668 in imapc_connection_input_one (conn=0x72f040) at imapc-connection.c:1085 #5 imapc_connection_input_pending (conn=0x72f040) at imapc-connection.c:1407 #6 0x00007f15e3285922 in imapc_connection_input (conn=0x72f040) at imapc-connection.c:1100 #7 0x00007f15e2fe6176 in io_loop_call_io (io=0x792510) at ioloop.c:379 #8 0x00007f15e2fe71ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 #9 0x00007f15e2fe6118 in io_loop_run (ioloop=0x7529a0) at ioloop.c:398 #10 0x00007f15e3281e49 in imapc_client_run_pre (client=0x7333e0) at imapc-client.c:142 #11 imapc_client_run (client=0x7333e0) at imapc-client.c:161 #12 0x00007f15e3280f24 in imapc_storage_run (storage=0x732bd0) at imapc-storage.c:118 #13 0x00007f15e327f003 in imapc_save_append (_ctx=0x74dcb0) at imapc-save.c:232 #14 imapc_save_finish (_ctx=0x74dcb0) at imapc-save.c:255 #15 0x00007f15e1bf06a1 in quota_save_finish (ctx=0x74dcb0) at quota-storage.c:227 #16 0x00007f15e3292487 in mailbox_save_finish (_ctx=0x7f15e2d4ca40) at mail-storage.c:1669 #17 0x000000000042b736 in local_worker_save_msg_continue (worker=0x73c770) at dsync-worker-local.c:1681 #18 0x000000000042b98c in local_worker_msg_save (_worker=0x73c770, msg=0x7f15e38e4298, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker-local.c:1739 #19 0x000000000042b0d9 in dsync_worker_msg_save (worker=0x73c770, msg=, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker.c:234 #20 0x0000000000426ac5 in msg_get_callback (result=, data=0x7fff56096db0, context=0x78a610) at dsync-brain-msgs-new.c:79 #21 0x000000000042dca9 in local_worker_msg_get_next (worker=0x726f30, get=0x7fff56096e00) at dsync-worker-local.c:1844 #22 0x000000000042def8 in local_worker_msg_get (_worker=0x0, mailbox=, uid=3805596224, callback=0x2670, context=0x58) at dsync-worker-local.c:1865 #23 0x000000000042ace6 in dsync_worker_msg_get (worker=0x726f30, mailbox=0x7f15e38e40f1, uid=1, callback=0x426a40 , context=) at dsync-worker.c:261 #24 0x000000000042689e in dsync_brain_msg_sync_add_new_msg (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:181 #25 dsync_brain_mailbox_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:216 #26 dsync_brain_msg_sync_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:315 #27 0x0000000000426164 in dsync_brain_msg_sync_more (sync=0x7f15e38e4050) at dsync-brain-msgs.c:436 #28 0x0000000000424979 in dsync_brain_sync_msgs (brain=0x7351c0) at dsync-brain.c:736 #29 dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:857 #30 0x0000000000425849 in dsync_brain_subs_list_finished (context=0x750fa0) at dsync-brain.c:169 #31 dsync_worker_subs_input (context=0x750fa0) at dsync-brain.c:222 #32 0x0000000000424cbd in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:842 #33 0x00000000004256bc in dsync_brain_mailbox_list_finished (context=0x743a60) at dsync-brain.c:98 #34 dsync_worker_mailbox_input (context=0x743a60) at dsync-brain.c:125 #35 0x0000000000424afe in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:833 #36 0x0000000000425568 in dsync_brain_sync_all (brain=0x7351c0) at dsync-brain.c:897 #37 0x0000000000422ad6 in cmd_dsync_start (ctx=0x706560, worker1=, worker2=) at doveadm-dsync.c:342 #38 0x0000000000422dfa in cmd_dsync_run (_ctx=0x706560, user=0x7209c0) at doveadm-dsync.c:387 #39 0x000000000040f888 in doveadm_mail_next_user (ctx=0x706560, input=, error_r=0x7fff560973d0) at doveadm-mail.c:311 #40 0x0000000000410071 in doveadm_mail_cmd (cmd=0x704880, argc=7, argv=0x6fe418) at doveadm-mail.c:518 #41 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x6fe4e4 "backup", argc=1443460960, argv=0x4377c7) at doveadm-mail.c:577 #42 0x00000000004170d1 in main (argc=7, argv=0x6fe3e8) at doveadm.c:373 The other times it shows the following error message (It seams to connect both times to the non dovecot imap server): doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=1000 gid=1000 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing dsync(user at example.org): Warning: Mailbox changes caused a desync. You may want to run dsync again. dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Kind regards Reinhard From robert at schetterer.org Sun Jun 24 20:42:39 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 24 Jun 2012 19:42:39 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE7518F.60200@schetterer.org> Am 24.06.2012 16:19, schrieb Timo Sirainen: > On 24.6.2012, at 12.58, Christian R??ner wrote: > >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? > Hi Christian, i made all the way trough all versions of dovecot trunk 2.0.x and since 2.1.5 on lucid 64 no problems at , but i recent had big problems with compile other stuff on ubuntu 12.4 with openssl ( didnt checked dovecot yet ) so my bet goes to the new ssl lib on 12.04 also there were workarounds in postfix to reflect this ssl update stuff, as far i remember hte ssl lib has some more and new features wich makes software not reflecting this ,may not work or fail sometimes, it may fixed with setup parameters i.e see here http://comments.gmane.org/gmane.mail.postfix.user/229196 --snip Viktor Dukhovni: > The OpenSSL API does not provide an interface to allow older programs > to disable new protocol versions defined in later versions of the API. > > Therefore, to disable TLS 1.1 or 1.2 one has to add code that uses > the new constants introduced with OpenSSL 1.0.1. > > Proposed patch attached. That will be a solution for Postfix 2.10. Meanwhile, for earlier Postfix releases, how much of the problem can be solved by changing from: mumble_tls_mandatory_protocols = SSLv3, TLSv1 (i.e. the current default) to: mumble_tls_mandatory_protocols = !SSLv2 I don't mind that the older Postfix versions would not be able to turn on/off protocols that didn't exist at the time Postfix was released. Wietse --snipend i guees there are equal workarounds settings possible in dovecot perhaps with ssl_cipher_list ? http://wiki.dovecot.org/SSL/DovecotConfiguration sorry lot of speculate here until not testet myself -- Best Regards MfG Robert Schetterer From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 21:23:46 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 19:23:46 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <9F4DE9B0-5EDB-4F8E-8EC9-B98856EDD4FB@JLAssocs.com> Hi, I see the plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From c at roessner-network-solutions.com Sun Jun 24 23:20:05 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 22:20:05 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 23:28:21 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 21:28:21 +0100 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> On 24 Jun 2012, at 21:20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. > > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. It seems like it might not be so version-specific or even anything wrong at the server end. James. From juergen at pabel.net Sun Jun 24 23:37:00 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Sun, 24 Jun 2012 22:37:00 +0200 Subject: [Dovecot] Additional passdb result status Message-ID: <1340570220.13783.23.camel@P7230> Dear Dovecot-Team, I am implementing a plugin (for the pop3/imap process) that requires some data to provided from the authentication phase (a derivative of the password). For that, I have now implemented a passdb plugin that generates this data and I would like to "pass" this data down to the mail process (pop3/imap) via extra_fields in the reply of the authentication. The general idea is that my custom passdb plugin calculates the data, sets the extra_field and returns some error (authentication was not successful) so that the "real" passdb backend can be invoked to "really" validate the authentication data. However, in auth_request_handle_passdb_callback() the extra_fields are reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if that return code is used then any following passdb's aren't invoked any more - which makes sense with respect to user authenticiation. I would therefore like to propose that some IGNORE/CONTINUE-status to be introduced in auth/passdb.h, that would be handled in that extra_fields and possible other values are not reseted in order to allow such propagation of data from authentication process down to the mail process (which could be extracted from the reply string by parsing it). As a further implementation alternative (to the parsing of the reply string), I also propose that some new "environment" item be introduced (in auth_request) in order to allow such data passing in a generic manner. I hope you consider my proposal to be reasonable. If desired, I could implement this myself and provide a patch for merging (based on 2.0.x). If my proposal is generally unfavored, it would be great if any alternative approaches for my situation were suggested. Thanks. Regards, J?rgen PS: please reply to my e-mail (or CC me), as I have not subscribed to the dovecot list From c at roessner-network-solutions.com Mon Jun 25 01:09:10 2012 From: c at roessner-network-solutions.com (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Mon, 25 Jun 2012 00:09:10 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> Message-ID: <13AD4EF2-00E8-46E1-A5BE-39D8CFABBFD8@roessner-network-solutions.com> > >>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>>> >>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >>> >>> What was the Dovecot version you were using previously which worked? >> >> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. >> >> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. > > It seems like it might not be so version-specific or even anything wrong at the server end. I never had such problems before. When I was coding automx, all tests succeeded with Dovecot and Outlook 2007/2010 and also Thunderbird was working perfectly. So in my opinion this is a version specific problem, as it started somewhere in 2.1.4+. I am using Dovecot since 1.0 (something like this) and never had 143/TLS problems Best regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4873 bytes Desc: not available URL: From robert at schetterer.org Mon Jun 25 01:26:41 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 25 Jun 2012 00:26:41 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <4FE79421.2000908@schetterer.org> Am 24.06.2012 22:20, schrieb Christian R??ner: > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > -Christian R??ner miracle, i have no known problems with 10.04 ssl/tls 2.1.7 -- Best Regards MfG Robert Schetterer From tss at iki.fi Mon Jun 25 05:20:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 05:20:55 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <702E15F4-4689-477E-BE7D-6F1AB67C27E9@iki.fi> On 24.6.2012, at 23.20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. Well, there hasn't been many changes in the SSL code. The only thing I can think of is this memory leak fix, which temporarily wasn't implemented correctly. You could try what happens if you revert it: changeset: 14418:85ad4baedd43 user: Timo Sirainen date: Thu Apr 12 10:48:55 2012 +0300 summary: login: Another attempt at fixing SSL memory leak. changeset: 14417:f80f18d0ffa3 user: Timo Sirainen date: Thu Apr 12 10:41:44 2012 +0300 summary: login: Reverted memory leak fix, because it broke some SSL setups? changeset: 14416:584bd77c38fd user: Timo Sirainen date: Wed Apr 11 19:06:44 2012 +0300 summary: Memory leak fixes. From zdy0818 at gmail.com Mon Jun 25 05:52:55 2012 From: zdy0818 at gmail.com (DongYu.Zhen) Date: Mon, 25 Jun 2012 10:52:55 +0800 Subject: [Dovecot] dovecot support ms-tnef mail parser? Message-ID: <4FE7D287.6020507@gmail.com> Hello everybody, I used iRedMail Server with dovecot-1.2.0. I used OutLook2007 send a RTF mail and the mail can't be parsed normal. In dovecot maildir storage the mail body appeared ,/ / /------=_NextPart_000_0007_01CD52BC.99E1BE10 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat"/ How to parse ms-tnef mail by dovecot? Thank you. From ott at mirix.org Mon Jun 25 09:15:38 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Mon, 25 Jun 2012 08:15:38 +0200 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE7D287.6020507@gmail.com> References: <4FE7D287.6020507@gmail.com> Message-ID: <4FE8020A.7080806@mirix.org> On 2012-06-25 04:52, DongYu.Zhen wrote: > How to parse ms-tnef mail by dovecot? You can't do that directly in Dovecot. What you can do is to use a utility called tnef [1] (available in major GNU/Linux distributions) on the client to extract the data on the client. Otherwise you could use ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). I tried tnef on rare occasions and it worked. Regards, Matthias-Christian [1] http://sourceforge.net/projects/tnef/ [2] http://sourceforge.net/projects/ytnef/ [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding From kayasaman at gmail.com Mon Jun 25 10:20:39 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:20:39 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? Message-ID: Hi, I'm trying to configure a server to use SAMBA and Winbind to authenticate to Active Directory.... I managed to get this portion up and running even the Dovecot portion. For reference something similar to this guide: http://www.whitneytechnologies.com/?p=119 However PAM is slightly different: # cat /etc/pam.d/dovecot auth sufficient pam_krb5.so no_user_check validate account sufficient pam_permit.so This is what my dovecot.conf file looks like: # cat dovecot.conf # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static # args = uid=501 gid=1001 home=/mail/%u args = home=/mail/%u driver = static } passdb { driver = pam args = failure_show_msg=yes } Now what I would like to know is, which is better for "virtual hosting" Maildir or mbox? Basically my requirement is that I would like to separate users via either individual folders and then put each user's mbox or Maildir in the created directory, or simply name each mbox or Maildir according to the user name. First up is this possible? Secondly, how would I go about doing it? My users are not allowed to login to the system outside of IMAP as it's a Mail only server. Currently I've been looking at many links: http://satish-linuxbug.blogspot.co.uk/2008/08/freebsd-with-active-directory-single.html http://joseph.randomnetworks.com/2005/11/08/freebsd-users-and-groups-with-samba-winbind-and-active-directory/ http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind http://wiki2.dovecot.org/TestInstallation http://wiki2.dovecot.org/VirtualUsers http://www.linuxmail.info/active-directory-dovecot-pam-authentication/ http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall I'm running dovecot version 2.1.7 on FreeBSD 8.2 x64 RELEASE. The system is not being used as an MTA server meaning that only IMAP transfers are being done using MS Outlook then filtered by Thunderbird. Regards, Kaya From trever at middleearth.sapphiresunday.org Mon Jun 25 10:27:41 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:27:41 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE812ED.9060604@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Hi, > > I'm trying to configure a server to use SAMBA and Winbind to > authenticate to Active Directory.... I managed to get this portion up > and running even the Dovecot portion. > > For reference something similar to this guide: > > http://www.whitneytechnologies.com/?p=119 > > > However PAM is slightly different: > > > # cat /etc/pam.d/dovecot > auth sufficient pam_krb5.so no_user_check validate > account sufficient pam_permit.so > > > This is what my dovecot.conf file looks like: If you are using Samba 4 (possibly recent versions of S3), any reason you are not doing krb5 and ldap (for account verification, not authentication) on dovecot instead of through pam? It is a bit harder to setup, but no text passwords. I still do pam_krb5 for devices that cannot do kerberos. I am using Maildir, but my setup is currently largely idle. Trever -- "Marxist Law of Distribution of Wealth: Shortages will be divided equally among the peasants." -- Unknown From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:28:00 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:28:00 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <201BCC0D-AD89-4A07-A4F0-13C42AFC2A63@JLAssocs.com> On 25 Jun 2012, at 08:20, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? I always use Maildir in preference to mbox . . it's just such a lovely solution, imho :) (Mind you, I'm on a *nix server, so filesystem behaviour may be a consideration for non-*nix hosts.) > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > First up is this possible? > > Secondly, how would I go about doing it? In haste, I haven't been able to check your email thoroughly, but I have used passwd with an extra field appended to each user, to identify the mailbox location. If you're authenticating against ActiveDirectory, then I guess that means generating a passwd-file style 'database' from the users in ActiveDirectory and I have no idea if that's trivial. Sorry if my rushed thoughts are too sketchy to be of use, but thought I'd share my experience in case it offers any pointers. J. From trever at middleearth.sapphiresunday.org Mon Jun 25 10:37:42 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:37:42 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE81546.8000202@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > Sorry, I missed this at first. It is quite simple. I don't store it in passwd or any other place, since you are doing vmail, you might find this easiest: in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): mail_home = /home/vmail/%Ld/%Ln mail_location = maildir:~/Maildir in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and group used to access mails...?): mail_uid=vmail mail_gid=vmail Obviously, vmail may not be your user for vmail. Also, some of my notes may no longer be accurate for location, just find where it exists and edit. I hope this helps. Of course, this is a Maildir setup. mbox is probably very similar, but I have had too many mbox style mail queues go south losing all of the mail (or more than one would like), so I do Maildir, even though it isn't necessarily the best use of disk space. Trever -- "I do not fear computers. I fear the lack of them." -- Isaac Asimov From kayasaman at gmail.com Mon Jun 25 10:52:51 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:52:51 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: > > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find this > easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and > group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > > Obviously, vmail may not be your user for vmail. Also, some of my notes may > no longer be accurate for location, just find where it exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is probably very > similar, but I have had too many mbox style mail queues go south losing all > of the mail (or more than one would like), so I do Maildir, even though it > isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Thanks for the responses! Sorry if I reply to every single one in this email however, I am using Gmail's awful Web UI so I don't really have much control over what I'm doing...... To start with the reason I'm not using LDAP is because I couldn't find enough information on how to set it up! I did post here a couple of times but got no responses...... so I figured it was something that people either didn't know or found trivial. I'll take a look at the above config for Maildir format as briefly playing around with mbox it seems that folders on the / root (parent) IMAP directory are stored separately. It may be better if everything got stored under the Maildir heading.... I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! Regards, Kaya From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:58:45 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:58:45 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> On 25 Jun 2012, at 08:52, Kaya Saman wrote: > I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! I used mbox before Dovecot, but once I found Maildir, I never looked back. I've not come up with any significant advantages of mbox that count for much in my experiences and installations . . Would be interested to hear of suggested advantages that I might have overlooked or know of reasons why they're not an issue . . not sure how much the list wants to hear, but feel free to email me direct if you want. J. From CMarcus at Media-Brokers.com Mon Jun 25 11:45:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:45:15 -0400 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE8020A.7080806@mirix.org> References: <4FE7D287.6020507@gmail.com> <4FE8020A.7080806@mirix.org> Message-ID: <4FE8251B.8010008@Media-Brokers.com> On 2012-06-25 2:15 AM, Matthias-Christian Ott wrote: > On 2012-06-25 04:52, DongYu.Zhen wrote: >> How to parse ms-tnef mail by dovecot? > > You can't do that directly in Dovecot. What you can do is to use a > utility called tnef [1] (available in major GNU/Linux distributions) on > the client to extract the data on the client. Otherwise you could use > ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). > > I tried tnef on rare occasions and it worked. > > Regards, > Matthias-Christian > > [1] http://sourceforge.net/projects/tnef/ > [2] http://sourceforge.net/projects/ytnef/ > [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe > [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding Sounds like a good candidate for a plug-in. Currently I use the Lookout extension in Thunderbird to do this, but it isn't perfect... -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 11:47:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:47:55 -0400 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <4FE825BB.4030105@Media-Brokers.com> On 2012-06-24 4:37 PM, J?rgen Pabel wrote: > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. What specifically is the *purpose* of this? > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. I think it is usually preferred that you do things like this against either the current shipping/stable branch (2.1.x), or even hg (2.2)... much better chance that it would be accepted. -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 12:31:24 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:31:24 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE82FEC.1070109@Media-Brokers.com> On 2012-06-25 3:20 AM, Kaya Saman wrote: > # cat dovecot.conf > # v1.2+: > auth_use_winbind = yes Please always only provide output of doveconf -n, not copy/pastes from the config files. This proves (to yourself and everyone else) that you are using the config that dovecot is actually using - it this shows you mistakes like typos, certain deprecated/invalid settings, and even if you are editing the wrong config file(s). -- Best regards, Charles From kayasaman at gmail.com Mon Jun 25 12:34:35 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 10:34:35 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE82FEC.1070109@Media-Brokers.com> References: <4FE82FEC.1070109@Media-Brokers.com> Message-ID: On Mon, Jun 25, 2012 at 10:31 AM, Charles Marcus wrote: > On 2012-06-25 3:20 AM, Kaya Saman wrote: >> >> # cat dovecot.conf >> # v1.2+: >> auth_use_winbind = yes > > > Please always only provide output of doveconf -n, not copy/pastes from the > config files. > > This proves (to yourself and everyone else) that you are using the config > that dovecot is actually using - it this shows you mistakes like typos, > certain deprecated/invalid settings, and even if you are editing the wrong > config file(s). > > -- > > Best regards, > > Charles Thanks for the tip! I didn't know of the dovecot -n command so thanks for pointing that out to me...... It's strange as I've been fiddling around with mail servers for some time in test labs at home but I still feel like I'm on the outside looking in; oh well at least this design at work is much better even though it took forever to get the PAM potion for AD sorted out. Regards, Kaya From CMarcus at Media-Brokers.com Mon Jun 25 12:44:19 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:44:19 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> Message-ID: <4FE832F3.3000405@Media-Brokers.com> On 2012-06-25 3:58 AM, J E Lyon wrote: > I've not come up with any significant advantages of mbox that count > for much in my experiences and installations . . Would be interested > to hear of suggested advantages that I might have overlooked One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. -- Best regards, Charles From ef at math.uni-bonn.de Mon Jun 25 12:54:02 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 11:54:02 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120619131413.GN48358@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> Message-ID: <20120625095401.GT50872@trav.math.uni-bonn.de> > With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? No-one, this one? Too simple? Too stupid? Too obvious? Not possible? From branko at majic.rs Mon Jun 25 13:01:40 2012 From: branko at majic.rs (Branko Majic) Date: Mon, 25 Jun 2012 12:01:40 +0200 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <20120625120140.033c2297@zetkin.int.primekey.se> On Mon, 25 Jun 2012 08:52:51 +0100 Kaya Saman wrote: > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. For my own use I've switched to the LDAP as provider of user information and credentials (for Dovecot/Postfix/ejabberd/anything I can get to talk to the LDAP). It's not that hard to figure out, but getting used to LDAP itself can take a little bit of time. In my case I'm using the LDAP just for checking if a user is present on the system and for authentication purposes (for the mail server). Haven't tried using quota etc with LDAP. Anything in particular you're having problems coping with? :) -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 13:04:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 11:04:43 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE832F3.3000405@Media-Brokers.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> <4FE832F3.3000405@Media-Brokers.com> Message-ID: On 25 Jun 2012, at 10:44, Charles Marcus wrote: > On 2012-06-25 3:58 AM, J E Lyon wrote: >> I've not come up with any significant advantages of mbox that count >> for much in my experiences and installations . . Would be interested >> to hear of suggested advantages that I might have overlooked > > One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. > > It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... > > I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. Very interesting. I use "rdiff-backup" as a cronjob in the wee hours (, so the fact it takes a while to work out what to incrementally save, doesn't matter to me -- but the point is that I know it's an issue and have addressed it that way. I too have contemplated some automated archiving of older mail . . it's getting closer to needing to be addressed at some point soon I think. J. From CMarcus at Media-Brokers.com Mon Jun 25 14:39:35 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 07:39:35 -0400 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <4FE84DF7.7030707@Media-Brokers.com> On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap > server with doveadm backup as described there: What version of dovecot (doveconf -n output_? > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u > user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying > to run backup in wrong direction. Source is empty and destination is not. -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From r.vicinus at metaways.de Mon Jun 25 15:55:48 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 14:55:48 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE84DF7.7030707@Media-Brokers.com> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> Message-ID: <4FE85FD4.8090708@metaways.de> On 25/06/12 13:39, Charles Marcus wrote: > On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: >> i try to migrate mails from a non dovecot imap server to a dovecot imap >> server with doveadm backup as described there: > > What version of dovecot (doveconf -n output_? dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.10.10.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From tss at iki.fi Mon Jun 25 17:35:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 17:35:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625095401.GT50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 12.54, Edgar Fu? wrote: >> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? > No-one, this one? > > Too simple? Too stupid? Too obvious? Not possible? Mail/Sieve dirs can be relative to home dir, not vice versa.. > I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. Yeah, that would probably work. Maybe look into changing your directory hierarchy so mails are under home. From ef at math.uni-bonn.de Mon Jun 25 17:42:49 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 16:42:49 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: <20120625144248.GW50872@trav.math.uni-bonn.de> > Mail/Sieve dirs can be relative to home dir, not vice versa. OK, thanks. > Yeah, that would probably work. I'll try that. > Maybe look into changing your directory hierarchy so mails are under home. Too late. Also, as directories corresponding to IMAP folders always start with a dot, it appeared quite natural to me to have ``home'' and ``sieve'' at the same level as ``.dovecot'' (and ``cur'', for that matter). Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? From tss at iki.fi Mon Jun 25 19:37:56 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:37:56 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625144248.GW50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 17.42, Edgar Fu? wrote: > Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? Well, you could use a single mailDirectory LDAP attribute that expands to your mail directory to provide for all of the other home/sieve fields as well. But that requires Dovecot v2.1. From ncjeffgus at zimage.com Mon Jun 25 19:45:51 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 09:45:51 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE59A86.7020208@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> Message-ID: <1340642751.7730.2.camel@maclinux.zimage.com> On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: > > > > # 2.0.13: /etc/dovecot/dovecot.conf > > As you are aware (since you participated in the thread discussion about > this months ago), Timo is working on a total rewrite of dsync, and if > memory serves, it is mainly for 2.1+, and it is not recommend to use it > in earlier versions if you need reliability (ie, 2.0.x, as you are using)... I did try the 2.1.x version of dsync back in March. I found the version to be very unreliable. It would crash with many types of operations (e.g. maildir -> mdbox conversions). ...Jeff From tss at iki.fi Mon Jun 25 19:46:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:46:14 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: > > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. > As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Now this is copying from mdbox to imapc, which is also why you're getting the crash: > Sometimes (every other time?) i got the following segmentation fault: > > bt > #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 > #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing I think this is also because it's going to wrong direction. > i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Shouldn't be a problem. From CMarcus at Media-Brokers.com Mon Jun 25 19:49:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 12:49:37 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340642751.7730.2.camel@maclinux.zimage.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> Message-ID: <4FE896A1.4060701@Media-Brokers.com> On 2012-06-25 12:45 PM, Jeff Gustafson wrote: > On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: >>> # 2.0.13: /etc/dovecot/dovecot.conf >> As you are aware (since you participated in the thread discussion about >> this months ago), Timo is working on a total rewrite of dsync, and if >> memory serves, it is mainly for 2.1+, and it is not recommend to use it >> in earlier versions if you need reliability (ie, 2.0.x, as you are using)... > I did try the 2.1.x version of dsync back in March. I found the version > to be very unreliable. It would crash with many types of operations > (e.g. maildir -> mdbox conversions). Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. Also, that was 3 *months* ago - more than likely a lot has changed since then. I'd suggest you try again with 2.1.7... -- Best regards, Charles From tss at iki.fi Mon Jun 25 19:54:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:54:06 +0300 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE896A1.4060701@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> Message-ID: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> On 25.6.2012, at 19.49, Charles Marcus wrote: >> I did try the 2.1.x version of dsync back in March. I found the version >> to be very unreliable. It would crash with many types of operations >> (e.g. maildir -> mdbox conversions). > > Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. > > Also, that was 3 *months* ago - more than likely a lot has changed since then. > > I'd suggest you try again with 2.1.7... The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version of v2.0's dsync. I have no idea why v2.1's dsync would be less reliable than v2.0's. It only had bugfixes. Anyway, the GUID error could very well be because of buggy mailbox listing code in v2.0, which was rewritten for v2.1. From ef at math.uni-bonn.de Mon Jun 25 21:08:57 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 20:08:57 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: <20120625180857.GX50872@trav.math.uni-bonn.de> > But that requires Dovecot v2.1. I was refering to http://wiki1.dovecot.org/VirtualUsers/Home which, to my understanding, should apply to 1.2. I don't understand the Example at the bottom: > LDAP with relative directory paths > > If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: > > user_attrs = .., mailDirectory=home=/var/vmail/%$ > Then just use mail_location = maildir:~/Maildir. From trever at middleearth.sapphiresunday.org Mon Jun 25 21:20:59 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 12:20:59 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE8AC0B.40906@middleearth.sapphiresunday.org> On 06/25/2012 01:52 AM, Kaya Saman wrote: > On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams > wrote: >> On 06/25/2012 01:20 AM, Kaya Saman wrote: >> >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> >> Sorry, I missed this at first. It is quite simple. I don't store it in >> passwd or any other place, since you are doing vmail, you might find this >> easiest: >> >> in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): >> >> mail_home = /home/vmail/%Ld/%Ln >> mail_location = maildir:~/Maildir >> >> in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and >> group used to access mails...?): >> >> mail_uid=vmail >> mail_gid=vmail >> >> Obviously, vmail may not be your user for vmail. Also, some of my notes may >> no longer be accurate for location, just find where it exists and edit. >> >> I hope this helps. Of course, this is a Maildir setup. mbox is probably very >> similar, but I have had too many mbox style mail queues go south losing all >> of the mail (or more than one would like), so I do Maildir, even though it >> isn't necessarily the best use of disk space. >> >> Trever >> -- >> "I do not fear computers. I fear the lack of them." -- Isaac Asimov > Thanks for the responses! > > Sorry if I reply to every single one in this email however, I am using > Gmail's awful Web UI so I don't really have much control over what I'm > doing...... > > > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. Sorry, I missed these. I have been busy. Tim and others were very kind and helped me figure things out. I do not have any web sites where I can post things, so I will give an overview here and if you need help, either follow up privately or here. > > I'll take a look at the above config for Maildir format as briefly > playing around with mbox it seems that folders on the / root (parent) > IMAP directory are stored separately. It may be better if everything > got stored under the Maildir heading.... I've previously **only** ever > worked with Maildir but I was told that there are some benefits to > mbox which is why I decided to try to use it here! > > Regards, > > > Kaya > The only draw back I see with maildir is one file per message. This makes it resilient to corruption that mbox sees (if a message gets corrupted, you erase one message and that corruption won't propagate even if you leave it in place). In many setups this also leads to MUCH faster system. On unix systems this doesn't just waste disk space, it could lead to inode (or whatever your *nix of choice calls it) depletion. I haven't yet seen this in my setups. I archive most of my personal mail, so I have at least some of my mail going back to 1998, I think. Kerberos Directions: Microsoft suggests on linux systems that you create an account (separate from the HOST account) and add the appropriate user principal names. There are pros and cons to this, their way is a and doing it as part of the host account is b. a) On S4 dc (replace MAILSERVER_HOST and MAILSERVER_FQDN with host and host.example.org, in lowercase as I use the caps only to help me see what I need to change, respectively as fits your domain - i.e. not example.org and create some long random password and put it wherever you see $RANDOMPASSWORD) : /usr/local/samba/sbin/samba-tool newuser mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add imap/MAILSERVER_FQDN mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add smtp/MAILSERVER_FQDN mail-MAILSERVER_HOST /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ smtp/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ imap/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ mail-MAILSERVER_HOST --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD Move the mail.keytab to dovecot's main configuration directory on dovecot server (/etc/dovecot here). Then do the appropriate version of: chmod 640 /etc/dovecot/mail.keytab chown dovecot.dovenull /etc/dovecot/mail.keytab b) Make sure your local samba setup is joined to the domain. Make sure it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as part of its password management, etc. net ads keytab add smtp/mail_server_fqdn net ads keytab add imap/mail_server_fqdn You may have to edit the sam.ldb on your S4 server as many times S3 doesn't create the principals ( /usr/local/samba/bin/ldbedit -H /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ should do the trick and add userPrincipalName so that it has imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own userPrincipalName, this should give the machine account 3 userPrincipalName lines) then do the following modified for your samba krb5.keytab location (the following is how to set the extended posix ACLs on Linux, I don't know what it would be for FreeBSD, this adds read writes to dovecot user on the file krb5.keytab): setfacl -m u:dovecot:r krb5.keytab NOTE: For ldap access dovecot needs access to the krb5.keytab as I haven't figured out why, but Windows (including S4) AD doesn't like the a) method principals acting in some of the ways they need to. So, I just go with method b. Change the following or insert them into your dovecot setup modifying to fit your setup (/etc/dovecot/conf.d/10-auth.conf for me) : auth_realms = DOMAIN_FQDN auth_gssapi_hostname = HOST_FQDN auth_krb5_keytab = /etc/dovecot/mail.keytab (this is method a, b would be /etc/krb5.keytab) auth_mechanisms = gssapi gss-spnego login plain If you are using postfix anywhere, you can use dovecot as the lda (avoid messing with trying to make it deliver to the right directories, etc.) and use dovecot for the auth. Doing the later makes things overlap perfectly for auth too. LDAP (simple if you used method b, method a always gave me trouble - if people reading this know how to make method a work, I would love to read it myself as it may be more secure according to Microsoft): Create a userdb setup that reads (I do this in a file called /etc/dovecot/conf.d/auth-vmail.conf.ext): userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } Then create that dovecot-ldap.conf.ext file (again, make sure your replace DOMAIN_FQDN with example.org, or whatever it is in your setup, replacing example.org as well): hosts = DOMAIN_FQDN base = dc=example,dc=org ldap_version = 3 user_attrs = userPrincipalName=user user_filter = (&(objectClass=person)(|(mail=%u)(sAMAccountName=%u)(userPrincipalName=%u))) dn = mail-MAIL_HOST at DOMAIN_FQDN sasl_bind = yes sasl_mech = GSSAPI sasl_realm = DOMAIN_FQDN sasl_authz_id = mail-MAIL_HOST at DOMAIN_FQDN (this is for method a, method b you would think would be the machine$ account, but I found it works better without this line with method b) # For using doveadm -A: iterate_attrs = userPrincipalName=user iterate_filter = (objectClass=person) Finally, you need to do a cronjob that will keep a credential cache for the machine account around for dovecot to use to do ldap: 02 03 */2 * * /usr/bin/kinit -l 10d -k MAIL_HOST$ -c /etc/dovecot/krb5.cc && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc 03 * * * * /usr/bin/kinit -c /etc/dovecot/krb5.cc -R && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc Does the trick for me. The cronjob should be for root, hence the need for the chown. It may work as dovecot. I cannot remember if it does or not. If it does, have the cronjob be for dovecot's user. One side effect of the above ldap.conf.ext file, the mail entry (this is the mail shown in AD Users and Computers if you edit a user) becomes an alias. So, if you wish to hide users logins or have an additional email in the same domain, use the mail field (you can edit it similar to how you added the userPrincipalName above). to hide user logins, do the client setup so that it uses the alias as the from address and account name stuff while using the real login for all the login stuff. Unless I missed a step, you just need to tell Outlook, Thunderbird, etc. to do GSSAPI or SPNEGO with GSSAPI (whatever Outlook calls it). If you use postfix with dovecot lda, the aliasing stuff works. If you don't, you will have to setup some things for postfix to do the aliasing the same way. I have such ldap-users and ldap-alias.cf files. I am not sure they work as I don't remember if I ever tested them before moving to dovecot lda. They should work with method b, so long as you also add the postfix user to the read list. I find dovecot lda with sieve gives me everything I need/want, so I won't test these out. They are available to anyone upon request. Nothing here interferes with pam_krb5 stuff you mentioned. As I said, I use it myself for devices or setups that can't/don't do krb5. There you have it. I hope this helps you and others. Trever P.S. Yes, I know you said this is not an MTA box, just IMAP. I keep mentioning postfix as in my work, it works best for me and it is nice to have them work very well together. -- "Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid." -- Mark Twain From r.vicinus at metaways.de Mon Jun 25 21:21:43 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 20:21:43 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> Message-ID: <4FE8AC37.3070606@metaways.de> On 25/06/12 18:46, Timo Sirainen wrote: > On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > >> i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: >> >> http://wiki2.dovecot.org/Migration/Dsync >> >> i first tried (local-mailbox port 18143 is the non dovecot imap server): >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: >> >> and got the following error: >> >> dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. > Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. You're right it was an error in my setup that caused this problem. After fixing that problem it now works as expected. The only thing I don't get working is running it via the doveadm-server socket with: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -S /var/run/dovecot-director/doveadm-server -R -u user at example.org imapc: In the logfile on the server there is the following error message: Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed So I think that all the -o configurations aren't transfered via the doveadm-server socket. >> As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: > Now this is copying from mdbox to imapc, which is also why you're getting the crash: > >> Sometimes (every other time?) i got the following segmentation fault: >> >> bt >> #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 >> #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 > Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > >> dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing > I think this is also because it's going to wrong direction. Yes, the problem there was that it was the wrong direction. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: director.conf.txt URL: From tss at iki.fi Mon Jun 25 21:48:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:48:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625180857.GX50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> <20120625180857.GX50872@trav.math.uni-bonn.de> Message-ID: <56B9BE37-BE23-47B7-BB8C-D18BCB341FB9@iki.fi> That example means that if you have in LDAP "mailDirectory=domain.com/username" field, and you want user's home to be /var/vmail/domain.com/username, then you can set mailDirectory=home=/var/vmail/%$ where %$ gets expanded to domain.com/username. I don't think it's relevant to what you want. On 25.6.2012, at 21.08, Edgar Fu? wrote: >> But that requires Dovecot v2.1. > I was refering to > http://wiki1.dovecot.org/VirtualUsers/Home > which, to my understanding, should apply to 1.2. > I don't understand the Example at the bottom: > >> LDAP with relative directory paths >> >> If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: >> >> user_attrs = .., mailDirectory=home=/var/vmail/%$ >> Then just use mail_location = maildir:~/Maildir. > From tss at iki.fi Mon Jun 25 21:50:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:50:09 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE8AC37.3070606@metaways.de> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> <4FE8AC37.3070606@metaways.de> Message-ID: <65751386-8372-4922-B705-AF62DD04CF83@iki.fi> On 25.6.2012, at 21.21, Reinhard Vicinus wrote: > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed > > So I think that all the -o configurations aren't transfered via the doveadm-server socket. Correct. None of them are, and that's by design. From mailinglist at august.de Mon Jun 25 22:03:41 2012 From: mailinglist at august.de (mailinglist) Date: Mon, 25 Jun 2012 21:03:41 +0200 Subject: [Dovecot] started with dovecot sieve Message-ID: As I am new to dovecot and sieve I am really happy to get it working in a straight forward way. Thanks for the documentation to whom it concerns. Now I came to my limits with this failure messages in /home/rolf/.dovecot.sieve.log: sieve: info: started log at Jun 25 20:22:54. error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error. with this messages in mail.info: Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) I guess the mentioned mail is spam. However, does this tell about some wrong configuration or access rights? Any indication what to improve? I get such an error about every 6 minutes. From ncjeffgus at zimage.com Mon Jun 25 22:07:28 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 12:07:28 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> Message-ID: <1340651248.10841.1.camel@maclinux> On Mon, 2012-06-25 at 19:54 +0300, Timo Sirainen wrote: > On 25.6.2012, at 19.49, Charles Marcus wrote: > > I'd suggest you try again with 2.1.7... > > The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version > of v2.0's dsync. I have no idea why v2.1's dsync would be less > reliable than v2.0's. It only had bugfixes. > > Anyway, the GUID error could very well be because of buggy mailbox > listing code in v2.0, which was rewritten for v2.1. I will try the latest 2.1.x code and see what happens. dsync in 2.0.x seems to work just fine... most of the time. ...Jeff From juergen at pabel.net Tue Jun 26 00:42:57 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Mon, 25 Jun 2012 23:42:57 +0200 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <1340660577.4872.8.camel@P7230> Hi, I am replying to my own message because it's probably the "cleanest" reply since I am not subscribed to the mailing list and thus can't reply to Charles' message itself. > What specifically is the *purpose* of this? To encrypt the data on the server (like the zlib plugin does for compression). Said value will be password used to unlock/decrypt the encryption key stored on the server. (I have implemented several cryptographic software components, so I believe that I understand what all is required for something like such a plugin to be implemented correctly). > I think it is usually preferred that you do things like this against > either the current shipping/stable branch (2.1.x), or even hg (2.2).. > much better chance that it would be accepted. Agreed - I'm just developing on Ubuntu 12.04 which has 2.0. However, porting patches from 2.0 to 2.1/2.2 shouldn't be too hard from what I've seen so far. Cheers, J?rgen Am Sonntag, den 24.06.2012, 22:37 +0200 schrieb J?rgen Pabel: > Dear Dovecot-Team, > > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. > > However, in auth_request_handle_passdb_callback() the extra_fields are > reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if > that return code is used then any following passdb's aren't invoked any > more - which makes sense with respect to user authenticiation. I would > therefore like to propose that some IGNORE/CONTINUE-status to be > introduced in auth/passdb.h, that would be handled in that extra_fields > and possible other values are not reseted in order to allow such > propagation of data from authentication process down to the mail process > (which could be extracted from the reply string by parsing it). > > As a further implementation alternative (to the parsing of the reply > string), I also propose that some new "environment" item be introduced > (in auth_request) in order to allow such data passing in a generic > manner. > > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. > > Regards, > J?rgen > > PS: please reply to my e-mail (or CC me), as I have not subscribed to > the dovecot list > From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 00:59:14 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 25 Jun 2012 23:59:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: Message-ID: <20120625215914.GA7831@daniel.localdomain> Hi Rolf, Rolf wrote: > Now I came to my limits with this failure messages in > /home/rolf/.dovecot.sieve.log: > > sieve: info: started log at Jun 25 20:22:54. > error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: > failed to store into mailbox 'INBOX': BUG: Unknown internal error. > > with this messages in mail.info: > > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> > Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) > > I guess the mentioned mail is spam. However, does this tell about > some wrong configuration or access rights? Any indication what to > improve? I get such an error about every 6 minutes. lda ist the local delivery agent which seems to fail during delivery. "setegid(privileged) failed" looks like your lda running under a specific user is not allowed to change to the specified group id, maybe the user not a member of the configured group, but this is just a guess. For a deeper analysis we will need the full output of the following command: doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 01:47:16 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Mon, 25 Jun 2012 15:47:16 -0700 Subject: [Dovecot] What does "namespace inbox {..." mean Message-ID: <1340664436.3984.23.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. On the other hand the sample configuration coming with dovecot in my distro puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears from the wiki that the word following the namespace declarator (if this is the right word) should be either "public", "shared", or "private", and describes a property of the namespace being declared. So what does: namespace inbox {... mean? Similarly in another part of the wiki (see http://wiki2.dovecot.org/Plugins/Virtual), I read that it's possible to have namespace virtual { namespace real { ... which only increases my perplexity. Please advise! Thanks - jon From janfrode at tanso.net Tue Jun 26 09:44:10 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 26 Jun 2012 08:44:10 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <20120626064410.GA19106@dibs.tanso.net> On Thu, Jun 21, 2012 at 11:44:33PM +0300, Timo Sirainen wrote: > > > > additionally you should install imapproxy on the webserver > > wehre your webmail is running and configure the webmail for > > using 127.0.0.1 - so only one connection per user is > > persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > That was me, there -> http://dovecot.org/list/dovecot/2012-February/063666.html -jf From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 15:41:46 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 14:41:46 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626064410.GA19106@dibs.tanso.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: >>> wehre your webmail is running and configure the webmail for >>> using 127.0.0.1 - so only one connection per user is >>> persistent instead make a new one for each ajax-request >> >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. nothing strange. I really wonder if there are available FASTER implementations of imap service. Quite probably not. It's stupid how webmail works but dovecot doesn't have a problem to get new connections every now and then. just make sure you didn't set up SSL by accident. From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 16:11:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 15:11:18 +0200 (CEST) Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: > The only draw back I see with maildir is one file per message. This it is mostly adventage. > makes it resilient to corruption that mbox sees (if a message gets > corrupted, you erase one message and that corruption won't propagate > even if you leave it in place). In many setups this also leads to MUCH > faster system. On unix systems this doesn't just waste disk space, it even with 32kB block/4kB fragment filesystem under FreeBSD which is my common setup, it isn't that a problem. i just checked one of my users folder - 2.3GB in 8500 files. the average is 270 kilobytes per mail. checked few others and it looks similar. dovecot's own storage system can do something in between - packing smallest messages by a few in one file. > could lead to inode (or whatever your *nix of choice calls it) > depletion. you decide how much inode you need while creating filesystem on every unix system, except filesystems where it is allocated on demand. What you will gain is clear separation of mails. You may in any case use widely available standard unix tools to move, delete, search, whatever with this files, and dovecot would rebuild it's indexes then. The other major gain are backups. With one file per mail differential/incremental backups will work fine. As everyone do backups this is important, unless you have so cheap and quick backup system that you can just do full backup most cases. Tapes, while certainly fast, are unfortunately not a cheap solution anymore. I don't mean drive, but cartridges. The disadventages are more I/O when multiple files are processed but it is not a common case. Dovecot makes great job in indexing. The other may be (with linux) slow operation on huge directories. I wasn't using linux for 6 years and that's only what i am told from others. Possibly it is already improved in linux. In FreeBSD there is compile time option UFS_DIRHASH for kernel that make even million file directories work quick. as of latter discussion about what microsoft recommends with linux (being of course expert of everything) - i would keep silent. From joseba.torre at ehu.es Tue Jun 26 17:16:14 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Tue, 26 Jun 2012 16:16:14 +0200 Subject: [Dovecot] Director + managesieve: is it posible? Message-ID: <4FE9C42E.6010407@ehu.es> Hi, I've just tried to add managesieve to our director server, and when I try to connect they fail with Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Jun 26 12:28:13 director2 dovecot: managesieve-login: Disconnected (internal failure, 1 succesful auths): user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Is it posible to use director for this? Or only static proxy is allowed? Aaaaaaaaagur. From tss at iki.fi Tue Jun 26 17:27:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 17:27:13 +0300 Subject: [Dovecot] Director + managesieve: is it posible? In-Reply-To: <4FE9C42E.6010407@ehu.es> References: <4FE9C42E.6010407@ehu.es> Message-ID: <5A5A3920-BA5C-4A4F-A8CD-069CDF543569@iki.fi> On 26.6.2012, at 17.16, Joseba Torre wrote: > I've just tried to add managesieve to our director server, and when I try to connect they fail with > > Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= > Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> "host not given". You've not configured service managesieve-login { executable = managesieve-login director } From mailinglist at august.de Tue Jun 26 17:51:22 2012 From: mailinglist at august.de (mailinglist) Date: Tue, 26 Jun 2012 16:51:22 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120625215914.GA7831@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <7ed0b690c6cd82969f98c080b2f9678f@august.de> Am 2012-06-25 23:59, schrieb Daniel Parthey: > Hi Rolf, > > Rolf wrote: >> Now I came to my limits with this failure messages in >> /home/rolf/.dovecot.sieve.log: >> >> sieve: info: started log at Jun 25 20:22:54. >> error: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error. >> >> with this messages in mail.info: >> >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: >> client=localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: >> message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> >> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: >> from=, size=5291, nrcpt=1 (queue active) >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script >> /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user >> logfile /home/rolf/.dovecot.sieve.log may reveal additional details) >> >> I guess the mentioned mail is spam. However, does this tell about >> some wrong configuration or access rights? Any indication what to >> improve? I get such an error about every 6 minutes. > > lda ist the local delivery agent which seems to fail during delivery. > "setegid(privileged) failed" looks like your lda running under a > specific > user is not allowed to change to the specified group id, maybe the > user > not a member of the configured group, but this is just a guess. > > For a deeper analysis we will need the full output of the following > command: > > doveconf -n > > Regards, > Daniel Thank you for your kind answer, Daniel. I have installed dovecot and docecot-sieve by Debians aptitude (see dpkg -l blow). As far as I understand the "ps -f ax" output (see below) dovecot runs with root priviledges and postfix runs with its own user priviledges. The mbox files below /var/mail are owned by their respective users and have "mail" as their group, both can write, world can do nothing. I added every related system user to the mail group, also restarted postfix and dovecot. root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix As I understand it, postfix activates the lda "deliver" as user "postfix". Therefore it should be able to write to the mboxes at /var/mail. If needed dovecot can write there as well. Hope you can find something by the following 3 outputs: 1. dovecot -n, 2. ps -f ax, 3. dpkg -l Kind Regards, Rolf =========== 1 dovecot -n root at rolf14:/var/mail# dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4-4.slh.1-aptosid-amd64 x86_64 Debian wheezy/sid disable_plaintext_auth = no hostname = august.de mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail passdb { args = failure_show_msg=yes driver = pam } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_default = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at august.de protocols = " imap pop3" sendmail_path = /usr/lib/sendmail ssl_cert = (keine Beschreibung vorhanden) ii dovecot-core 1:2.1.7-2 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-gssapi (keine Beschreibung vorhanden) ii dovecot-imapd 1:2.1.7-2 secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-ldap (keine Beschreibung vorhanden) un dovecot-lmtpd (keine Beschreibung vorhanden) un dovecot-managesieved (keine Beschreibung vorhanden) un dovecot-mysql (keine Beschreibung vorhanden) un dovecot-pgsql (keine Beschreibung vorhanden) ii dovecot-pop3d 1:2.1.7-2 secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-sieve 1:2.1.7-2 sieve filters support for Dovecot un dovecot-solr (keine Beschreibung vorhanden) un dovecot-sqlite (keine Beschreibung vorhanden) root at rolf14:/var/mail# Nachricht 1 von 12 From andre.rodier at gmail.com Tue Jun 26 18:04:13 2012 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Tue, 26 Jun 2012 16:04:13 +0100 Subject: [Dovecot] userdb errors after upgrading to 2.1 Message-ID: Hello everybody, I am running debian wheezy for development and test, and I recently upgrade to dovecot 2.1.7 I am using LDAP lookups, and virtual users with the same UID/GID. Everything was working fine before, but now, I have this error when I try to send an email to a local account: -------------------------------------------------------- Jun 26 15:46:52 lapetus dovecot: lmtp(24518): Error: user user.test at indienet.com: Auth USER lookup failed Jun 26 15:46:52 lapetus dovecot: auth: Error: userdb(user.test at indienet.com,127.0.0.1): client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket -------------------------------------------------------- However, even if I set the permissions to 0666, I still have the same error. Can you point me in the right direction to fix this, please? Kind regards, Andr? Rodier From CMarcus at Media-Brokers.com Tue Jun 26 18:54:52 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 26 Jun 2012 11:54:52 -0400 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> Message-ID: <4FE9DB4C.20309@Media-Brokers.com> On 2012-03-03 1:10 PM, Thomas Leuxner wrote: > Am 03.03.2012 um 13:07 schrieb Steven Haigh: > >> I'm just wondering if anyone knows if this got implemented? I've >> beenlooking at doing this for quite some time... > Yes it was. It has been discussed extensively: > > http://www.dovecot.org/list/dovecot-news/2012-February/000213.html > http://www.dovecot.org/list/dovecot/2011-December/062327.html Thanks for the thread references Thomas, I just re-read them and didn't see my question asked... The obvious downside to the current RFC based umplementation is that it requires Client cooperation... My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. -- Best regards, Charles From kayasaman at gmail.com Tue Jun 26 19:23:49 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Tue, 26 Jun 2012 17:23:49 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE9E215.3090700@gmail.com> On 06/25/2012 08:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find > this easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user > and group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > Obviously, vmail may not be your user for vmail. Also, some of my > notes may no longer be accurate for location, just find where it > exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is > probably very similar, but I have had too many mbox style mail queues > go south losing all of the mail (or more than one would like), so I do > Maildir, even though it isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Hi, I'm just responding as the OP to say that the above was what I was looking for! Thanks Trever :-) Everything is setup and working fine now. Though responding quite late and of course having read through the latest messages within the thread I don't feel that my users will notice any difference between mbox or mdbox and Maildir format, speedwise. The reasoning behind this is that my end users unfortunately are all using M$ Outlook which is absolute garbage! FULL STOP! Comparing the IMAP capability speeds between Thunderbird and Outlook linking to my server yielded that I was able to get around 150Mbps transfer rate using T-Bird while Outlook only managed a few 100's of kbps. I think it's because 2010 relies heavily on PST's (whatever they are....) and the fact it is ultimately M$ also so it's basically built by nincompoops to be sold at hideous prices and even higher tech-support prices. In all fairness to Outlook I did manage to get a pathetic ~2Mvbps tops of transfer...... :-S Luckily I'm the only one using T-Bird or Alpine so am fine :-) Can't send any mail though as need to go through Exchange - there's no winning in the corporate world :-( Regards, Kaya From trever at middleearth.sapphiresunday.org Tue Jun 26 19:47:17 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:47:17 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E795.50506@middleearth.sapphiresunday.org> > b) Make sure your local samba setup is joined to the domain. Make sure > it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as > part of its password management, etc. > > net ads keytab add smtp/mail_server_fqdn > net ads keytab add imap/mail_server_fqdn > > > You may have to edit the sam.ldb on your S4 server as many times S3 > doesn't create the principals ( /usr/local/samba/bin/ldbedit -H > /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ > should do the trick and add userPrincipalName so that it has > imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own > userPrincipalName, this should give the machine account 3 > userPrincipalName lines) Sorry to anyone who was following what I wrote. I made a mistake. This should NOT be userPrincipalName, it should be servicePrincipalName. (There should already be 1 or 2 such lines that says HOST/host or HOST/host.fqdn) Trever From trever at middleearth.sapphiresunday.org Tue Jun 26 19:48:52 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:48:52 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E7F4.9090706@middleearth.sapphiresunday.org> On 06/26/2012 07:11 AM, Wojciech Puchar wrote: >> The only draw back I see with maildir is one file per message. This > > it is mostly adventage. Agreed. > >> makes it resilient to corruption that mbox sees (if a message gets >> corrupted, you erase one message and that corruption won't propagate >> even if you leave it in place). In many setups this also leads to MUCH >> faster system. On unix systems this doesn't just waste disk space, it > > even with 32kB block/4kB fragment filesystem under FreeBSD which is my > common setup, it isn't that a problem. > i just checked one of my users folder - 2.3GB in 8500 files. the > average is 270 kilobytes per mail. > > checked few others and it looks similar. > > > dovecot's own storage system can do something in between - packing > smallest messages by a few in one file. > >> could lead to inode (or whatever your *nix of choice calls it) >> depletion. > you decide how much inode you need while creating filesystem on every > unix system, except filesystems where it is allocated on demand. Yes, as I noted, I haven't seen this. But it could be an annoyance depending on how things were created and when. I don't believe all file systems can do allocation on demand. I don't know. > > as of latter discussion about what microsoft recommends with linux > (being of course expert of everything) - i would keep silent. > The only reason I know what they recommend is it came up on several sites that described how to setup the service principals. I read something recently on Samba lists that explains why this may be their recommendation. The funny thing is, it really isn't any different than on their systems unless they think that because it is their system the keytab is some how miraculously going to stay more secure than it would on other systems. Sorry if I seemed like I was claiming to be some super expert. I just had a lot of help to pull things together. If he was struggling to find things, I would like to help. Trever -- "Fairy tales are more than true; not because they tell us that dragons exist, but because they tell us that dragons can be beaten." -- G.K. Chesterton From role.Dovecot-Readers at JLAssocs.com Tue Jun 26 21:34:22 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Tue, 26 Jun 2012 19:34:22 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present Message-ID: Hi, After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html That explains it. Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. I'd be as happy getting my procmail script to tell Dovecot to update the index based on the flag, but I'm pretty sure that's not possible :) Any ideas greatly appreciated, thanks. ~ James. From slusarz at curecanti.org Tue Jun 26 22:03:41 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:03:41 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 23.6.2012, at 13.21, Ed W wrote: > >>>> But I don't know, whether this is the sort of caching you are >>>> referring to. >>> >>> what's a point of caching imap, except your webmail service is not >>> locally connected (localhost or LAN) to imap server? >> >> Asking for items 600-615 from a threaded list, sorted by something, >> can be an expensive operation, especially if you just asked for >> items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. > Normally there shouldn't be a need for extra caching layer except in > cases of higher network latency. Timo: I'm not sure if you are saying that all client-side caching is wrong. If so, I'm going to disagree with you, especially when dealing with more complex data structures. Let me first say that I don't take IMAP response parsing to be a computationally easy action. So it's not just network latency you are worrying about; parsing a line can be the limiting factor in many cases. For example, a deeply threaded 400 message mailbox will return a THREAD response line that will take quite a bit of recursive parsing to decode. And various FETCH criteria most definitely benefit from local caching above/beyond what dovecot provides. An example: BODYSTRUCTURE. This may be cached on the dovecot side, but when received by the MUA you have to parse the IMAP BODYSTRUCTURE response (not trivial). You also have to potentially handle IMAP response codes in the server command completion line. And the bodystructure data is probably not all that useful until converted to a usable object on the MUA side, which may be another relatively expensive operation. So a locally cached bodystructure object is a substantial performance benefit over having to recreate this data from the cached data on the dovecot side. ENVELOPE is similar. Most likely this will be converted to an object representation in the MUA so you have the same benefits as BODYSTRUCTURE. Additionally, in IMP we do things like scan for broken charset headers (e.g. Subject headers that contain non-ASCII characters) and have some algorithms to fix these issues. This "value-added" code would be prohibitively expensive if we have to do it on every mailbox access. Message flags are another benefit to caching. The list of flags may be cached on dovecot, but not having to issue a flag FETCH every time you access a mailbox can be a substantial benefit. But I will heartily agree that nobody should be caching things like headertext or bodypart data. There is little/no benefit you receive from caching this locally. This is where you should be leveraging the storage on the IMAP server. As an MUA author you can't rely on the fact that you are connecting to a competent IMAP server. You just as likely are going to be connecting to a server that implements base RFC 3501, and most likely implements that incorrectly. Not all of us are lucky to connect to Dovecot (or Cyrus). So smart caching most definitely can and will increase performance of an MUA, regardless of caching performed by the IMAP server. michael From slusarz at curecanti.org Tue Jun 26 22:09:16 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:09:16 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: <20120626130916.Horde.SApgK4F5lbhP6gjcZtb2KWA@bigworm.curecanti.org> Quoting Wojciech Puchar : > It's stupid how webmail works but dovecot doesn't have a problem to > get new connections every now and then. just make sure you didn't > set up SSL by accident. Would you mind explaining why you think it is "stupid" the way webmail works? I assume you are angry because a webmail installation will normally need to create a new IMAP connection on every user interaction at the browser level. Unfortunately, HTTP is a stateless protocol which makes webmail a disconnected client. But it is no different than other disconnected clients, e.g. mail app on a smartphone. I am confused on why you think this is stupid. The existence of disconnected clients has been contemplated since the beginning of IMAP (see RFC 1733; RFC 4549), and much work has been done to the IMAP protocol (CONDSTORE, QRESYNC, to a lesser extent SORT/THREAD) to increase performance on these clients - especially since that's where MUA usage is exploding. michael From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 23:10:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 22:10:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626201036.GA6929@daniel.localdomain> Rolf wrote: > Am 2012-06-25 23:59, schrieb Daniel Parthey: > >Hi Rolf, > > > >Rolf wrote: > >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Doesn't lda(rolf) mean it is being executed under user "rolf", not root or dovecot? How exactly do you invoke lda from your /etc/postfix/master.cf? You might also try to use LMTP via TCP to deliver mails from postfix to dovecot to work around any permission problems. > I have installed dovecot and docecot-sieve by Debians aptitude You don't seem to be the only one with these problems, see Debian BTS: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 > As far as I understand the "ps -f ax" output (see > below) dovecot runs with root privileges and postfix runs with its > own user privileges. > > root 20998 1 0 Jun25 ? Ss 0:03 /usr/sbin/dovecot -c /etc/dovecot/dovecot.conf Well, the master process often runs as root, but child processes like lda may be configured to run as an unprivileged, or even as the user which owns the mailbox. > The mbox files below /var/mail are owned by > their respective users and have "mail" as their group, both can > write, world can do nothing. I added every related system user to > the mail group, also restarted postfix and dovecot. > root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix User "rolf" is not a member of group "mail", but I don't think he needs to be, otherwise he would be able to read the mails of all users on the system and this would be a security risk. > As I understand it, postfix activates the lda "deliver" as user > "postfix". Therefore it should be able to write to the mboxes at > /var/mail. If needed dovecot can write there as well. The lda should rather switch to the owner of the respective INBOX, e.g. /var/mail/rolf. Log message "lda(rolf)" looks like this happens. To summarize, I think LMTP will be the easiest way to fix the permission problems. Otherwise you would need to fiddle out how to prevent dovecot lda from switching to group additional group "mail", since unprivileged user "rolf" is not allowed to do that. Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 23:35:00 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 13:35:00 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir Message-ID: <1340742900.2495.14.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. Each of these namespaces starts with namespace private { On the other hand the sample configuration in the documentation puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears that there has been a change in the configuration syntax after the wiki was written, and that the word following namespace no longer gives a property of the namespace, but rather its name. Is this correct? In any case, how should the configuration be modified to handle mixed mailboxes? Thanks - jon From ssilva at sgvwater.com Tue Jun 26 23:48:43 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 13:48:43 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340742900.2495.14.camel@amito> References: <1340742900.2495.14.camel@amito> Message-ID: on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > I'm trying to set up a dovecot server for which mail arrives in an mbox, > and mail is stored in a maildir. The wiki (see > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > Maildir". It advises handling this situation by creating two > namespaces: one for the mbox and the other for the maildir. Each of > these namespaces starts with > namespace private { > > On the other hand the sample configuration in the documentation puts > inbox in a namespace starting with: > namespace inbox { > # Namespace type: private, shared or public > #type = private > > It appears that there has been a change in the configuration syntax > after the wiki was written, and that the word following namespace > no longer gives a property of the namespace, but rather its name. > Is this correct? In any case, how should the configuration be modified > to handle mixed mailboxes? > > Thanks - jon > > > If you are working with 2.0 or later dovecot, you should be at http://wiki2.dovecot.org/Namespaces From tss at iki.fi Tue Jun 26 23:49:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 23:49:28 +0300 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: On 26.6.2012, at 21.34, J E Lyon wrote: > After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html > > That explains it. > > Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) > > Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions From matthieu.rakotojaona at gmail.com Tue Jun 26 21:55:04 2012 From: matthieu.rakotojaona at gmail.com (Matthieu RAKOTOJAONA) Date: Tue, 26 Jun 2012 18:55:04 +0000 (UTC) Subject: [Dovecot] Wrong headers in dovecot-crlf Message-ID: Hello everyone, I'm using the very good imaptest [0] tool to test my little imap server implementation. I've tried to use the dovecot-crlf [1] file, but it looks like there are some major issues : $ grep -n "In-Reply-To.*;" tests/data/dovecot-crlf 479:In-Reply-To: <20020806175441.GA7148 at linux.taugt.net>; from rueckert at informatik.uni-rostock.de on Tue, Aug 06, 2002 at 07:54:41PM +0200 525:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 564:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 673:In-Reply-To: <20020807231956.GA11240 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Wed, Aug 07, 2002 at 08:19:56PM -0300 795:In-Reply-To: <20020808131329.GA30775 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 10:13:30AM -0300 964:In-Reply-To: <20020808193533.GA28619 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 04:35:33PM -0300 21545:In-Reply-To: <1046294808.30811.66.camel at hurina>; from tss at iki.fi on Wed, Feb 26, 2003 at 11:26:48PM +0200 22042:In-Reply-To: <1046373554.18310.4.camel at hurina>; from tss at iki.fi on Thu, Feb 27, 2003 at 09:19:14PM +0200 23712:In-Reply-To: <20030227212127.A10927 at pcx3332.desy.de>; from Juergen.Kahnert at DESY.de on Thu, Feb 27, 2003 at 09:21:27PM +0100 25498:In-Reply-To: ; from Leslie_Viljoen at icoc.org on Thu, Mar 13, 2003 at 12:44:52PM +0200 30654:In-Reply-To: <1048667343.30187.100.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 10:29:03AM +0200 31126:In-Reply-To: <1048704303.31565.214.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 08:45:03PM +0200 31313:In-Reply-To: <1048928723.6856.21.camel at hurina>; from tss at iki.fi on Sat, Mar 29, 2003 at 11:05:23AM +0200 31820:In-Reply-To: <1049101161.884.126.camel at hurina>; from tss at iki.fi on Mon, Mar 31, 2003 at 11:59:21AM +0300 31890:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 10:12:22AM -0500 32037:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 02:19:27PM -0500 32463:In-Reply-To: <1049243642.11879.25.camel at hurina>; from tss at iki.fi on Wed, Apr 02, 2003 at 03:34:02AM +0300 As you can see, many of the "In-Reply-To" headers are polluted with some junk. The situation is the same for many "Message-ID" headers. I don't know why they are here, but I think it's a mistake. I thought I would let you know. [0] http://imapwiki.org/ImapTest [1] http://www.dovecot.org/tmp/dovecot-crlf Regards, -- Matthieu RAKOTOJAONA From jonrysh at pacbell.net Wed Jun 27 00:19:20 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 14:19:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: References: <1340742900.2495.14.camel@amito> Message-ID: <1340745560.2495.27.camel@amito> On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: > on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > > I'm trying to set up a dovecot server for which mail arrives in an mbox, > > and mail is stored in a maildir. The wiki (see > > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > > Maildir". It advises handling this situation by creating two > > namespaces: one for the mbox and the other for the maildir. Each of > > these namespaces starts with > > namespace private { > > > > On the other hand the sample configuration in the documentation puts > > inbox in a namespace starting with: > > namespace inbox { > > # Namespace type: private, shared or public > > #type = private > > > > It appears that there has been a change in the configuration syntax > > after the wiki was written, and that the word following namespace > > no longer gives a property of the namespace, but rather its name. > > Is this correct? In any case, how should the configuration be modified > If you are working with 2.0 or later dovecot, you should be at > http://wiki2.dovecot.org/Namespaces I am using 2.1.7 . I surmise from this Namespace page that the form: namespace { where is one of "public", "private", or "shared" creates an unnamed namespace of type while the form: namespace { where is none of "public", "private", or "shared", creates a namespace with the name and the default type (unspecified on this page, but probably private). The namespace can be given the type desired by an (undocumented) namespace setting: namespace inbox ( type = Is this correct? Thanks - jon From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 00:47:39 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 23:47:39 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626214739.GA8465@daniel.localdomain> Rolf wrote: > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Manual page "man 2 setegid" states that setegid() sets the effective group ID of the calling process. Unprivi- leged user processes may only set the effective group ID to the real group ID, the effective group ID or the saved set-group-ID. Your "postfix" user is a member of group "mail", but "mail" which you configured as "mail_privileged_group = vmail" is neither the primary group of user "postfix", nor is it the effective group id of the calling postfix process. Therefore you might get the error as documented in the manpage setegid(2): EPERM The calling process is not privileged (Linux: does not have the CAP_SETUID capability in the case of seteuid(), or the CAP_SET- GID capability in the case of setegid()) and euid (respectively, egid) is not the real user (group) ID, the effective user (group) ID, or the saved set-user-ID (saved set-group-ID). Regards Daniel -- https://plus.google.com/103021802792276734820 From ssilva at sgvwater.com Wed Jun 27 01:10:33 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 15:10:33 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: on 6/26/2012 2:19 PM Jonathan Ryshpan spake the following: > On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: >> on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: >>> I'm trying to set up a dovecot server for which mail arrives in an mbox, >>> and mail is stored in a maildir. The wiki (see >>> http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and >>> Maildir". It advises handling this situation by creating two >>> namespaces: one for the mbox and the other for the maildir. Each of >>> these namespaces starts with >>> namespace private { >>> >>> On the other hand the sample configuration in the documentation puts >>> inbox in a namespace starting with: >>> namespace inbox { >>> # Namespace type: private, shared or public >>> #type = private >>> >>> It appears that there has been a change in the configuration syntax >>> after the wiki was written, and that the word following namespace >>> no longer gives a property of the namespace, but rather its name. >>> Is this correct? In any case, how should the configuration be modified > >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? > > Thanks - jon > > > > I am not sure, as I am using pure maildir... Follow the wiki, as there is an example there for mbox inbox and maildir message store... Mixed mbox and Maildir If you have your INBOX as mbox in /var/mail/username and the rest of the mailboxes in Maildir format under ~/Maildir, you can do this by creating two namespaces: namespace { separator = / prefix = "#mbox/" location = mbox:~/mail:INBOX=/var/mail/%u inbox = yes hidden = yes list = no } namespace { separator = / prefix = location = maildir:~/Maildir } From slusarz at curecanti.org Wed Jun 27 01:23:23 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 16:23:23 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: <20120626162323.Horde._ABQfIF5lbhP6jZb2CnwFcA@bigworm.curecanti.org> Quoting Timo Sirainen : > Well, I had completely forgotten about it :) Reading my old mail: > >> There isn't a whole lot of state to be saved really. Mailbox GUID, >> UIDVALIDITY, >> HIGHESTMODSEQ gives the mailbox state. Then you have the >> language/etc. states. >> Clients could restore their earlier state from days ago, as long as Dovecot >> still has the necessary .log records available (similar to how >> QRESYNC works). > > Yeah .. Perhaps something like: > > 1. if client issues LOGOUT XSTATE > > 2. And server sees that it can actually save all of the state (some > things are a bit tricky, and probably not worth the trouble in > initial implementation) > > 3. Then the server server sends > * OK XSTATE > * BYE This makes sense. Although wouldn't it be: * OK [XSTATE ] State saved. > 4. The client can pipeline after LOGIN/AUTHENTICATE: > a XSTATERESTORE > a OK Yeah! > or > a NO Not gonna work. Couple of suggestions here: 1) Maybe allow XSTATERESTORE to be sent BEFORE authentication also/instead? The way that Dovecot would restore state might be different from the way another IMAP server would restore state. It's possible that another server could optimize things if, at authentication time, it knew it was going to restore state. i.e.: a XSTATERESTORE a OK Will attempt to restore state. b (LOGIN/AUTHENTICATE command) * OK [XSTATERESTOREOK] State restored. -- or -- * OK [XSTATERESTORENO] State NOT restored. b OK Logged in. 2) Could extend LOGIN/AUTHENTICATE to accept XSTATERESTORE parameter. Pros: saves round-trip. Cons: extending LOGIN/AUTHENTICATE at this stage of IMAP 4 development is probably overkill (Although this implementation already requires extending the LOGOUT command) > Perhaps even a real RFC for this thing? .. If it's worth it.. Would > save at least a few X bytes from network traffic :) It could potentially be a few more than X bytes. Here's an extreme example of the potential savings: Initial connection: ------------------- 1 (LOGIN/AUTHENTICATE) 1 OK Logged in. 2 CAPABILITY * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE ACL RIGHTS=texk 2 OK Capability completed. 3 ID ("name" "foo" "version" "1.0") * ID ("name" "foo2" "version" "bar2" "os" "linux") 3 OK ID completed 4 ENABLE QRESYNC * ENABLED QRESYNC 4 OK Enabled. 5 COMPARATOR "de;*" i;basic * COMPARATOR i;basic 5 OK Will use i;basic for collation 6 LANGUAGE DE * LANGUAGE (DE) * NAMESPACE (("" "/")) (("Other Users/" "/" "TRANSLATION" ("Andere Ben&APw-tzer/"))) (("Public Folders/" "/" "TRANSLATION" ("Gemeinsame Postf&AM8-cher/"))) 6 OK Sprachwechsel durch LANGUAGE-Befehl ausgefuehrt [IMAP session] 50 LOGOUT XSTATE * OK [XSTATE 123abc] * BYE Subsequent connection: ---------------------- 1 XSTATERESTORE 123abc 1 OK Will attempt to restore state. 2 (LOGIN/AUTHENTICATE) * OK [XSTATERESTOREOK] State restored. 2 OK Angemeldet. Given this (admittedly) extreme example, the savings are 689 bytes (+126 bytes for staterestore overhead, -815 bytes for state setup). Additionally, the server/client have to process 4 less IMAP commands. This is a significant savings IMHO. Whether or not this is appropriate for a real RFC, it would probably be useful to document in RFC fashion regardless. michael From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 08:44:16 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 07:44:16 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: > > Timo: I'm not sure if you are saying that all client-side caching is wrong. > If so, I'm going to disagree with you, especially when dealing with more > complex data structures. it is always good - on WAN links. From robert at schetterer.org Wed Jun 27 09:23:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 08:23:21 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: <4FEAA6D9.2090208@schetterer.org> Am 27.06.2012 07:44, schrieb Wojciech Puchar: >> >> Timo: I'm not sure if you are saying that all client-side caching is >> wrong. If so, I'm going to disagree with you, especially when dealing >> with more complex data structures. > > > it is always good - on WAN links. Hi, i dont wanna flame into this thread, cause its heavy tec stuff which i dont really fit in but for some webmail you can use http://imapproxy.org/ its running here fine with squirrelmail and roundcube -- Best Regards MfG Robert Schetterer From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 10:32:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 09:32:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FEAA6D9.2090208@schetterer.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: > > Hi, i dont wanna flame into this thread, cause its heavy tec stuff > which i dont really fit in > > but for some webmail you can use http://imapproxy.org/ the discussion was about if running proxy at all make sense. Proxies are to reduce traffic or server load by avoiding repetitive requests. With dovecot it's unlikely proxy itself will be faster, so second reason doesn't exist. With same computer or fast lan or virtual lan (==normal way of running webmail) first reason doesn't exist. From robert at schetterer.org Wed Jun 27 10:51:02 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 09:51:02 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: <4FEABB66.2020802@schetterer.org> Am 27.06.2012 09:32, schrieb Wojciech Puchar: >> >> Hi, i dont wanna flame into this thread, cause its heavy tec stuff >> which i dont really fit in >> >> but for some webmail you can use http://imapproxy.org/ > > the discussion was about if running proxy at all make sense. > > Proxies are to reduce traffic or server load by avoiding repetitive > requests. > > With dovecot it's unlikely proxy itself will be faster, so second reason > doesn't exist. > > With same computer or fast lan or virtual lan (==normal way of running > webmail) first reason doesn't exist. Hi, sorry ,only my meaning, beside coding layout questions about dovecot etc which is clearly not my case for questions like: "does a proxy make sense" there will never be an uni right answer the answer may ever depend on what fits best at your side general setup/layout -- Best Regards MfG Robert Schetterer From zimmys76 at web.de Wed Jun 27 10:53:36 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Wed, 27 Jun 2012 09:53:36 +0200 Subject: [Dovecot] last hope... public namespace and directory structure Message-ID: <000601cd5439$f613bc50$e23b34f0$@web.de> hello, I would like to migrate to dovecot, but I have a problem with a public namespace declaration: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid And here are the relevant parts from the configuration: namespace { location = maildir:/var/mail/vhosts/%d/public prefix = Public. separator = . type = public } namespace inbox { prefix = separator = . subscriptions = yes type = private } I assume that all folders under ./public/ are public mailboxes. The public folder itself is not a maildir, but contains the team mailboxes i.e. ./public/.sales/ ./public/.service/ ./public/.purchase/ The file passwd for those 3 samples looks like this: sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase Note: All other users have mail_location /var/mail/vhosts/%d/%n Now a have the following problem: If I login in as user sales and create a folder foo and in there a folder bar. The directory structure is: ./public/. sales /.foo and /public/. sales /.foo.bar that?s exactly what I?m expect. Now I logon as ?normal? user. I can see the namespace Public with the sales mailbox but no subfolder foo or foo.bar. Now I create also the folders foo and in there bar, but the result is to me unexpected ;-): ./public/. sales ./public/. sales.foo ./public/. sales.foo.bar Looking forward to your comment, Daniel From mailinglist at august.de Wed Jun 27 11:38:57 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:38:57 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626201036.GA6929@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: Am 2012-06-26 22:10, schrieb Daniel Parthey: > Rolf wrote: >> Am 2012-06-25 23:59, schrieb Daniel Parthey: >> >Hi Rolf, >> > >> >Rolf wrote: >> >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Doesn't lda(rolf) mean it is being executed under user "rolf", > not root or dovecot? could be. However, following your mail I tried several alternatives for grouping, made the user itself part of mail group, made postfix and dovecot part of the users real group, made all part of roots real group, made the users part of postfix and dovecot real group ... I could have made failures in trying all this combinations but the failure remained in any case. (I switched all back for security reasons, the failure is still there.) > > How exactly do you invoke lda from your /etc/postfix/master.cf? these are my lines from /etc/postfix/main.cf: #mailbox_command = procmail -a "$EXTENSION" mailbox_command = /usr/lib/dovecot/deliver if I switch procmail back on the input gets delivered and I can see them using roundcube as a client for dovecot. > > You might also try to use LMTP via TCP to deliver mails > from postfix to dovecot to work around any permission problems. > LMTP would be new to me and I fear just other hard-to-understand configuration topics. What I did as a workaround is to have a last rule in each .dovecot.sieve: fileinto "rest". It works and this way the INBOX is no longer needed. >> I have installed dovecot and docecot-sieve by Debians aptitude > > You don't seem to be the only one with these problems, see Debian > BTS: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 Do not understand how they have solved the problem. Changing 0660 to 0600 for the /var/mail/user mboxes (with user:mail for user:group) seems not to be a logical solution - have not tried that. From mailinglist at august.de Wed Jun 27 11:45:14 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:45:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626214739.GA8465@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626214739.GA8465@daniel.localdomain> Message-ID: <47949791e5f9fa35b1136eba76b378cb@august.de> Am 2012-06-26 23:47, schrieb Daniel Parthey: > Rolf wrote: >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Manual page "man 2 setegid" states that > Yes, thank you Daniel for pointing me to this subjects. Now I got a bit a deeper understanding how a file gets executed. My problem is that I do not exactly know from the error message who is starting what by which effective group id and to what group id it tries to switch. All guessing did not lead to a result. I tried: postfix is starting deliver with the effective group id "postfix" and wants to set the group id either to "mail" or to "rolf". But no success. From tss at iki.fi Wed Jun 27 12:04:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:04:19 +0300 Subject: [Dovecot] [PATCH] GSSAPI authorization and virtual users In-Reply-To: <1331057521.84875.2.camel@leela.office.red-redemption.com> References: <1330973136.70967.33.camel@leela.office.red-redemption.com> <1331057521.84875.2.camel@leela.office.red-redemption.com> Message-ID: <1340787859.25551.47.camel@innu> On Tue, 2012-03-06 at 18:12 +0000, Sam Morris wrote: > On Mon, 2012-03-05 at 20:52 +0200, Timo Sirainen wrote: > > On 5.3.2012, at 20.45, Sam Morris wrote: > > > > > 3. The credentials lookup triggers an info log message saying that > > > credentials for GSSAPI were requested, "but we have only (e.g.) > > > MD5-CRYPT". The authplugin doesn't actually want the credential, > > > but I think that the only way the authplugin can trigger a > > > passdb lookup is by requesting it. > > > > I'll look at the rest more closely later, but this should be an easy fix: request "" instead of "GSSAPI". > > Thanks for pointing that out. Here's a newer version of the patch with > that change. I also realised that the gss_buffer is not required in the > code that runs once the passdb lookup is complete, so I removed the code > that stashes it in struct gssapi_auth_request. I finally looked into this and did some changes. Does it still work? :) http://hg.dovecot.org/dovecot-2.2/rev/183adc90781c From tss at iki.fi Wed Jun 27 12:25:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:25:31 +0300 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 In-Reply-To: <4FDF66E1.5050009@beardz.net> References: <4FDF66E1.5050009@beardz.net> Message-ID: <1340789131.25551.48.camel@innu> On Mon, 2012-06-18 at 18:35 +0100, Jase Thew wrote: > The reporting script at its core calls : > > doveadm -f flow mailbox status -A -t 'messages vsize' '*' > > It appears that Dovecot 2.1.7 is not resetting the vsize after collating > the sum total of mailboxes sizes for each user, so that vsize just > constantly increases as it iterates over each user. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/d8d587bd5a29 From tss at iki.fi Wed Jun 27 12:30:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:30:01 +0300 Subject: [Dovecot] pop3c_master_user In-Reply-To: <4FDFAE8C.9000208@mur.at> References: <4FDFAE8C.9000208@mur.at> Message-ID: <1340789401.25551.49.camel@innu> On Tue, 2012-06-19 at 00:41 +0200, Martin Schitter wrote: > the configuration keyword "pop3c_master_user" mentioned in the dsync > migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does > not work for dovecot 2.1.7. > > a config line like: "pop3c_master_user = cyrus" will produce this error: > > doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf > line 33: Unknown setting: pop3c_master_user Added: http://hg.dovecot.org/dovecot-2.1/rev/06ba409a63d3 From tss at iki.fi Wed Jun 27 12:31:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:31:46 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> Message-ID: <1340789506.25551.51.camel@innu> On Wed, 2012-06-20 at 14:40 +1100, ???????? ????????? ?????????? wrote: > but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? You'll have to mark the host down in SQL, and change your SQL query to return something else for the "host" value when that host is down (either another host or NULL to let director handle it). From tss at iki.fi Wed Jun 27 12:37:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:37:13 +0300 Subject: [Dovecot] doveadm proxy kick in director setups In-Reply-To: <20120621144829.GA8792@hawkeye.rutgers.edu> References: <20120621144829.GA8792@hawkeye.rutgers.edu> Message-ID: <1340789833.25551.54.camel@innu> On Thu, 2012-06-21 at 10:48 -0400, Tom Pawlowski wrote: > Something I noticed on a 2.1.7 director test cluster (two directors, > three backends): 'doveadm proxy kick user' will kick all connections > for that user on that director only. Any additional connections on other > directors will remain active unless the command is run on all directors. > > Are the proxy and director sub-commands intended to be separate and > distinct in their operation? If so, then this makes sense, as a proxy > isn't necessarily a director. They are separate, yes. > Are there any plans for a proxy kick equivalent that would work > across directors? With director it would be possible to kick all users that match the user's 32bit hash. If there are hash collisions then it would kick also other users.. Another possibility would be to create something that allows running the same doveadm command in all directors, but ssh pretty much can do that already. :) From tss at iki.fi Wed Jun 27 12:50:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:50:20 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Message-ID: <1340790620.25551.60.camel@innu> On Sat, 2012-06-23 at 07:04 +0200, Emmanuel Dreyfus wrote: > Hello > > I am having a hard time with users using POP while leaving mailboxes > of several gigabyte cumulated. This causes a lot of disk I/O and kills > performancs for everyone. I try to encourage people migrating to > IMAP, but that migration will take some time, and therefore I am looking > for alterantive ways to workaround the problem. What mailbox format do you use? This shouldn't be a problem with for example mdbox, probably not with sdbox either and with mbox/maildir there are settings that can improve this. Or are you not talking about opening the mailbox, but about clients redownloading all the mails all the time? > I found pop3-throttle-plugin.c, which seems a smart way to solve the > problem, unfortunately it comes with no documentation. I was able to > build it and load it, bu itsays nothing in the logs. Is there any > doc somewhere? Any advices on how to set it up? It's about allowing clients to see only X new mails per Y time. But I don't see how that would help with your problem if that's related to old mails. Anyway, quick docs: "touch /etc/dovecot/pop3-throttle-enabled" to enable the throttling plugin { pop3_throttle_max_msgs = 10 pop3_throttle_max_kbytes = 1024 } Which allows a single user to see max 10 new messages or max 1 MB of new messages per 15 minutes, whichever limit comes first. After 15 minutes more messages become visible again to reach the limit. The 15 minute limit is configurable by recompiling: #define POP3_THROTTLE_STATE_RESET_SECS (60*15) From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 13:01:51 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 11:01:51 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions Timo, Thanks for pointing me in the right direction . . I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . At least I know exactly where the problems are now, thanks! ~ James. From amateo at um.es Wed Jun 27 14:10:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 27 Jun 2012 13:10:09 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache Message-ID: <4FEAEA11.1070900@um.es> Hi, We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From lists at wildgooses.com Wed Jun 27 14:40:38 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 27 Jun 2012 12:40:38 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <4FEAF136.9070509@wildgooses.com> On 23/06/2012 13:20, Wojciech Puchar wrote: >>> >>> it is already enormous overshoot in hardware specs. And i do not >>> really catch why you have "4 in parallel" servers. >>> And finally i cannot understand this dividing of servers just to >>> merging it back using VMWare. >> >> because it is a big difference if you have anything in a single >> machine or splittet in virtual machines - you can move them at >> runtime to different hosts and if you run out of ressources > > ok - for me it is just likes. You have higher change to have the need > to move at the first place doing this :) Actually, I'm a huge buyer of "virtualisation". There is *no other* way that people should be running their servers right now... (hand waving sweeping generalisation - obviously add context, etc, before taking literally). There are various types of virtualisation solution and they have pros and cons, but I think there is close to zero reason not to use some kind of virtualisation option for all new deployments. Probably he is using something clever like vmware esx - I like the theory there where you can literally fail over a running machine to new hardware, without even stopping it running, very neat. I personally use linux-vservers which are almost identical to running on bare metal server (it's kind of a fancy form of chroot), this means I don't have commercial grade failover, but it only takes 5-15 seconds to "reboot" each container, so that's an acceptable downtime for my requirements. Good luck! Ed W From manu at netbsd.org Wed Jun 27 14:55:09 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Wed, 27 Jun 2012 11:55:09 +0000 Subject: [Dovecot] pop3-throttle In-Reply-To: <1340790620.25551.60.camel@innu> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> Message-ID: <20120627115509.GF27064@homeworld.netbsd.org> On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: > What mailbox format do you use? This shouldn't be a problem with for > example mdbox, probably not with sdbox either and with mbox/maildir > there are settings that can improve this. This is mbox. > Or are you not talking about opening the mailbox, but about clients > redownloading all the mails all the time? I don't think the client downloads the whole mailbox each time. It takes so long on a 1 GB mbox that the users would have complained. However, I can see a lot of disk I/O activity for pop daemon operating on the bigger mbox (easy to spot looking at the process uid) -- Emmanuel Dreyfus manu at netbsd.org From tss at iki.fi Wed Jun 27 15:22:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:22:18 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <20120627115509.GF27064@homeworld.netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> <20120627115509.GF27064@homeworld.netbsd.org> Message-ID: <78425DD3-20B3-4155-A465-7F05140BEC27@iki.fi> On 27.6.2012, at 14.55, Emmanuel Dreyfus wrote: > On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: >> What mailbox format do you use? This shouldn't be a problem with for >> example mdbox, probably not with sdbox either and with mbox/maildir >> there are settings that can improve this. > > This is mbox. > >> Or are you not talking about opening the mailbox, but about clients >> redownloading all the mails all the time? > > I don't think the client downloads the whole mailbox each time. It > takes so long on a 1 GB mbox that the users would have complained. > However, I can see a lot of disk I/O activity for pop daemon operating > on the bigger mbox (easy to spot looking at the process uid) Try mbox_very_dirty_syncs=yes From tss at iki.fi Wed Jun 27 15:24:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:24:37 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEAEA11.1070900@um.es> References: <4FEAEA11.1070900@um.es> Message-ID: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> On 27.6.2012, at 14.10, Angel L. Mateo wrote: > We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? Nope. What do you need it for? From tss at iki.fi Wed Jun 27 15:29:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:29:00 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FE59B9E.1050009@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> Message-ID: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> On 23.6.2012, at 13.34, Charles Marcus wrote: > It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. > > Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... The problem with those is that it depends on the installation. Each user may need different permissions. Many installations don't have a way to list users to even do a userdb lookup. I guess it would be possible to write such a tool for specific installations where it could work, but it wouldn't work everywhere.. From CMarcus at Media-Brokers.com Wed Jun 27 15:34:18 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 27 Jun 2012 08:34:18 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> Message-ID: <4FEAFDCA.3060902@Media-Brokers.com> On 2012-06-27 8:29 AM, Timo Sirainen wrote: > On 23.6.2012, at 13.34, Charles Marcus wrote: >> It would be nice if there were a wiki page specifically describing >> how permissions should be set for all of the services/directories >> that dovecot uses. >> >> Even better would be a dovecot/doveconf command that would test the >> permissions and, if possible, even fix them (like the postfix >> 'set-permissions' command)... > The problem with those is that it depends on the installation. Each > user may need different permissions. Many installations don't have a > way to list users to even do a userdb lookup. I guess it would be > possible to write such a tool for specific installations where it > could work, but it wouldn't work everywhere. Hmmm... I wonder how postfix does it then... maybe it doesn't have as many potential variations I guess? Is there maybe just a basic/standard set of permissions that can work for many installations, then have a way to detect non-standard installs and just provide a link to a wiki page describing things in more detail? Is there a wiki page for this already? I didn't find one... -- Best regards, Charles From r.vicinus at metaways.de Wed Jun 27 16:10:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Wed, 27 Jun 2012 15:10:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE85FD4.8090708@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> Message-ID: <4FEB0645.6000302@metaways.de> Hi, if i delete the home directory and all content below an existing account user at example.org. Then run: /usr/bin/doveadm quota recalc -u user at example.org and afterwards: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: i get the following errors: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=501 gid=123 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.129.3.196:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Error: Can't delete mailbox INBOX: INBOX can't be deleted. dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Trash doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Sent doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Info: INBOX: only in dest (guid=54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Info: Trash: only in source (guid=7f5af7ba291b2df1a11d573bdb55d7e9) dsync(user at example.org): Info: Sent: only in source (guid=bfb2e03fdce327671e82bf173b1ccb8b) dsync(user at example.org): Info: INBOX: only in source (guid=c92f64f79f0d1ed01e6d5b314f04886c) dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox c92f64f79f0d1ed01e6d5b314f04886c dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected is this an intented behaviour or is this a bug in quota recalc? if i delete the home directory again after the quota recalc recreated it no errors are reported and the mail are all copied as intended. Kind regards Reinhard -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot.conf.txt URL: From ckubu at so36.net Wed Jun 27 16:26:21 2012 From: ckubu at so36.net (ckubu) Date: Wed, 27 Jun 2012 15:26:21 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 In-Reply-To: <201206241221.16044.ckubu@so36.net> References: <201206241221.16044.ckubu@so36.net> Message-ID: <201206271526.22116.ckubu@so36.net> hallo, > after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work > properly. something went wrong in dict service connecting the postgres > backend. that happens not on every connection. the db connection data are > correct, no difference connecting via tcp or linux socket. > > dovecot log entries: > Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 > (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || > db- > > >cur_result == NULL) > > Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) > [0x7ffc7d8e578a] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) > [0x7ffc7d8e57d6] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) > [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] > -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> > dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> > dovecot/dict(main+0x169) [0x4059f9] -> > /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() > [0x404b59] > Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 > killed with signal 6 (core dumps disabled) > > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota > calculation error > Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > > maybe i have missconfigured the dovecot system, but i don't find the > mistake. can anybody give me a hint ? It seem's, that these errors occcures, if acl support ist activated. i deactivated acl support last night for a while, and no such errors occured. I can't make long term test, because that is a produktion system and i switched back to version 2.0.9, which runs with acl support but without that errors . bw Christoph > > ----- doveconf -n > # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 > auth_mechanisms = plain login digest-md5 cram-md5 apop > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_translation = %@ > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /var/run/dovecot/ > dict { > acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > } > disable_plaintext_auth = no > first_valid_gid = 5000 > first_valid_uid = 5000 > hostname = mx.warenform.de > last_valid_gid = 5000 > last_valid_uid = 5000 > listen = 178.63.63.151 2a01:4f8:121:c5::2 > mail_gid = vmail > mail_location = maildir:/var/vmail/%d/%n/Maildir > mail_plugins = autocreate quota expire acl > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > namespace { > list = children > location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Spam { > special_use = \Junk > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > plugin { > acl = vfile > acl_shared_dict = proxy::acl > autocreate = Spam > autocreate2 = Sent > autocreate3 = Trash > autocreate4 = Drafts > autosubscribe = Spam > autosubscribe2 = Sent > autosubscribe3 = Trash > autosubscribe4 = Drafts > expire = Trash > expire2 = Trash.* > expire3 = Spam > expire_dict = proxy::expire > quota = dict:User quota::proxy::quota > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+200M > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > recipient_delimiter = > sieve = ~/.dovecot.sieve > sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve > sieve_dir = ~/sieve > sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ > } > postmaster_address = admin at warenform.de > protocols = imap pop3 sieve lmtp > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0600 > user = vmail > } > } > service dict { > unix_listener dict { > mode = 0600 > user = vmail > } > } > service imap-login { > inet_listener imap { > address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener imaps { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > process_min_avail = 16 > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > address = 127.0.0.1 > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener pop3s { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = vmail > } > user = dovecot > } > shutdown_clients = no > ssl_cert = ssl_key = syslog_facility = local1 > userdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = autocreate quota expire acl sieve > } > protocol lda { > mail_plugins = autocreate quota expire acl sieve > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 24 > mail_plugins = autocreate quota expire acl imap_quota imap_acl > ssl_cert = ssl_key = } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > ssl_cert = ssl_key = } > > > ----- sql-dict.conf.ext: > > connect = host=/var/run/postgresql user=db_user password=db_passwd > dbname=db_name > > # quota > map { > pattern = priv/quota/storage > table = quota2 > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota2 > username_field = username > value_field = messages > } > > # expires > map { > pattern = shared/expire/$user/$mailbox > table = expires > value_field = expire_stamp > > fields { > username = $user > mailbox = $mailbox > } > } > > # acl > map { > pattern = shared/shared-boxes/user/$to/$from > table = user_shares > value_field = dummy > > fields { > from_user = $from > to_user = $to > } > } > > map { > pattern = shared/shared-boxes/anyone/$from > table = anyone_shares > value_field = dummy > > fields { > from_user = $from > } > } -- e: ckubu at so36.net From tss at iki.fi Wed Jun 27 17:24:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:24:51 +0300 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <4FE9DB4C.20309@Media-Brokers.com> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> <4FE9DB4C.20309@Media-Brokers.com> Message-ID: <603EF78F-44FB-4BAE-BBA1-A8D21E89043D@iki.fi> On 26.6.2012, at 18.54, Charles Marcus wrote: > My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? > > Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. There would be two possibilities: 1) Have aliases where the alias is visible with LIST and all other commands. Most clients will then show that mailbox duplicated with two names, probably causing user confusion. 2) Have aliases where the alias isn't visible with LIST, but it would be possible to APPEND/COPY messages there, or CREATE, SELECT, etc. I have no idea how different clients would behave with this behavior. Might work with some, or might not.. You can kind of emulate 2) behavior and see what happens by setting up namespaces like: namespace { prefix = separator = / inbox = yes list = no hidden = no } namespace { prefix = RealMails/ separator = / list = no hidden = yes } # I think there needs to be one list=yes namespace: namespace { prefix = something/ separator = / list = yes hidden = yes location = mbox:/var/lib/dovecot/empty } Anyway you could see if clients show the Drafts/Sent etc. mailboxes that they create and allows actually accessing them. From tss at iki.fi Wed Jun 27 17:30:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:30:26 +0300 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. > The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? It's mentioned in examples :) Yeah, could be more clearly mentioned in the wiki page too. Of course it's already in the example-config/conf.d/10-mail.conf file. The part in namespace { } should also be in the wiki page, although that's not namespace-specific thing at all, but works everywhere in dovecot.conf. It simply gives a (human-readable) name for the namespace within the configuration, it doesn't actually do anything. From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 19:10:17 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 17:10:17 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Hi, I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From wgrcunha at gmail.com Wed Jun 27 19:27:36 2012 From: wgrcunha at gmail.com (Francisco Wagner C. Freire) Date: Wed, 27 Jun 2012 13:27:36 -0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: I dont known about Angel, but for me is useful because sometimes i need to deactivate smtp/imap/pop access from accounts, or change their home after storage migration, and removing a specific record i can use a long time cache. On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > > > We have dovecot configured with auth cache. Is there any way to > remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > > From brad at pixilla.com Wed Jun 27 21:27:55 2012 From: brad at pixilla.com (Bradley Giesbrecht) Date: Wed, 27 Jun 2012 11:27:55 -0700 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Message-ID: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > Hi, > > I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) > > Am I missing something, or does everyone really build from source? I was not aware of this plugin. Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? http://wiki2.dovecot.org/Plugins/deleted-to-trash Regards, Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2724 bytes Desc: not available URL: From role.Dovecot-Readers at jlassocs.com Wed Jun 27 21:34:20 2012 From: role.Dovecot-Readers at jlassocs.com (J E Lyon) Date: Wed, 27 Jun 2012 19:34:20 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> Message-ID: On 27 Jun 2012, at 19:27, Bradley Giesbrecht wrote: > On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > >> Hi, >> >> I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) >> >> Am I missing something, or does everyone really build from source? > > I was not aware of this plugin. > > Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? > http://wiki2.dovecot.org/Plugins/deleted-to-trash Hi Brad, Well, it could be a configurable folder name, or not, but it doesn't matter _too_ much . . Looking at various IMAP clients, they already use a variety of folder names, so if I access my IMAP account using my MacBook and my Android and an installation of MS-Outlook, then I might end up with a Deleted folder *and* a Trash folder. It doesn't much matter, I can undelete within an application where I've accidentally hit "delete" and if I'm looking further back for something deleted last week, I can search both folders if I can't remember where it was deleted. It all works out adequately in the end -- from an end user's point of view -- even if it's not very pretty from a software design point of view. J. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 21:47:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 27 Jun 2012 20:47:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: <20120627184736.GA7546@daniel.localdomain> Rolf wrote: > LMTP would be new to me and I fear just other hard-to-understand > configuration topics. LMTP (Lightweight Message Transfer Protocol) is really simple, similar to SMTP, but immediately returns a status code which tells whether the delivery has been successful or not. I encourage you to read this HOWTO: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Dovecot listens and accepts mails on the LMTP service port, postfix delivers mails directly into this LMTP service port. Since it is an additional service, you should be able to try it first, without interfering with your deliver functionality. Here you can read, how the LMTP communication looks like: http://de.wikipedia.org/wiki/LMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From ef at math.uni-bonn.de Wed Jun 27 23:18:45 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Wed, 27 Jun 2012 22:18:45 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? Message-ID: <20120627201844.GX57210@trav.math.uni-bonn.de> With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? E.g. something that would extend user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? From jonrysh at pacbell.net Thu Jun 28 02:34:15 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Wed, 27 Jun 2012 16:34:15 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> Message-ID: <1340840055.2391.26.camel@amito> On Wed, 2012-06-27 at 17:30 +0300, Timo Sirainen wrote: > On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: > > >> If you are working with 2.0 or later dovecot, you should be at > >> http://wiki2.dovecot.org/Namespaces > > > > I am using 2.1.7 . I surmise from this Namespace page that the form: > > namespace { > > where is one of "public", "private", or "shared" creates an > > unnamed namespace of type while the form: > > namespace { > > where is none of "public", "private", or "shared", creates a > > namespace with the name and the default type (unspecified on this > > page, but probably private). > > I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. Quite right; this comes from a reading of pages in both wiki1 and wiki2. I now surmise that this isn't a good idea since wiki1 describes v1.x and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is all this correct? > > The namespace can be given the type > > desired by an (undocumented) namespace setting: > > namespace inbox ( > > type = > > Is this correct? > > It's mentioned in examples :) Yeah, could be more clearly mentioned in > the wiki page too. Of course it's already in the > example-config/conf.d/10-mail.conf file. The part in namespace > { } should also be in the wiki page, although that's not > namespace-specific thing at all, but works everywhere in dovecot.conf. > It simply gives a (human-readable) name for the namespace within the > configuration, it doesn't actually do anything. It looks like it does *something*, since 15-mailboxes.conf contains the lines: # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { I am continuing to attempt to set up dovecot to keep its mail store in maildir form while receiving it from an mbox, but without success. Dovecot reports the error that it can't create the file ~/mail/.imap/INBOX (and also that it can't chown it to user mail, not surprising since it doesn't exist). This seems reasonable, since jonrysh (that is me) is not a member of the group mail. What should be done next? Should I join the group mail? It seems that this should not be necessary in general. The mail store is in ~/maildir, so what is the function of the mbox ~/mail? Dovecot must be misconfigured, but it's not clear to a newbie like myself what's wrong. Any advice would be appreciated. I have attached an extract from maillog showing the errors (dovecot.log) dovecot reports (dovecot.log), and the output of dovecot -n (dovecot-n). Thanks for your help - jon -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot.log Type: text/x-log Size: 2636 bytes Desc: not available URL: -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace data { location = maildir:~/Dovecot prefix = separator = . } namespace inbox { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = "#mbox." separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: Message-ID: Francisco Wagner C. Freire writes: > On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > >> On 27.6.2012, at 14.10, Angel L. Mateo wrote: >> >>> We have dovecot configured with auth cache. Is there any way to >> remove a specific entry (not all) from this cache? >> >> Nope. What do you need it for? > > I dont known about Angel, but for me is useful because sometimes i need to > deactivate smtp/imap/pop access from accounts, or change their home after > storage migration, and removing a specific record i can use a long time > cache. I'm not sure that the auth cache holds that information, but I think you can at least invalidate a particular auth cache entry by 1) Changing the user password (and save the previous hash) 2) Authenticate using the new credentials (and invalidate the auth cache entry). For example, you can just do a manual connection on your dovecot server x login someuser newpassword This will replace the cache entry with a new one. 3) When you are ready to put the account back online, change the password back to the original. A password mismatch forces a resync to your authentication system which will restore the auth cache. Joseph Tam From dlie76 at yahoo.com.au Thu Jun 28 07:53:39 2012 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 27 Jun 2012 21:53:39 -0700 (PDT) Subject: [Dovecot] (no subject) Message-ID: <1340859219.73690.YahooMailNeo@web113410.mail.gq1.yahoo.com> http://ccomplaint.com/Vocational-Schools/googlesave.html?otv=vby.mig&himoj=yug.jyg&fob=ihol From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 08:54:01 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 07:54:01 +0200 (CEST) Subject: [Dovecot] indexer-worker Message-ID: why this process (which most probably do squat index/update) runs as root, not - like imap process - as user? 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker From tss at iki.fi Thu Jun 28 09:39:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:39:45 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120627201844.GX57210@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> Message-ID: <1340865585.25551.61.camel@innu> On Wed, 2012-06-27 at 22:18 +0200, Edgar Fu? wrote: > With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? > E.g. something that would extend > user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d > to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? The "mail" field defaults to mail_location setting. Other fields you can put to plugin {} section. From tss at iki.fi Thu Jun 28 09:43:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:43:49 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: References: Message-ID: <1340865829.25551.64.camel@innu> On Wed, 2012-06-27 at 19:08 -0700, Joseph Tam wrote: > > I dont known about Angel, but for me is useful because sometimes i need to > > deactivate smtp/imap/pop access from accounts, or change their home after > > storage migration, and removing a specific record i can use a long time > > cache. > > I'm not sure that the auth cache holds that information, userdb lookups are also cached. > but I think you > can at least invalidate a particular auth cache entry by > > 1) Changing the user password (and save the previous hash) > 2) Authenticate using the new credentials (and invalidate > the auth cache entry). For example, you can just > do a manual connection on your dovecot server > > x login someuser newpassword > > This will replace the cache entry with a new one. > > 3) When you are ready to put the account back online, change the > password back to the original. A password mismatch forces > a resync to your authentication system which will restore > the auth cache. This works for passdb cache, but not for userdb cache. It would be possible to add a doveadm command for this.. I think the main reason why I already didn't do it last time I was asked this was because I wanted to use "doveadm auth cache flush" or something similar as the command, but there already exists "doveadm auth" command and "cache flush" would be treated as username=cache password=flush :( Anyone have thoughts on a better doveadm command name? Or should I just break it and have v2.2 use "doveadm auth check" or something for the old "doveadm auth" command? From tss at iki.fi Thu Jun 28 09:46:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:46:27 +0300 Subject: [Dovecot] indexer-worker In-Reply-To: References: Message-ID: <1340865987.25551.67.camel@innu> On Thu, 2012-06-28 at 07:54 +0200, Wojciech Puchar wrote: > why this process (which most probably do squat index/update) runs as root, > not - like imap process - as user? > > 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker It runs as root while not really doing anything, but when it starts accessing users' files it temporarily drops privileges. This is necessary if users have multiple different UIDs. If you have only one UID e.g. vmail, you could set: service indexer-worker { user = vmail } There are a couple of ways to do this automatically whenever it's possible.. I guess I'll add those to v2.2. From tss at iki.fi Thu Jun 28 09:49:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:49:10 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FEAFDCA.3060902@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> <4FEAFDCA.3060902@Media-Brokers.com> Message-ID: <1340866150.25551.70.camel@innu> On Wed, 2012-06-27 at 08:34 -0400, Charles Marcus wrote: > On 2012-06-27 8:29 AM, Timo Sirainen wrote: > > On 23.6.2012, at 13.34, Charles Marcus wrote: > >> It would be nice if there were a wiki page specifically describing > >> how permissions should be set for all of the services/directories > >> that dovecot uses. > >> > >> Even better would be a dovecot/doveconf command that would test the > >> permissions and, if possible, even fix them (like the postfix > >> 'set-permissions' command)... > > > The problem with those is that it depends on the installation. Each > > user may need different permissions. Many installations don't have a > > way to list users to even do a userdb lookup. I guess it would be > > possible to write such a tool for specific installations where it > > could work, but it wouldn't work everywhere. > > Hmmm... I wonder how postfix does it then... maybe it doesn't have as > many potential variations I guess? Postfix internally doesn't really use anything except root and postfix users. Dovecot can be configured in many different ways to handle mail users and that configuration affects quite a many settings. > Is there maybe just a basic/standard set of permissions that can work > for many installations, then have a way to detect non-standard installs > and just provide a link to a wiki page describing things in more detail? I guess there could be two common settings described: Virtual users with one UID, and system users with multiple UIDs. > Is there a wiki page for this already? I didn't find one... Maybe something could be written under http://wiki2.dovecot.org/UserIds From tss at iki.fi Thu Jun 28 09:53:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:53:29 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FEB0645.6000302@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> Message-ID: <1340866409.25551.72.camel@innu> On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: > Hi, > > if i delete the home directory and all content below an existing account > user at example.org. Then run: > > /usr/bin/doveadm quota recalc -u user at example.org Are you sure quota recalc makes a difference here? What if you simply run doveadm twice? > and afterwards: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: > > dsync(user at example.org): Error: Mailbox INBOX changed its GUID > (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) > dsync(user at example.org): Error: msg iteration failed: Couldn't open > mailbox c92f64f79f0d1ed01e6d5b314f04886c Bug/"feature" .. you could try if running with "imapc:/tmp/imapc-username" instead of "imapc:" helps. From tss at iki.fi Thu Jun 28 09:58:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:58:06 +0300 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <000601cd5439$f613bc50$e23b34f0$@web.de> References: <000601cd5439$f613bc50$e23b34f0$@web.de> Message-ID: <1340866686.25551.75.camel@innu> On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and create a > folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From r.vicinus at metaways.de Thu Jun 28 10:03:52 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 28 Jun 2012 09:03:52 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <1340866409.25551.72.camel@innu> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> Message-ID: <4FEC01D8.6010405@metaways.de> On 28/06/12 08:53, Timo Sirainen wrote: > On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: >> Hi, >> >> if i delete the home directory and all content below an existing account >> user at example.org. Then run: >> >> /usr/bin/doveadm quota recalc -u user at example.org > Are you sure quota recalc makes a difference here? What if you simply > run doveadm twice? Running doveadm twice without quota recalc prior works without problems. >> and afterwards: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw >> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >> >> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >> dsync(user at example.org): Error: msg iteration failed: Couldn't open >> mailbox c92f64f79f0d1ed01e6d5b314f04886c > Bug/"feature" .. you could try if running with > "imapc:/tmp/imapc-username" instead of "imapc:" helps. This works also without problems. So thanks for your help because this solves my problem. Let me know if i should test something more. From amateo at um.es Thu Jun 28 10:04:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 28 Jun 2012 09:04:46 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: <4FEC020E.9020802@um.es> El 27/06/12 14:24, Timo Sirainen escribi?: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >> We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. For example, when I made the question, home directory's of one user changed and all mails to him was been discarted because of this and I had to flush all cache to solve this. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From zimmys76 at web.de Thu Jun 28 10:41:15 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 28 Jun 2012 09:41:15 +0200 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <1340866686.25551.75.camel@innu> References: <000601cd5439$f613bc50$e23b34f0$@web.de> <1340866686.25551.75.camel@innu> Message-ID: <001001cd5501$66201800$32604800$@web.de> Hello Timo, Thanks for your reply. I have the dovewiki a little bit misunderstod. "Public mailboxes are typically mailboxes that are visible to all users or to large user groups. They are created by defining a public namespace, under which all the shared mailboxes are" Daniel -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Timo Sirainen Gesendet: Donnerstag, 28. Juni 2012 08:58 An: Daniel Fischer Cc: dovecot at dovecot.org Betreff: Re: [Dovecot] last hope... public namespace and directory structure On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and > create a folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From role.Dovecot-Readers at JLAssocs.com Thu Jun 28 10:48:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Thu, 28 Jun 2012 08:48:43 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> References: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> Message-ID: <4665F4E5-F6F8-43FE-AF57-4F793590DAB7@JLAssocs.com> Timo & List, Just by way of a follow-up, running tests on a 1.0 installation of Dovecot confirms it. Sure enough, I was still configuring my mail stores based on my outdated understanding and hadn't fully appreciated changes to what dovecot-shared files affect in recent versions. Thanks all, J. On 27 Jun 2012, at 11:01, J E Lyon wrote: > On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > >> So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions > > > Timo, > > Thanks for pointing me in the right direction . . > > I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. > > So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. > > So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . > > At least I know exactly where the problems are now, thanks! > > ~ James. From ef at math.uni-bonn.de Thu Jun 28 12:19:33 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Thu, 28 Jun 2012 11:19:33 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <1340865585.25551.61.camel@innu> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> Message-ID: <20120628091933.GB58060@trav.math.uni-bonn.de> > The "mail" field defaults to mail_location setting. Ah, yes, thanks. So simple I didn't think of it. Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? From tss at iki.fi Thu Jun 28 13:31:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 13:31:33 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120628091933.GB58060@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> <20120628091933.GB58060@trav.math.uni-bonn.de> Message-ID: <73D0D0C9-01EC-4B6E-A22C-C7A1F74A0B63@iki.fi> On 28.6.2012, at 12.19, Edgar Fu? wrote: >> The "mail" field defaults to mail_location setting. > Ah, yes, thanks. So simple I didn't think of it. > Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? The default settings are in dovecot.conf. LDAP attributes that are returned by the LDAP server override those settings. From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 13:38:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 12:38:18 +0200 (CEST) Subject: [Dovecot] indexer-worker In-Reply-To: <1340865987.25551.67.camel@innu> References: <1340865987.25551.67.camel@innu> Message-ID: >> 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker > > It runs as root while not really doing anything, but when it starts > accessing users' files it temporarily drops privileges. This is > necessary if users have multiple different UIDs. to showed it with root privilege and 60% CPU load+disk I/O when doing text search over not yet indexed folder. > If you have only one UID e.g. vmail, you could set: > i'm not sure what you exactly mean. I have simplest possible config - mail accounts are unix accounts and mail is at Maildir my config below # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> <4FEC01D8.6010405@metaways.de> Message-ID: <4FEC3915.9010304@metaways.de> On 28/06/12 09:03, Reinhard Vicinus wrote: >>> and afterwards: >>> >>> /usr/bin/doveadm -o imapc_user=user at example.org -o >>> imapc_password=imappw >>> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >>> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >>> >>> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >>> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >>> dsync(user at example.org): Error: msg iteration failed: Couldn't open >>> mailbox c92f64f79f0d1ed01e6d5b314f04886c >> Bug/"feature" .. you could try if running with >> "imapc:/tmp/imapc-username" instead of "imapc:" helps. > This works also without problems. So thanks for your help because this > solves my problem. Let me know if i should test something more. > Sorry, I either made a mistake in my test setup or i can't reproduce it, but adding imapc:/tmp/imapc-username instead of imapc: doesn't help. I have circumvented my problem by changing the quota values directly in the database in my migration process. But there is the following difference between using imapc:/tmp/imapc-username and plain imapc: if i backup a single, on both servers empty mailbox with different guids from the non dovecot imap server to the dovecot imap server, then plain imapc: throws some errors but works, imapc:/tmp/imapc-username throws more errors and only deletes the mailbox on the destination. Test setup is as follow: Both accounts don't contain a mailbox Test1: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 /usr/bin/doveadm mailbox status -u user at example.org all Test1 Create Mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test1 Create Mailbox Test1 on the dovecot server: doveadm mailbox create -u user at example.org Test1 List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test1 Test1 messages=0 recent=0 uidnext=1 uidvalidity=1340879819 unseen=0 highestmodseq=1 vsize=0 guid=a8076214cb33ec4f396700004f99b03d Start Backup with imapc:/tmp/user: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test1 imapc:/tmp/user dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 0f6e69ad71659995677b43f8a8312025 dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org all Test1 result: the mailbox Test1 on the dovecot server got deleted. with plain imapc: copying works but there are also still error messages: Create Mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test2 Create Mailbox Test2 on the dovecot server: doveadm mailbox create -u user at example.org Test2 List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=1340879820 unseen=0 highestmodseq=1 vsize=0 guid=a19eee292435ec4f676a00004f99b03d Start Backup with imapc: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test2 imapc: dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=87993 unseen=0 highestmodseq=1 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e If instead of a normal Mailbox the special mailbox INBOX is used there are still more errors and both ways don't work. I think because backup isn't able to delete the mailbox INBOX on the destination site. So i'll make sure that when i migrate an account the mail destination is really empty. From a.kostyrev at serverc.ru Thu Jun 28 15:01:54 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:01:54 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Hello! somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. Does anybody in here actually use this setup? I've decided to give it a try, but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. thanks! From lists at wildgooses.com Thu Jun 28 15:15:09 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:15:09 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Message-ID: <4FEC4ACD.20104@wildgooses.com> On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:22:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:22:41 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: > Note that you wouldn't get anything back from a similar fail of a RAID10 > array either (unless we are talking temporary removal and re-insertion?) use multiple RAID1 arrays, 2 drives each, one filesystem each. From a.kostyrev at serverc.ru Thu Jun 28 15:32:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:32:47 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> >Note that you wouldn't get anything back from a similar fail of a RAID10 array either I wasn't aware of it, that's interesting. >(unless we are talking temporary removal and re-insertion?) nope, I'm talking about complete pair's crash when two disks die. I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but when we have 12 or 24 disks in storage... -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Ed W Sent: Thursday, June 28, 2012 11:15 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:46:36 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:46:36 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: >> (unless we are talking temporary removal and re-insertion?) > nope, I'm talking about complete pair's crash when two disks die. > I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but > when we have 12 or 24 disks in storage... then may 6-12 filesystems. overall probability of double disk failure is same, but you will loose 1/6-1/12 of data. > From lists at wildgooses.com Thu Jun 28 15:56:46 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:56:46 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: <4FEC548E.4030405@wildgooses.com> On 28/06/2012 13:46, Wojciech Puchar wrote: >>> (unless we are talking temporary removal and re-insertion?) >> nope, I'm talking about complete pair's crash when two disks die. >> I do understand that's the possibility of such outcome (when two >> disks in the same pair crash) is not high, but >> when we have 12 or 24 disks in storage... > > then may 6-12 filesystems. overall probability of double disk failure > is same, but you will loose 1/6-1/12 of data. But the compromise is that you gain the complexity of maintaining more filesystems and needing to figure out how to split your data across multiple filesystems The options today however seem to be only: - RAID6 (suffers slow write speeds, especially for smaller files) - RAID1 pairs with striping (raid0) over the top. (doesn't achieve max speeds for small files. 2 disk failures a problem. No protection against "silent corruption" of 1 disk) - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg md-linear+XFS / BTRFS. With the filesystem aware of the underlying arrangement it can theoretically optimise file placement and dramatically increase write speeds for small files in the same manner that RAID-0 theoretically achieves. (However, still no protection against "silent" single drive corruption unless btrfs perhaps adds this in the future?) So given the statistics show us that 2 disk failures are much more common than we expect, and that "silent corruption" is likely occurring within (larger) real world file stores, there really aren't many battle tested options that can protect against this - really only RAID6 right now and that has significant limitations... RAID1+XFS sounds very interesting. Curious to hear some failure testing on this now. Also I'm watching btrfs with a 12 month+ view Cheers Ed W From a.kostyrev at serverc.ru Thu Jun 28 16:06:07 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 29 Jun 2012 00:06:07 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> >- RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >md-linear+XFS / BTRFS. With the filesystem aware of the underlying >arrangement it can theoretically optimise file placement and >dramatically increase write speeds for small files in the same manner >that RAID-0 theoretically achieves. (However, still no protection >against "silent" single drive corruption unless btrfs perhaps adds this >in the future?) not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. From mailinglist at august.de Thu Jun 28 17:36:46 2012 From: mailinglist at august.de (mailinglist) Date: Thu, 28 Jun 2012 16:36:46 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120627184736.GA7546@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: Am 2012-06-27 20:47, schrieb Daniel Parthey: > Rolf wrote: >> LMTP would be new to me and I fear just other hard-to-understand >> configuration topics. > > LMTP (Lightweight Message Transfer Protocol) is really simple, > similar to SMTP, but immediately returns a status code which > tells whether the delivery has been successful or not. > > I encourage you to read this HOWTO: > http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > Dovecot listens and accepts mails on the LMTP service port, > postfix delivers mails directly into this LMTP service port. > > Since it is an additional service, you should be able to try > it first, without interfering with your deliver functionality. > > Here you can read, how the LMTP communication looks like: > http://de.wikipedia.org/wiki/LMTP > > Regards > Daniel Yes, Daniel, thank you. I had found this pieces from your privious mail. I understand that LMTP is an alternative to SMTP when it comes to mail communication inside a server or a local network. I understand that LMTP is newer. But if you look at incoming mail via SMTP on socket 25 and than look at the mail via roundcoube (communicating with dovecot) what is the difference and why should I care? That is - if I introduce LMTP - postfix will talk to dovecot by a different protocol. Correct? Will dovecot change its behavior? As I am not an SMTP insider (never did SMTP using telnet) I hardly understand what this change could do to my problem. Wouldn't dovecot LDA "deliver" still try to change the INBOX and will have access problems that I do not understand? Do you have a link for me, explaining what "deliver" does with a mail that is not subject to any of the "fileinto" of a sieve filter? What user accounts are involved in that function? Why does it not work with the Debian default that a user is not a member of the group "mail" that is assigned to their INBOX? (If this is part of the problem what I do not know for sure, yet.) From garyamort at gmail.com Thu Jun 28 17:43:29 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 10:43:29 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services Message-ID: I did some searching in the mail archives and didn't see any discussion of integration with AWS, so I wanted to through out my thoughts/plans and see if it has been done before. I am setting up my own personal website on EC2 along with an email server, and I really don't like the idea of using the disk drive as permanent mail storage. EBS is too small instance storage is ephermeral. Looking over the docs, the dbox format seems most easily copied for my needs. http://wiki2.dovecot.org/MailboxFormat/dbox To make life easy, I'll stick with just single-dbox as a start, however multi-dbox would be doable. With dbox, the only thing that I need to change is the alternate storage model: "An upshot of the way alternate storage works is that any given storage file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can only appear *either* in the primary storage area *or* the alternate storage area but not both ? if the corresponding file appears in both areas then there is an inconsistency." First I want to add AWS S3 as a storage option for alternate storage. Then instead of the above model, the new model would be that email is always stored in alternate storage, and may be in primary storage. So, when mail comes in, I'd have Dovecot save the email to the alternate storage S3 bucket and update the indexs and other information[ideally, for convenience purposes, a few bits of relevant indexing information can be stored as metadata in the S3 object - sufficient so that instead of retrieving the entire S3 object, just the meta data can be pulled to build indexes. When a client attempts to retrieve an email message, Dovecot would check primary storage as it does now, if the message is not found than it will retrieve it from the alternate storage system AND store a copy in the primary storage. Primary storage can be periodically purged, have quota's to keep it from growing too large, etc. In this way, primary storage can be viewed as a message cache, just keeping the messages that are currently of interest, while S3 is the real data. [Ideally, this can be expanded so that when a message comes in, in addition to storing a copy in S3, an AWS SNS notification can be issued so if multiple IMAP servers are running, they can all subscribe to the same SNS channel and update themselves as needed]. This give me unlimited disk storage at S3 prices, I would even like to be able to set a few options based on the folder, so I can enable versioning on important message folders, use the even cheaper reduced redundancy storage for archives, and set expiration dates on email in the trash and spam folders so S3 will automatically purge the messages after a month. Secondly, I'd like to replace the Mysql database usage with a simpleDB database. While simpleDB lacks much of MySQL's sophistication, it doesn't seem that Dovecot is really using any of that, so simpleDB can be functionally equivalent. The primary purpose of using simpleDB is that this way the entire Dovecot system can be ephermeral. When a properly configured dovecot AMI is launched, it will start up, pull it's config data from an S3 bucket, subscribe to the SNS channel for new updates, and then start the Dovecot server. It won't care if it is the only Dovecot server, or if there are 500 other servers running. They all share the same simpleDB database. Whenever any change is made that is relevant to server configuration, a notice is generated to SNS, and all the email is stored in S3. As a starting point, I'm thinking the best place for me to start coding is the single-s3-dbox message store as it has the least moving parts[mainly just fix up the save function to run the way I need it to, and the retrieve function to make a local copy of any incoming email...additional metadata functionality can be added later]. Has anyone else been working on something similar? -Gary From lists at wildgooses.com Thu Jun 28 19:20:26 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 17:20:26 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> Message-ID: <4FEC844A.9090302@wildgooses.com> On 28/06/2012 14:06, ???????? ????????? ?????????? wrote: >> - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >> md-linear+XFS / BTRFS. With the filesystem aware of the underlying >> arrangement it can theoretically optimise file placement and >> dramatically increase write speeds for small files in the same manner >> that RAID-0 theoretically achieves. (However, still no protection >> against "silent" single drive corruption unless btrfs perhaps adds this >> in the future?) > not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. > Bad things are going to happen if you loose a complete chunk of your filesystem. I think the current state of the world is that you should assume that realistically you will be looking to your backups if you loose the wrong 2 disks in a raid1 or raid10 array. However, the thing which worries me more with multidisk arrays is accidental disconnection of multiple disks, eg backplane fails, or a multi-lane connector is accidently unplugged. Linux MD raid often seems to have the ability to reconstruct arrays after such accidents. I don't have more recent experience with hardware controller arrays, but I have (sadly) found that such a situation is terminal on some older hardware controllers... Interested to hear other failure modes (and successful rescues) from RAID1+linear+XFS setups? Cheers Ed W From CMarcus at Media-Brokers.com Thu Jun 28 19:54:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 12:54:38 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC844A.9090302@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> Message-ID: <4FEC8C4E.1020209@Media-Brokers.com> On 2012-06-28 12:20 PM, Ed W wrote: > Bad things are going to happen if you loose a complete chunk of your > filesystem. I think the current state of the world is that you should > assume that realistically you will be looking to your backups if you > loose the wrong 2 disks in a raid1 or raid10 array. Which is a very good reason to have at least one hot spare in any RAID setup, if not 2. RAID10 also statistically has a much better chance of surviving a multi drive failure than RAID5 or 6, because it will only die if two drives in the same pair fail, and only then if the second one fails before the hot spare is rebuilt. -- Best regards, Charles From tss at iki.fi Thu Jun 28 20:14:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:14:29 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 17.43, Gary Mort wrote: > http://wiki2.dovecot.org/MailboxFormat/dbox > > To make life easy, I'll stick with just single-dbox as a start, however > multi-dbox would be doable. > > With dbox, the only thing that I need to change is the alternate storage > model: > "An upshot of the way alternate storage works is that any given storage > file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can > only appear *either* in the primary storage area *or* the alternate storage > area but not both ? if the corresponding file appears in both areas then > there is an inconsistency." Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > First I want to add AWS S3 as a storage option for alternate storage. > > Then instead of the above model, the new model would be that email is > always stored in alternate storage, and may be in primary storage. So, > when mail comes in, I'd have Dovecot save the email to the alternate > storage S3 bucket and update the indexs and other information[ideally, for > convenience purposes, a few bits of relevant indexing information can be > stored as metadata in the S3 object - sufficient so that instead of > retrieving the entire S3 object, just the meta data can be pulled to build > indexes. The indexes have to be in primary storage. > When a client attempts to retrieve an email message, Dovecot would check > primary storage as it does now, if the message is not found than it will > retrieve it from the alternate storage system AND store a copy in the > primary storage. I think the storing wouldn't be very useful. Most clients download the message once. There's no reason to cache it if it doesn't get downloaded again. The way it should work that new mails are immediately delivered to both primary and alt storage. > Secondly, I'd like to replace the Mysql database usage with a simpleDB > database. While simpleDB lacks much of MySQL's sophistication, it doesn't > seem that Dovecot is really using any of that, so simpleDB can be > functionally equivalent. Dovecot will probably get Redis and/or memcache backend for passdb+userdb. If simpledb is similar key-value database I guess the same code could be used partially. From tss at iki.fi Thu Jun 28 20:21:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:21:31 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> On 28.6.2012, at 20.14, Timo Sirainen wrote: >> "An upshot of the way alternate storage works is that any given storage >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >> only appear *either* in the primary storage area *or* the alternate storage >> area but not both ? if the corresponding file appears in both areas then >> there is an inconsistency." > > Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. Hmm. Although looking at the mdbox index rebuilding code: /* duplicate file. either readdir() returned it twice (unlikely) or it exists in both alt and primary storage. to make sure we don't lose any mails from either of the files, give this file a new ID and rename it. */ It probably shouldn't be doing that. sdbox isn't doing that: /* we were supposed to open the file in alt storage, but it exists in primary storage as well. skip it to avoid adding it twice. */ From tss at iki.fi Thu Jun 28 20:38:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:38:17 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 20.21, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > >>> "An upshot of the way alternate storage works is that any given storage >>> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >>> only appear *either* in the primary storage area *or* the alternate storage >>> area but not both ? if the corresponding file appears in both areas then >>> there is an inconsistency." >> >> Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. Hmm. I already implemented this by having it ignore the problem if the files have the same sizes, but then started wondering if there's really any point in doing that. m.* files can be appended to later, and altmoving always creates files with new numbers, and even if it does renaming there's duplicate suppression, so .. I guess there wasn't any point in doing that after all. From garyamort at gmail.com Thu Jun 28 20:55:50 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 13:55:50 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On Thu, Jun 28, 2012 at 1:14 PM, Timo Sirainen wrote: > On 28.6.2012, at 17.43, Gary Mort wrote: > > First I want to add AWS S3 as a storage option for alternate storage. > > > > Then instead of the above model, the new model would be that email is > > always stored in alternate storage, and may be in primary storage. So, > > when mail comes in, I'd have Dovecot save the email to the alternate > > storage S3 bucket and update the indexs and other information[ideally, > for > > convenience purposes, a few bits of relevant indexing information can be > > stored as metadata in the S3 object - sufficient so that instead of > > retrieving the entire S3 object, just the meta data can be pulled to > build > > indexes. > > The indexes have to be in primary storage. > > True, but the data they are based on I'm assuming does not include the full email message, just a few key pieces: uniqueid, subject, from, to, etc. For an always running server, the indexes are always up to date in primary. For a server starting up with no index data, it will need to rebuild the index information[or for a second server running when new email has been delivered]. As such, rather then download every single email message just for a few bits of key info, I can run a re-index process to pull just the meta information and grab the data from there. > > When a client attempts to retrieve an email message, Dovecot would check > > primary storage as it does now, if the message is not found than it will > > retrieve it from the alternate storage system AND store a copy in the > > primary storage. > > I think the storing wouldn't be very useful. Most clients download the > message once. There's no reason to cache it if it doesn't get downloaded > again. The way it should work that new mails are immediately delivered to > both primary and alt storage. > > I've got tons of space - so I don't mind having 750MB or so for primary email message storage. If I can track how many times a message was actually read, over time I can get an idea of how I use it and setup the primary storage purge rules accordingly. > > Secondly, I'd like to replace the Mysql database usage with a simpleDB > > database. While simpleDB lacks much of MySQL's sophistication, it > doesn't > > seem that Dovecot is really using any of that, so simpleDB can be > > functionally equivalent. > > Dovecot will probably get Redis and/or memcache backend for passdb+userdb. > If simpledb is similar key-value database I guess the same code could be > used partially. > > simpleDB is more like SQLLITE: "Amazon SimpleDB is a highly available and flexible non-relational data store that offloads the work of database administration. Developers simply store and query data items via web services requests and Amazon SimpleDB does the rest." http://aws.amazon.com/simpledb/ Data model: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/DataModel.html Domain == Table Item == row ItemName == primary key Attributes == column Value == data in column[multi value, so there can be multiple values for an attribute of an item] There is no built in key relationship between data, it's just one big flat table. Columns/Attributes only have 2 types, string or integer You query the data like an SQL table: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html Because there are no dates, it's best to store dates as UTC timestamps which are integers and can then be compared against numerically. The datastore is spread over multiple Amazon data servers and can take up to a second to sync, so there are two methods of querying the data. Default: eventually consistent read: get the data quickly Optional: consistent read: check /all/ datastores and get the latest data Since the data in simpleDB may not be updated frequently, a simple hack using the notification system could be: Before updating simpleDB send SNS notice that the data is being updated and where[domain, user, config] Update Data After updating simpleDB send SNS notice that the update is complete Other servers running can record data updating notices in memory and expire them in about 15 seconds. For any queries they want to make for that type of data in the next 15 seconds, they will use consistent read. The nice thing about using S3 and simpleDB is that I can completely skip a lot of steps in replication/distributed services as it is all handled already. And one can always take one set of api calls and substitute another for a different notification system, distributed database, and cloud file storage. From tss at iki.fi Thu Jun 28 21:04:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:04:55 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 20.55, Gary Mort wrote: >> The indexes have to be in primary storage. >> > True, but the data they are based on I'm assuming does not include the full > email message, just a few key pieces: > uniqueid, subject, from, to, etc. > > For an always running server, the indexes are always up to date in primary. > > For a server starting up with no index data, it will need to rebuild the > index information[or for a second server running when new email has been > delivered]. > As such, rather then download every single email message just for a few > bits of key info, I can run a re-index process to pull just the meta > information and grab the data from there. With sdbox you can't lose index files without also losing all message flags. And in general sdbox assumes that indexes are always up to date. >>> When a client attempts to retrieve an email message, Dovecot would check >>> primary storage as it does now, if the message is not found than it will >>> retrieve it from the alternate storage system AND store a copy in the >>> primary storage. >> >> I think the storing wouldn't be very useful. Most clients download the >> message once. There's no reason to cache it if it doesn't get downloaded >> again. The way it should work that new mails are immediately delivered to >> both primary and alt storage. >> >> > I've got tons of space - so I don't mind having 750MB or so for primary > email message storage. If I can track how many times a message was > actually read, over time I can get an idea of how I use it and setup the > primary storage purge rules accordingly. I'd be interested in knowing what those statistics will end up looking like. My guess is that it's not worth coding such feature, but of course some real world data would be better than my guesses :) >>> Secondly, I'd like to replace the Mysql database usage with a simpleDB >>> database. While simpleDB lacks much of MySQL's sophistication, it >> doesn't >>> seem that Dovecot is really using any of that, so simpleDB can be >>> functionally equivalent. >> >> Dovecot will probably get Redis and/or memcache backend for passdb+userdb. >> If simpledb is similar key-value database I guess the same code could be >> used partially. >> >> > simpleDB is more like SQLLITE: .. > You query the data like an SQL table: > http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html OK, so that would mean implementing lib-sql driver for SimpleDB and use sql passdb/userdb. From garyamort at gmail.com Thu Jun 28 21:04:51 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 14:04:51 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On Thu, Jun 28, 2012 at 1:21 PM, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > > >> "An upshot of the way alternate storage works is that any given storage > >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) > can > >> only appear *either* in the primary storage area *or* the alternate > storage > >> area but not both ? if the corresponding file appears in both areas then > >> there is an inconsistency." > > > > Whoever wrote that wasn't exactly correct (or clear). There's no problem > having the same file in both primary and alt storage. Only if the files are > different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. sdbox isn't doing that: > > /* we were supposed to open the file in alt storage, but it > exists in primary storage as well. skip it to avoid > adding > it twice. */ > > That's probably due to the different structures they use. sdbox can safely use either because each email message has a unique filename, and if it exists in both places it doesn't matter. mdbox though is different, multiple messages are stored in a single file. The index indicates in which file each message is located. When the data is moved to alt storage, the filename can change in which case the index is updated. IE: Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 along comes archiving and the new format is: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Since the archive rules can be based on a lot of different scenarios[and a message can even be archived from the command line], the filenames between Primary and Alternate are not the same - and in fact the same filename in each place could have different messages. For example: if messages are archived when a user sets an imap flag on them. So with the way it's written now, it's not possible to have a simple fallback by filename. It would be possible if the naming convention was strictly enforced, ie after archiving you have: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06282012 -- contains Msg008 Alt/Msg06272012 -- contains Msg005 Alt/Msg06262012 -- contains Msg001, Msg002 Now the index can simply say what file a message is in and doesn't have to specify primary or secondary, and the primary file with that name can be checked first, and then if it is not there check the alternate. From tss at iki.fi Thu Jun 28 21:12:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:12:30 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 21.04, Gary Mort wrote: > mdbox though is different, multiple messages are stored in a single file. > The index indicates in which file each message is located. When the data > is moved to alt storage, the filename can change in which case the index is > updated. > IE: > Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 > Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 > > along comes archiving and the new format is: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Yes, doveadm altmove works like this now. > Since the archive rules can be based on a lot of different scenarios[and a > message can even be archived from the command line], the filenames between > Primary and Alternate are not the same - and in fact the same filename in > each place could have different messages. For example: if messages are > archived when a user sets an imap flag on them. There shouldn't normally ever be a situation where the same filename is used in both storages, because every time a new file is created to either of the storages a new unique number is used. > So with the way it's written now, it's not possible to have a simple > fallback by filename. > > It would be possible if the naming convention was strictly enforced, ie > after archiving you have: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06282012 -- contains Msg008 > Alt/Msg06272012 -- contains Msg005 > Alt/Msg06262012 -- contains Msg001, Msg002 > > Now the index can simply say what file a message is in and doesn't have to > specify primary or secondary, and the primary file with that name can be > checked first, and then if it is not there check the alternate. This already works like that in the reading side. If you did altmoving by "mv m.123 /altstorage/..." instead of doveadm it would work. From jeep at rahul.net Thu Jun 28 21:15:20 2012 From: jeep at rahul.net (Jeff Lacki) Date: Thu, 28 Jun 2012 11:15:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340840055.2391.26.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> <1340840055.2391.26.camel@amito> Message-ID: <20120628181520.311C116D3CF@maya.rahul.net> Jonathan Ryshpan wrote: > Quite right; this comes from a reading of pages in both wiki1 and wiki2. > I now surmise that this isn't a good idea since wiki1 describes v1.x > and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is > all this correct? I too had a very hard time figuring out what was what in the new wiki for 2.1.7 and still havent figured it out and gave up since Ive had no time to get back into it. I had already spent 2-3 full days (in my spare time) trying to figure out the permissions nightmare in the logs. I was only able to get mbox working so I gave up and went on to my next issue, getting it to work with my iphone. My iphone 4 is not even connecting to dovecot imap/imaps on 993 when I tried to set that up. Nothing in the logs, such frustration across the board. Jeff /mf/home/jeep/shell/.signature From CMarcus at Media-Brokers.com Thu Jun 28 22:28:08 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 15:28:08 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: <4FECB048.9070205@Media-Brokers.com> On 2012-06-28 2:04 PM, Gary Mort wrote: > That's probably due to the different structures they use. sdbox > can safely use either because each email message has a unique > filename, and if it exists in both places it doesn't matter. Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT like maildir (one email = one file). > mdbox though is different, multiple messages are stored in a single > file. The diff between mdbox and sdbox is sdbox puts all messages for any given mailbox/folder in one sdbox file (just like mbox). Sdbox has a setting for the max filesize of the dbox file, and once an mdbox file exceeds that size, it creates a new mdbox file to start adding messages to. -- Best regards, Charles From acrow at integrafin.co.uk Thu Jun 28 23:22:09 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Thu, 28 Jun 2012 21:22:09 +0100 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECB048.9070205@Media-Brokers.com> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> Message-ID: <4FECBCF1.1050108@integrafin.co.uk> On 28/06/12 20:28, Charles Marcus wrote: > On 2012-06-28 2:04 PM, Gary Mort wrote: >> That's probably due to the different structures they use. sdbox >> can safely use either because each email message has a unique >> filename, and if it exists in both places it doesn't matter. > > Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT > like maildir (one email = one file). > Not according to the wiki: http://wiki2.dovecot.org/MailboxFormat/dbox dbox can be used in two ways: single-dbox (sdbox in mail location): One message per file, similar to Maildir. For backwards compatibility, dbox is an alias to sdbox in mail_location. multi-dbox (mdbox in mail location): Multiple messages per file, but unlike mbox multiple files per mailbox. So the parent appears to be right. Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at wildgooses.com Thu Jun 28 23:35:40 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 21:35:40 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC8C4E.1020209@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> Message-ID: <4FECC01C.90303@wildgooses.com> On 28/06/2012 17:54, Charles Marcus wrote: > On 2012-06-28 12:20 PM, Ed W wrote: >> Bad things are going to happen if you loose a complete chunk of your >> filesystem. I think the current state of the world is that you should >> assume that realistically you will be looking to your backups if you >> loose the wrong 2 disks in a raid1 or raid10 array. > > Which is a very good reason to have at least one hot spare in any RAID > setup, if not 2. > > RAID10 also statistically has a much better chance of surviving a > multi drive failure than RAID5 or 6, because it will only die if two > drives in the same pair fail, and only then if the second one fails > before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Search google for a recent very helpful expose on this. Basically RAID10 can sometimes tolerate multi-drive failure, but on average raid6 appears less likely to trash your data, plus under some circumstances it better survives recovering from a single failed disk in practice The executive summary is something like: when raid5 fails, because at that point you effectively do a raid "scrub" you tend to suddenly notice a bunch of other hidden problems which were lurking and your rebuild fails (this happened to me...). RAID1 has no better bad block detection than assuming the non bad disk is perfect (so won't spot latent unscrubbed errors), and again if you hit a bad block during the rebuild you loose the whole of your mirrored pair. So the vulnerability is not the first failed disk, but discovering subsequent problems during the rebuild. This certainly correlates with my (admittedly limited) experiences. Disk array scrubbing on a regular basis seems like a mandatory requirement (but how many people do..?) to have any chance of actually repairing a failing raid1/5 array Digressing, but it occurs there would be a potentially large performance improvement if spinning disks could do a read/rewrite cycle with the disk only moving a minimal distance (my understanding is this can't happen at present without a full revolution of the disk). Then you could rewrite parity blocks extremely quickly without re-reading a full stripe... Anyway, challenging problem and basically the observation is that large disk arrays are going to have a moderate tail risk of failure whether you use raid10 or raid5 (raid6 giving a decent practical improvement in real reliability, but at a cost in write performance). Cheers Ed W From CMarcus at Media-Brokers.com Fri Jun 29 00:06:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 17:06:37 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECBCF1.1050108@integrafin.co.uk> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> <4FECBCF1.1050108@integrafin.co.uk> Message-ID: <4FECC75D.4000209@Media-Brokers.com> On 2012-06-28 4:22 PM, Alex Crow wrote: > On 28/06/12 20:28, Charles Marcus wrote: >> On 2012-06-28 2:04 PM, Gary Mort wrote: >>> That's probably due to the different structures they use. sdbox >>> can safely use either because each email message has a unique >>> filename, and if it exists in both places it doesn't matter. >> Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT >> like maildir (one email = one file). > Not according to the wiki: > > http://wiki2.dovecot.org/MailboxFormat/dbox > > dbox can be used in two ways: > > single-dbox (sdbox in mail location): One message per file, > similar to Maildir. For backwards compatibility, dbox is an alias to > sdbox in mail_location. Now how the heck did I remember that so wrong?? Oh well, thanks for the correction... Sorry, OP... -- Best regards, Charles From kgc at corp.sonic.net Fri Jun 29 01:45:23 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 28 Jun 2012 15:45:23 -0700 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <4FECDE83.4090007@corp.sonic.net> On 06/28/12 05:56, Ed W wrote: > So given the statistics show us that 2 disk failures are much more > common than we expect, and that "silent corruption" is likely occurring > within (larger) real world file stores, there really aren't many battle > tested options that can protect against this - really only RAID6 right > now and that has significant limitations... Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for spools? Sorry if I've missed it and this has already come up. We're using Netapp/NFS, and are likely to continue to do so but still curious. -K From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 04:39:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 03:39:38 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEC020E.9020802@um.es> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> <4FEC020E.9020802@um.es> Message-ID: <20120629013938.GA8957@daniel.localdomain> Angel L. Mateo wrote: > El 27/06/12 14:24, Timo Sirainen escribi?: > >On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >>We have dovecot configured with auth cache. > >> Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. We for example, define the per-user quota via mysql userdb and it needs to be updated in a timely manner, after it has been changed in the database via a web interface. Since we are using a pre-fetch userdb from mysql (which uses the same mysql database as the passdb), we were required to reduce the auth cache ttl to one minute in order to ensure timely quota updates. It would be good if there was some mechanism to detect or force such changes without having to reduce caching time to one minute. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 05:01:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 05:01:53 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <1340865829.25551.64.camel@innu> References: <1340865829.25551.64.camel@innu> Message-ID: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> On 28.6.2012, at 9.43, Timo Sirainen wrote: > It would be possible to add a doveadm command for this.. I think the > main reason why I already didn't do it last time I was asked this was > because I wanted to use "doveadm auth cache flush" or something similar > as the command, but there already exists "doveadm auth" command and > "cache flush" would be treated as username=cache password=flush :( > > Anyone have thoughts on a better doveadm command name? Or should I just > break it and have v2.2 use "doveadm auth check" or something for the old > "doveadm auth" command? Perhaps for v2.2: doveadm auth test [] doveadm auth cache flush [] doveadm auth cache stats and for v2.1 a bit kludgy way: doveadm auth [] doveadm auth cache flush [] so you couldn't test authentication against "cache" user, but that's probably not a problem. From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 05:18:26 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 04:18:26 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> Message-ID: <20120629021826.GA10148@daniel.localdomain> Timo Sirainen wrote: > On 28.6.2012, at 9.43, Timo Sirainen wrote: > Perhaps for v2.2: > > doveadm auth test [] > doveadm auth cache flush [] > doveadm auth cache stats > > and for v2.1 a bit kludgy way: > > doveadm auth [] > doveadm auth cache flush [] > > so you couldn't test authentication against "cache" user, but that's probably not a problem. Hi there, wouldn't it be better to use a syntax similar to other doveadm commands, with labels for all arguments? doveadm auth test -u -p [] doveadm auth cache flush -u [] doveadm auth cache stats This will allow you to syntactically distinguish "commands" from "arguments". Otherwise you might run into the same "kludgy" syntax problem again, as soon as the number of subcommands changes. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 08:32:41 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 08:32:41 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <20120629021826.GA10148@daniel.localdomain> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> Message-ID: <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> On 29.6.2012, at 5.18, Daniel Parthey wrote: > wouldn't it be better to use a syntax similar to other doveadm commands, > with labels for all arguments? > > doveadm auth test -u -p [] > doveadm auth cache flush -u [] > doveadm auth cache stats > > This will allow you to syntactically distinguish "commands" from "arguments". > Otherwise you might run into the same "kludgy" syntax problem again, as soon > as the number of subcommands changes. The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:18:53 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:18:53 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: > The executive summary is something like: when raid5 fails, because at that > point you effectively do a raid "scrub" you tend to suddenly notice a bunch > of other hidden problems which were lurking and your rebuild fails (this and no raid will protect you from every failure. You have to do backups. EOT From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:19:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:19:23 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECDE83.4090007@corp.sonic.net> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for yes. long time ago. ZFS isn't useful for anything more than a toy. I/O performance is just bad. From lists at svrinformatica.it Fri Jun 29 09:35:12 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 08:35:12 +0200 Subject: [Dovecot] auth service: out of memory Message-ID: <4FED4CA0.4010303@svrinformatica.it> Hi, I have some out of memory errors in my logs (file errors.txt attached) I'm using dovecot 2.0.19, I can see some memory leaks fix in hg after the 2.0.19 release but they seem related to imap-login service, I attached my config too, is something wrong there? Should I really increase the limit based on my settings? Can these commits fix the reported leak? http://hg.dovecot.org/dovecot-2.0/rev/6299dfb73732 http://hg.dovecot.org/dovecot-2.0/rev/67f1cef07427 Please note that the auth service is restarted when it reach the limit so no real issues, please advice thanks Nicola -------------- next part -------------- cat /var/log/mail.log | grep "Out of memory" Jun 28 11:48:24 server1 dovecot: master: Error: service(auth): child 31301 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:50:18 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:50:18 server1 dovecot: master: Error: service(auth): child 10782 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:52:43 server1 dovecot: master: Error: service(auth): child 16854 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:54:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:54:01 server1 dovecot: master: Error: service(auth): child 23378 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:55:09 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:55:09 server1 dovecot: master: Error: service(auth): child 28203 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:56:07 server1 dovecot: master: Error: service(auth): child 32570 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:57:01 server1 dovecot: master: Error: service(auth): child 5136 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:57 server1 dovecot: master: Error: service(auth): child 9245 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:58:52 server1 dovecot: master: Error: service(auth): child 13779 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:59:49 server1 dovecot: master: Error: service(auth): child 18260 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:01:03 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 12:01:03 server1 dovecot: master: Error: service(auth): child 22181 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:03:24 server1 dovecot: auth: Fatal: pool_system_malloc(3144): Out of memory Jun 28 12:03:24 server1 dovecot: master: Error: service(auth): child 27253 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 default_vsz_limit = 128 M disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.example.com last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at example.com protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> Message-ID: <4FED55B6.1020902@um.es> El 29/06/12 07:32, Timo Sirainen escribi?: > On 29.6.2012, at 5.18, Daniel Parthey wrote: > >> wouldn't it be better to use a syntax similar to other doveadm commands, >> with labels for all arguments? >> >> doveadm auth test -u -p [] >> doveadm auth cache flush -u [] >> doveadm auth cache stats >> >> This will allow you to syntactically distinguish "commands" from "arguments". >> Otherwise you might run into the same "kludgy" syntax problem again, as soon >> as the number of subcommands changes. > > The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. > > Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Jun 29 10:19:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:19:59 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED4CA0.4010303@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> Message-ID: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> On 29.6.2012, at 9.35, Mailing List SVR wrote: > I have some out of memory errors in my logs (file errors.txt attached) How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. From tss at iki.fi Fri Jun 29 10:20:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:20:58 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FED55B6.1020902@um.es> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> <4FED55B6.1020902@um.es> Message-ID: On 29.6.2012, at 10.13, Angel L. Mateo wrote: > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. There's already doveadm director move command. From lists at svrinformatica.it Fri Jun 29 10:39:25 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:39:25 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> Message-ID: <4FED5BAD.9060605@svrinformatica.it> Il 29/06/2012 09:19, Timo Sirainen ha scritto: > On 29.6.2012, at 9.35, Mailing List SVR wrote: > >> I have some out of memory errors in my logs (file errors.txt attached) > How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. > > ps aux report this: dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth thanks Nicola From tss at iki.fi Fri Jun 29 10:45:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:45:00 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED5BAD.9060605@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: On 29.6.2012, at 10.39, Mailing List SVR wrote: > Il 29/06/2012 09:19, Timo Sirainen ha scritto: >> On 29.6.2012, at 9.35, Mailing List SVR wrote: >> >>> I have some out of memory errors in my logs (file errors.txt attached) >> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >> >> > ps aux report this: > > dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth > > before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux > > dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. If you want to, you could also test with valgrind if there's a leak: service auth { executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth } You'd then need to restart the auth process to make valgrind output the leaks. From lists at svrinformatica.it Fri Jun 29 10:51:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:51:42 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: <4FED5E8E.8070301@svrinformatica.it> Il 29/06/2012 09:45, Timo Sirainen ha scritto: > On 29.6.2012, at 10.39, Mailing List SVR wrote: > >> Il 29/06/2012 09:19, Timo Sirainen ha scritto: >>> On 29.6.2012, at 9.35, Mailing List SVR wrote: >>> >>>> I have some out of memory errors in my logs (file errors.txt attached) >>> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >>> >>> >> ps aux report this: >> >> dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth >> >> before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux >> >> dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth > So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. I increased the limit to 192MB or should I set the limit to 256MB or more? I'll wait some days to see if still crash > > If you want to, you could also test with valgrind if there's a leak: > > service auth { > executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth > } > > You'd then need to restart the auth process to make valgrind output the leaks. for now I prefer to avoid valgrind on a production server if the crash persist with the new limit I'll setup a test environment and I'll run valgrind there, thanks Nicola From ef at math.uni-bonn.de Fri Jun 29 12:43:31 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Fri, 29 Jun 2012 11:43:31 +0200 Subject: [Dovecot] Preferred LDAP Attribute for home/mail location Message-ID: <20120629094330.GJ58060@trav.math.uni-bonn.de> Is there, among the dovocot community, any preferred LDAP schema and attribute to use for setting the home/mail storage location? Some people seem to use the qmail schema, some a Jamm schema (whatever that is), and Markus Effinger has even created a dovecot schema (https://www.effinger.org/blog/2009/01/11/eigenes-ldap-schema-erstellen/). There may be more. I could even create my own given we have been assigned an official OID a decade ago anyway. However, sometimes I prefer to use what most other people do. I would effectively only need to store the name of the relevant NFS server. From amateo at um.es Fri Jun 29 14:02:26 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 29 Jun 2012 13:02:26 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) Message-ID: <4FED8B42.5010701@um.es> Hello, I have discovered a strange behaviour with director proxying... I have a user, its assigned server is 155.54.211.164. The problem is that I don't know why director sent him yesterday to a different server, because my server was up all the time. Moreover, I'm using poolmon in director servers to check availability of final servers and it didn't report any problem with the server. I have two load balanced director servers. Logs at these servers are: * logs directing him to the correct backend server Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master in: PASS#0111#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=52255 Jun 28 08:38:18 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master out: PASS#0111#011user=#011proxy#011proxy_timeout=150 Jun 28 08:38:18 myotis42 dovecot: lmtp(15889): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master in: PASS#01118#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.166#011rport=40008 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: static(,155.54.212.166): lookup Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master out: PASS#01118#011user=#011proxy#011proxy_timeout=150 Jun 28 08:39:59 myotis42 dovecot: lmtp(15361): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 * now, the other director server sends him to an incorrect backend server Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01134556#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01152763#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password * Now, the first director sends him to the incorrect one too Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master in: PASS#01132#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=46830 Jun 28 09:33:50 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master out: PASS#01132#011user=#011proxy#011proxy_timeout=150 Jun 28 09:33:50 myotis42 dovecot: lmtp(17284): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.162 proxy_refresh=450 I haven't found any error log for the correct backend server between the correct redirection and the incorrect one. In fact, I have lot of logs of other users directed to it, and logs of the same director directing connections to the correct server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 29 14:15:04 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:04 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: <4FED8E38.1020105@Media-Brokers.com> On 2012-06-28 4:35 PM, Ed W wrote: > On 28/06/2012 17:54, Charles Marcus wrote: >> RAID10 also statistically has a much better chance of surviving a >> multi drive failure than RAID5 or 6, because it will only die if two >> drives in the same pair fail, and only then if the second one fails >> before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Depends on what you mean exactly by 'incorrect'... I'm fairly sure that you do not mean that my comment that 'having a hot spare is good' is incorrect, so that leaves my last comment above... I'm far from expert (Stan? Where are you? Am looking forward to your comments here), but... > Search google for a recent very helpful expose on this. Basically RAID10 > can sometimes tolerate multi-drive failure, but on average raid6 appears > less likely to trash your data, plus under some circumstances it better > survives recovering from a single failed disk in practice 'Sometimes'... '...under some circumstances...' - hey, it's all a crapshoot anyway, all you can do is try to make sure the dice aren't loaded against you. > The executive summary is something like: when raid5 fails, because at > that point you effectively do a raid "scrub" you tend to suddenly notice > a bunch of other hidden problems which were lurking and your rebuild > fails (this happened to me...). RAID1 has no better bad block detection > than assuming the non bad disk is perfect (so won't spot latent > unscrubbed errors), and again if you hit a bad block during the rebuild > you loose the whole of your mirrored pair. Not true (at least not for real hardware based RAID controllers that I have ever worked with)... yes, it may revert to degraded mode, but you don't just 'lose' the RAID if the rebuild fails. You can then run filesystem check tools on the system, hopefully find/fix the bad sectors, then rebuild the array - I have had to do/done this before myself, so I know that this is possible. Also, modern enterprise SAS drives and RAID controllers do have hardware based algorithms to protect data integrity (much better than consumer grade drives at least). > So the vulnerability is not the first failed disk, but discovering > subsequent problems during the rebuild. True, but this applies to every RAID mode (RAID6 included). Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes can take many hours, or even days depending on drive sizes) - it is the stress of the rebuild that often causes a second drive failure, thereby killing your RAID, and RAID10 rebuilds happen *much* faster that RAID5/6 rebuilds (and are less stressful), so there is much less chance of losing another disk during a rebuild. > This certainly correlates with my (admittedly limited) experiences. > Disk array scrubbing on a regular basis seems like a mandatory > requirement (but how many people do..?) to have any chance of > actually repairing a failing raid1/5 array Regular scrubbing is something I will give some thought to, but again, your remarks are not 100% accurate... RAID is not quite so fragile as you make it out to be. -- Best regards, Charles From CMarcus at Media-Brokers.com Fri Jun 29 14:15:10 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:10 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: <4FED8E3E.5050905@Media-Brokers.com> On 2012-06-29 2:19 AM, Wojciech Puchar wrote: >> Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for > yes. long time ago. ZFS isn't useful for anything more than a toy. I/O > performance is just bad. Please stop with the FUD... 'long time ago'? No elaboration on what implementation/platform you 'played with'? With a proper implementation, ZFS is an excellent, mature, reliable option for storage... maybe not quite the fastest/highest performing screaming speed demon, but enterprises are concerned with more than just raw performance - in fact, data integrity tops the list. http://www.nexenta.com/corp/nexentastor http://www.freenas.org/ Yes, the LINUX version has a long way to go (due to stupid licensing restrictions it must be rewritten from scratch to get into the kernel), but personally I'm chomping at the bit for BTRFS, which looks like it is coming closer to usability for production systems (just got a basic fsck tool which now just needs to be perfected). -- Best regards, Charles From joe at tao.org.uk Fri Jun 29 08:02:16 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Fri, 29 Jun 2012 06:02:16 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: Kelsey Cummings wrote: > On 06/28/12 05:56, Ed W wrote: >> So given the statistics show us that 2 disk failures are much more >> common than we expect, and that "silent corruption" is likely occurring >> within (larger) real world file stores, there really aren't many battle >> tested options that can protect against this - really only RAID6 right >> now and that has significant limitations... > > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store > for spools? Sorry if I've missed it and this has already come up. > We're using Netapp/NFS, and are likely to continue to do so but still > curious. Hi Kelsey, We're running ZFS here, and have just started using dovecot on it. No stats yet to report, but you might be interested in this edge case. One of our server started behaving badly... the database would randomly crash and not restart due to corrupted indexed. It turns out that the memory had gone bad, and that it had been bad for a while. Disk blocks were getting corrupted on read, and some on write! Luckly because we were on ZFS, which checksums all data, we were able to detect and repair most of the data (some 80mb of bad blocks distributed evenly thoughout the entire file system!) automatically, and also know exactly which files were unrecoverable (in the end just two or three files!). Also, we have hourly snapshots of all the file systems, so we were able to recover older versions of those files with minimal loss. I will never rely on a non-checksumming file system for production use again, for data that is existed to persist over time. Joe From CMarcus at Media-Brokers.com Fri Jun 29 15:11:47 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 08:11:47 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: Message-ID: <4FED9B83.7070905@Media-Brokers.com> On 2012-06-29 1:02 AM, Dr Josef Karthauser wrote: > I will never rely on a non-checksumming file system for production > use again, for data that is existed to persist over time. Nice! I'm seriously considering buying a Nexenta Storage device if/when our storage needs require it... this just makes me want it more. :) Out of curiosity, were you using proper ECC memory? Ie, why did the bad memory go undetected for so long? -- Best regards, Charles From lists at wildgooses.com Fri Jun 29 19:07:56 2012 From: lists at wildgooses.com (Ed W) Date: Fri, 29 Jun 2012 17:07:56 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FED8E38.1020105@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> <4FED8E38.1020105@Media-Brokers.com> Message-ID: <4FEDD2DC.7080404@wildgooses.com> On 29/06/2012 12:15, Charles Marcus wrote: > On 2012-06-28 4:35 PM, Ed W wrote: >> On 28/06/2012 17:54, Charles Marcus wrote: >>> RAID10 also statistically has a much better chance of surviving a >>> multi drive failure than RAID5 or 6, because it will only die if two >>> drives in the same pair fail, and only then if the second one fails >>> before the hot spare is rebuilt. > >> Actually this turns out to be incorrect... Curious, but there you go! > > Depends on what you mean exactly by 'incorrect'... I'm sorry, this wasn't meant to be an attack on you, I thought I was pointing out what is now fairly obvious stuff, but it's only recently that the maths has been popularised by the common blogs on the interwebs. Whilst I guess not everyone read the flurry of blog articles about this last year, I think it's due to be repeated in increasing frequency as we go forward: The most recent article which prompted all of the above is I think this one: http://queue.acm.org/detail.cfm?id=1670144 More here (BARF = Battle Against Raid 5/4) http://www.miracleas.com/BAARF/ There are some badly phrased ZDnet articles also if you google "raid 5 stops working in 2009" Intel have a whitepaper which says: Intelligent RAID 6 Theory Overview And Implementation RAID 5 systems are commonly deployed for data protection in most business environments. However, RAID 5 systems only tolerate a single drive failure, and the probability of encountering latent defects [i.e. UREs, among other problems] of drives approaches 100 percent as disk capacity and array width increase. The upshot is that: - Drives often fail slowly rather than bang/dead - You will only scrub the array on a frequency F, which means that faults can develop since the last scrub (good on you if you actually remembered to set an automatic regular scrub...) - Once you decide to pull a disk for some reason to replace it, then with RAID1/5 (raid1 is a kind of degenerate form of raid5) you are exposed in that if a *second* error is detected during the rebuild then you are inconsistent and have no way to correctly rebuild your entire array - My experience is that linux-raid will stop the rebuild if a second error is detected during rebuild, but with some understanding it's possible to proceed (obviously understanding that data loss has therefore occurred). However, some hardware controllers will kick out the whole array if a rebuild error is discovered- some will not, but given the probability of a second error being discovered during rebuild is significantly non zero, it's worth worrying over this and figuring out what you do if it happens... > I'm fairly sure that you do not mean that my comment that 'having a > hot spare is good' is incorrect, Well, hotspare seems like a good idea, but the point is that the situation will be that you have lost parity protection. At that point you effectively run a disk scrub to rebuild the array. The probability of discovering a second error somewhere on your remaining array is non zero and hence your array has lost data. So it's not about how quickly you get the spare in, so much as the significant probability that you have two drives with errors, but only one drive of protection Raid6 increases this protection *quite substantially*, because if a second error is found on a stripe, then you still haven't lost data. However, a *third* error on a single stripe will lose data. The bad news: Estimates suggest that drive sizes will become large enough that RAID6 is insufficient to give a reasonable probability of successful repair of a single failed disk in around 7+ years time. So at that point there becomes a significant probability that the single failed disk cannot be successfully replaced in a RAID6 array because of the high probability of *two* additional defects becoming discovered on the same stripe of the remaining array. Therefore many folks are requesting 3 disk parity to be implemented (RAID7?) > 'Sometimes'... '...under some circumstances...' - hey, it's all a > crapshoot anyway, all you can do is try to make sure the dice aren't > loaded against you. And to be clear - RAID5/RAID1 has a very significant probability that once your first disk has failed, in the process of replacing that disk you will discover an unrecoverable error on your remaining drive and hence you have lost some data... > Also, modern enterprise SAS drives and RAID controllers do have > hardware based algorithms to protect data integrity (much better than > consumer grade drives at least). I can't categorically disagree, but I should check carefully your claims? My understanding is that there is minimal additional protection from "enterprise" stuff, and by that I'm thinking of quality gear that I can buy from the likes of newegg/ebuyer, not the custom SAN products from certain big name providers. It seems possible that the big name SAN providers implement additional protection, but at that point we are talking custom hardware and it's hard to analyse (or even get the full details) My limited understanding is that "enterprise" quality buys you only: - almost identical drives, but with a longer warranty and tighter quality control. We might hope for internal changes that improve longevity, but there is only minimal evidence of this - drives have certain firmware features which can be advantage, eg TLER type features - drives have (more) bad block reallocation sectors available, hence you won't get bad block warnings as quickly (which could be good or bad...) - controllers might have ECC ram in the cache ram However, whilst we might desire features which reduce the probability of failed block reads/writes, in practice I'm not aware that the common LSI controllers (et al) offer this and so in practice I don't think you get any useful additional protection from "enterprise" stuff? For example remember a few years back the google survey of drives from their data centers (and several others) where they observed that enterprise drives showed no real difference in failure characteristics from non enterprise drives. Also that SMART was a fairly poor predictor of failing drives... >> So the vulnerability is not the first failed disk, but discovering >> subsequent problems during the rebuild. > > True, but this applies to every RAID mode (RAID6 included). No, see RAID6 has a dramatically lower chance of this happening than RAID1/5. See this is the real insight and I think it's important that this fairly (obvious in retrospect) idea becomes widely known and understood to those who manage arrays. RAID6 needs a failed drive and *two* subsequent errors *per stripe* to lose data. RAID5/1 simply need one subsequent error *per array* to lose data. Quite a large difference! > Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes > can take many hours, or even days depending on drive sizes) - it is > the stress of the rebuild that often causes a second drive failure, > thereby killing your RAID, and RAID10 rebuilds happen *much* faster > that RAID5/6 rebuilds (and are less stressful), so there is much less > chance of losing another disk during a rebuild. Hmm, at least theoretically both need a full linear read of the other disks. The time for an idle array should be similar in both cases. Agree though that for an active array the raid5/6 generally causes more drives to read/write, hence yes, the impact is probably greater. However, don't miss the big picture, your risk is a second error occurring anywhere on the array with raid1/5, but with raid 6 your risk is *two* errors per stripe, ie you can fail a whole second drive and still continue rebuilding with raid6 >> This certainly correlates with my (admittedly limited) experiences. >> Disk array scrubbing on a regular basis seems like a mandatory >> requirement (but how many people do..?) to have any chance of >> actually repairing a failing raid1/5 array > > Regular scrubbing is something I will give some thought to, but again, > your remarks are not 100% accurate... RAID is not quite so fragile as > you make it out to be. We humans are all far too shaped by our own limited experiences. I'm the same. I personally feel that raid arrays *are* very fragile. Backups are often the option when you get multi-drive failures (even if theoretically the array is repairable). However, it's about the best option we have right now, so all we can do is be aware of the limitations... Additionally I have very much suffered this situation of a failing RAID5 which was somehow hanging together with just the odd uncorrectable read error reported here and there (once a month say). I copied off all the data and then as an experiment replaced one disk in this otherwise working array, which then triggered a cascade of discovered errors all over the disk and rebuilding was basically impossible. I was expecting it to fail of course and had proactively copied off the data, but my point was at that point all I had were hints of failure and the odd UCE report. Presumably my data was being quietly corrupted in the background though, and the recovered data (low value) is likely peppered with read errors... Scary if it had been high value data... Remember, remember: Raid5/6/1 does NOT do parity checking on read... Only fancy filesystems like ZFS and perhaps btrfs do an end to end check which can spot a read error... If your write fails or a disk error corrupts a sector, then you will NOT find out about it until you scrub your array... Reading the corrupted sector will read the error and when you rewrite you will correct the parity and the original error will then be undetectable... Same effect actually if you just rewrite any block in the stripe containing a corrupted block, the parity gets updated to imply the corrupted block isn't corrupted anymore, now it's undetectable to a scrub... Roll on btrfs I say... Cheers Ed W From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 19:21:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 18:21:27 +0200 Subject: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users Message-ID: <20120629182127.653130ctu3bfqxaf@mail.tu-chemnitz.de> Hi, we have configured userdb and passdb in the director and try to iterate all users and pass the "purge" command via doveadm proxy to port 19000 on the correct director backend host. A single purge -u username at example.org via doveadm-proxy works correctly, but iterating over some users with -A fails. Note: users/domains have been anonymized in output: ------------------------------------------------------------------------ mail04:~# /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A 2>&1 doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user01 at domain1.example.org): Debug: auth input: user=user01 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain1.example.org): Debug: auth input: user=user02 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user03 at domain1.example.org): Debug: auth input: user=user03 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user04 at domain1.example.org): Debug: auth input: user=user04 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user05 at domain1.example.org): Debug: auth input: user=user05 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user06 at domain1.example.org): Debug: auth input: user=user06 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user07 at domain1.example.org): Debug: auth input: user=user07 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user08 at domain1.example.org): Debug: auth input: user=user08 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain2.example.org): Debug: auth input: user=user01 at domain2.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user09 at domain1.example.org): Debug: auth input: user=user09 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 10 / 94doveadm(user10 at domain1.example.org): Debug: auth input: user=user10 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user11 at domain1.example.org): Debug: auth input: user=user11 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user12 at domain1.example.org): Debug: auth input: user=user12 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user13 at domain1.example.org): Debug: auth input: user=user13 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user14 at domain1.example.org): Debug: auth input: user=user14 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user15 at domain1.example.org): Debug: auth input: user=user15 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user16 at domain1.example.org): Debug: auth input: user=user16 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user17 at domain1.example.org): Debug: auth input: user=user17 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user18 at domain1.example.org): Debug: auth input: user=user18 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user19 at domain1.example.org): Debug: auth input: user=user19 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 20 / 94doveadm(user20 at domain1.example.org): Debug: auth input: user=user20 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user21 at domain1.example.org): Debug: auth input: user=user21 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user22 at domain1.example.org): Debug: auth input: user=user22 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain2.example.org): Debug: auth input: user=user02 at domain2.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user23 at domain1.example.org): Debug: auth input: user=user23 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user24 at domain1.example.org): Debug: auth input: user=user24 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain3.example.org): Debug: auth input: user=user01 at domain3.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user25 at domain1.example.org): Debug: auth input: user=user25 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user26 at domain1.example.org): Debug: auth input: user=user26 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user27 at domain1.example.org): Debug: auth input: user=user27 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 30 / 94doveadm(user28 at domain1.example.org): Debug: auth input: user=user28 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user29 at domain1.example.org): Debug: auth input: user=user29 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user30 at domain1.example.org): Debug: auth input: user=user30 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Debug: auth input: user=user31 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Error: doveadm server failure doveadm: Error: Failed to iterate through some users ------------------------------------------------------------------------ The user "user31 at domain1.example.org" is proxied to the correct backend host according to director status, but the dovecot.log on the doveadm service backend host shows the following error: Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: user user31 at domain1.example.org: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: purge: User lookup failed: Internal error occurred. Refer to server log for more information. The wiki http://wiki2.dovecot.org/Services#doveadm states that the privileges are (temporarily) dropped to the mail user's privileges after userdb lookup. It seems that from the second purge on which is passed over a single doveadm connection, the user lookup fails. It also seems a bit strange, that the "-A" parameter can be observed in the doveadm tcp stream to the backend, since iteration should be already done in the director and the backend should purge only a single user: D username at example.org purge -A Is there a bug or have I misconfigured/overlooked something? Configs of mailbox backend and director are attached. Kind regards Daniel -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { hidden = yes list = no location = pop3c: prefix = POP3-MIGRATION-NS/ } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } protocol doveadm { mail_plugins = quota pop3_migration } -------------- next part -------------- # 2.1.7: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_doveadm_port = 20000 director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_user_expire = 2 days disable_plaintext_auth = no doveadm_password = xxx doveadm_proxy_port = 19000 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = /etc/dovecot-director/conf.d/dovecot-sql.conf.ext driver = sql } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 20000 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = References: <20120629094330.GJ58060@trav.math.uni-bonn.de> Message-ID: <20120629184635.GB19203@state-of-mind.de> * Edgar Fu? : > Is there, among the dovocot community, any preferred LDAP schema and > attribute to use for setting the home/mail storage location? There are many. Here's another one: -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 23:33:34 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 22:33:34 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120629203334.GA7718@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > What isn't in v2.0 is the larger rewrite of the LMTP proxying > code in v2.1, which I hope fixes also this timeout problem. Same problem persists after update to 2.1.7, especially for distribution lists which contain several target email addresses which are then pipelined by postfix through a single lmtp proxy connection: Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Please tell me If I can do something to find out the cause of the problem. Kind regards Daniel -- https://plus.google.com/103021802792276734820 From zac.israel at gmail.com Sat Jun 30 00:41:02 2012 From: zac.israel at gmail.com (Zac Israel) Date: Fri, 29 Jun 2012 16:41:02 -0500 Subject: [Dovecot] Proxy config help please Message-ID: Hello, I am new to dovecot and I am initially trying to setup a basic imap proxy with password forwarding, I can start the dovecot service, connect and give it my password, and that is where I hang. My config is: root at imap-test:/etc/dovecot# doveconf -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_debug = yes auth_verbose = yes debug_log_path = syslog first_valid_uid = 100 imap_capability = CAPABILITY IMAP4rev1 ACL BINARY CATENATE CHILDREN CONDSTORE ENABLE ESEARCH ESORT I18NLEVEL=1 ID IDLE LIST-EXTENDED LIST-STATUS LITERAL+ LOGIN-REFERRALS MULTIAPPEND NAMESPACE QRESYNC QUOTA RIGHTS=ektx SASL-IR SEARCHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST last_valid_uid = 200 mail_debug = yes mail_gid = 107 mail_uid = 107 passdb { args = proxy=proxy_always nopassword=y host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert driver = static } protocols = imap service imap-login { inet_listener imap { address = * port = 143 } } ssl = required ssl_cert = Message-ID: Jonathan Ryshpan schrieb: > It appears from the wiki that the word following the namespace > declarator (if this is the right word) should be either "public", > "shared", or "private", and describes a property of the namespace being > declared. AFAIS the word following the keyword "namespace" is the name (of the namespace). The type ("public", "shared" or "private") is declared by using a type definition. > So what does: > namespace inbox {... > mean? That is a definition of a namespace named "inbox". -thh From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 04:51:50 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 03:51:50 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) In-Reply-To: <4FED8B42.5010701@um.es> References: <4FED8B42.5010701@um.es> Message-ID: <20120630015150.GA12291@daniel.localdomain> Hi Angel, Angel L. Mateo wrote: > I have a user, its assigned server is 155.54.211.164. The problem > is that I don't know why director sent him yesterday to a different > server, because my server was up all the time. Moreover, I'm using > poolmon in director servers to check availability of final servers > and it didn't report any problem with the server. Which version of dovecot are you using? "doveconf -n" of director and mailbox instance? You should monitor the output of doveadm director status username at example.org doveadm director ring status on each of the directors over time with a timestamp. This might shed some light on where the user is directed and why, and ring status will tell which directors can see each other. doveadm director move can also influence where a user is sent, but this will be reflected by "Current:" entry of director status, there you can also find the time when the entry in hashtable will expire. Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Sat Jun 30 08:23:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 30 Jun 2012 00:23:58 -0500 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <4FEE8D6E.3030703@hardwarefreak.com> On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From CMarcus at Media-Brokers.com Sat Jun 30 12:52:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 30 Jun 2012 05:52:09 -0400 Subject: [Dovecot] Proxy config help please In-Reply-To: References: Message-ID: <4FEECC49.8000601@Media-Brokers.com> On 2012-06-29 5:41 PM, Zac Israel wrote: > The system at 172.16.0.13 is a zimbra proxy. I can see in the logs > that it initially complains about my ssl cert, and if I remove > ssl=any-cert it fails because my cert is self signed, so I know it is > talking to the proxy and doing starttls which is a requirement of > zimbra. Unfortunately I have not found a way to see the full exchange > between dovecot and my zimbra proxy other than tcp dump, which just > shows a small packet exchange. And unfortunately you failed to provide critical evidence - in this case the actual logs (and the tcpdump since you already have it) of a failed session, rather than your interpretation of it. But at least you provided your config (Timo is so good that often that is enough by itself, but even his crystal ball sometimes has problems). I have found over the years that if you are having a problem to the point that you need to ask for help, it is time to step back and take a fresh look at *everything* - including having other eyes looking at *all* of the evidence. -- Best regards, Charles From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Jun 30 14:17:09 2012 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 30 Jun 2012 22:17:09 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEE8D6E.3030703@hardwarefreak.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com> <4FEE8D6E.3030703@hardwarefreak.com> Message-ID: <213B51F00051AE48A9F0E11288017717B84022@Delta.sc.local> So, you say that one should use this configuration in production with hope that such failure would never happen? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Stan Hoeppner Sent: Saturday, June 30, 2012 4:24 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From oooo1 at front.ru Sat Jun 30 14:19:53 2012 From: oooo1 at front.ru (Oooo1) Date: Sat, 30 Jun 2012 15:19:53 +0400 Subject: [Dovecot] Adding IMAP SORT and THREAD Extensions but THREAD=ORDEREDSUBJECT functionality to Dovecot 2.x.y ! Message-ID: <000001cd56b2$472ecfb0$d58c6f10$@front.ru> Hi. Can somebody add IMAP SORT and THREAD Extensions THREAD=ORDEREDSUBJECT function to the just next version of Dovecot ? It is necessary to GroupWare server. At the moment I have made it workable together, but there is one unstable point, as I have understood SOGo needs THREAD=ORDEREDSUBJECT sorting functions and if it not to get it, GroupWare server makes unworkable some of its component. If it needs additional info, you are welcome. From zac.israel at gmail.com Sat Jun 30 17:58:11 2012 From: zac.israel at gmail.com (Zac Israel) Date: Sat, 30 Jun 2012 09:58:11 -0500 Subject: [Dovecot] Proxy config help please In-Reply-To: <4FEECC49.8000601@Media-Brokers.com> References: <4FEECC49.8000601@Media-Brokers.com> Message-ID: On Sat, Jun 30, 2012 at 4:52 AM, Charles Marcus wrote: > On 2012-06-29 5:41 PM, Zac Israel wrote: >> >> The system at 172.16.0.13 is a zimbra proxy. ?I can see in the logs >> that it initially complains about my ssl cert, and if I remove >> ssl=any-cert it fails because my cert is self signed, so I know it is >> talking to the proxy and doing starttls which is a requirement of >> zimbra. ?Unfortunately I have not found a way to see the full exchange >> between dovecot and my zimbra proxy other than tcp dump, which just >> shows a small packet exchange. > > > And unfortunately you failed to provide critical evidence - in this case the > actual logs (and the tcpdump since you already have it) of a failed session, > rather than your interpretation of it. But at least you provided your config > (Timo is so good that often that is enough by itself, but even his crystal > ball sometimes has problems). > > I have found over the years that if you are having a problem to the point > that you need to ask for help, it is time to step back and take a fresh look > at *everything* - including having other eyes looking at *all* of the > evidence. > > -- > > Best regards, > > Charles Very sorry for the omission, please find the dovecot logs and tcpdump session attached. Please let me know if I can provide any other information and thank you again for your time. Zac -------------- next part -------------- Jun 29 17:00:57 imap-test dovecot: master: Dovecot v2.0.19 starting up (core dumps disabled) Jun 29 17:00:58 imap-test dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Jun 29 17:00:58 imap-test dovecot: auth: Debug: auth client connected (pid=31182) Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=49940 resp= Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): lookup Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): Allowing any password Jun 29 17:01:10 imap-test dovecot: auth: Debug: client out: OK 1 user=zac.israel at domain.com proxy host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert pass= Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server hello A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: self signed certificate in certificate chain: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unsupported certificate purpose: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server certificate A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server done A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write client key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:44 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] Jun 29 17:03:58 imap-test dovecot: imap-login: Disconnected: Inactivity (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS: Disconnected Jun 29 17:03:58 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] -------------- next part -------------- root at imap-test:~# tcpdump -n -i eth0 host 172.16.0.13 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 09:36:00.886811 ARP, Request who-has 172.16.0.13 tell 172.16.0.66, length 28 09:36:00.888071 ARP, Reply 172.16.0.13 is-at 00:50:56:b5:81:76, length 46 09:36:00.888088 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [S], seq 2509538212, win 14600, options [mss 1460,sackOK,TS val 41913867 ecr 0,nop,wscale 2], length 0 09:36:00.888456 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [S.], seq 703703456, ack 2509538213, win 14480, options [mss 1460,sackOK,TS val 3304080992 ecr 41913867,nop,wscale 7], length 0 09:36:00.888493 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 1, win 3650, options [nop,nop,TS val 41913867 ecr 3304080992], length 0 09:36:00.889084 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 1:19, ack 1, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 18 09:36:00.889107 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 0 09:36:00.889372 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 1:13, ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 12 09:36:00.889716 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [.], ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 0 09:36:00.889805 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 19:35, ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 16 09:36:00.890583 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 13:239, ack 35, win 3650, options [nop,nop,TS val 41913868 ecr 3304080993], length 226 09:36:00.896904 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 35:2546, ack 239, win 122, options [nop,nop,TS val 3304081000 ecr 41913868], length 2511 09:36:00.896929 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 2546, win 4374, options [nop,nop,TS val 41913869 ecr 3304081000], length 0 09:36:00.902988 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 239:437, ack 2546, win 4374, options [nop,nop,TS val 41913871 ecr 3304081000], length 198 09:36:00.907031 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2546:2780, ack 437, win 130, options [nop,nop,TS val 3304081011 ecr 41913871], length 234 09:36:00.908024 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 437:554, ack 2780, win 5098, options [nop,nop,TS val 41913872 ecr 3304081011], length 117 09:36:00.908429 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2780:3089, ack 554, win 130, options [nop,nop,TS val 3304081012 ecr 41913872], length 309 09:36:00.946464 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 3089, win 5822, options [nop,nop,TS val 41913882 ecr 3304081012], length 0 09:38:45.491173 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 554:591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 37 09:38:45.491251 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [F.], seq 591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 0 09:38:45.494136 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 3089:3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 85 09:38:45.494169 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:45.494176 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [F.], seq 3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 0 09:38:45.494221 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:50.493026 ARP, Request who-has 172.16.0.66 tell 172.16.0.13, length 46 09:38:50.493057 ARP, Reply 172.16.0.66 is-at 00:50:56:b5:81:b0, length 28 From toml at engr.orst.edu Sat Jun 30 19:07:58 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Sat, 30 Jun 2012 09:07:58 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: <4FEF245E.30105@engr.orst.edu> On 6/13/12 10:07 AM, Timo Sirainen wrote: > On 13.6.2012, at 19.58, Tom Lieuallen wrote: > >>> type=public and same for the other shared namespace. The type=shared >>> namespaces are for mailboxes shared between users. >> >> Unfortunately, it still isn't working. > .. >> It seems to me like the logic for deciding which namespaces to follow is something like this: >> >> * If mail prefix = "", inspect and potentially use all namespaces >> >> * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. >> >> In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. > > No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? Yes, 2.1.7 in solaris 10, compiled with gcc. I tried this on a linux box and got the same behavior. I tried compiling it with the Sun compilers; no change. I'm at a loss of what else to check or try. thank you Tom Lieuallen From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 21:03:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 20:03:09 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: <20120630180308.GA7417@daniel.localdomain> Rolf wrote: > Am 2012-06-27 20:47, schrieb Daniel Parthey: > >I encourage you to read this HOWTO: > >http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > I understand that LMTP is an alternative to SMTP when it comes to > mail communication inside a server or a local network. > I understand that LMTP is newer. But if you look at incoming mail > via SMTP on socket 25 and than look at the mail via roundcoube > (communicating with dovecot) what is the difference and why should I > care? Delivery via lda: SMTP -> postfix:25 -> EXEC -> lda executed by postfix -> filesystem -> dovecot imap Delivery via lmtp: SMTP -> postfix:25 -> TCP -> dovecot:24 -> filesystem -> dovecot imap The difference is that postfix communicates to dovecot lmtp port 24 and the actual delivery to the filesystem will be done by dovecot itself. Therefore you only need to ensure read/write access for dovecot to the mail filesystem. > That is - if I introduce LMTP - postfix will talk to dovecot by a > different protocol. Correct? Yes, postfix will talk LMTP dovecot, either via a UNIX socket in the filesystem, or via local TCP network communication to a TCP Socket in dovecot. > Will dovecot change its behavior? No. The imap/pop3 service of dovecot will work as usual. The delivery is a bit different, before being delivered to the filesystem, the message will pass the LMTP service with quota enforcement, sieve filtering, depending on which mail modules you have enabled in dovecot. > As I am not an SMTP insider (never did SMTP using telnet) I hardly > understand what this change could do to my problem. By using LMTP via TCP, you will avoid permission problems where postfix cannot access sockets/files/mails from dovecot, since postfix will communicate via network with dovecot and dovecot will handle the delivery itself. > Wouldn't dovecot LDA "deliver" still try to change the INBOX and > will have access problems that I do not understand? Delivery will be done by the dovecot lmtp service http://wiki2.dovecot.org/Services#lmtp it will not be executed by postfix. > Do you have a link for me, explaining what "deliver" does with a > mail that is not subject to any of the "fileinto" of a sieve filter? I assume it writes the message to INBOX (e.g. /var/mail/rolf), which is often at a different location and possibly has other permissions than your mailboxes in your home directory where SIEVE sorts your mail into. > What user accounts are involved in that function? Currently, dovecot lda/deliver is executed by postfix, which I see as a possible reason for the permission problems. After switching to LMTP via TCP, only dovecot should be involved with delivery, and drop privileges to the mailbox owner after userdb lookup according to http://wiki2.dovecot.org/Services#lmtp Regards, Daniel -- https://plus.google.com/103021802792276734820 From spamvoll at googlemail.com Sat Jun 30 23:19:49 2012 From: spamvoll at googlemail.com (spamvoll at googlemail.com) Date: Sat, 30 Jun 2012 22:19:49 +0200 Subject: [Dovecot] moving from BSD to Ubuntu Message-ID: hi.. im planning to move my Mailserver from an FreeBSD Box to an Ubuntu 12.04 LTS Box. Both Boxes run Dovecot 2.0 Does anyone did this before and experienced any problems ? Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and copy all Mailbox files to the Uuntu system and start dovecot. Regards Hans From lists at svrinformatica.it Sat Jun 30 23:33:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 30 Jun 2012 22:33:42 +0200 Subject: [Dovecot] moving from BSD to Ubuntu In-Reply-To: References: Message-ID: <4FEF62A6.1040305@svrinformatica.it> Il 30/06/2012 22:19, spamvoll at googlemail.com ha scritto: > hi.. > > im planning to move my Mailserver from an FreeBSD Box to an Ubuntu > 12.04 LTS Box. Hi, I recently migrated to ubuntu 12.04 (not from freebsd) the only problem was this: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1016905 solved patching openssl ubuntu package, Nicola > Both Boxes run Dovecot 2.0 > > Does anyone did this before and experienced any problems ? > Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and > copy all Mailbox files to the Uuntu system and start dovecot. > > Regards > Hans > From tss at iki.fi Fri Jun 1 13:26:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 1 Jun 2012 13:26:44 +0300 Subject: [Dovecot] inet_listener imaps { port = 0 } question In-Reply-To: <5748fd83f78445be8a644585a877b682@rootservers.in> References: <5748fd83f78445be8a644585a877b682@rootservers.in> Message-ID: <23CB1C0E-C328-45C9-980A-ABD79A0EB965@iki.fi> On 31.5.2012, at 16.58, henrixd wrote: > Why commenting out "inet_listener imaps {}" won't stop dovecot to listen port 993? I think this would be expected behavior. Just curious, finally got it working with port = 0. :) When you comment out something, Dovecot uses the default settings for it. By default Dovecot listens on port 993. From joe.beaubien at gmail.com Fri Jun 1 18:36:02 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Fri, 1 Jun 2012 11:36:02 -0400 Subject: [Dovecot] Inconsistent search results and crash on force-resync Message-ID: Hi, I am seeing inconsistencies in search results (finding 2 emails when only 1 exists, finding the email when it has been moved to another folder, etc). I figured I should run force-resync to fix any issues. I ran the following: doveadm -v force-resync -u and I got some worrysome logs. - I should mention that I have been seeing some crashes of fts-lucene in my logs. I sent a traceback of this on the mailing list 1-2 days ago under the subject "[Dovecot] fts_lucene crashing". - I should also mention that all the problems I am having are only in 1 email account. This email account contains folders of over 100k emails. Do I need to tweak dovecot somehow for this? Up until now all I did was change vsz_limit to 1024 MB for "service imap". Here are the logs: Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox INBOX2 Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox contrat Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_Immigation soi-m&AOo-me/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Templates/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox rep_eval_positive Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_eval_positive/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox Sent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Sent/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_positif Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_indetermine Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:25 XXXXX dovecot: indexer-worker: Error: indexer-worker: /home/jd/work/clucene-core-2.3.3.4/src/core/CLucene/index/DocumentsWriter.cpp:210: std::string lucene::index::DocumentsWriter::closeDocStore(): Assertion `numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )' failed. Jun 1 11:15:25 XXXXX dovecot: indexer: Error: Indexer worker disconnected, discarding 28 requests for form Jun 1 11:15:25 XXXXX dovecot: indexer-worker(form): Fatal: master: service(indexer-worker): child 9909 killed with signal 6 (core not dumped) I have 3 questions: 1) When the log says "/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent" should I be worried, or this will fix itself? 2) Should I expect to see "Error: Recent flags state corrupted for mailbox Sent"??? I ran the force-resync 3 times and I still see this message. 3) Any idea why clucene is crashing? Regards, -Joe From matthijs at stdin.nl Fri Jun 1 21:27:33 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Fri, 1 Jun 2012 20:27:33 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve Message-ID: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Hi folks, I'm setting up a dovecot server with managesieve support. I'd like to offer spamfiltering through a Sieve script to my users by default, but still allow them to modify the filtering rules through Managesieve. I found the sieve_global_path configuration option, which seems perfect for what I want. I can configure a default script there, which will work for all users until they set upload their own sieve script using managesieve. However, when configured like this, the user experience isn't quite perfect. When users open the managesieve interface on their client, there is no trace of the default filters, so users might think the spamfiltering is done in some other manner. Now, when they create a filtering rule (e.g., to sort out mail to mailing lists), that rule will overwrite the default spamfiltering rule causing all the spam to spill into the user's mailbox. I'm afraid that most users won't realize they have to manually recreate the spamfiltering rule to fix this. Also, they might not know how to write the rule, even if they do... I've considered a few existing ways to fix this: - Use sieve_before / sieve_after to make sure that the default script is always executed, in addition to any user-supplied scripts. This removes the surprise, but removes the option for users to tweak the spamfiltering rules. - Don't use sieve_global_path, but instead distribute the default script to each user's homedir on user creation. This prevents making changes to the default script for existing users and in my setup, user creation and (mail)homedir creation are nicely separated through an LDAP directory, I'd rather not go this route. - When using the Roundcube webmail application as the IMAP client, I can point Roundcube at the default sieve script. Now, when Roundcube sees there are no scripts through ManageSieve, it shows a (fake) "default" script with the correct contents. As soon as the user changes this script or creates a new script, it is actually uploaded to Dovecot, causing the edited script to be used instead of the global script. This option has the user experience I'm looking for, but having this out-of-band connection from Roundcube to the default script configured with dovecot is ugly (and tricky, since these run on different hosts in my setup). The biggest problem is of course that this only works for Roundcube, not for any other IMAP client my users might use. So, I was wondering: Wouldn't it make sense for the managesieve plugin to do something similar to roundcube: When the user has no sieve script configured, let it fake a single "default" script, showing the contents of the global script? Since the ManageSieve protocol doesn't seem to support any way to flag this situation, it would be fooling the clients a bit, but I'm not sure if that's really a problem. While the user has not script named "default" in his sieve_dir: - include a script called "default" in the LISTSCRIPTS output. - return the contents of the sieve_global_path in the GETSCRIPT "default" command. - remove any sieve symlink after a SETACTIVE "default" command (as if SETACTIVE "" was given). This causes dovecot to fall back to the sieve_global_path script. - the DELETESCRIPT "default" command should fail. This might confuse clients and users, since it is listed in LISTSCRIPTS but cannot be deleted, but I think most users will understand they can't delete the default script. - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path script into the user's sieve_dir. This will effectively copy the script instead of renaming it (since it will still be magically listed in LISTSCRIPTS), so that might be confusing. All other commands work just like they do now (in particular, PUTSCRIPT "default" uploads a script called "default" into the user's sieve_dir, preventing all of the above from applying. As noted above, this change might cause some confusion, but I think that is manageable. On additional thing is that running SETACTIVE "" will not completely disable sieve processing (as would be expected), but will (again) cause the sieve_global_path script to be run. This is already the case currently, though, and should probably be considered a separate problem (whose root cause is the lack of a difference between "no script script configured yet" and "active script disabled", both remove the sieve symlink). Also, this problem might be a feature in some setups, so fixing it might not be so easy... So, any thoughts on this? Any fundamental problems I'm missing? (Not-so) obvious alternatives? Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From p at state-of-mind.de Fri Jun 1 23:58:39 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Fri, 1 Jun 2012 22:58:39 +0200 Subject: [Dovecot] dovecot stats: useful data to gather Message-ID: <20120601205839.GG2176@state-of-mind.de> Timo, following our discussion on dovecot stats at the LinuxTag 2012 my team and I sat down and put together a list of stat items we think to be useful in daily dovecot usage. Besides pulling together all the data we also think it would be useful to have an SNMP interface to access the stats. Our offer to create and contribute a standalone web interface for dovecot stats stands. Here are the stats we believe to be useful: Login/Logout - total number login success/time - total number login failure/time - total number per authentication mechanism - total number plain sessions - total number STARTTLS sessions - total number of currently connected users (pop3/pop3s/imap/imaps/managesieve) - login names of connected users (not really stats, but great for actions regarding those uses e.g. force logout) - total number logout commands/time - total number BYE responses (autologout) Mailbox state - Inflow rate (number incoming messages/time) - Deleted rate (number \Deleted flagged messages/time) - Expunge rate (number Expunge operations/time) - total number current messages mailboxes normal storage - total number current messages mailboxes alt storage - total number read messages mailboxes normal storage - total number read messages mailboxes alt storage - per user number current messages mailboxes normal storage - per user number current messages mailboxes alt storage - per user number read messages mailboxes normal storage - per user number read messages mailboxes alt storage Mailbox Quota - total number persons under soft-quota per quota - total number persons above or equal soft-quota per quota - total number persons above or equal hard-quota per quota Performance - minimum time to write a message - maximum time to write a message - average time to write a message - minimum time to modify a message - maximum time to modify a message - average time to modify a message - minimum time to delete a message - maximum time to delete a message - average time to delete a message - minimum time search operations - maximum time search operations - average time search operations Regards, p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From ghe at slsware.com Fri Jun 1 23:26:30 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 14:26:30 -0600 Subject: [Dovecot] auth trouble Message-ID: Debian Lenny, Dovecot v 1.0.15. I'm getting a lot of what I think is a local socket asking dovecot:auth to verify username/passwords: > May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= Note the empty 'rhost='. That's why I think it's on the server. I see others that look like bots: > May 30 23:08:43 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost=200.119.139.22 And I know how to promote the latter to a firewall. But with no rhost, I'm stumped... I've read books, googled, read docs, and asked for help on other mailing lists, and I've learned a lot. And I no longer think it really has much to do with Dovecot, other than the login attempt going through it to get to PAM. But has anyone here seen this before? Is my current theory correct? What did you do to make it go away? (I suspect that upgrading to Debian Squeeze might get rid of it, but I'm afraid that if I don't figure out what's going on, it might just come back.) -- Glenn English hand-wrapped from my Apple Mail From tss at iki.fi Sat Jun 2 01:15:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 2 Jun 2012 01:15:44 +0300 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. I had thought about SNMP before also, but for the current kind of stats that are exported I couldn't think of any reasonable way to export them. > Here are the stats we believe to be useful: > > Login/Logout > - total number login success/time > - total number login failure/time .. I'll look at these later in more detail, but some important questions / design decisions: Currently stats process only remembers things after Dovecot was started. I don't think getting these kind of numbers would really work like that. Perhaps all of the statistics should be permanently dumped to disk every ~minute or so + at shutdown and loaded at startup, so the numbers would at least normally always just increase since the first time Dovecot was started? > Mailbox state > - Inflow rate (number incoming messages/time) > - Deleted rate (number \Deleted flagged messages/time) These operations/time type of things I had hoped to be able to externalize :) If stats process simply gives the raw stats, the reader could do this kind of summing up. Otherwise .. well, I guess it could maybe keep track of the current ops/ and the reader would then have to read the value about once a minute or half or something. It wouldn't give exact results though. > Performance > - minimum time to write a message > - maximum time to write a message > - average time to write a message Within last .. day? hour? minute? .. From ghe at slsware.com Sat Jun 2 01:23:16 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 16:23:16 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <41E18AC0-6F33-49C8-838B-F5F2B4132449@slsware.com> I forgot to include this config info: > # 1.0.15: /etc/dovecot/dovecot.conf > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap pop3 > ssl_listen: * > ssl_disable: yes > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > login_max_processes_count: 12 > mail_privileged_group: mail > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > pop3_uidl_format(default): > pop3_uidl_format(imap): > pop3_uidl_format(pop3): %08Xu%08Xv > auth default: > mechanisms: plain login > verbose: yes > passdb: > driver: pam > userdb: > driver: passwd > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: postfix -- Glenn English hand-wrapped from my Apple Mail From p at state-of-mind.de Sat Jun 2 07:57:32 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 2 Jun 2012 06:57:32 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120602045732.GB16571@state-of-mind.de> * Timo Sirainen : > On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > > > Besides pulling together all the data we also think it would be useful to have > > an SNMP interface to access the stats. > > I had thought about SNMP before also, but for the current kind of stats that > are exported I couldn't think of any reasonable way to export them. I am not an expert on SNMP, others in my office are, but as I understand it there's no need for Dovecot to export the data. AFAIK Dovecot would have to offer a subagent, which could be queried by a SNMP server. If we need more knowledge on SNMP I can ask my folks on the team to give some guidance. For the moment I found this: > > Here are the stats we believe to be useful: > > > > Login/Logout > > - total number login success/time > > - total number login failure/time > .. > > I'll look at these later in more detail, but some important questions / design decisions: > > Currently stats process only remembers things after Dovecot was started. I > don't think getting these kind of numbers would really work like that. > Perhaps all of the statistics should be permanently dumped to disk every > ~minute or so + at shutdown and loaded at startup, so the numbers would at > least normally always just increase since the first time Dovecot was > started? ACK. My understanding is: Statistical data are moments in time. The application provides these snapshots. It is up to other protocols (e.g. SNMP) and software (e.g. RRD) to gather and create time series and also to relate data to each other in order to come up with ratios, timelines etc. This might be a good opportunity to check out Howard's MDB database (in order to get around potential future law suits concerning BDB usage ...). > > Mailbox state > > - Inflow rate (number incoming messages/time) > > - Deleted rate (number \Deleted flagged messages/time) > > These operations/time type of things I had hoped to be able to externalize > :) If stats process simply gives the raw stats, the reader could do this > kind of summing up. Otherwise .. well, I guess it could maybe keep track of > the current ops/ and the reader would then have to read the > value about once a minute or half or something. It wouldn't give exact > results though. ACK. I'd externalize them too. So dump the /time aspect and only give raw data at moment of query. > > Performance > > - minimum time to write a message > > - maximum time to write a message > > - average time to write a message > > Within last .. day? hour? minute? .. Concerning "message write time": the time the last message had to be written. In general the stats update interval should be configurable in order to adapt it to the overall system performance. Makes no sense to bring down the server by gathering stats every nano second unless one likes self-induced DOS. ;) It would probably be a useful strategy to update internal data on every event and answer SNMP queries from memory but write the data to disc every once in a while to have them when the server restarts. Besides that I don't see a use case for sharing such data between processes such as exporting them to memcache or anything alike. Do you? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From lists at wildgooses.com Sat Jun 2 12:20:14 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:20:14 +0100 Subject: [Dovecot] interesting stats pattern In-Reply-To: <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> References: <3B402F75-31CE-47C1-8107-9F7C33D58A77@xs4all.nl> <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> Message-ID: <4FC9DACE.3010909@wildgooses.com> On 29/05/2012 19:13, Timo Sirainen wrote: > On 29.5.2012, at 21.03, Cor Bosman wrote: > >> es, I am getting a list of sessions/users every 5 minutes through cron. Im already using "doveadm stats dump session/user connected" > Actually that's not really correct behavior either, since it ignores all the connections that happened during the 5 minutes if they don't exist at the time when you're asking for them. I'm not sure what the most correct way to do this kind of a graph would be :) I muttered about some ideas for enhanced login/logout tracking some months back. Perhaps this would be another example of a motivation to use it for something? Could either the login scripting or a plugin be used to build this type of login tracking? (My goal is to eventually do per user "are you logged in" tracking) Just a thought Ed W From lists at wildgooses.com Sat Jun 2 12:23:50 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:23:50 +0100 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC649FC.2010703@mssl.ucl.ac.uk> References: <4FC649FC.2010703@mssl.ucl.ac.uk> Message-ID: <4FC9DBA6.80601@wildgooses.com> On 30/05/2012 17:25, Alan Brown wrote: >> Is any problem with epoll on 3.2.x kernels? > > Yes - and it's been discussed here. > > Some "bright spark" rewrote the kernel epoll code to prevent DoS > attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? Can't find it immediately in the list? Cheers Ed W From lists at wildgooses.com Sat Jun 2 12:53:36 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:53:36 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <1337013487.4384.58.camel@innu> References: <1337013487.4384.58.camel@innu> Message-ID: <4FC9E2A0.9070905@wildgooses.com> On 14/05/2012 17:38, Timo Sirainen wrote: > On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> I have seen some emails servers that if I send a email to other >> person I can see if that person have read our emails and with a option >> to delete the email if the person hasn't read our email. >> >> Does dovecot have some like this feature? > This doesn't really work with IMAP/POP3 protocols. It requires Exchange > or something else. > > What would be possible is to check if a user has _downloaded_ your > message, but many clients download messages immediately when they arrive > so it might not be very useful. And in any case Dovecot has no such > feature. Just to register interest, but at some point I will need to consider writing a plugin or similar to achieve exactly this. Situation is that several of our competitors offer such a feature, ie known pool of users on dialup or intermittently connected systems, provide an alert back to the sender when your email has been "accessed/downloaded" by the remote user. Personally I don't think it's a great feature and my competitor's implementations often cause mail loops and other nasties. However, bottom line is that you can't win the bid if you can't offer the feature... Feels like a plugin rather than core functionality, but would be cool if someone wanted to produce something... Cheers Ed W From h.reindl at thelounge.net Sat Jun 2 13:02:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 02 Jun 2012 12:02:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FC9E4CF.9070108@thelounge.net> Am 02.06.2012 11:53, schrieb Ed W: > On 14/05/2012 17:38, Timo Sirainen wrote: >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: >> >>> I have seen some emails servers that if I send a email to other >>> person I can see if that person have read our emails and with a option >>> to delete the email if the person hasn't read our email. >>> >>> Does dovecot have some like this feature? >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange >> or something else. >> >> What would be possible is to check if a user has _downloaded_ your >> message, but many clients download messages immediately when they arrive >> so it might not be very useful. And in any case Dovecot has no such >> feature. > > Situation is that several of our competitors offer such a feature others doing something stupid is not a good argument > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. you realize that this is only possible if the RCPT is on your own server and not remote mails? > Personally I don't think it's a great feature and my competitor's implementations > often cause mail loops and other nasties which should be enough for argumentation why such things are making more damage as they solve problems and they are only working for non-relay mails > However, bottom line is that you can't win the bid if you can't offer the feature... surely YOU can win, you must learn to sell quality and explain why you are not doing anything someone wishes if you are sure that it is a bd idea why would i want a customer which enforces me to impelement a solution where i am sure that it is stupid - if he does not understand my argumentation he better is not my customer -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Sat Jun 2 13:32:28 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 02 Jun 2012 06:32:28 -0400 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC9DBA6.80601@wildgooses.com> References: <4FC649FC.2010703@mssl.ucl.ac.uk> <4FC9DBA6.80601@wildgooses.com> Message-ID: <4FC9EBBC.4060207@Media-Brokers.com> On 2012-06-02 5:23 AM, Ed W wrote: > On 30/05/2012 17:25, Alan Brown wrote: >>> Is any problem with epoll on 3.2.x kernels? >> >> Yes - and it's been discussed here. >> >> Some "bright spark" rewrote the kernel epoll code to prevent DoS >> attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? > Can't find it immediately in the list? http://dovecot.org/list/dovecot/2012-February/064004.html -- Best regards, Charles From anmeyer at anup.de Sat Jun 2 14:43:45 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 13:43:45 +0200 Subject: [Dovecot] sieve with dovecot v1.x Message-ID: <20120602134345.022f4473@itx.bitcorner.intern> Hello! Is there a chance to have sieve working with dovecot version 1.0.5? /usr/lib/dovecot looks like this: -rwxr-xr-x 1 root root 43932 22. Sep 2007 checkpassword-reply -rwxr-xr-x 1 root root 538996 22. Sep 2007 deliver -rwxr-xr-x 1 root root 127728 22. Sep 2007 dict -rwxr-xr-x 1 root root 270248 22. Sep 2007 dovecot-auth -rwxr-xr-x 1 root root 43952 22. Sep 2007 gdbhelper -rwxr-xr-x 1 root root 48080 22. Sep 2007 idxview -rwxr-xr-x 1 root root 596364 22. Sep 2007 imap -rwxr-xr-x 1 root root 135912 22. Sep 2007 imap-login -rwxr-xr-x 1 root root 43952 22. Sep 2007 logview drwxr-xr-x 5 root root 4096 23. Dez 2008 modules -rwxr-xr-x 1 root root 529512 22. Sep 2007 pop3 -rwxr-xr-x 1 root root 127660 22. Sep 2007 pop3-login -rwxr-xr-x 1 root root 69056 22. Sep 2007 rawlog -rwxr-xr-x 1 root root 134748 22. Sep 2007 sievec -rwxr-xr-x 1 root root 68748 22. Sep 2007 sieved -rwxr-xr-x 1 root root 44116 22. Sep 2007 ssl-build-param so there is a sievec and a sieved, but in the dovecot.conf there is no mention about sieve. I would compile the latest version of dovecot if I knew, how the running 1.0.5 was built. I need it for an openSUSE 10.3 Kind regards Andreas From stephan at rename-it.nl Sat Jun 2 14:51:50 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 13:51:50 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602134345.022f4473@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> Message-ID: <4FC9FE56.10701@rename-it.nl> On 6/2/2012 1:43 PM, Andreas Meyer wrote: > Hello! > > Is there a chance to have sieve working with dovecot version 1.0.5? Yes, the old CMUSieve plugin should work for that. By the looks of it, it is already installed, so you'll only need to configure it: http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Regards, Stephan. From anmeyer at anup.de Sat Jun 2 15:22:55 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 14:22:55 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FC9FE56.10701@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> Message-ID: <20120602142255.2486c724@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > On 6/2/2012 1:43 PM, Andreas Meyer wrote: > > Hello! > > > > Is there a chance to have sieve working with dovecot version 1.0.5? > > Yes, the old CMUSieve plugin should work for that. By the looks of it, > it is already installed, so you'll only need to configure it: > > http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Ok, I have done that. How can I know, if sieve now works with dovecot? When I login with roundcube, in the settings I have a "Filter-Tab" but when I click on it it says "not possible to connect to server" or somesuch. > Regards, > > Stephan. Andreas From stephan at rename-it.nl Sat Jun 2 15:33:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:33:05 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120601182659.GA19340@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Message-ID: <4FCA0801.9040409@rename-it.nl> Hi Matthijs, On 6/1/2012 8:27 PM, Matthijs Kooijman wrote: > I'm setting up a dovecot server with managesieve support. I'd like to > offer spamfiltering through a Sieve script to my users by default, > but still allow them to modify the filtering rules through Managesieve. > > I found the sieve_global_path configuration option, which seems perfect > for what I want. I can configure a default script there, which will work > for all users until they set upload their own sieve script using > managesieve. > > However, when configured like this, the user experience isn't quite > perfect. When users open the managesieve interface on their client, > there is no trace of the default filters, so users might think the > spamfiltering is done in some other manner. Now, when they create a > filtering rule (e.g., to sort out mail to mailing lists), that rule will > overwrite the default spamfiltering rule causing all the spam to spill > into the user's mailbox. I'm afraid that most users won't realize they > have to manually recreate the spamfiltering rule to fix this. Also, they > might not know how to write the rule, even if they do... You asked this one on IRC a while back right? > I've considered a few existing ways to fix this: > - Use sieve_before / sieve_after to make sure that the default script > is always executed, in addition to any user-supplied scripts. This > removes the surprise, but removes the option for users to tweak the > spamfiltering rules. Right. > - Don't use sieve_global_path, but instead distribute the default > script to each user's homedir on user creation. This prevents making > changes to the default script for existing users and in my setup, > user creation and (mail)homedir creation are nicely separated through > an LDAP directory, I'd rather not go this route. Well, we could achieve something that looks very similar from the outside: we could do some sort of copy-on-write scheme in which users see the default script as the active one, until they first modify their Sieve configuration through ManageSieve. Once they modify their default script, they'll get their own copy. If they activate a script different from the default and then later decide to deactivate it, their default will not return as the (implicit) active one. This would be very different from the current global default script behavior. It is more like an initial placeholder and template, than something that is always active when the user has no active script of its own. > - When using the Roundcube webmail application as the IMAP client, I > can point Roundcube at the default sieve script. Now, when Roundcube > sees there are no scripts through ManageSieve, it shows a (fake) > "default" script with the correct contents. As soon as the user > changes this script or creates a new script, it is actually uploaded > to Dovecot, causing the edited script to be used instead of the > global script > > This option has the user experience I'm looking for, but having this > out-of-band connection from Roundcube to the default script > configured with dovecot is ugly (and tricky, since these run on > different hosts in my setup). The biggest problem is of course that > this only works for Roundcube, not for any other IMAP client my users > might use. Agreed, this is ugly since it uses a side-channel. Client dependence is also very bad. > So, I was wondering: Wouldn't it make sense for the managesieve plugin > to do something similar to roundcube: When the user has no sieve script > configured, let it fake a single "default" script, showing the contents > of the global script? > > Since the ManageSieve protocol doesn't seem to support any way to flag > this situation, it would be fooling the clients a bit, but I'm not sure > if that's really a problem. > > While the user has not script named "default" in his sieve_dir: > - include a script called "default" in the LISTSCRIPTS output. > - return the contents of the sieve_global_path in the GETSCRIPT > "default" command. > - remove any sieve symlink after a SETACTIVE "default" command (as if > SETACTIVE "" was given). This causes dovecot to fall back to the > sieve_global_path script. > - the DELETESCRIPT "default" command should fail. This might confuse > clients and users, since it is listed in LISTSCRIPTS but cannot be > deleted, but I think most users will understand they can't delete the > default script. > - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path > script into the user's sieve_dir. This will effectively copy the > script instead of renaming it (since it will still be magically > listed in LISTSCRIPTS), so that might be confusing. > > All other commands work just like they do now (in particular, > PUTSCRIPT "default" uploads a script called "default" into the user's > sieve_dir, preventing all of the above from applying. This looks sensible. The only thing that may be an issue is the DELETESCRIPT "default" situation you describe above, but I'm confident most - if not all clients - will handle that gracefully. > As noted above, this change might cause some confusion, but I think that > is manageable. On additional thing is that running SETACTIVE "" will not > completely disable sieve processing (as would be expected), but will > (again) cause the sieve_global_path script to be run. This is already > the case currently, though, and should probably be considered a separate > problem (whose root cause is the lack of a difference between "no script > script configured yet" and "active script disabled", both remove the > sieve symlink). Also, this problem might be a feature in some setups, so > fixing it might not be so easy... The copy-on-write scheme I describe above may solve this, as it remembers (somehow) the status of the account: either an untouched/unconfigured account or an account with no active scripts. This behavior could be combined with the solution you describe above. > Any fundamental problems I'm missing? (Not-so) obvious alternatives? None that I see right now. In my last release of Pigeonhole I added support for putting scripts inside a dict database (or any other storage facility once implemented). Support for ManageSieve accessing such alternative data stores is lacking still, but, once I implement that, I also intend to address the issue you describe here. I'm probably going to structure it very similar to Dovecot's own mail storage library, meaning that plugins can override certain aspects of the storage's behavior. This should allow for all kinds of magic in the script storage, including what you describe above. As always, such big changes will take some time... Regards, Stephan. From stephan at rename-it.nl Sat Jun 2 15:40:18 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:40:18 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602142255.2486c724@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> Message-ID: <4FCA09B2.9070900@rename-it.nl> On 6/2/2012 2:22 PM, Andreas Meyer wrote: > Ok, I have done that. How can I know, if sieve now works with dovecot? > When I login with roundcube, in the settings I have a "Filter-Tab" but > when I click on it it says "not possible to connect to server" or > somesuch. Oh, you didn't mention using RoundCube earlier. That implies the need of ManageSieve. You'll need to configure the following as well: http://wiki1.dovecot.org/ManageSieve Your earlier directory listing indicates that it is not installed on your system; the managesieve and managesieve-login binaries would be located there if it were. Check whether that version of opensuse has a package for dovecot-managesieve or compile it yourself if it is missing. If that is difficult, the following could be an alternative: http://www.gitorious.net/pysieved/pages/Home Regards, Stephan. From anmeyer at anup.de Sat Jun 2 16:50:22 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 15:50:22 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FCA09B2.9070900@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> Message-ID: <20120602155022.46d523f8@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > Oh, you didn't mention using RoundCube earlier. That implies the need of > ManageSieve. You'll need to configure the following as well: > > http://wiki1.dovecot.org/ManageSieve > > Your earlier directory listing indicates that it is not installed on > your system; the managesieve and managesieve-login binaries would be > located there if it were. Check whether that version of opensuse has a > package for dovecot-managesieve or compile it yourself if it is missing. > If that is difficult, the following could be an alternative: > > http://www.gitorious.net/pysieved/pages/Home I think pysieved is the only chance I have. I have installed it and activated by xinetd. But now I have the problem that the dovecot.conf says: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } and the install howto of pysieved says: auth default { socket listen { client { path = /var/run/dovecot/auth-client mode = 0666 } } } pysieved.ini : [Dovecot] mux = /var/run/dovecot/auth-client what can I do now? > > Regards, > > Stephan. Andreas From el07694 at mail.ntua.gr Sat Jun 2 17:52:05 2012 From: el07694 at mail.ntua.gr (el07694) Date: Sat, 02 Jun 2012 17:52:05 +0300 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp Message-ID: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Hi to all, I have tryed a few days to configure postfix/dovecot to run into a VPS machine (CentOs) -->The machine has 2 domains (but more in the future) -->i want info at mail.domain1.com and info at mail.domain2.com to be seperated mailboxes -->i want to use lmtp protocol to connect dovecot with postfix -->It will be perfect if i can use the system users for authentication I /etc/postfix/main.cf file looks like this smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 masquerade_domains = mail.going-on.com mail.commundi.de masquerade_exceptions = root, papinhio relocated_maps = hash:/etc/postfix/relocated smtpd_client_restrictions = check_client_access hash:/etc/postfix/access virtual_mailbox_domains = mail.going-on.com mail.commundi.de virtual_mailbox_base = /var/spool/virtual_hosts virtual_mailbox_maps = hash:/etc/postfix/virtual virtual_uid_maps = static:0 virtual_gid_maps = static:0 mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" dovecot_destination_recipient_limit = 1 mailbox_transport = lmtp:unix:private/dovecot-lmtp /etc/postfix/relocated file has only comments the same for /etc/postfix/access file i have made /var/spool/virtual_hosts folder with chmod 777 inside this folder i have made mail.going-on.com folder and mail.commundi.de folder cat /etc/postfix/virtual produce this: papinhio at mail.going-on.com mail.going-on.com/papinhio papinhio is a system_user!! uid,gid = 0 (the root user) master.cf file # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/virtual pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient dovecot unix - n n - - pipe flags=DRhu user=root:root argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} Ok, the /etc/dovecot/dovecot.conf file looks like this: !include conf.d/*.conf !include_try local.conf protocols = imap lmtp service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } protocol lmtp { mail_plugins = quota sieve } mail_location = mbox:/var/spool/virtual_hosts/%d/%n Both of the services can start this no errors/warnings I can send mail from bash with this command : /bin/mail -s "Hello" "el07694 at mail.ntua.gr" < /etc/dovecot/dovecot.conf Can anyone help me, plz? I don't know what i do wrong Thanks in advance, Chris Pappas From christian.rohmann at frittentheke.de Sat Jun 2 17:57:50 2012 From: christian.rohmann at frittentheke.de (Christian Rohmann) Date: Sat, 02 Jun 2012 16:57:50 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <4FCA29EE.80206@frittentheke.de> On 01.06.2012 22:58, Patrick Ben Koetter wrote: > [...] I sat down and put together a list of stat items we think to be useful in daily > dovecot usage. Quite a list. But I believe most of those values are quite useful and I would also love to see such a rich set of measurements being available. > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. Yes, I second that. Otherwise quite a few installation will just hook the dovecot commands to netsnmp handlers, which is not a pretty solution. Maybe dovecot could also do the SNMP for statistics that plugins provide? I'm thinking managesieve access, sieve processing or expire here. Regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4076 bytes Desc: S/MIME Cryptographic Signature URL: From arne at drlinux.no Sat Jun 2 18:33:32 2012 From: arne at drlinux.no (Arne K. Haaje) Date: Sat, 02 Jun 2012 17:33:32 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602155022.46d523f8@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> <20120602155022.46d523f8@itx.bitcorner.intern> Message-ID: <4FCA324C.4070201@drlinux.no> Den 02.06.2012 15:50, skrev Andreas Meyer: [snip] > > what can I do now? > >> >> Regards, >> >> Stephan. > > Andreas You also need to tell roundcube which port to connect to managesieve with. Depending on which plugin you use for roundcube, find it's config-file and loook for an option like this; $rcmail_config['managesieve_port'] = 4190; With such an old verion, it may be that your port is 2000. Regards, Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From me at junc.org Sun Jun 3 01:12:40 2012 From: me at junc.org (Benny Pedersen) Date: Sun, 03 Jun 2012 00:12:40 +0200 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp In-Reply-To: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> References: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Message-ID: Den 2012-06-02 16:52, el07694 skrev: > virtual_uid_maps = static:0 > virtual_gid_maps = static:0 dont do this > uid,gid = 0 (the root user) root user cant read email > dovecot unix - n n - - pipe > flags=DRhu user=root:root > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d > ${recipient} dont use root:root http://wiki2.dovecot.org/LDA/Postfix show postfix/dovecot logs for more help From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 02:53:12 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 01:53:12 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120602235311.GA10756@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > [...] what isn't in v2.0 is the larger rewrite of the LMTP > proxying code in v2.1, which I hope fixes also this timeout problem. This Friday I did about 50 "sendmail -bv" commands in a loop to check some postfix aliases, which resulted in a lot of mails to the postmaster alias (which is distributed to about 10 people). The result was about 11 bounces of the following type: ##################################################################### Return-Path: <> Received: from mail01.example.org ([10.129.3.233]) by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA ; Fri, 01 Jun 2012 14:15:49 +0200 Return-Path: <> Received: from mx01.example.org ([127.0.0.1]) by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA ; Fri, 01 Jun 2012 14:15:49 +0200 RSET RSET ##################################################################### At the same time, the dovecot lmtp timeout errors occurred and not all "sendmail -bv" mails got delivered. Seems like a serious error and I will need to consider upgrading to 2.1 if the bug cannot get fixed in 2.0. Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:10:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:10:49 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120603001049.GA10970@daniel.localdomain> Patrick Ben Koetter wrote: > following our discussion on dovecot stats at the LinuxTag 2012 my team and I > sat down and put together a list of stat items we think to be useful in daily > dovecot usage. > > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. This should be done via SNMP subagent, but how could you differentiate different dovecot instances on the same machine, different snmp ports for the subagent, or different snmp trees? > Here are the stats we believe to be useful: > [...] Here are the stats which I also consider to be useful: Login/Logout: - Hits/Misses for Logins via userdb cache System resources: - detailed memory usage of dovecot services (imap, worker, userdb cache) - dovecot connections to mysql database - dovecot connections to ldap - director connections vs. backend connections Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:18:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:18:18 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603001817.GB10970@daniel.localdomain> Here are some additional errors from the logs: # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fa0d849c7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fa0d849c816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fa0d8475e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7fa0d84a8224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7fa0d84a8e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7fa0d84a7e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa0d8495d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7fa0d7cf1c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f18ec25b7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f18ec25b816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f18ec234e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f18ec267224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18ec267e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18ec266e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18ec254d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f18ebab0c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f97f07fe7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f97f07fe816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f97f07d7e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f97f080a224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f97f080ae3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f97f0809e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f97f07f7d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f97f0053c4d] -> dovecot/lmtp() [0x404339] Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:37:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:37:09 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603003709.GA11672@daniel.localdomain> Daniel Parthey wrote: > This Friday I did about 50 "sendmail -bv" commands in a loop to > check some postfix aliases, which resulted in a lot of mails to > the postmaster alias (which is distributed to about 10 people). > > The result was about 11 bounces > > ##################################################################### > Return-Path: <> > Received: from mail01.example.org ([10.129.3.233]) > by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA > ; Fri, 01 Jun 2012 14:15:49 +0200 > Return-Path: <> > Received: from mx01.example.org ([127.0.0.1]) > by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA > ; Fri, 01 Jun 2012 14:15:49 +0200 > RSET > RSET > ##################################################################### > > At the same time, the dovecot lmtp timeout errors occurred and > not all "sendmail -bv" mails got delivered. Here's the backtrace which might be related to the bounces/timeout errors: Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Transaction log /mail/dovecot/example.de/username/mail/mailboxes/INBOX/postmaster/dbox-Mails/dovecot.index.log: duplicate transaction log sequence (31) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Panic: file mail-transaction-log-file.c: line 187 (mail_transaction_log_file_add_to_list): assertion failed: ((*p)->hdr.file_seq < file->hdr.file_seq) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fbf514427ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fbf51442816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fbf5141be4a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9e0aa) [0x7fbf5192e0aa] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x1f8) [0x7fbf5192e328] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9b363) [0x7fbf5192b363] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_find_file+0x3f) [0x7fbf5192b81f] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_view_set+0xcb) [0x7fbf5192fe3b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0xbe) [0x7fbf5192713e] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_map+0x86) [0x7fbf51918976] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_refresh+0xe) [0x7fbf5191322e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x80a65) [0x7fbf51910a65] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_field_want_add+0x20) [0x7fbf51910c00] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header_init+0x198) [0x7fbf518d0d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_cache_parse_init+0x68) [0x7fbf518d11d8] -> /usr/lib/dovecot/libdovecot-storage.so.0(dbox_save_begin+0x68) [0x7fbf518eaf38] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_save_begin+0x85) [0x7fbf518e4b45] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb827) [0x7fbf5064a827] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_save_begin+0x46) [0x7fbf518ba0d6] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_copy+0xa8) [0x7fbf518b45e8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_copy+0x44) [0x7fbf518e4694] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb630) [0x7fbf5064a630] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5a) [0x7fbf518ba03a] -> /usr/lib/dovecot/libdovecot-sieve.so.0(+0x33293) [0x7fbf501f Jun 1 14:16:16 10.129.3.233 dovecot: master: Error: service(lmtp): child 12093 killed with signal 6 (core dumps disabled) Regards Daniel From brett.maxfield at gmail.com Sun Jun 3 05:15:59 2012 From: brett.maxfield at gmail.com (Brett @Google) Date: Sun, 3 Jun 2012 12:15:59 +1000 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E4CF.9070108@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FC9E4CF.9070108@thelounge.net> Message-ID: On Sat, Jun 2, 2012 at 8:02 PM, Reindl Harald wrote: > > Am 02.06.2012 11:53, schrieb Ed W: > > On 14/05/2012 17:38, Timo Sirainen wrote: > >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> > >>> I have seen some emails servers that if I send a email to other > >>> person I can see if that person have read our emails and with a option > >>> to delete the email if the person hasn't read our email. > >>> > >>> Does dovecot have some like this feature? > >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange > >> or something else. > >> > >> What would be possible is to check if a user has _downloaded_ your > >> message, but many clients download messages immediately when they arrive > >> so it might not be very useful. And in any case Dovecot has no such > >> feature. > As general thoughts.. This sounds more like a workgroup collaboration functionality. It assumes that users in said workgroup all use the same outlook server (or they are in an equivalent security domain or trust). Outlook only lets you retract an email if the user is on the same outlook server, and it has not been read/downloaded?. If the user is a different email server or the mail has been read/downloaded?, the retract will always fail. So it would be no different in for dovecot. If the mail to be retracted was on the local mailer spool then in theory it could be removed.. but it is basically allowing a third party to delete things out of some other user's mail spool, with the precondition that they sent the original email AND the mail has not been read (downloaded) from the dovecot server. This would mean that dovecot would need to somehow securely tag when an email is authorized and delivered by dovecot, say from a the postfix lda, such that it could later match up a subsequent request to retract said email, to the user that sent it. Outlook is more like IMAP than POP, in that mail stays on the server but is locally cached / downloaded. Outlook can do this as it is both a mail sending agent and a mail receiving agent, it unambiguously knows when a mail comes from an authenticated user, and that it is a locally destined mail. Dovecot may or may not be responsible for putting a mail from a user into the mail spool (in some configurations postfix/sendmail can do this) so it cannot absolutely relate who sent the email, to who wants to retract it. So for this even to be possible, retractable messages would need be present, and dovecot to unambiguously be able to relate an email received by dovecot with it's original sender, which seems unlikely. Even then there is a question of how you would provide the request for deletion for dovecot to perform. This implies that there would be a new command to POP/IMAP to trigger and authorize such a retraction also. Then this new command would need to be standards-track so mail user agents would know a server has such a feature to call it. Sounds very difficult. I think outlook sends a specially crafted email, i doubt it is standards track as it is all happening within the same application in the case out outlook. Cheers Brett -- *The only thing that interferes with my learning is my education.* * Albert Einstein* From dovecot at tlinx.org Sun Jun 3 11:06:18 2012 From: dovecot at tlinx.org (Linda Walsh) Date: Sun, 03 Jun 2012 01:06:18 -0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FCB1AFA.3040200@tlinx.org> Ed W wrote: > > Just to register interest, but at some point I will need to consider > writing a plugin or similar to achieve exactly this. > > Situation is that several of our competitors offer such a feature, ie > known pool of users on dialup or intermittently connected systems, > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. --- My dentist used a service that claimed to provide a read-notification. It was just an embedded web-bug in the email that I could choose to display or not ... if the client doesn't want to cooperate, you can't tell when the person read it. All you could do is tell when a client downloaded it from dovecot...which doesn't say much for clients that are left on 24/7... From lists at wildgooses.com Sun Jun 3 11:43:43 2012 From: lists at wildgooses.com (Ed W) Date: Sun, 03 Jun 2012 09:43:43 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB1AFA.3040200@tlinx.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> Message-ID: <4FCB23BF.20300@wildgooses.com> On 03/06/2012 09:06, Linda Walsh wrote: > Ed W wrote: >> >> Just to register interest, but at some point I will need to consider >> writing a plugin or similar to achieve exactly this. >> >> Situation is that several of our competitors offer such a feature, ie >> known pool of users on dialup or intermittently connected systems, >> provide an alert back to the sender when your email has been >> "accessed/downloaded" by the remote user. > --- > My dentist used a service that claimed to provide a read-notification. > > It was just an embedded web-bug in the email that I could choose to > display or not ... if the client doesn't want to cooperate, you can't > tell when the person read it. All you could do is tell when a client > downloaded it from dovecot...which doesn't say much for clients that > are left on 24/7... > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for providing them service then I have to give it to them if I want the business. The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly can't trigger web bugs to trigger read receipts. Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the customer demands it, and at present that prevents me bidding for certain types of business... Basically the customer just wants to repro what they got with Exchange Cheers for ideas though! Ed W From h.reindl at thelounge.net Sun Jun 3 12:49:08 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 11:49:08 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3314.8030008@thelounge.net> Am 03.06.2012 10:43, schrieb Ed W: > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the > person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for > providing them service then I have to give it to them if I want the business. > > The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly > can't trigger web bugs to trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the > customer demands it, and at present that prevents me bidding for certain types of business... Basically the > customer just wants to repro what they got with Exchange kiss him goodbye with exchange what do you expect? only some idiots are using such "features" even if you find a opensource solution yiu can imagine how well tested it would be and how many troubles you will have after the setup "if I want the business" -> do you need this business to survive? if no -> kiss him goodbye, if yes -> i doubt you will not survive -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 12:50:48 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 11:50:48 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3378.3060402@schetterer.org> Am 03.06.2012 10:43, schrieb Ed W: > On 03/06/2012 09:06, Linda Walsh wrote: >> Ed W wrote: >>> >>> Just to register interest, but at some point I will need to consider >>> writing a plugin or similar to achieve exactly this. >>> >>> Situation is that several of our competitors offer such a feature, ie >>> known pool of users on dialup or intermittently connected systems, >>> provide an alert back to the sender when your email has been >>> "accessed/downloaded" by the remote user. >> --- >> My dentist used a service that claimed to provide a read-notification. >> >> It was just an embedded web-bug in the email that I could choose to >> display or not ... if the client doesn't want to cooperate, you can't >> tell when the person read it. All you could do is tell when a client >> downloaded it from dovecot...which doesn't say much for clients that >> are left on 24/7... >> > > Please folks - don't argue with me - I'm the wrong person! The > recipient who is receiving these emails, ie the person being "bugged" is > demanding that they are "buggable". If they demand it and it's a > requirement for providing them service then I have to give it to them if > I want the business. > > The users are on satellite dialup and barely have enough bandwidth to > download a few KB of emails, they certainly can't trigger web bugs to > trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange > > Cheers for ideas though! > > Ed W Hi Ed, you can have dsn http://www.postfix.org/DSN_README.html you can have mdn http://en.wikipedia.org/wiki/Return_receipt so this is internet (smtp ) standards and has nearly nothing to do with imap/dovecot also whatever solution you use there is no way to find out if a user has read a mail unless you asked him in person ( and then you might find out if the recipient has understood what he had read *g) the maximum you may reach is get notice if a mail has tec side reached the recipient, the user must not accept your wish to notice you if he opens the mail ( which also would not mean he has read the mail ) this is with internet mail, by intranet mail systems ( which means the recipient is on the same mail system and storage) typical for company mail sites with exchange and/or notes etc you have a dediacted client i.e outlook for exchange , so here its possible to implement inside actions whatever tec of this system is able to do. But as soon as you mail to internet, this features may get useless , cause you never know what tec is used on the recipient side so nobody may invest time in create useless internet standards however youre free to code or pay someone to code for you what you want specially for your wanted feature. But i see no real relate to dovecot, cause mail is recent sent via smtp Dont compare mail systems this way, they are totally different however they do imap/pop3/smtp specially with echange some stuff will only work with outlook and active directory -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Sun Jun 3 16:46:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 03 Jun 2012 09:46:15 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB6AA7.4050200@Media-Brokers.com> On 2012-06-03 4:43 AM, Ed W wrote: > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, and if it does, it requires the explicit cooperation of the other systems admin). Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as you are beginning to see... -- Best regards, Charles From michael at orlitzky.com Sun Jun 3 17:24:53 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 10:24:53 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB73B5.9020807@orlitzky.com> On 06/03/12 04:43, Ed W wrote: > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange I for one think the plugin is a good idea. I think read receipts are dumb, of course. But if the customer won't be persuaded, I would rather have them give their money to you than to the guy who thinks they're a great solution. Plus, it will make Dovecot a little bit better as a side effect. From robert at schetterer.org Sun Jun 3 19:06:45 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 18:06:45 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB73B5.9020807@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> Message-ID: <4FCB8B95.3000301@schetterer.org> Am 03.06.2012 16:24, schrieb Michael Orlitzky: > On 06/03/12 04:43, Ed W wrote: >> >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > > I for one think the plugin is a good idea. what the hell , should the plugin do and how ? there is smtp dsn, nothing more makes sense looking to the thread subject , you need to have new internet standard called "braindump over tcp" this doesnt exist on exchange too mail is smtp, dovecot is no smtp server > > I think read receipts are dumb, of course. But if the customer won't be > persuaded, I would rather have them give their money to you than to the > guy who thinks they're a great solution. > > Plus, it will make Dovecot a little bit better as a side effect. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From michael at orlitzky.com Sun Jun 3 20:21:56 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 13:21:56 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB8B95.3000301@schetterer.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> Message-ID: <4FCB9D34.7060902@orlitzky.com> On 06/03/12 12:06, Robert Schetterer wrote: > Am 03.06.2012 16:24, schrieb Michael Orlitzky: >> >> I for one think the plugin is a good idea. > > what the hell , should the plugin do and how ? > there is smtp dsn, nothing more makes sense > > looking to the thread subject , you need to have new internet standard > called > > "braindump over tcp" > > this doesnt exist on exchange too > > mail is smtp, dovecot is no smtp server > You could trigger on the 'seen' flag, and Dovecot is more than capable of generating messages, especially to mailboxes under its control (see: sieve). But... who cares? The worst possible thing that can happen is that he writes it and makes his customers happy and you pretend it doesn't exist. From h.reindl at thelounge.net Sun Jun 3 20:26:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 19:26:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9D34.7060902@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> Message-ID: <4FCB9E5F.9010709@thelounge.net> Am 03.06.2012 19:21, schrieb Michael Orlitzky: > On 06/03/12 12:06, Robert Schetterer wrote: >> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>> >>> I for one think the plugin is a good idea. >> >> what the hell , should the plugin do and how ? >> there is smtp dsn, nothing more makes sense >> >> looking to the thread subject , you need to have new internet standard >> called >> >> "braindump over tcp" >> >> this doesnt exist on exchange too >> >> mail is smtp, dovecot is no smtp server >> > > You could trigger on the 'seen' flag, and Dovecot is more than capable > of generating messages, especially to mailboxes under its control (see: > sieve) and now tell us how you "connect" YOUR sent message over SMTP to any seen fleeg of another user? > But... who cares? people which cares about reality? > The worst possible thing that can happen is that he > writes it and makes his customers happy if it is his business make people happy with lies, ok my business is make people happy by telling them the truth -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From michael at orlitzky.com Sun Jun 3 21:11:55 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 14:11:55 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBA8EB.8020203@orlitzky.com> On 06/03/12 13:26, Reindl Harald wrote: > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > Dovecot could write directly to their mailbox. Otherwise, it could do whatever the sieve vacation plugin does. >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth I don't think he plans to lie. I think he explained the limitations and they don't care. People have different tastes. I wouldn't personally use ~100% of the things that I fix for other people. From h.reindl at thelounge.net Sun Jun 3 21:19:20 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 20:19:20 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBA8EB.8020203@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> Message-ID: <4FCBAAA8.2020107@thelounge.net> Am 03.06.2012 20:11, schrieb Michael Orlitzky: > On 06/03/12 13:26, Reindl Harald wrote: >> >> and now tell us how you "connect" YOUR sent message over SMTP >> to any seen fleeg of another user? >> > Dovecot could write directly to their mailbox. Otherwise, it could do > whatever the sieve vacation plugin does. oh yeah, explain this the customers MUA when he clicks on "sent mail" it is naive to believe some weird solution which only works as long the sune shines is useable >>> The worst possible thing that can happen is that he >>> writes it and makes his customers happy >> >> if it is his business make people happy with lies, ok >> my business is make people happy by telling them the truth > > I don't think he plans to lie. I think he explained the limitations and > they don't care. if they don't care i would refuse them as customer i saw way too often people saying "i do not care" but later "oh but you did not explain THIS result exactly" > People have different tastes. I wouldn't personally use ~100% of the > things that I fix for other people people are mostly to stupid to realize what they are trying to accomplish and why it it a bad idea this is why we professionals exist and if people refuse what you are explaining them kiss them goodbye - irt will be better for you over the long -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From jerry at seibercom.net Sun Jun 3 21:54:32 2012 From: jerry at seibercom.net (Jerry) Date: Sun, 3 Jun 2012 14:54:32 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBAAA8.2020107@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> Message-ID: <20120603145432.4229f957@scorpio> On Sun, 03 Jun 2012 20:19:20 +0200 Reindl Harald articulated: >people are mostly to stupid to realize what they >are trying to accomplish and why it it a bad idea > >this is why we professionals exist and if people >refuse what you are explaining them kiss them >goodbye - irt will be better for you over the long No offense, but considering your business attitude and disdain for potential clients and your opinion of them, it would be a far better thing if they steered clear of you all together. There are many considerate, intelligent, compassionate professionals out there who would be willing to take on the difficult client. Any "asshole" can service the routine, run of the mill, client. It takes a true professional to work with and service a difficult one. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From h.reindl at thelounge.net Sun Jun 3 22:07:47 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 21:07:47 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <20120603145432.4229f957@scorpio> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> <20120603145432.4229f957@scorpio> Message-ID: <4FCBB603.5090106@thelounge.net> Am 03.06.2012 20:54, schrieb Jerry: > On Sun, 03 Jun 2012 20:19:20 +0200 > Reindl Harald articulated: > >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far better > thing if they steered clear of you all together. by business attidue is perfectly OK i do not offer things where i know they will not work i the real world > There are many considerate, intelligent, compassionate professionals > out there who would be willing to take on the difficult client. it is not intelligent to discuss about "can we know when a user read our email?" - tis question has only one answer: no, forget it if a customer thinks he must have any half baken solution to make him happy i am fine he is the custoerm of someone which is not interested in quality at all because both are matching togehter > Any "asshole" can service the routine, run of the mill, client. > It takes a true professional to work with and service a difficult > one you need not to tell me about routine, really not i have written admin-backends for nearly all types of services including mail-backends (partly for options most people even do not know that they exist) in the last years and after that i know what is NOT possible in a acceptable service quality often it is much more important to know and realize what you CAN NOT implement in acceptable quality as what you can -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 22:13:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 21:13:21 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBB751.9070301@schetterer.org> Am 03.06.2012 19:26, schrieb Reindl Harald: > > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> >>>> I for one think the plugin is a good idea. >>> >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > >> But... who cares? > > people which cares about reality? > >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth > the maximun with multi clients which "may" be goaled is a notice , if a mail was/has seen-flagged-opened/downloaded ( pop3), as long as sender and recipient are on the same server/storage/system but seen-opened-flagged a mail is not "read the mail by the adressed human recipient" and human read a mail means not understand the content of the mail nobody grant ever that is was the adressed recipient human in person that opened the mail and did set the seen flag "seen-flagged" means opened for display as/from a tec process !!! by the way this differnce seems not to care by customers who want this feature or may think its included elsewhere i would recommand Mind melds over the wire like http://en.wikipedia.org/wiki/Vulcan_%28Star_Trek%29#Mind_melds as an ultimate solution for this problem *g -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From matthijs at stdin.nl Sun Jun 3 23:57:30 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Sun, 3 Jun 2012 22:57:30 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <4FCA0801.9040409@rename-it.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> Message-ID: <20120603205730.GY4023@login.drsnuggles.stderr.nl> Hi Stephan, > You asked this one on IRC a while back right? Yup, that was me. > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. Yeah, the copy-on-write approach is probably a good idea. A downside of the copy-on-write approach is that if you change the global script later on, it doesn't affect users that made any changes to their sieve configuration (as opposed to my proposal, where only changes to the actual "default" script would prevent this). However, I mentioning this just for completeness, since I don't really think this is much of a problem. Also, the "no sieve configured" case could be detected by the existence of a sieve_directory, perhaps? > In my last release of Pigeonhole I added support for putting scripts > inside a dict database (or any other storage facility once implemented). > Support for ManageSieve accessing such alternative data stores is > lacking still, but, once I implement that, I also intend to address the > issue you describe here. I'm probably going to structure it very similar > to Dovecot's own mail storage library, meaning that plugins can override > certain aspects of the storage's behavior. This should allow for all > kinds of magic in the script storage, including what you describe above. Would it make sense to implement such magin inside the script storage, or on top of it? The latter means the magic will work for every storage implemented, which would be an advantage? In any case, if there is some lookout onto this feature, I might configure the Roundcube plugin thing now and upgrade to a real solution at some later point. Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From stephan at rename-it.nl Mon Jun 4 01:16:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 00:16:54 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120603205730.GY4023@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> <20120603205730.GY4023@login.drsnuggles.stderr.nl> Message-ID: <4FCBE256.6040903@rename-it.nl> On 6/3/2012 10:57 PM, Matthijs Kooijman wrote: > > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. > Yeah, the copy-on-write approach is probably a good idea. > > A downside of the copy-on-write approach is that if you change the > global script later on, it doesn't affect users that made any changes to > their sieve configuration (as opposed to my proposal, where only changes > to the actual "default" script would prevent this). However, I > mentioning this just for completeness, since I don't really think this > is much of a problem. > > Also, the "no sieve configured" case could be detected by the existence > of a sieve_directory, perhaps? Something like that, yes. >> In my last release of Pigeonhole I added support for putting scripts >> inside a dict database (or any other storage facility once implemented). >> Support for ManageSieve accessing such alternative data stores is >> lacking still, but, once I implement that, I also intend to address the >> issue you describe here. I'm probably going to structure it very similar >> to Dovecot's own mail storage library, meaning that plugins can override >> certain aspects of the storage's behavior. This should allow for all >> kinds of magic in the script storage, including what you describe above. > Would it make sense to implement such magic inside the script storage, > or on top of it? The latter means the magic will work for every storage > implemented, which would be an advantage? Definitely on top. Regards, Stephan. From inbound-dovecot at listmail.innovate.net Mon Jun 4 01:20:10 2012 From: inbound-dovecot at listmail.innovate.net (Richard) Date: Sun, 03 Jun 2012 22:20:10 +0000 Subject: [Dovecot] Can we know when a user read our email? Message-ID: <708007F287205FE8EB554EB9@ritz.innovate.net> > Date: Sunday, June 03, 2012 02:54:32 PM -0400 > From: Jerry > >> On Sun, 03 Jun 2012 20:19:20 +0200 >> Reindl Harald articulated: >> >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far > better thing if they steered clear of you all together. There are > many considerate, intelligent, compassionate professionals out > there who would be willing to take on the difficult client. Any > "asshole" can service the routine, run of the mill, client. It > takes a true professional to work with and service a difficult > one. Something that seems to be missing from this discussion are considerations of privacy and (personal) security. There are fairly serious implications of a sender being able to tell that/when someone has downloaded/opened a message -- including discovery of daily patterns and potentially where the recipient is, or isn't. I think it is our responsibility to understand these issues and explain them to managers/clients in order to bring them along if we refuse (as I would) to provide a capability such as this. [I always set the sendmail "noreceipts" PrivacyOptions so it doesn't respond to these disposition requests.] One approach is to point out to managers/clients that if their system is configured to return read receipts, anyone sending mail to them on that system will be able to get these same types of receipts. When they think about that they may not like the implications and may reconsider their request. Just because it is technically possible to do something (and even if other vendors provide the capability) does not mean that it is the ethically or legally responsible thing to do. - Richard From dovecot-list at mohtex.net Mon Jun 4 04:17:20 2012 From: dovecot-list at mohtex.net (Tamsy) Date: Mon, 04 Jun 2012 08:17:20 +0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <708007F287205FE8EB554EB9@ritz.innovate.net> References: <708007F287205FE8EB554EB9@ritz.innovate.net> Message-ID: <4FCC0CA0.6000003@mohtex.net> Richard wrote the following on 04.06.2012 05:20: > >> Date: Sunday, June 03, 2012 02:54:32 PM -0400 >> From: Jerry >> >>> On Sun, 03 Jun 2012 20:19:20 +0200 >>> Reindl Harald articulated: >>> >>> people are mostly to stupid to realize what they >>> are trying to accomplish and why it it a bad idea >>> >>> this is why we professionals exist and if people >>> refuse what you are explaining them kiss them >>> goodbye - irt will be better for you over the long >> No offense, but considering your business attitude and disdain for >> potential clients and your opinion of them, it would be a far >> better thing if they steered clear of you all together. There are >> many considerate, intelligent, compassionate professionals out >> there who would be willing to take on the difficult client. Any >> "asshole" can service the routine, run of the mill, client. It >> takes a true professional to work with and service a difficult >> one. > Something that seems to be missing from this discussion are > considerations of privacy and (personal) security. There are fairly > serious implications of a sender being able to tell that/when > someone has downloaded/opened a message -- including discovery of > daily patterns and potentially where the recipient is, or isn't. > > I think it is our responsibility to understand these issues and > explain them to managers/clients in order to bring them along if we > refuse (as I would) to provide a capability such as this. [I always > set the sendmail "noreceipts" PrivacyOptions so it doesn't respond > to these disposition requests.] > > One approach is to point out to managers/clients that if their > system is configured to return read receipts, anyone sending mail to > them on that system will be able to get these same types of > receipts. When they think about that they may not like the > implications and may reconsider their request. > > Just because it is technically possible to do something (and even if > other vendors provide the capability) does not mean that it is the > ethically or legally responsible thing to do. > > > - Richard > > I totally agree with Richard's point of few. I would consider it as intrusive and even intimidating if the sender of an E-Mail can monitor whether and when I open/read his mail. Just imagine this would happen with the good old hard printed mail the postman put into the mailbox at our door: As soon as we open the envelope and unfold the letter a microchip sends a note to the sender that his letter has been opened and read. I can already see the public outcry if something like this would happen some day... If somebody sends me a mail, it is up to me whether I want to open and read its content or whether I just want to bin it without having opened it. This is my right since the moment that mail has reached my mailbox, no matter whether it is a hardcopy mail or an E-Mail, it belongs to me and I can do with it whatever I like without letting the sender know how it has finally ended. From jeetuindian at gmail.com Mon Jun 4 13:20:06 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 4 Jun 2012 15:50:06 +0530 Subject: [Dovecot] Frequently login problem Message-ID: Hi, I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few days I need to restart or reload dovecot service because at that time users are not able to login. Each time I am getting information from doveco.log is as : Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 of existing connection Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From joshua at hybrid.pl Mon Jun 4 14:44:11 2012 From: joshua at hybrid.pl (Jacek Osiecki) Date: Mon, 4 Jun 2012 13:44:11 +0200 (CEST) Subject: [Dovecot] Vacation stopped working Message-ID: Hi, I'm sure that it WAS working, but I can't guarantee... On a system with dovecot 2.0.16 and dovecot-pigeonhole-2.0_0.2.5. Today a user reported that vacation autoreponse did not work for him. As I have checked the dovecot logs, I see such a message: Jun 04 13:39:51 lmtp(9986, user at xxx.com): Info: ZumtCleezE8CJwAAA1GDYg: sieve: msgid=: discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers (recipient=, and additional `:addresses' are specified) Any idea what actually went wrong? I was browsing for this error message, but found only dovecot sources :( Greetings, -- Jacek Osiecki joshua at ceti.pl GG:3828944 I don't want something I need. I want something I want. From lists at wildgooses.com Mon Jun 4 16:36:35 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:36:35 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB6AA7.4050200@Media-Brokers.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> Message-ID: <4FCCB9E3.3060702@wildgooses.com> On 03/06/2012 14:46, Charles Marcus wrote: > On 2012-06-03 4:43 AM, Ed W wrote: >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > Then tell them their only option is to buy Exchange Server and Outlook > for everyone - but explain that this 'feature' *still* will not work > for recipients that are outside of your control (ie, it will only work > for local recipients - and I *think* it is possible to set up Trusts > with other external Exchange Servers, but not sure, and if it does, it > requires the explicit cooperation of the other systems admin). > > Bottom line: do NOT promise the impossible to a client just to win the > business. It is a losing proposition, as you are beginning to see... > You have the situation backwards. I think you know about the MailASail business. We run small ISP selling mail accounts to customers. *our customers* want to voluntarily tell senders when they have downloaded an email via POP. The basic requirement is when the message is accessed via POP, then the sender (presumably defined by the FROM address) is sent a notification. Please don't argue about the spam aspects, etc - we are all on the same page here. However, it's not an entirely foolish request - because the customer is on dialup MDN implemented by the mail client isnt really feasible, and DSN doesn't help us realise that the remote user has at least connected and accessed the mail. So they are kind of asking for a limited server side implementation of MDN. In fact this isn't that unreasonable, it's just problematic and unusual. Ed W From lists at wildgooses.com Mon Jun 4 16:49:08 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:49:08 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCCBCD4.8090503@wildgooses.com> On 03/06/2012 18:26, Reindl Harald wrote: > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> I for one think the plugin is a good idea. >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > I think we are talking cross purposes about the design here In my case I have a customer base on *dialup* who connect very infrequently. They kind of want MDN to work, however, at least my understanding is that this is typically implemented by first the MUA downloading all messages, then generating MDN responses which need to be sent out - however, in the case of dialup this may be very far after the fact. Therefore they request a kind of server side MDN. So when the message is downloaded from the POP server, the POP server generates some form of MDN-a-like response on their behalf. There are clearly limitations here, but equally the limitations are quite clearly explained - all we learn is that the message was downloaded, but in the case of very infrequent dialup users, this at least teaches us the earliest time that the user could have read the message. Many of these users are corporate and have defined processes, so they may require the user to actually read and action all the emails which have been downloaded, hence it might be inferred that usually the message will be read soon after we learn it's downloaded - I don't think the goal is to get 100% knowledge of read time though, just an estimate and that it did actually arrive at this remote user is helpful To put some meat on this type of user, we are talking about a group of users who might be mid-ocean or perhaps hanging around north/south pole or somewhere similarly remote. They would be using satellite dialup devices which have significant costs. So for example if we see the user dial in we learn: - They aren't dead... - With some confidence that the message has crossed the most uncertain part of the link and is at least now close enough to the user we just need to hope they actually read it - This type of user is typically only receiving a small handful of messages. At 2.4Kbit you are struggling to receive emails, it's not assume that this type of user is getting the kind of volumes that you or I get This is a niche user, however, I think the basic feature is actually not entirely stupid. My competitors implement this feature quite crudely with just a generic message mailed out to the sender the first time the recipient (ie on our server) accesses and downloads and accesses the email. I don't see anyone trying to send MDN compatible receipts, they literally just send a "Your message was downloaded by the recipient" message Cheers Ed W From h.reindl at thelounge.net Mon Jun 4 17:14:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 04 Jun 2012 16:14:49 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCC2D9.3010209@thelounge.net> Am 04.06.2012 15:36, schrieb Ed W: >> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >> and if it does, it requires the explicit cooperation of the other systems admin). >> >> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >> you are beginning to see... >> > > We run small ISP selling mail accounts to customers. *our customers* want to > voluntarily tell senders when they have downloaded an email via POP. and the sender for sure wants this too for every single message? i doubt not > The basic requirement is when the message is accessed via POP, then the > sender (presumably defined by the FROM address) is sent a notification. have fun if ONE user has enabled "leave messages on server" and his machine crashs - the next time he will setup his account again he would self-DOS the mail-system > Please don't argue about the spam aspects, etc - we are all on the same page here wait until one of the company get fired and leave you a little "present" with a lot of forged senders > However, it's not an entirely foolish request it IS a entirely foolish request each mail client in this world supports "acknowledgment of receipt" the sender has only to configure his account correctly and the rcpt can decide if his client should send confirmations * always * per confirm on each message * alaways for specific senders * or even not send this bullshit at all such things has CLEARLY not to be implemented on the server side if the users are too stupid to user their mail-client and the admins missing any knowledge to do this for the users solve this problem by educate them in e-mail baiscs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From devurandom at gmx.net Mon Jun 4 17:32:04 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Mon, 04 Jun 2012 16:32:04 +0200 Subject: [Dovecot] dovecot-metadata-9 released Message-ID: <2115082.gk9Y8Dam5O@ernie> Hello everyone! I just released dovecot-metadata-8, which is an implementation of RFC 5464 (IMAP METADATA), allowing to add comments/annotations/metadata to folders of an email account. 2012-06-04: Version 9 * Added Dovecot 2.1 compatibility * Fixed compliance with RFC 5464 Section 3.2 * Separated backend code into library * Synced code of imap-annotatemore with imap-metadata * Improved error messages * Several bugfixes (incl. segfaults) * Minor cleanups Please get the code from [1] and send me an email for any problem you find. For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 +0200 titled "dovecot-metadata-8 released". Kind regards, Dennis [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From stephan at rename-it.nl Mon Jun 4 18:08:19 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 17:08:19 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <2115082.gk9Y8Dam5O@ernie> References: <2115082.gk9Y8Dam5O@ernie> Message-ID: <4FCCCF63.3040703@rename-it.nl> Op 6/4/2012 4:32 PM, Dennis Schridde schreef: > For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 > +0200 titled "dovecot-metadata-8 released". http://www.dovecot.org/list/dovecot/2011-June/059630.html Regards, Stephan. From malloc4k at gmail.com Mon Jun 4 19:44:01 2012 From: malloc4k at gmail.com (Malloc Kilobyte) Date: Mon, 4 Jun 2012 18:44:01 +0200 Subject: [Dovecot] Customization of "Rejected" message. Message-ID: Helo, I'm using Dovecot 2.1.1 with Postfix 2.3.3. I've enabled the quota plugin, so that Dovecot LDA reject e-mails, when user's mailbox is out of space. By default, when mailbox is near quota, and someone tries to send huge message, a reply is automatically send to the sender. It's being send from postmaster named as Mail Delivery Subsystem. And here is my question: Is there some way to customize that auto-reply, so that it is not only being send to the sender but also to recipient gets some notice about failed attempt ? I've also noticed, that this reply has attachment, which is rejected message, but it appears to be empty. Can I configure Dovecot to send back whole rejected message ? Regards malloc4k From robert at schetterer.org Mon Jun 4 20:23:27 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 04 Jun 2012 19:23:27 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCEF0F.3050708@schetterer.org> Am 04.06.2012 15:36, schrieb Ed W: > I think you know about the MailASail business. We run small ISP selling > mail accounts to customers. *our customers* want to voluntarily tell > senders when they have downloaded an email via POP. The basic > requirement is when the message is accessed via POP, then the sender > (presumably defined by the FROM address) is sent a notification. this isnt what you asked in the subject "Can we know when a user read our email?" the best and true answer: "never" ---snip as long all senders and users are on the same mailsystem/storage you might wrote i.e some watch daemon on your smtp mailsystem with if mail in storage with "Disposition-Notification-To" from "your sender" grepped by sasl header "Authenticated sender:" has gone from new to cur in "your recipients" storage maildir and subfolders you may also try use complex smtp transport header_checks combis with i.e /(^Disposition-Notification-To:.*)/ REPLACE X-$1 to mark mail etc and/or policy servers , milters etc perhaps with writings in dbs and comparing verbose dovecot logs etc cause there are uni ways to setup smtp and dovecot servers you must find your way fitting your setup as i said , i see only small relates to dovecot cause the only header which is standard in mail clients is Message Disposition Notification, so the sender has to use it anyway and you have to filter this mails by it additional only for "your senders" and "your recipients" then you have to find a way checking status of this mails in "your storage" if you allready have amavis included, you might code it there somehow or look at http://mailfud.org/postpals/ policy server for ideas who you might goal another way..... perhaps you might include a sieve global filter rule with filtering Disposition-Notification-To only from "your sender domains" and doing a simple mail notify action about it was delivered, or using some no official sieve plugins for actions with external binaries ( procmail etc ) -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeep at rahul.net Tue Jun 5 05:33:19 2012 From: jeep at rahul.net (Jeff Lacki) Date: Mon, 04 Jun 2012 19:33:19 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail Message-ID: <20120605023319.7664B1298B0@aqua.rahul.net> Im trying to figure out how to get dovecot to deliver to my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) AND work with squirrelmail. Ive worked on this for hours reading the docs etc with no luck so far. I get dovecot-lda to deliver to: /opt/imapdata/j/jeff/INBOX/inbox but when I use squirrelmail, I see the following in the log: dovecot: imap(jeff): Debug: Effective uid=1006, gid=999, home=/opt/imapdata/j/jeff/INBOX/inbox dovecot: imap(jeff): Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory dovecot: imap(jeff): Debug: Namespace : type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/opt/imapdata/j/jeff:INBOX=/opt/imapdata/j/jeff/INBOX:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes It complains that 'inbox' isnt a directory, but I want it to use: /opt/imapdata/j/jeff/INBOX What parameter do I need to tweak to get this to work? Ive tried the 'folder options' in squirrelmail but that doesnt appear to have any effect here (or at least at this point in my testing). It seems that the only parameter to tweak is 'mail_location' which Im having no luck getting to work correctly. Also namespace may play a part but every combination Ive tried does not result in getting it work thus far. On a sidenote when I send more than 1 email, it doesnt seem to honor 'maildir', it seems its doing 'mbox' instead? I get one flat file. Im lost and confused. my variables: mail_location = maildir:/opt/imapdata/%1n/%n:INBOX=/opt/imapdata/%1n/%n:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes namespace { type = private separator = / prefix = INBOX/ inbox = yes } Your help is appreciated! Thanks, Jeff /mf/home/jeep/shell/.signature From jtam.home at gmail.com Tue Jun 5 05:45:59 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 4 Jun 2012 19:45:59 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English writes: > I'm getting a lot of what I think is a local socket asking > dovecot:auth to verify username/passwords: > >> May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= If dovecot-auth is getting input from a local socket, then rhost information is irrelevant since the host doing the asking is the server itself (maybe from another daemon connected to a remote host). Maybe someone is brute forcing your server's Postfix authenticated SMTP service since Postfix can be configured to use Dovecot's SASL authentication framework. Joseph Tam From a.kostyrev at serverc.ru Tue Jun 5 06:14:44 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 14:14:44 +1100 Subject: [Dovecot] best practises for mail systems Message-ID: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> hello! Can someone point me to some best practices in building high-available scalable mail system or! share your own success stories. I've read article in LJ "Building a Scalable High-Availability E-Mail System with Active Directory and More" but it seemed to be outdated and there's a single point of failure (Master node). What I want to achieve: high-available, horizontaly scalable, with no single point of failure mail solution. Available hardware: intel mfsys25 modular server with 2 storage controllers, 2 switches, 4 power supply blocks with - 2 blade-servers in mfsys with: 2xIntel Xeon E5620 @ 2.40GHz with 8 cores each - promise vtrak e610s (2 storage controllers, 2 power supply blocks) - 6x 2TB SATA Hitachi HDS72302 We decided to go for KVM virtualization and glusterfs for live migration for vm image but that's not what this is all about :) We installed centos on host systems. for now while we could think of two ways to go: The first way (currently at testing stage): On each host system we created one VM and passed through 3x2TB disks into it. In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. so it looks like this: vm1??? replicate???? vm2 disk1 ------------> disk4 disk2 ------------> disk5 disk3 ------------> disk6 in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. also we use exim as smtp. So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 'cause LVS points them to working smtp and imap4 servers and they get their mail 'cause of glusterfs. Pros: - high-available - horizontaly scalable - with no single point of failure Cons: - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. The second way: split up the users mail with: two back-end VMs each other on DIFFERENT host system with - fat mailstorage with raid1+linear mode (mdadm)+XFS - dovecot/exim-back-ends and two VMs for nginx-based proxy servers for imap4 and smtp - nginx can redirect user to right back-end through HTTP-php-based logic. Pros: - we split up not only load for exim/dovecot but users mail IOs too - no split-brains Cons: - If one of the host systems (hence one of back-end VMs with storage) goes down, half of our users is unhappy P.S. Sorry if this place is way wrong to ask for such things. From johannes at sipsolutions.net Tue Jun 5 11:09:27 2012 From: johannes at sipsolutions.net (Johannes Berg) Date: Tue, 05 Jun 2012 10:09:27 +0200 Subject: [Dovecot] Different but probably related issue In-Reply-To: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> Message-ID: <1338883767.4514.23.camel@jlt3.sipsolutions.net> Hi Marc, [+list since I'm unlikely to be able to solve this problem myself] > I am trying to setup a debian testing (wheeze) mail server using > postfix, dovecot and amavisd-new with spamassassin. I have everything > working fine, using mdbox mailboxes and system users. As a final touch > for this setup, I wanted to be able to train the (global) bayes > database directly through IMAP. > > Hence, I installed your plugin (directly from the official debian > repositories) and set it up to report mails to spamassassin. I am > using the "pipe" backend to call a wrapper script, that stores the > mail into a temporary file and launches sa-learn to learn it. My tests > indicate that this is working properly. Ok, nice. > However, when the dovecot-antispam plugin is enabled, I have a weird > problem sending emails. This is, whenever my MUA tries to save the > just sent message to the "Sent" folder, dovecot shows the following > error: Hmm, ok, let's see > > --------------------------------------------------- > > Dovecot's error log: > > --------------------------------------------------- > > Jun 4 22:35:14 aiur dovecot: imap(user): Error: mdbox /home/user/.mdbox/mailboxes/Sent/dbox-Mails: map uid lost for uid 0 > > Jun 4 22:36:06 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/Spam/dbox-Mails/dovecot.index reset, view is now inconsistent > > Jun 4 22:36:09 aiur dovecot: imap(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:09 aiur dovecot: lda(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:10 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent > > > As a result, the MUA hangs for a while (some minute and a half). After > that it closes the IMAP session properly, but I am left with two > copies of the sent email in the "Sent" folder: one that is marked as > unread and one that is not. Curious. I think the problem is likely the mdbox storage... There have always been some issues with it and the antispam plugin when combined. The first issue was that we couldn't access the raw text or something ... not sure what's up now. > > IMAP Conversation (as logged by roundcube webmail) > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: A0005 APPEND INBOX.Sent (\Seen) {519+} > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: Received: from cpe-76-169-183-245.socal.res.rr.com ([76.169.183.245]) > > by server.domain.tld > > with HTTP (HTTP/1.1 POST); Mon, 04 Jun 2012 22:35:14 +0200 > > MIME-Version: 1.0 ... > > [04-Jun-2012 22:36:10 +0200]: [4A68] S: A0005 OK [APPENDUID > 1338488996 4274] Append completed. That looks ... pretty normal. > At this point, I do not know what else to try or how to fix this > problem. Thus, I have had to disable your plugin for now. Do you have > any ideas on how to proceed? I can give you access to this machine if > need be (it's a personal server). Unfortunately, I don't. I can only suggest, as a test, trying with some other storage format -- I only use Maildir -- to see if the problem is really in the interaction with mdbox. I'm fairly sure that's likely the problem, maybe the plugin doesn't pass something through append that is needed by mdbox, but I've never even attempted to understand mdbox. Maybe Timo can comment. Timo, you can find the latest code here: http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary johannes From tss at iki.fi Tue Jun 5 13:02:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 5 Jun 2012 13:02:10 +0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: On 5.6.2012, at 6.14, ???????? ????????? ?????????? wrote: > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up Last I've heard glusterfs causes corruption problems with Dovecot. You should try stress testing it with imaptest: http://imapwiki.org/ImapTest From me at junc.org Tue Jun 5 14:23:02 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 13:23:02 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605023319.7664B1298B0@aqua.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: Den 2012-06-05 04:33, jeep at rahul.net skrev: > Im trying to figure out how to get dovecot to deliver to > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > AND work with squirrelmail. Ive worked on this for hours > reading the docs etc with no luck so far. namespace is set to "" in squirrelmail, but it must be "INBOX." run conf.pl and fix it :=) From devurandom at gmx.net Tue Jun 5 14:35:18 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Tue, 05 Jun 2012 13:35:18 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <4FCDD13B.5080204@bunbun.be> References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> Message-ID: <4102204.vJ4X8dIaYX@samson> Hello Nick! I am sorry - I forgot to mention that you need attached patch for dovecot. Kind regards, Dennis Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: > Hi Dennis, > > I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get > the following error: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF > .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o > .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator > before token "(" > mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: > error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) > mailbox-ext.c:32: error: (Each undeclared identifier is reported only > once mailbox-ext.c:32: error: for each function it appears in.) > mailbox-ext.c:33: warning: implicit declaration of function > 'mailbox_get_guid' > *** Error code 1 > Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error > code 1 > > Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes > that (I couldn't find anywhere where that macro was defined). > > Next I get another error, again caused by the DOVECOT_PREREQ: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP > -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC > -DPIC -o .libs/imap-metadata-plugin.o > imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': > imap-metadata-plugin.c:162: warning: comparison is always false due to > limited range of data type > imap-metadata-plugin.c:513:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_getmetadata': > imap-metadata-plugin.c:516: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > imap-metadata-plugin.c: In function 'setmetadata_helper': > imap-metadata-plugin.c:596: warning: 'return' with a value, in function > returning void > imap-metadata-plugin.c:672:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_setmetadata': > imap-metadata-plugin.c:675: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > *** Error code 1 > > Am I missing something on my system? > > Rgds, > N. > > Dennis Schridde wrote: > > Hello everyone! > > > > I just released dovecot-metadata-8, which is an implementation of RFC 5464 > > (IMAP METADATA), allowing to add comments/annotations/metadata to folders > > of an email account. > > > > 2012-06-04: Version 9 > > > > * Added Dovecot 2.1 compatibility > > * Fixed compliance with RFC 5464 Section 3.2 > > * Separated backend code into library > > * Synced code of imap-annotatemore with imap-metadata > > * Improved error messages > > * Several bugfixes (incl. segfaults) > > * Minor cleanups > > > > Please get the code from [1] and send me an email for any problem you > > find. > > > > For more information please refer to my email from Sun, 12 Jun 2011 > > 15:55:57 +0200 titled "dovecot-metadata-8 released". > > > > Kind regards, > > Dennis > > > > [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.1-b144c7d3bb67+4ee2e23710fb-dovecot-prereq.patch Type: text/x-patch Size: 2036 bytes Desc: not available URL: From pw at wk-serv.de Tue Jun 5 15:03:14 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 05 Jun 2012 14:03:14 +0200 Subject: [Dovecot] dsync backup doubles quota Message-ID: <4FCDF582.5050004@wk-serv.de> Hi everyone, I recognized a very strange behavior when doing backups of my mdbox mailboxes. After the backup the quota for each mailbox is twice as much as before the backup and I have to recalculate the quota to get the former/correct information. root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - root at mb01:~# doveadm backup -u test at example.com mdbox:/home/example.com/test root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 10 10240 User quota MESSAGE 22 - root at mb01:~# doveadm quota get -u test at example.com root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - Is this a bug or normal behavior? Regards Patrick From ott at mirix.org Tue Jun 5 15:27:30 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 14:27:30 +0200 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: <4FCDFB32.2080302@mirix.org> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From a.kostyrev at serverc.ru Tue Jun 5 15:59:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 23:59:47 +1100 Subject: [Dovecot] best practises for mail systems In-Reply-To: <4FCDFB32.2080302@mirix.org> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> Message-ID: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 servers: active master --> and standby slave. LVS supports real time replication of connections from master to slave, so if master dies slave knows which IP was connected to which dovecot server. I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Matthias-Christian Ott Sent: Tuesday, June 05, 2012 11:28 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] best practises for mail systems On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From sf.rique at gmail.com Tue Jun 5 16:02:47 2012 From: sf.rique at gmail.com (Henrique Santos Fernandes) Date: Tue, 5 Jun 2012 10:02:47 -0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: We once try to use similar solution as your first. 3 servers for LVS -HA This master server redirect users for 2 or 3 dovecot backends.. The mail storage were maildir ontop of OCFS2 Our problem were that OCFS2 were too slow. We could not handle many users. So we took an step back and now use only user one server. But still thinking in go back to the first one. with LVS When using LVS try to sticky user to the same backend, LVs can do ths by source ip. Where i work we have problens on testign storage. If you have any advices for testing disk performance, i will be thankfull. I wil be glad to answer anything else. []'sf.rique On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < a.kostyrev at serverc.ru> wrote: > I think LVS is just fine and it is not a SPOF 'cause it is actually 2 > servers: > active master --> and standby slave. > LVS supports real time replication of connections from master to slave, > so if master dies slave knows which IP was connected to which dovecot > server. > > I'm more worried about right design of mailstorage.. should I use some > cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long > downtime if one of servers goes down. > > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Matthias-Christian Ott > Sent: Tuesday, June 05, 2012 11:28 PM > To: dovecot at dovecot.org > Subject: Re: [Dovecot] best practises for mail systems > > On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > > On each host system we created one VM and passed through 3x2TB disks > into it. > > > > > > > > In guests vms on top of this disks we made XFS and fired up glusterfs > with distributed replicated volumes for our mailstorage. > > > > so it looks like this: > > > > > > > > vm1 replicate vm2 > > > > disk1 ------------> disk4 > > > > disk2 ------------> disk5 > > > > disk3 ------------> disk6 > > > > > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail > creation (as ltmp) and imap4 user access. > > > > also we use exim as smtp. > > > > > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing > for exim and dovecot. > > > > so wherenever one of host systems (hence one of mail vms) goes down, > users don't notice that > > > > 'cause LVS points them to working smtp and imap4 servers > > > > and they get their mail 'cause of glusterfs. > > [...] > > Cons: > > > > - not quite sure if glusterfs is production ready solution 'cause I've > experienced split-brains during setting it up > > > > - IO performance issue. Though we didn't yet run any io tests, but > glusterfs uses fuse to mount on clients. And guys on #gluster told me > writing to the glusterfs mount will not be strictly local io. > > I'm not familiar with LVS, but from the project description it seems > that you need a "front server" that does the load balancing, so you > either have to run at least two of these servers in parallel or add to > your cons that you introduced a single point of failure. But you > mentioned that you only have two servers, so you really can do this. > > I would rather ensure high availability by running the two servers as > masters and using either IP address takeover or DNS failover (with > dynamic DNS) and either use Dovecot's replication (I haven't tested it > yet and I'm not sure what happens in case of IP address takeover) or a > file system that can handle these kinds of errors (e.g. Coda). You could > do load balancing via round-robin DNS. This only protects you against > the failure of single machine and because IMAP sessions are not > replicated between the servers, connections will get reset if one server > fails, but it's cost-effective and uses software that already exists. > > Regards, > Matthias-Christian > From jeep at rahul.net Tue Jun 5 16:41:54 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 06:41:54 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: <20120605134154.2FBC616D400@maya.rahul.net> Benny Pedersen wrote: > Den 2012-06-05 04:33, jeep at rahul.net skrev: > > Im trying to figure out how to get dovecot to deliver to > > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > > AND work with squirrelmail. Ive worked on this for hours > > reading the docs etc with no luck so far. > > namespace is set to "" in squirrelmail, but it must be "INBOX." > > run conf.pl and fix it :=) > > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, but if you meant Folder Defaults->Default Folder Prefix = INBOX. I just tried that and I still get: Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory Was that the setting you meant or was there another I missed? Thanks /mf/home/jeep/shell/.signature From jeep at rahul.net Tue Jun 5 18:03:22 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 08:03:22 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <20120605150322.44ED616D414@maya.rahul.net> jeep at rahul.net (Jeff Lacki) wrote: > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, > but if you meant Folder Defaults->Default Folder Prefix = INBOX. > > I just tried that and I still get: > > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory > > Was that the setting you meant or was there another I missed? > Thanks > Nevermind, I found the problem after your suggestion. Turns out my DB was returning a home directory of: /opt/imapdata/j/jeff/INBOX/inbox from when I was playing with something earlier, that got me past that issue, however I still dont know why its not giving me maildir instead of mbox. But thank you for helping me fix that issue! Jeff /mf/home/jeep/shell/.signature From me at junc.org Tue Jun 5 18:33:34 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:33:34 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <26bcc28cf6b7385e1326e2c8ec019448@junc.org> Den 2012-06-05 15:41, jeep at rahul.net skrev: > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a > directory this error is not squirrelmail :=) # dovecot.conf namespace: type: private inbox: yes list: yes subscriptions: yes if you use sql auth in dovecot then the maildir must not end in / else it will be a mbox file mail_location: maildir:/home/vmail/%d/%u/.maildir ~ must be set to mail_location: maildir:/home/vmail/%d/%u/ and the .maildir comes from sql concat if i remember my own setup :=) squirrelmail will work without INBOX. but namespace in dovecot must math it From andrei.michescu at miau.ca Tue Jun 5 18:33:03 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 11:33:03 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] Message-ID: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Hello, If disk space and bandwidth are affordable (and from your setup it seems that they are affordable as you have everything locally) I would split the mail storage completely and use replication in between n-master servers (n=2 for your case). The replication is not yet fully tested, but Timo is actively working on this feature. The fear of lossing the imap session does not make sense (at least to me) as the client will reconnect automatically in the background. Like this you have no SPOF and no split-brain and you get the flexibility (if needed) to geographically distribute your servers in the the future. Keep each server with its own ip, connect to them via DNS (round robin etc etc). We are currently experimenting with a setup similar to this one, but with geographically distributed servers (trans-continental) (bandwidth limited and high cost). Best regards, Andrei > We once try to use similar solution as your first. > > 3 servers for LVS -HA > > This master server redirect users for 2 or 3 dovecot backends.. > > The mail storage were maildir ontop of OCFS2 > > Our problem were that OCFS2 were too slow. We could not handle many users. > > So we took an step back and now use only user one server. > > But still thinking in go back to the first one. with LVS > > When using LVS try to sticky user to the same backend, LVs can do ths by > source ip. > > Where i work we have problens on testign storage. If you have any advices > for testing disk performance, i will be thankfull. > > I wil be glad to answer anything else. > > []'sf.rique > > > On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < > a.kostyrev at serverc.ru> wrote: > >> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 >> servers: >> active master --> and standby slave. >> LVS supports real time replication of connections from master to slave, >> so if master dies slave knows which IP was connected to which dovecot >> server. >> >> I'm more worried about right design of mailstorage.. should I use some >> cluster fs with all mail of all users >> or should I split mailstorage across servers and somehow avoid long >> downtime if one of servers goes down. >> >> >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] >> On >> Behalf Of Matthias-Christian Ott >> Sent: Tuesday, June 05, 2012 11:28 PM >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] best practises for mail systems >> >> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: >> > On each host system we created one VM and passed through 3x2TB disks >> into it. >> > >> > >> > >> > In guests vms on top of this disks we made XFS and fired up glusterfs >> with distributed replicated volumes for our mailstorage. >> > >> > so it looks like this: >> > >> > >> > >> > vm1 replicate vm2 >> > >> > disk1 ------------> disk4 >> > >> > disk2 ------------> disk5 >> > >> > disk3 ------------> disk6 >> > >> > >> > >> > in each vm we mounted glusterfs and pointed dovecot to that dir for >> mail >> creation (as ltmp) and imap4 user access. >> > >> > also we use exim as smtp. >> > >> > >> > >> > So, with glusterfs as mailstorage we can go for LVS to load balancing >> for exim and dovecot. >> > >> > so wherenever one of host systems (hence one of mail vms) goes down, >> users don't notice that >> > >> > 'cause LVS points them to working smtp and imap4 servers >> > >> > and they get their mail 'cause of glusterfs. >> > [...] >> > Cons: >> > >> > - not quite sure if glusterfs is production ready solution 'cause I've >> experienced split-brains during setting it up >> > >> > - IO performance issue. Though we didn't yet run any io tests, but >> glusterfs uses fuse to mount on clients. And guys on #gluster told me >> writing to the glusterfs mount will not be strictly local io. >> >> I'm not familiar with LVS, but from the project description it seems >> that you need a "front server" that does the load balancing, so you >> either have to run at least two of these servers in parallel or add to >> your cons that you introduced a single point of failure. But you >> mentioned that you only have two servers, so you really can do this. >> >> I would rather ensure high availability by running the two servers as >> masters and using either IP address takeover or DNS failover (with >> dynamic DNS) and either use Dovecot's replication (I haven't tested it >> yet and I'm not sure what happens in case of IP address takeover) or a >> file system that can handle these kinds of errors (e.g. Coda). You could >> do load balancing via round-robin DNS. This only protects you against >> the failure of single machine and because IMAP sessions are not >> replicated between the servers, connections will get reset if one server >> fails, but it's cost-effective and uses software that already exists. >> >> Regards, >> Matthias-Christian >> > > > !DSPAM:4fce037e104291424646138! > From me at junc.org Tue Jun 5 18:36:14 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:36:14 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605150322.44ED616D414@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> <20120605150322.44ED616D414@maya.rahul.net> Message-ID: <685aa8d8214058f45df1457c67f0acc5@junc.org> Den 2012-06-05 17:03, jeep at rahul.net skrev: > from when I was playing with something earlier, that got me > past that issue, however I still dont know why its not > giving me maildir instead of mbox. remove last / in sql query auth path (concated here) dovecot have it well explained in wiki From ghe at slsware.com Tue Jun 5 18:38:49 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 09:38:49 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > If dovecot-auth is getting input from a local socket, then rhost > information is irrelevant since the host doing the asking is the server > itself (maybe from another daemon connected to a remote host). Thanks for the confirmation of my suspicions.... > Maybe someone is brute forcing your server's Postfix authenticated > SMTP service since Postfix can be configured to use Dovecot's SASL > authentication framework. and for the suggestion -- I do have Postfix using Dovecot-Auth checking for SASL. I think I'm going to re-install and run Tripwire... -- Glenn English hand-wrapped from my Apple Mail From ott at mirix.org Tue Jun 5 22:15:39 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 21:15:39 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Message-ID: <4FCE5ADB.8090208@mirix.org> On 2012-06-05 17:33, Michescu Andrei wrote: > The fear of lossing the imap session does not make sense (at least to me) > as the client will reconnect automatically in the background. I agree, in practice this is not an issue compared to the unavailability of the service, but on longer IMAP sessions (e.g. transferring a big file) the connection loss is noticeable. > Like this you have no SPOF and no split-brain and you get the flexibility > (if needed) to geographically distribute your servers in the the future. > > Keep each server with its own ip, connect to them via DNS (round robin etc > etc). This depends on the resolver, operating systems and clients you want to support, because I read that not all networks generate proper ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the packets, so that the clients first try to connect to the failed server until timeout and then connects to the second server. Since IMAP is a stateful protocol the latency of the initial connect to the failed server can be ignored, but if you want to eliminate this, you can use dynamic DNS to automatically remove the corresponding RRs (depending on your situation you need an external monitoring server for this to avoid problems in case of net splits). > We are currently experimenting with a setup similar to this one, but with > geographically distributed servers (trans-continental) (bandwidth limited > and high cost). I also have some plans for a similar setup in the near future. Can you share your results on the mailing list? I'm especially interested if failover via DNS works in practice (I did some searches, but I'm not fully convinced of it, but it seems quite simple compared to other solutions). Regards, Matthias-Christian From andrei.michescu at miau.ca Tue Jun 5 23:33:25 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 16:33:25 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCE5ADB.8090208@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: Hello, > I agree, in practice this is not an issue compared to the unavailability > of the service, but on longer IMAP sessions (e.g. transferring a big > file) the connection loss is noticeable. It is noticeable for somebody that really waits for a large email. For the standard user there is nothing visible because the synchronization starts / fails and starts again... In corporate environment the servers are "close" and the network is generally configured to have proper Destination Unreachable. For road-warriors, the main concern is the uplink/downlink and generally not the couple of seconds lost due to time-out. For the DNS... use "fast-flux"-like configuration and any proper resolver will behave correctly (at least in my experience). For the road-warrior setup: DNS with geoip, and all locations with split-dns (internally HA setup with failover on external locations). Unfortunately the classical HA setup (with heart-beat monitor, update DNS etc etc) it is not designed to be "internet-proof" (internet like in WAN). The initial design of the internet was to be able to operate even when significant segments are unavailable. Picture the following scenario: master servers on each continent. Catastrophic failure of the trans-continental network => 5 big disconnected chunks of network fully functional. Any HA setup that I saw will fail miserably. The simplest design with fully replicated masters will continue to work. Obviously planning for the scenario above is an overkill for most of the companies out there. Once you trow in the advantage of have the emails close to you anywhere where you go, then it starts making sense. And you can top it up by segmenting you user base to replicate only the users that are on the go, or are important enough. As for the current status of the ideal implementation: waiting for Timo to finalize the refactoring of dsync. As a temporary solution: rsync replication with master-slave model (not master-master). This design makes sense to us, but I'm sure that it is under-optimal for most other uses. Andrei > >> Like this you have no SPOF and no split-brain and you get the >> flexibility >> (if needed) to geographically distribute your servers in the the future. >> >> Keep each server with its own ip, connect to them via DNS (round robin >> etc >> etc). > > This depends on the resolver, operating systems and clients you want to > support, because I read that not all networks generate proper > ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the > packets, so that the clients first try to connect to the failed server > until timeout and then connects to the second server. Since IMAP is a > stateful protocol the latency of the initial connect to the failed > server can be ignored, but if you want to eliminate this, you can use > dynamic DNS to automatically remove the corresponding RRs (depending on > your situation you need an external monitoring server for this to avoid > problems in case of net splits). > >> We are currently experimenting with a setup similar to this one, but >> with >> geographically distributed servers (trans-continental) (bandwidth >> limited >> and high cost). > > I also have some plans for a similar setup in the near future. Can you > share your results on the mailing list? I'm especially interested if > failover via DNS works in practice (I did some searches, but I'm not > fully convinced of it, but it seems quite simple compared to other > solutions). > > Regards, > Matthias-Christian > > !DSPAM:4fce5ae0149132093961185! > > From tss at iki.fi Wed Jun 6 00:43:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 6 Jun 2012 00:43:38 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: On 5.6.2012, at 23.33, Michescu Andrei wrote: >> I agree, in practice this is not an issue compared to the unavailability >> of the service, but on longer IMAP sessions (e.g. transferring a big >> file) the connection loss is noticeable. > > It is noticeable for somebody that really waits for a large email. And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. From rob0 at gmx.co.uk Wed Jun 6 00:53:25 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Tue, 5 Jun 2012 16:53:25 -0500 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <20120605215325.GC3672@harrier.slackbuilds.org> On Tue, Jun 05, 2012 at 09:38:49AM -0600, Glenn English wrote: > On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > > If dovecot-auth is getting input from a local socket, then rhost > > information is irrelevant since the host doing the asking is the > > server itself (maybe from another daemon connected to a remote > > host). > > Thanks for the confirmation of my suspicions.... What suspicions were confirmed? > > Maybe someone is brute forcing your server's Postfix > > authenticated SMTP service since Postfix can be configured to > > use Dovecot's SASL authentication framework. And these brute force attempts would be logged, each one. > and for the suggestion -- I do have Postfix using Dovecot-Auth > checking for SASL. > > I think I'm going to re-install and run Tripwire... I think you are overreacting. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From jtam.home at gmail.com Wed Jun 6 01:21:51 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 5 Jun 2012 15:21:51 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English wrote: >> Maybe someone is brute forcing your server's Postfix authenticated >> SMTP service since Postfix can be configured to use Dovecot's SASL >> authentication framework. > > and for the suggestion -- I do have Postfix using Dovecot-Auth checking > for SASL. > > I think I'm going to re-install and run Tripwire... Tripwire? If the purpose of your query is to automate blocking of brute forcers, this software is not what you want (which detects tampering of critical system files). I suggest trying to find where Postfix failed login reports go, then use your fail2ban or what-have-you to detect and block hosts that repeatedly fail authentication. (First Google hit I did on this subject) http://scottlinux.com/2011/05/26/prevent-postfix-brute-force/ The log entries might look like {timestamp} {servername} postfix/smtpd[{pid}]: lost connection after AUTH from {remote-hostname}[{remote-ip}] Joseph Tam From ghe at slsware.com Wed Jun 6 02:08:07 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 17:08:07 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <20120605215325.GC3672@harrier.slackbuilds.org> References: <20120605215325.GC3672@harrier.slackbuilds.org> Message-ID: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> On Jun 5, 2012, at 3:53 PM, /dev/rob0 wrote: > What suspicions were confirmed? At first I thought that somebody was TCP'ing in and somehow turning off the remote IP in the log so I couldn't block it. Then an answer from another mailing list, and a little thinking, made it occur to me that maybe my server had been penetrated. > And these brute force attempts would be logged, each one. They are, with no rhost. And there are other brute force attempts that *do* have IPs. > I think you are overreacting. I really hope so. What's your thinking? Have you seen this before? And most important: what is it, how does it work, and how do I get rid of it and keep it from coming back? -- Glenn English hand-wrapped from my Apple Mail From achekalin at lazurit.com Wed Jun 6 08:40:43 2012 From: achekalin at lazurit.com (Alexander Chekalin) Date: Wed, 06 Jun 2012 08:40:43 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FCEED5B.90105@lazurit.com> 05.06.2012 23:33, Michescu Andrei ???????: > Picture the following scenario: master servers on each continent. > Catastrophic failure of the trans-continental network => 5 big > disconnected chunks of network fully functional. Any HA setup that I saw > will fail miserably. The simplest design with fully replicated masters > will continue to work. Dispute the original topic, I'd say this looks like a good service idea, as many company may pay for such a service if it can be set up specifically for their needs (routing, logs, backups, redirections). Gmail (and other big guys like them) won't be that fine-tunable (having point to service many customers with the same type of control), and companies sometime just won't deal with such a Big Brother to store their corporate mail due to internal regulations (read - 'corporate paranoia'). But the replication between "points of presence" (5 big datacenters, one per continent, won't be good topology) will be painful and we easily face split-brain situation, whichever replicaton scheme I can imagine. Yours, Alexander From joseba.torre at ehu.es Wed Jun 6 16:01:19 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Wed, 06 Jun 2012 15:01:19 +0200 Subject: [Dovecot] Director problems Message-ID: <4FCF549F.70404@ehu.es> Hi, I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: $ sudo doveadm director map user mail server ip expire time 158.227.4.186 2012-06-06 13:34:12 158.227.4.186 2012-06-06 13:34:27 158.227.4.186 2012-06-06 13:34:34 (I don't know if that is good or not) I've tried with 3 different users and ips to no change, users are always directed to the same host. Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Jun 6 14:52:27 director dovecot: director: Error: director: User test1 host lookup failed: Timeout - queued for 30 secs (Ring not synced for 73 secs) Jun 6 14:52:31 director dovecot: imap-login: Aborted login (auth failed, 1 attempts in 34 secs): user=<>, method=PLAIN, rip=158.227.4.186, lip=158.227.4.185, TLS, session= Any clue? This is the dovecot config -n output: # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) director_mail_servers = dovecot1.example dovecot2.example director_servers = director.example lmtp_proxy = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = proxy=y nopassword=y starttls=any-cert driver = static } service auth { unix_listener auth-userdb { group = mail mode = 0660 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director service_count = 0 } service lmtp { client_limit = 1 inet_listener lmtp { port = 24 } unix_listener /var/lib/dovecot/lmtp-socket { group = root mode = 0600 user = root } } service pop3-login { executable = pop3-login director service_count = 0 } service pop3 { process_limit = 5000 } shutdown_clients = no ssl_cert = References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> <4102204.vJ4X8dIaYX@samson> Message-ID: <4FCF612E.4060303@bunbun.be> Hi Dennis, This fixed the problem. Thanks! Rgds, N. Dennis Schridde wrote: > Hello Nick! > > I am sorry - I forgot to mention that you need attached patch for dovecot. > > Kind regards, > Dennis > > Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: >> Hi Dennis, >> >> I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get >> the following error: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF >> .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o >> .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator >> before token "(" >> mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: >> error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) >> mailbox-ext.c:32: error: (Each undeclared identifier is reported only >> once mailbox-ext.c:32: error: for each function it appears in.) >> mailbox-ext.c:33: warning: implicit declaration of function >> 'mailbox_get_guid' >> *** Error code 1 >> Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error >> code 1 >> >> Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes >> that (I couldn't find anywhere where that macro was defined). >> >> Next I get another error, again caused by the DOVECOT_PREREQ: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP >> -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC >> -DPIC -o .libs/imap-metadata-plugin.o >> imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': >> imap-metadata-plugin.c:162: warning: comparison is always false due to >> limited range of data type >> imap-metadata-plugin.c:513:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_getmetadata': >> imap-metadata-plugin.c:516: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> imap-metadata-plugin.c: In function 'setmetadata_helper': >> imap-metadata-plugin.c:596: warning: 'return' with a value, in function >> returning void >> imap-metadata-plugin.c:672:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_setmetadata': >> imap-metadata-plugin.c:675: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> *** Error code 1 >> >> Am I missing something on my system? >> >> Rgds, >> N. >> >> Dennis Schridde wrote: >>> Hello everyone! >>> >>> I just released dovecot-metadata-8, which is an implementation of RFC 5464 >>> (IMAP METADATA), allowing to add comments/annotations/metadata to folders >>> of an email account. >>> >>> 2012-06-04: Version 9 >>> >>> * Added Dovecot 2.1 compatibility >>> * Fixed compliance with RFC 5464 Section 3.2 >>> * Separated backend code into library >>> * Synced code of imap-annotatemore with imap-metadata >>> * Improved error messages >>> * Several bugfixes (incl. segfaults) >>> * Minor cleanups >>> >>> Please get the code from [1] and send me an email for any problem you >>> find. >>> >>> For more information please refer to my email from Sun, 12 Jun 2011 >>> 15:55:57 +0200 titled "dovecot-metadata-8 released". >>> >>> Kind regards, >>> Dennis >>> >>> [1] http://hg.dovecot.org/dovecot-metadata-plugin From mm at msfree.org Wed Jun 6 17:47:59 2012 From: mm at msfree.org (Marco) Date: Wed, 6 Jun 2012 07:47:59 -0700 (PDT) Subject: [Dovecot] No ports listening Message-ID: <20120606144801.C218C1AE876B@dovecot.org> Please forgive my newbie post but this has me stumped. I've been a happy Dovecot 0.X and 1.X admin for years but something in my first 2.X configuration is oddly broken. It loads fine, logs no errors, but doesn't listen to any network ports! Thanks in advance for any help. Marco # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.14 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login first_valid_gid = 111 first_valid_uid = 111 login_greeting = example.com pop/imap ready mail_location = mbox:/var/mail/%u.imap:INBOX=/var/mail/%u passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0666 } } service imap-login { inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 } process_limit = 50 } service pop3-login { inet_listener pop3 { address = * port = 110 } inet_listener pop3s { address = * port = 995 } process_limit = 50 } ssl_cert = References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: <20120606150516.GA27555@dibs.tanso.net> On Tue, Jun 05, 2012 at 11:59:47PM +1100, ???????? ????????? ?????????? wrote: > > I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. A clusterfs gives you active/active high availability and balanced distribution of users over your servers, at the cost of somewhat degraded I/O performance all the time. If a single node will be able to serve your load, I think it's much more sensible to create a passive/standby availability solution based on a local filesystem (XFS). If you need to split your mailstorage across servers, you can do active/standby server pairs -- but then it gets difficult to balance your users over your servers, and you *might* want to cheat and use a clusterfs instead.. -jf From andrei.michescu at miau.ca Wed Jun 6 18:22:05 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:22:05 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCEED5B.90105@lazurit.com> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FCEED5B.90105@lazurit.com> Message-ID: <6ce224c850798d4551d678fdd4b13b78.squirrel@web.miau.ca> Hello Alexander, > > But the replication between "points of presence" (5 big datacenters, one > per continent, won't be good topology) will be painful and we easily > face split-brain situation, whichever replication scheme I can imagine. The split-brain is indeed the biggest problem of common replication schema. But IMAP was designed to work in disconnected mode most of the time and have only quick synchronizations. So by design IMAP standard works in master-master models. Getting back to the above picture (catastrophic failure of all the transcontinental links): one synchronizes his laptop in Europe (EU), crosses the ocean to North America (NA) and synchronizes again his laptop. In this moment all the changes on the EU hub up to the point of last synchronization are merged into the NA hub. This is the beauty of IMAP. The biggest challenge on the the above scenario is the post-catastrophic synchronization which would move huge amounts of data across the links. Best wishes, Andrei > Yours, > Alexander > > > !DSPAM:4fceed61217344232183410! > > From andrei.michescu at miau.ca Wed Jun 6 18:27:29 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:27:29 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <97ebe4043a16aa82e668e24202d3892d.squirrel@web.miau.ca> Hello Timo, > > And there is actually some (any!) way this could be avoided?... One server > dies, another continues sending the mail? > > I have had some thoughts about transferring idling Dovecot connections > between processes / servers so that clients wouldn't notice it, but I > haven't even thought about moving active (long-running) connections. > Here it is to be researched if this is specified in the IMAP standard (if there any RFC that mentions this?), or if we propose a new RFC with such an extension. Until there is an RFC, even if you implement such a feature, there will be no clients out there that will support it. A good start, if there is no RFC, is the http protocol, that has implemented the resume option. Like this you could even support parallel download from couple of imap servers that are synchronized, getting from each a small chunk (BitTorrent like with the seeds list being set to only the servers). Best regards, Andrei From jaldeguer at safnow.org Wed Jun 6 19:19:41 2012 From: jaldeguer at safnow.org (Joe V Aldeguer) Date: Wed, 6 Jun 2012 12:19:41 -0400 Subject: [Dovecot] Email auto purging applied to all mail folders Message-ID: Hello, Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. The dovecot version I have installed is version 2.0.19. Thanks in advance. - Joe From lists at wildgooses.com Thu Jun 7 00:59:57 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 06 Jun 2012 22:59:57 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCC2D9.3010209@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> Message-ID: <4FCFD2DD.7030109@wildgooses.com> On 04/06/2012 15:14, Reindl Harald wrote: > > Am 04.06.2012 15:36, schrieb Ed W: >>> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >>> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >>> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >>> and if it does, it requires the explicit cooperation of the other systems admin). >>> >>> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >>> you are beginning to see... >>> >> We run small ISP selling mail accounts to customers. *our customers* want to >> voluntarily tell senders when they have downloaded an email via POP. > and the sender for sure wants this too for every single message? > i doubt not > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification which says that there must be a notification sent back to the sender whenever they download their emails. I cannot currently bid for their business. A spec is a spec - either you can meet the spec or you can't bid for the business... Ed W From fxmulder at gmail.com Thu Jun 7 01:07:36 2012 From: fxmulder at gmail.com (James Devine) Date: Wed, 6 Jun 2012 16:07:36 -0600 Subject: [Dovecot] Dovecot over NFS Message-ID: I'm playing with running dovecot over NFS and I am running into some issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my setup includes 1 nfs server and 1 client running postfix/dovecot. In testing I am running postal via the command: postal -t 10 -c 10 localhost users399 The test file has a list of 399 users to deliver to. I've provided a sample of the errors I'm receiving and my configuration below, I am running dovecot 2.0.19. Any idea what I might be doing wrong and what I might do to resolve it? My ultimate goal is to setup multiple clients with director so each user is still handled on a single machine, however with a single machine I still seem to be having issues. Here is a sample of some of the errors I'm seeing: Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:14 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:18 test-gluster-client1 dovecot: lmtp(12133, testuser138): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser138/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11928, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(11954, testuser192): Error: mdbox /mnt/testuser192/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12211, testuser60): Error: mdbox /mnt/testuser60/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12112, testuser190): Error: mdbox /mnt/testuser190/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(11937, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:28 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:30 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 My dovecot config is: auth_debug = yes auth_debug_passwords = yes auth_username_format = %Ln auth_verbose = yes base_dir = /var/run/dovecot-service/ disable_plaintext_auth = no instance_name = dovecot-service mail_debug = yes mail_fsync = always mail_location = mdbox:~/mdbox mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = quota mdbox_rotate_size = 16 M mmap_disable = yes passdb { driver = pam } plugin { quota = dict:User quota::file:%h/mdbox/dovecot-quota } protocols = " imap lmtp pop3" service auth { unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 10143 } } service lmtp { inet_listener lmtp { port = 10024 } } service pop3-login { inet_listener pop3 { port = 10110 } } ssl = no ssl_cert = Dovecot 2.x on Ubuntu Message-ID: We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users mboxes we will be migrating. My question is regarding the index files. Should we remove those after the migration, but before we open it up to users so Dovecot can create new ones? I did a test migration of a single user, and Dovecot detects the architecture change and put out some panic errors, corrupt files and backtrace messages in syslog on Ubuntu. The messages are shown below. If every user is going to generate these types of errors, I'm thinking maybe it makes sense to remove all the .imap directories and let Dovecot create new clean ones. I realize that may slow things down for awhile while Dovecot is rebuilding new files. Thanks for any info. Jackie Hunt Acad Computing & Networking Srvcs Colorado State University Jun 6 13:43:02 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19593, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19597, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19600, TLS Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=107/441 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=1676/2724868 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=129/759 Jun 6 13:51:49 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19657, TLS Jun 6 13:51:49 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/INBOX/dovecot.index: CPU architecture changed Jun 6 13:51:58 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19662, TLS Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Corrupted transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log seq 16777216: log file shrank (1428 < 6144) (sync_offset=6144) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Panic: file buffer.c: line 295 (buffer_set_used_size): assertion failed: (used_size <= buf->alloc) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x374fa) [0x7f3ada59c4fa] -> /usr/lib/dovecot/libdovecot.so.0(+0x3753e) [0x7f3ada59c53e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3ada576837] -> /usr/lib/dovecot/libdovecot.so.0(+0x35319) [0x7f3ada59a319] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x21e) [0x7f3ada87acee] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_open+0xb8) [0x7f3ada877a68] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_open+0xe5) [0x7f3ada860e75] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0xbc) [0x7f3ada826eac] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x5f7fb) [0x7f3ada8417fb] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x28c4c) [0x7f3ada80ac4c] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_enable+0x24) [0x7f3ada827584] -> dovecot/imap(imap_status_get+0xfd) [0x7f3adacead8d] -> doveco t/imap(cmd_status+0x182) [0x7f3adace1f92] -> dovecot/imap(+0x1105d) [0x7f3adace405d] -> dovecot/imap(+0x11135) [0x7f3adace4135] -> dovecot/imap(client_handle_input+0x125) [0x7f3adace4385] -> dovecot/imap(client_input+0x65) [0x7f3adace4c35] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x48) [0x7f3ada5a8048] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f3ada5a90c7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f3ada5a7fd8] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3ada5962c3] -> dovecot/imap(main+0x2f4) [0x7f3adacdc544] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f3ada1e530d] -> dovecot/imap(+0x95d5) [0x7f3adacdc5d5] Jun 6 13:51:59 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19664, TLS Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log: marked corrupted Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/Trash/dovecot.index: CPU architecture changed From trever.adams at gmail.com Thu Jun 7 09:05:25 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Thu, 07 Jun 2012 00:05:25 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 Message-ID: <4FD044A5.2000000@gmail.com> Hello Everyone, I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH The cronjob is: 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. Any help would be greatly appreciated. Thank you, Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tlx at leuxner.net Thu Jun 7 11:15:57 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 7 Jun 2012 10:15:57 +0200 Subject: [Dovecot] dsync backup doubles quota In-Reply-To: <4FCDF582.5050004@wk-serv.de> References: <4FCDF582.5050004@wk-serv.de> Message-ID: Am 05.06.2012 um 14:03 schrieb Patrick Westenberg: > Is this a bug or normal behavior? There's an older thread regarding this: http://www.dovecot.org/list/dovecot/2012-February/063585.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From fumiyas at osstech.jp Thu Jun 7 06:06:03 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Thu, 07 Jun 2012 12:06:03 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <1338305505.8270.10.camel@hurina> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> Message-ID: <87txynzuqs.wl%fumiyas@osstech.jp> At Tue, 29 May 2012 18:31:45 +0300, Timo Sirainen wrote: > > > If Dovecot passdb is configured with LDAP (no TLS/SSL), > > > it is no problem. But if Dovecot passdb is configured with > > > LDAPS (or LDAP+TLS), Dovecot auth process has a problem > > > that Dovecot auth delays exiting about between 20 and > > > 60 seconds when Dovecot dovecot (master) process is already > > > terminated by an administrator. > > > > I can reproduce this problem with LDAP (no TLS/SSL) passdb. > > And I suppose you can reproduce it even when not using LDAP? Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) with PAM passdb. This PAM environment is configured for local UNIX passwd file only (no LDAP). > All of the Dovecot processes are supposed to close all listeners > immediately when the master process dies. If this doesn't happen then > something strange is going on. My dovecot config (PAM version) is below: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid namespace inbox { inbox = yes location = prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/dovecot-auth { mode = 0666 } } ssl_cert = References: Message-ID: <4FD06F3A.6030903@ehu.es> El 06/06/12 18:19, Joe V Aldeguer escribi?: > Hello, > > Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. > Something like doveadm expunge -A mailbox '*' savedbefore 1m should do that, depending on your userdb. But check with doveadm search before expunging anything! HTH From amateo at um.es Thu Jun 7 14:52:51 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 07 Jun 2012 13:52:51 +0200 Subject: [Dovecot] director and IPs shown at the backends Message-ID: <4FD09613.6000405@um.es> Hello, I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead of the director IP? From bind at enas.net Thu Jun 7 15:12:32 2012 From: bind at enas.net (Urban Loesch) Date: Thu, 07 Jun 2012 14:12:32 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09613.6000405@um.es> References: <4FD09613.6000405@um.es> Message-ID: <4FD09AB0.6020500@enas.net> Hi, try it with "login_trusted_networks" option on the backends: # Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. login_trusted_networks = But for POP this will only working with version 2.1.x regards Urban On 07.06.2012 13:52, Angel L. Mateo wrote: > Hello, > > I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends > are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead > of the director IP? > From h.reindl at thelounge.net Thu Jun 7 15:36:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 07 Jun 2012 14:36:58 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCFD2DD.7030109@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> Message-ID: <4FD0A06A.50008@thelounge.net> Am 06.06.2012 23:59, schrieb Ed W: > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification > which says that there must be a notification sent back to the sender whenever they download their emails. I cannot > currently bid for their business. > > A spec is a spec - either you can meet the spec or you can't bid for the business... i'm not sure why it is so hard to believe that nobody should bid for such idiotic specs - techs should act professional and not like whores while try impossible and stupid things which can sovle each mail-client since > 10 years and is not the job of a mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From phil25lsbin at gmail.com Thu Jun 7 16:33:34 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 15:33:34 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user Message-ID: Hi, I run a mail server on debian squeeze system , i installed the following software postfix dovecot spamassassin postgrey I configured a virtual domain and virtual mailbox but postfix don't pipe mail in dovecot. In log, it's appear that the relay mode is local and the delivery message is delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: client=localhost.localdomain[127.0.0.1] Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< E1Sccg1-00029S-9I at ns231581.ovh.net> Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed My dovecot.conf: protocols = imap imaps pop3 pop3s log_timestamp = "%Y-%m-%d %H:%M:%S " log_path = /var/log/dovecot/dovecot.log info_log_path = /var/log/dovecot/dovecot-info.log mail_privileged_group = mail disable_plaintext_auth = no mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes protocol imap { } protocol pop3 { } protocol managesieve { } protocol lda { postmaster_address = admlb at XXX.FR mail_plugin_dir = /usr/lib/dovecot/modules/lda auth_socket_path = /var/run/dovecot/auth-master } auth default { userdb sql { args = /etc/dovecot/dovecot-mysql.conf } passdb sql { args = /etc/dovecot/dovecot-mysql.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = smtp } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } dict { } plugin { } My main.cf myhostname = smtp.XXX.FR alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = XXX.FR mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost relayhost = mynetworks = 172.16.0.0/12 127.0.0.0/8 mailbox_size_limit = 0 inet_interfaces = all virtual_uid_maps = static:3000 virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_transport = dovecot virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings inet_protocols = ipv4 The end of master.cf file dovecot unix - n n - - pipe flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 Thanks From CMarcus at Media-Brokers.com Thu Jun 7 17:02:53 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 07 Jun 2012 10:02:53 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <4FD0B48D.9090200@Media-Brokers.com> Please do not provide copy/paste from conf files... Always ONLY provide UNEDITED output of: doveconf -n postconf -n On 2012-06-07 9:33 AM, phil25lsbin wrote: > Hi, > > I run a mail server on debian squeeze system , i installed the following > software > > postfix > dovecot > spamassassin > postgrey > > I configured a virtual domain and virtual mailbox but postfix don't pipe > mail in dovecot. > > In log, it's appear that the relay mode is local and the delivery message > is delivered to mailbox) > > Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: > client=localhost.localdomain[127.0.0.1] > Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< > E1Sccg1-00029S-9I at ns231581.ovh.net> > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< > admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) > Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< > admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, > status=sent (delivered to mailbox) > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed > > > My dovecot.conf: > > protocols = imap imaps pop3 pop3s > log_timestamp = "%Y-%m-%d %H:%M:%S " > log_path = /var/log/dovecot/dovecot.log > info_log_path = /var/log/dovecot/dovecot-info.log > mail_privileged_group = mail > disable_plaintext_auth = no > mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes > protocol imap { > } > > protocol pop3 { > } > protocol managesieve { > } > protocol lda { > postmaster_address = admlb at XXX.FR > mail_plugin_dir = /usr/lib/dovecot/modules/lda > auth_socket_path = /var/run/dovecot/auth-master > } > auth default { > userdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > passdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0600 > user = smtp > } > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > dict { > } > plugin { > } > > > My main.cf > > myhostname = smtp.XXX.FR > alias_maps = hash:/etc/aliases > alias_database = hash:/etc/aliases > myorigin = XXX.FR > mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost > relayhost = > mynetworks = 172.16.0.0/12 127.0.0.0/8 > mailbox_size_limit = 0 > inet_interfaces = all > virtual_uid_maps = static:3000 > virtual_gid_maps = static:3000 > virtual_mailbox_base = /home/smtp > virtual_transport = dovecot > virtual_mailbox_domains = mysql:/etc/postfix/ > mysql_virtual_mailbox_domains.cf > virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf > virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf > relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf > > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unauth_destination, > reject_unauth_pipelining, > check_policy_service inet:127.0.0.1:10023, > reject_invalid_hostname > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > content_filter = amavis:[127.0.0.1]:10024 > receive_override_options = no_address_mappings > inet_protocols = ipv4 > > The end of master.cf file > > dovecot unix - n n - - pipe > flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d > ${user}@${nexthop} > amavis unix - - - - 2 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > > 127.0.0.1:10025 inet n - - - - smtpd > -o content_filter= > -o local_recipient_maps= > -o relay_recipient_maps= > -o smtpd_restriction_classes= > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o mynetworks=127.0.0.0/8 > -o strict_rfc821_envelopes=yes > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks > -o smtpd_bind_address=127.0.0.1 > > Thanks From at_hacker at mail.ru Thu Jun 7 17:28:02 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Thu, 07 Jun 2012 18:28:02 +0400 Subject: [Dovecot] =?utf-8?q?Problem_with_Dovecot_and_AD_LDAP_auth?= Message-ID: <1339079282.133745848@f31.mail.ru> Hi. Seems it's a bug in dovecot auth. I have??FreeBSD 8.1-RELEASE-p1 and I tried 1.2.17 and 2.1.7 versions of Dovecot, and still no luck. The problem: when I set in dovecot-ldap.conf:?base = CN=Users,DC=domain,DC=local everything works fine. But if I set:?base = DC=domain,DC=local mail client can't authorize. /var/log/dovecot.log says: ===============================================? Jun 07 18:07:17 auth: Debug: auth client connected (pid=14611) Jun 07 18:08:11 auth: Debug: client in: AUTH 1 PLAIN service=imap session=G1//aeLB6wAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55787 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:18 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 127 secs): user=<>, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= Jun 07 18:10:18 auth: Debug: client in: CANCEL 1 Jun 07 18:10:18 auth: Debug: auth client connected (pid=14706) Jun 07 18:10:26 auth: Debug: client in: AUTH 1 PLAIN service=imap session=n6IBcuLB7AAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55788 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Connection appears to be hanging, reconnecting Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Request lost Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): ldap_search(base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))) failed: Operations error Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:13:18 imap-login: Info: Disconnected: Inactivity (auth failed, 1 attempts in 172 secs): user=, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= ============================================ My dovecot-ldap.conf: =============================== ldap_version = 3 hosts = ad.domain.local base = DC=hrom,DC=local scope = subtree dn = CN=mailserver,CN=Users,DC=domain,DC=local dnpass = here_is_pass auth_bind = yes pass_attrs = uid=user pass_filter = "(&(objectClass=person)(sAMAccountName=%u))" user_attrs = name=mail=maildir:/var/mail/virtual/hrom.local/%n user_filter = "(&(objectClass=person)(sAMAccountName=%u))" ===================================================? ? ?I need base = DC=domain,DC=local for searching for user's accounts in different OU of my AD. If I set base = CN=Users,DC=domain,DC=local, Dovecot can't authorize user accounts from OU. P.S.: Postfix with base = DC=domain,DC=local works perfectly, so the problem is not with our domain controller (LDAP server as well) . From jerry at seibercom.net Thu Jun 7 17:41:48 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 7 Jun 2012 10:41:48 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <20120607104148.6254a7e8@scorpio> On Thu, 7 Jun 2012 15:33:34 +0200 phil25lsbin articulated: >I run a mail server on debian squeeze system , i installed the >following software > >postfix >dovecot >spamassassin >postgrey > >I configured a virtual domain and virtual mailbox but postfix don't >pipe mail in dovecot. {SNIP} 1) Do not paste & copy your config files. Use: dovecot -n postconf -n Paste the output of those commands in you post. If Postfix is not relaying the mail you would probably be better served on the Postfix forum. Its not that no one here could help you, I am sure they will; however, it is really not a dovecot problem. For Postfix, you might want to investigate the page, specifically: Check out the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. Also, be sure to state the versions of the software that you are using and you OS system version as well. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From karl.oulmi at ibl.fr Thu Jun 7 18:26:59 2012 From: karl.oulmi at ibl.fr (Karl Oulmi) Date: Thu, 07 Jun 2012 17:26:59 +0200 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace Message-ID: <4FD0C843.4070503@ibl.fr> Hi, I've the following setup : - FreeBSD 9.0 / Dovecot 2.1.7 - Maildir storage over iSCSI (Dell MD3200i) - Virtual users over LDAP to render the storage snapshots available through dovecot (to allow my users to browse their mail history). Here is my conf : namespace { type = private inbox = yes list = yes prefix = INBOX. location = maildir:/home/%u/Maildir:CONTROL=/home/dovecot/control/%u:INDEX=/home/dovecot/indexes/%u } namespace snap { prefix = INBOX.snapshot.h0. hidden = no inbox = no list = yes location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u type = private } The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! Inbox cur|new are is /da1/%u/Maildir/ If anyone have a tip, It would be nice... Regards, Karl. -- _______________________________________________________________ Karl OULMI Centre de Ressources Informatiques Institut de Biologie de Lille - CNRS GDS3366 _______________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2879 bytes Desc: S/MIME Cryptographic Signature URL: From weber at zackbummfertig.de Thu Jun 7 18:53:00 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Thu, 07 Jun 2012 17:53:00 +0200 Subject: [Dovecot] auth-worker problem here. Message-ID: <1e9f63c2b3bdacfe8f03c89eca19d6a4@zackbummfertig.de> hello, in howto for gentoo i found this: To tell Postfix about the maps that you've just set up, add the following (substituting mysql for pgsql if you're on PostgreSQL) to the bottom of /etc/postfix/main.cf: virtual_alias_maps = mysql:/etc/postfix/sql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/sql_virtual_domain_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/sql_virtual_mailbox_maps.cf Tip: Because this is using the Dovecot's LDA, all results from virtual_mailbox_maps are ignored beyond checking if they exist. I added in the mysql db an alias postmaster at domainn.tld that should be forwarded to name at domainn.tld. The tip above tells me when using dovecot lda the virtual_alias_maps is ignored by dovecot. now when i send a mail to postmaster at domainn.tld the mail is not transported to name at domainn.tld. in logfile i see this: dovecot: auth-worker: sql(postmaster at zbfmail.de): Unknown user how can i tell dovecot to also use the virtual_alias_maps? thank you marko From phil25lsbin at gmail.com Thu Jun 7 19:05:25 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 18:05:25 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: <20120607104148.6254a7e8@scorpio> References: <20120607104148.6254a7e8@scorpio> Message-ID: Sorry, dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6- 64 x86_64 Debian 6.0.5 ext3 log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 lda: postmaster_address: admlb at XXX.fr mail_plugin_dir: /usr/lib/dovecot/modules/lda auth_socket_path: /var/run/dovecot/auth-master auth default: passdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf userdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: smtp postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 mydestination = XXX.fr, smtp.XXX.fr, localhost.XXX.fr, localhost myhostname = smtp.XXX.fr mynetworks = 172.16.0.0/12 127.0.0.0/8 myorigin = XXX.fr receive_override_options = no_address_mappings relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf relayhost = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:3000 Thanks for help 2012/6/7 Jerry > On Thu, 7 Jun 2012 15:33:34 +0200 > phil25lsbin articulated: > > >I run a mail server on debian squeeze system , i installed the > >following software > > > >postfix > >dovecot > >spamassassin > >postgrey > > > >I configured a virtual domain and virtual mailbox but postfix don't > >pipe mail in dovecot. > > {SNIP} > > 1) Do not paste & copy your config files. Use: > dovecot -n > postconf -n > > Paste the output of those commands in you post. > > If Postfix is not relaying the mail you would probably be better served > on the Postfix forum. Its not that no one here could help you, I am > sure they will; however, it is really not a dovecot problem. For > Postfix, you might want to investigate the > page, specifically: > Check out the > postfinger tool. This can be found at > http://ftp.wl0.org/SOURCES/postfinger. > > Also, be sure to state the versions of the software that you are using > and you OS system version as well. > > -- > Jerry ? > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the Reply-To header. > __________________________________________________________________ > > From rago at lal.in2p3.fr Thu Jun 7 20:56:19 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Thu, 07 Jun 2012 19:56:19 +0200 Subject: [Dovecot] Authentication issue Message-ID: <4FD0EB43.8070104@lal.in2p3.fr> Hi, I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth The first is easily satisfied with auth_mechanisms = plain cram-md5 disable_plaintext_auth = yes but I don't know how to satisfy the second condition, if it's possible. Thanks for help, Emiliano Rago From toml at engr.orst.edu Fri Jun 8 03:34:29 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Thu, 07 Jun 2012 17:34:29 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix Message-ID: <4FD14895.8040707@engr.orst.edu> We're using dovecot 2.1.3 and I've been doing some testing with 2.1.7. We have shared mail (maildir) folders working along with our default mbox mailboxes. Our problem is trying to get this to work in a reasonable fashion with our iPhone or iPad mail.app clients. It's well known that they don't honor the subscription list; they show all available mail folders and do not collapse trees of folders. I have 381 folders in directories under mail. Normal clients are fine, but this is unmanageable in IOS. What we have been doing is changing the mail prefix for the iPhone to a subfolder, then using soft links to point to the most commonly used folders we use. This works, but when one changes the mail prefix, any shared folders are not presented. I'm suspicious that this is a design decision. If there is some way to make it work, I'd be very grateful. Note the two 'sharedimap' folders listed in the first 'list'. Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). But, it does show that somewhere in the code it's checking the mail prefix against namespaces and not displaying shared folders in non-default prefixes. I wish this were a configurable option. thank you Tom Lieuallen Oregon State University . list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" . OK List completed. . list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" . OK List completed. =============== # 2.1.7: /private/dovecot/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_verbose = yes default_client_limit = 10245 default_process_limit = 5120 first_valid_uid = 100 mail_location = mbox:~/mail:INBOX=/var/mail/%u:INDEX=/a2/imap-index/%u mail_nfs_storage = yes mail_plugins = quota acl namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = shared } passdb { driver = pam } passdb { args = scheme=CRYPT username_format=%u /private/dovecot/etc/passwd driver = passwd-file } plugin { acl = vfile quota = fs:INBOX:mount=/a1 quota2 = fs:Home quota:mount=%h } protocols = imap lmtp service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 16 service_count = 1 } service imap { process_limit = 2048 } ssl_ca = Hello! I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, I'm aware of poolmon by Brad Davidson but I think it's kind of must-have feature out of box. thanks From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 8 06:16:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 8 Jun 2012 05:16:22 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user is logged in via IMAP Message-ID: <20120608031622.GA13898@daniel.localdomain> Hi, we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: Error: Recent flags state corrupted for mailbox Error: Corrupted dbox file Error: Corrupted transaction log file It looks like a LMTP director problem. The user has IMAP IDLE connections open and lmtp delivers to another host. This leads to nfs corruption problems. The user is logged into mail04 and has some IMAP IDLE mailbox connections open: mail04:~# ps -ef|grep someuser vmail 5217 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.190 IDLE] vmail 8623 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.233 IDLE] vmail 20279 23918 0 00:37 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.213 IDLE] If postfix on mail01/dcmailbox01 receives an incoming mail now, the director on mail01 does NOT direct LMTP to the responsible host mail04/dcmailbox04 (10.129.3.190), but delivers it locally to mail01 (10.129.3.193), which leads to file corruption. mail01:~# doveadm -c /etc/dovecot-director/dovecot-director.conf director status someuser at example.de Current: not assigned Hashed: 10.129.3.193 Initial config: 10.129.3.193 mail01:~# host 10.129.3.193 193.3.129.10.in-addr.arpa domain name pointer dcmailbox01.example.net. mail01 runs the lmtp proxy and lmtp delivery, even though the user is logged in via IMAP IDLE on mail04: mail01:~# grep "^Jun 8 03:36:.*someuser at example.de" /var/log/server/dovecot.log Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23404): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): jOv8JgJX0U/0aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1Rc024891 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23406): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): gWijMAJX0U/1aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1t0024890 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' The "user logged on via IMAP on mail04" and "lmtp delivery on mail01" seems to lead to corruption of mdbox indexes: Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 offset=32856 Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 -> 83 Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: marked corrupted How to enable the LMTP director to deliver to the correct mailbox host? Configuration of mailbox and director of mail01 is attached. Regards, Daniel -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 19143 } } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } -------------- next part -------------- # 2.0.20: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = proxy=y nopassword=y user=%n at dovecotmail.%d driver = static } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From a.kostyrev at serverc.ru Fri Jun 8 07:39:13 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 8 Jun 2012 15:39:13 +1100 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> *sorry, accidently send to soon. continue: but with imap it's ok I've read thread "Dovecot Proxy and environment variables" and as I understood there was no solution. yes, I use v.2.1.1 on both director and backends and yes, I've added login_trusted_networks = 192.168.5.0/24 on all of them but it didn't help. any workarounds? thanks -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Friday, June 08, 2012 3:33 PM To: dovecot at dovecot.org Subject: [Dovecot] Director pop3 real ips v2.1.1 good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From amateo at um.es Fri Jun 8 12:34:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:34:19 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09AB0.6020500@enas.net> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> Message-ID: <4FD1C71B.4040109@um.es> El 07/06/12 14:12, Urban Loesch escribi?: > > Hi, > > try it with "login_trusted_networks" option on the backends: > > # Space separated list of trusted network ranges. Connections from these > # IPs are allowed to override their IP addresses and ports (for logging and > # for authentication checks). disable_plaintext_auth is also ignored for > # these networks. Typically you'd specify your IMAP proxy servers here. > login_trusted_networks = > > But for POP this will only working with version 2.1.x > I didn't find that option in any example config file, but it's working. Maybe it must be documented in somewhere. Thank you. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Fri Jun 8 12:41:52 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:41:52 +0200 Subject: [Dovecot] director and doveadm server Message-ID: <4FD1C8E0.4010807@um.es> Hi, I've been reading doc at http://wiki2.dovecot.org/Director to configure my servers. My question is regarding configuration of doveadm server. I have configured both, director and backend servers, as described in that doc, but I don't know how to run doveadm commands in director servers. doveadm is working, because I can run commands, but they are executed in local (director) server. For example: root at myotis40:/etc/dovecot/conf.d# doveadm director status mail server ip vhosts users 155.54.211.169 100 1 but doveadm who seems to be executed just in local: (backend server) root at myotis30:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) angel.luis 2 imap (11931 11936) (155.54.67.5) (director server) root at myotis40:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) And another question about this... what is the local config option? I haven't found it documented anywhere. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 8 13:05:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 08 Jun 2012 06:05:09 -0400 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <4FD1CE55.4050701@Media-Brokers.com> On 2012-06-08 12:39 AM, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends The first/obvious answer is, did you try 2.1.7? 2.1 introduced a lot of changes, so you should *expect* to be sure and test the latest version before assuming it is/may be a bug... From amateo at um.es Fri Jun 8 13:24:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 12:24:37 +0200 Subject: [Dovecot] difference between client_limit and process_limit Message-ID: <4FD1D2E5.3020901@um.es> Hi, What is the real difference between client and process limit? According to documentation (http://wiki2.dovecot.org/Services#Service_limits): client_limit: Maximum number of simultaneous client connections. If set to 0, default_client_limit is used instead. process_limit: Maximum number of processes that can exist for this service. If set to 0, default_process_limit is used instead. But what does "client connection" exactly means? Is a user (login)? Is a user opens a few TCP connections (as many clients do) are they count as different connections? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From anmeyer at anup.de Fri Jun 8 14:05:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 13:05:11 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 Message-ID: <20120608130511.1d55d814@itx.bitcorner.intern> Hello! I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely ? Thanks for help! Andreas From amateo at um.es Fri Jun 8 14:12:25 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 13:12:25 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1D2E5.3020901@um.es> References: <4FD1D2E5.3020901@um.es> Message-ID: <4FD1DE19.4050903@um.es> El 08/06/12 12:24, Angel L. Mateo escribi?: > Hi, > > What is the real difference between client and process limit? According > to documentation (http://wiki2.dovecot.org/Services#Service_limits): > > client_limit: Maximum number of simultaneous client connections. If set > to 0, default_client_limit is used instead. > process_limit: Maximum number of processes that can exist for this > service. If set to 0, default_process_limit is used instead. > > But what does "client connection" exactly means? Is a user (login)? Is a > user opens a few TCP connections (as many clients do) are they count as > different connections? > Sorry, it's friday, my mind is on the weekend :-( I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From acrow at integrafin.co.uk Fri Jun 8 14:13:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 12:13:57 +0100 Subject: [Dovecot] 2.1.7 altmove not working Message-ID: <4FD1DE75.5000606@integrafin.co.uk> Hi list, I've just set up a 2.1.7 server, and have migrated a couple of accounts across from a 2.0.15 server, keeping the old configs. I have a strange problem on the new box in that altmove just doesn't work. I have my main storage under /home/email, indexes under /home/indexes and ALT under /home/email_archive. When I run the altmove command, the following broken symlink is created in /home/email/integrafin.co.uk/acrow: lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes But nothing is created in the archive other than the empty directory: /home/email_archive/integrafin.co.uk/a/acrow. My mail_location is: mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n This worked perfectly on the older server. I have attached my doveconf -a output. Any help much appreciated. Regards Alex -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.el6.x86_64 x86_64 CentOS release 6.2 (Final) ext4 auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@' auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = mail_access_groups = mail_attachment_dir = /home/email_archive/attachments mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = never mail_full_filesystem_access = no mail_gid = email mail_home = mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = email mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = yes mdbox_rotate_interval = 1 days mdbox_rotate_size = 2 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = INBOX/ separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = children location = mdbox:/home/email/%%d/%%n:ALT=/home/email_archive/%%d/%%1n/%%n:INDEX=/home/indexes/%d/%1n/%n/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/mail/dovecot/shared-mailboxes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 8524 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = email mode = 0600 user = email } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = pop3 service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <4FD1E24C.1030906@thelounge.net> Am 08.06.2012 13:05, schrieb Andreas Meyer: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > The section at line 217 looks like this: > > auth default { > mechanisms = plain > passdb passwd-file { > args = /etc/dovecot/passwd > } > userdb passwd-file { > args = /etc/dovecot/passwd > } > > How do I change it to fullfill the new needs? > > And how do I handle line 217? > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely what exactly are you not understanding here? this is a very clear message below a partly output from a working 2.1.7 auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz auth_debug = no auth_debug_passwords = no auth_verbose = no -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From voytek at sbt.net.au Fri Jun 8 14:34:39 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 08 Jun 2012 21:34:39 +1000 Subject: [Dovecot] Restoring older messages to new server? Message-ID: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> I had Dovcot 1.x setup, all was working well (till...) Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. I have recovered data from Maildirs messages from the old server, As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) Thanks for pointers, Voytek -- Swyped on my Motrix with K-9 Mail. Please excuse my brevity. From h.reindl at thelounge.net Fri Jun 8 14:37:12 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 13:37:12 +0200 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> Message-ID: <4FD1E3E8.8020103@thelounge.net> Am 08.06.2012 13:34, schrieb Voytek Eymont: > I had Dovcot 1.x setup, all was working well (till...) > > Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. > > I have recovered data from Maildirs messages from the old server, > As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) imapsync is your friend -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From trever.adams at gmail.com Fri Jun 8 16:11:50 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Fri, 08 Jun 2012 07:11:50 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 In-Reply-To: <4FD044A5.2000000@gmail.com> References: <4FD044A5.2000000@gmail.com> Message-ID: <4FD1FA16.7090004@gmail.com> On 06/07/2012 12:05 AM, Trever L. Adams wrote: > Hello Everyone, > > I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. > > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > > The cronjob is: > > 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D > > > What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. > > Any help would be greatly appreciated. > > Thank you, > Trever > > Sorry everyone. Trash was the right name. This used to work. The other boxes I am seeing the problem on are created when used. I am sorry to have sounded an alarm. Trever -- "Advise your legislators, when they make laws for larceny, burglary, or any felony, to make the penalty applicable to work upon roads, public works, or any place where the culprit can be taught more wisdom and more virtue, and become more enlightened. Rigor and seclusion will never do as much to reform the propensities of men as reason and friendship." -- Joseph Smith, Jr. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From mcbdovecot at robuust.nl Fri Jun 8 16:12:41 2012 From: mcbdovecot at robuust.nl (Maarten Bezemer) Date: Fri, 8 Jun 2012 15:12:41 +0200 (CEST) Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FD0A06A.50008@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> <4FD0A06A.50008@thelounge.net> Message-ID: On Thu, 7 Jun 2012, Reindl Harald wrote: > Am 06.06.2012 23:59, schrieb Ed W: >> I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification >> which says that there must be a notification sent back to the sender whenever they download their emails. I cannot >> currently bid for their business. >> >> A spec is a spec - either you can meet the spec or you can't bid for the business... > > i'm not sure why it is so hard to believe that nobody should > bid for such idiotic specs - techs should act professional > and not like whores while try impossible and stupid things > which can sovle each mail-client since > 10 years and is not > the job of a mailserver Does the spec say how to conform to it? I mean: does "the system" have to support the transmission of receipts? Most bidding rounds I've been part of only had very rough descriptions of what should be possible. Not exactly how. (Too detailed specs, pointing heavily in the direction of one type of solution provider, can be easily challenged!) So, even without Dovecot supporting DSN-stuff, it would be possible to bid for these types of clients. The system as a whole does support DSN's, when MUA is conforming to relevant specs. Most MUA's support some form of DSN of read notification. What's more: whatever choice you make, server side or client side, handling of these status messages (and ways to request them) heavily depend on the remote party's technology as well. So, claiming you conform to the read-notification spec can be as easy as saying "yes, as long as you use a proper MUA". -- Maarten From anmeyer at anup.de Fri Jun 8 16:33:07 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 15:33:07 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD1E24C.1030906@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> Message-ID: <20120608153307.751e3865@itx.bitcorner.intern> Reindl Harald wrote: > > > Am 08.06.2012 13:05, schrieb Andreas Meyer: > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > > > The section at line 217 looks like this: > > > > auth default { > > mechanisms = plain > > passdb passwd-file { > > args = /etc/dovecot/passwd > > } > > userdb passwd-file { > > args = /etc/dovecot/passwd > > } > > > > How do I change it to fullfill the new needs? > > > > And how do I handle line 217? > > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > what exactly are you not understanding here? > this is a very clear message I find the message very confusing. It says to do all settings inside auth {} and then to remove the auth {} section. With v1.0.5 I do have an auth default {} section and a section ## Authentication processes. > below a partly output from a working 2.1.7 > > auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN > auth_worker_max_count = 100 > auth_cache_size = 32768 > auth_cache_ttl = 1800 > auth_cache_negative_ttl = 1800 > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% > auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz > auth_debug = no > auth_debug_passwords = no > auth_verbose = no > Thank you! I found section ## Authentication processes but when I add auth_passdb { args = /etc/dovecot/passwd driver = passwd-file } auth_userdb { args = /etc/dovecot/passwd driver = passwd-file } I get an error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 709: Unknown setting: auth_passdb Where do I put the passdb and userdb sections? Andreas From weber at zackbummfertig.de Fri Jun 8 16:56:34 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 15:56:34 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= Message-ID: hello list, i need help. dovecot dont look into my virtual_alias_maps . i set via postzfixadmin an alias postmaster at domain.tld to newmail at domainother.tld. when i send mails to postmaster at domain.tld mails are rejected. dovecot authworker tells me in log: user unknown. but i can request the data via postmap -v -q postmaster at domain.tld mysql:/etc/postfix/mysql_virtual_alias.cf and get result "newmail at domainother.tld". any ideas, hwo to get dovecot to look into my alias maps? marko From steeeeeveee at gmx.net Fri Jun 8 17:12:01 2012 From: steeeeeveee at gmx.net (Steve) Date: Fri, 08 Jun 2012 16:12:01 +0200 Subject: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda In-Reply-To: References: Message-ID: <20120608141201.318640@gmx.net> -------- Original-Nachricht -------- > Datum: Fri, 08 Jun 2012 15:56:34 +0200 > Von: Marko Weber > An: Dovecot > Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda > > hello list, > i need help. dovecot dont look into my virtual_alias_maps . > i set via postzfixadmin an alias postmaster at domain.tld to > newmail at domainother.tld. > when i send mails to postmaster at domain.tld mails are rejected. dovecot > authworker tells > me in log: user unknown. > but i can request the data via postmap -v -q postmaster at domain.tld > mysql:/etc/postfix/mysql_virtual_alias.cf > and get result "newmail at domainother.tld". > This is postfix related. You need to look into your /etc/dovecot/conf.d/10-auth.conf and there you have referenced (probably with an !include) a auth-sql.conf.ext file. The content of that file is important to us. Probably there you have a userdb {} entry with an driver = sql and an args entry. The file you reference there in the args entry is important to us too. Can you post the content of those files? > any ideas, hwo to get dovecot to look into my alias maps? > > marko > // Steve -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From h.reindl at thelounge.net Fri Jun 8 17:35:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:35:49 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608153307.751e3865@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> Message-ID: <4FD20DC5.7000500@thelounge.net> Am 08.06.2012 15:33, schrieb Andreas Meyer: > Reindl Harald wrote: > >> >> >> Am 08.06.2012 13:05, schrieb Andreas Meyer: >>> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 >>> Now I get the following executing >>> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf >>> >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } >>> >>> The section at line 217 looks like this: >>> >>> auth default { >>> mechanisms = plain >>> passdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> userdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> >>> How do I change it to fullfill the new needs? >>> >>> And how do I handle line 217? >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >> >> what exactly are you not understanding here? >> this is a very clear message > > I find the message very confusing. It says to do all settings inside auth {} and > then to remove the auth {} section. no, it says you should MOVE all settings OUT from auth {} in the main part and add a prefix auth_ to them you quoted your auth{} section in a pure 2.x setup this would not exist -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 17:50:51 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 16:50:51 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD20DC5.7000500@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> Message-ID: <20120608165051.6001b856@itx.bitcorner.intern> Reindl Harald wrote: > >>> The section at line 217 looks like this: > >>> > >>> auth default { > >>> mechanisms = plain > >>> passdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> userdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> > >>> How do I change it to fullfill the new needs? > >>> > >>> And how do I handle line 217? > >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > >> > >> what exactly are you not understanding here? > >> this is a very clear message > > > > I find the message very confusing. It says to do all settings inside auth {} and > > then to remove the auth {} section. > > no, it says you should MOVE all settings OUT from auth {} > in the main part and add a prefix auth_ to them > > you quoted your auth{} section > > in a pure 2.x setup this would not exist > I get this output when I move the passwd settings to the main section: # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section, the auth-passwdfile.conf weems to be ignored. It has the following content: passdb { driver = passwd-file #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd } userdb { driver = passwd-file #args = username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd # Default fields that can be overridden by passwd-file #default_fields = quota_rule=*:storage=1G # Override fields from passwd-file #override_fields = home=/home/virtual/%u } I don't know where to put the passwd section. Andreas From h.reindl at thelounge.net Fri Jun 8 17:58:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:58:53 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608165051.6001b856@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> Message-ID: <4FD2132D.1090302@thelounge.net> Am 08.06.2012 16:50, schrieb Andreas Meyer: > Reindl Harald wrote: > >>>>> The section at line 217 looks like this: >>>>> >>>>> auth default { >>>>> mechanisms = plain >>>>> passdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> userdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> >>>>> How do I change it to fullfill the new needs? >>>>> >>>>> And how do I handle line 217? >>>>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>>> >>>> what exactly are you not understanding here? >>>> this is a very clear message >>> >>> I find the message very confusing. It says to do all settings inside auth {} and >>> then to remove the auth {} section. >> >> no, it says you should MOVE all settings OUT from auth {} >> in the main part and add a prefix auth_ to them >> >> you quoted your auth{} section >> >> in a pure 2.x setup this would not exist >> > > I get this output when I move the passwd settings to the main section: > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb because this does not belong here consider take a look at dovecot2 manuals http://wiki2.dovecot.org/AuthDatabase/ http://wiki2.dovecot.org/AuthDatabase/PasswdFile below the auth/passdb config of a 2.1.7 dovecot.conf which was dovecot 1.x until upgraded to 2.x a very long time ago within a few minutes by reading error-messages and docs in this case it is a proxy-only setup accessing dbmail's user-database for authentication ___________________________ # authentication process auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz # debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no # configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf } # we are not using local users userdb { driver = static args = static uid=5000 gid=5000 home=/dev/null } # configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 18:36:41 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 17:36:41 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2132D.1090302@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> Message-ID: <20120608173641.329d4c79@itx.bitcorner.intern> Reindl Harald wrote: > Am 08.06.2012 16:50, schrieb Andreas Meyer: > > Reindl Harald wrote: > >> you quoted your auth{} section > >> > >> in a pure 2.x setup this would not exist > >> > > > > I get this output when I move the passwd settings to the main section: > > > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb > > because this does not belong here > consider take a look at dovecot2 manuals > > http://wiki2.dovecot.org/AuthDatabase/ > http://wiki2.dovecot.org/AuthDatabase/PasswdFile thanks again! I think I got this one right now. I risked to restat dovecot with the new version and got this in the logfile now: Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: undefined symbol: mail_storage_module_id Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [84.179.59.203] The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to /usr/lib/dovecot/modules/lib10_quota_plugin.so What can I do? Wouldn't it be great to get the new dovecot working with my users and the old passwd file? Andreas From weber at zackbummfertig.de Fri Jun 8 18:44:32 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 17:44:32 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= In-Reply-To: <20120608141201.318640@gmx.net> References: <20120608141201.318640@gmx.net> Message-ID: <6b4775adce81aa5a7b9a8e7ccfe4a372@zackbummfertig.de> Am 08.06.2012 16:12, schrieb Steve: > -------- Original-Nachricht -------- >> Datum: Fri, 08 Jun 2012 15:56:34 +0200 >> Von: Marko Weber >> An: Dovecot >> Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps >> when using dovecot lda > >> >> hello list, >> i need help. dovecot dont look into my virtual_alias_maps . >> i set via postzfixadmin an alias postmaster at domain.tld to >> newmail at domainother.tld. >> when i send mails to postmaster at domain.tld mails are rejected. >> dovecot >> authworker tells >> me in log: user unknown. >> but i can request the data via postmap -v -q postmaster at domain.tld >> mysql:/etc/postfix/mysql_virtual_alias.cf >> and get result "newmail at domainother.tld". >> > This is postfix related. You need to look into your > /etc/dovecot/conf.d/10-auth.conf and there you have referenced > (probably with an !include) a auth-sql.conf.ext file. The content of > that file is important to us. Probably there you have a userdb {} > entry with an driver = sql and an args entry. The file you reference > there in the args entry is important to us too. Can you post the > content of those files? 10-auth.conf: auth_mechanisms = plain login digest-md5 cram-md5 !include auth-system.conf.ext !include auth-sql.conf.ext (thats all in the 10-auth.conf file) auth-sql.conf.ext: passdb { driver = sql # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } /etc/dovecot/dovecot-sql.conf.ext: connect = \ host=/var/run/mysqld/mysqld.sock \ dbname=postfixadmin \ user=wurst \ password=irgendetwaspasswort default_pass_scheme = MD5 user_query = \ SELECT \ CONCAT('/home/vmail/',maildir) AS home, \ CONCAT('maildir:/home/vmail/',maildir) AS mail, \ maildir, 5000 AS uid, 5000 AS gid, \ CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule \ FROM mailbox \ WHERE username = '%u' AND active = '1' LIMIT 1 password_query = \ SELECT \ username AS user, \ password, \ CONCAT('/home/vmail',maildir) AS userdb_home, \ CONCAT('maildir:/home/vmail/',maildir) AS userdb_mail, \ 5000 AS userdb_uid, \ 5000 AS userdb_gid \ FROM mailbox \ WHERE username='%u' AND active='1' LIMIT 1 thats all. do you need more information , lemme know. marko > > >> any ideas, hwo to get dovecot to look into my alias maps? >> >> marko >> > // Steve From tss at iki.fi Fri Jun 8 19:12:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:12:44 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608130511.1d55d814@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> On 8.6.2012, at 14.05, Andreas Meyer wrote: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } .. > How do I change it to fullfill the new needs? doveconf should have done all of those changes for you and placed them to dovecot-2.conf From tss at iki.fi Fri Jun 8 19:15:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:15:24 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608173641.329d4c79@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: On 8.6.2012, at 18.36, Andreas Meyer wrote: > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > What can I do? Wouldn't it be great to get the new dovecot working with > my users and the old passwd file? The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. From tss at iki.fi Fri Jun 8 19:17:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:17:48 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1DE19.4050903@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: On 8.6.2012, at 14.12, Angel L. Mateo wrote: >> What is the real difference between client and process limit? According >> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >> > Sorry, it's friday, my mind is on the weekend :-( > > I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. From tss at iki.fi Fri Jun 8 19:20:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:20:09 +0300 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <1415FF99-54F4-4D17-BC8A-7ACC9E0FE6F4@iki.fi> On 8.6.2012, at 7.39, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends > and yes, I've added > login_trusted_networks = 192.168.5.0/24 on all of them > but it didn't help. Missing feature: v2.1.2 2012-03-15 Timo Sirainen + Proxying: POP3 now supports sending remote IP+port from proxy to backend server via Dovecot-specific XCLIENT extension. From tss at iki.fi Fri Jun 8 19:25:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:25:50 +0300 Subject: [Dovecot] auth trouble In-Reply-To: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> Message-ID: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> On 6.6.2012, at 2.08, Glenn English wrote: >> And these brute force attempts would be logged, each one. > > They are, with no rhost. And there are other brute force attempts > that *do* have IPs. I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. From rnalrd at gmail.com Fri Jun 8 17:53:21 2012 From: rnalrd at gmail.com (Leonardo) Date: Fri, 08 Jun 2012 16:53:21 +0200 Subject: [Dovecot] ntlm_auth in Dovecot Message-ID: <1339167201.4285.90.camel@df1844j> Hi, I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. I'm getting the following error: Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not authenticated: NT_STATUS_UNSUCCESSFUL "wbinfo -u" reports all the users of the domain and "ntlm_auth --username=%name% --domain="%domain%" gets authenticated successfully. Debugging winbind I can see the following error: [2012/06/08 14:18:11.129611, 10] winbindd/winbindd.c:651(process_request) process_request: unknown request fn number 14 [2012/06/08 14:18:11.129671, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[2822:unknown request]: delivered response to client My dovecot.conf is the following: auth_mechanisms = plain ntlm login auth_username_format = %n auth_verbose = yes auth_winbind_helper_path = /usr/bin/ntlm_auth auth_use_winbind = yes auth_debug = yes disable_plaintext_auth = no info_log_path = /var/log/dovecot-info.log log_path = /var/log/dovecot.log mail_location = maildir:/var/mail/domains/%d/%n plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } protocols = imap ssl = no userdb { driver = static args = uid=100 gid=101 home=/var/mail/domains/%d/%n first_valid_uid=100 } passdb ldap { driver = ldap args = /etc/dovecot/dovecot-ldap.conf } protocol imap { mail_plugins = autocreate } Sounds like there is an issue when Dovecot runs "ntlm_auth". It doesn't appear to be a permission issue (perms are 755). Any help is appreciated. Thank you in advance. -- leonardo. From at_hacker at mail.ru Fri Jun 8 19:32:54 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Fri, 08 Jun 2012 20:32:54 +0400 Subject: [Dovecot] =?utf-8?q?Fwd=3A__ntlm=5Fauth_in_Dovecot?= Message-ID: <1339173174.822111746@f215.mail.ru> Try to delete your server from domain and add it again by "net ads join..." > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL From h.reindl at thelounge.net Fri Jun 8 19:33:26 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 18:33:26 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: <4FD22956.20904@thelounge.net> Am 08.06.2012 18:17, schrieb Timo Sirainen: > On 8.6.2012, at 14.12, Angel L. Mateo wrote: > >>> What is the real difference between client and process limit? According >>> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >>> >> Sorry, it's friday, my mind is on the weekend :-( >> >> I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? > > Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. depends on the usecase / workload having dovecot as proxy for other imap-backends and 1 process per connection will heavily raise up process-count and memory-overhead while memory may be needed for the imap-backend (like dbmail) and datanases process_limit = 15 client_limit = 300 this way you can have 4500 proxy-connections and use most time not more than 4-5 processes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Fri Jun 8 19:43:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:43:16 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD22956.20904@thelounge.net> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> Message-ID: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> On 8.6.2012, at 19.33, Reindl Harald wrote: >> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. > > depends on the usecase / workload > > having dovecot as proxy for other imap-backends and 1 process per connection > will heavily raise up process-count and memory-overhead while memory > may be needed for the imap-backend (like dbmail) and datanases > > process_limit = 15 > client_limit = 300 > > this way you can have 4500 proxy-connections and use most time > not more than 4-5 processes Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. From anmeyer at anup.de Fri Jun 8 19:57:21 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 18:57:21 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> References: <20120608130511.1d55d814@itx.bitcorner.intern> <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> Message-ID: <20120608185721.46b98e9f@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 14.05, Andreas Meyer wrote: > > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. Yes, it did. I was wondering, it just containes a few lines. ;) Took it and placed it in /usr/etc as dovecot.conf. But then I got this error with the quota_plugin, see they other thread. > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > .. > > How do I change it to fullfill the new needs? > > doveconf should have done all of those changes for you and placed them to dovecot-2.conf > Yes, it did. Andreas From l.messner at physik.tu-berlin.de Fri Jun 8 19:59:02 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Fri, 8 Jun 2012 18:59:02 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? Message-ID: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Hi list, i noticed that when doing imap gssapi authentication with kerberos, dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf and doveconf -n also show this setting. If i combine the keytabs in krb5.keytab it works. Is there another location where i should put my configuration regarding gssapi/kerberos ? Thanks, Leon logs: 18:48_root at mail3:/root# cat /var/log/dovecot.log | tail -n 8 Jun 08 18:48:16 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=gexTxPjBZACClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=31076 Jun 08 18:48:16 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 08 18:48:16 auth: Debug: client out: CONT 1 Jun 08 18:48:16 auth: Debug: client in: CONT Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 08 18:48:18 auth: Debug: client out: FAIL 1 Jun 08 18:48:23 imap-login: Info: Aborted login (auth failed, 1 attempts in 7 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p3 amd64 auth_debug = yes auth_gssapi_hostname = mail3.physik-pool.tu-berlin.de auth_krb5_keytab = /etc/mail3.krb5.keytab auth_mechanisms = gssapi plain login auth_verbose = yes auth_worker_max_count = 120 first_valid_gid = 300 first_valid_uid = 200 lda_mailbox_autocreate = yes listen = mail3.physik.tu-berlin.de log_path = /var/log/dovecot.log mail_fsync = always mail_location = maildir:~/maildir mail_nfs_index = yes mail_nfs_storage = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = mbox:~/mail prefix = mail/ separator = / type = private } passdb { args = session=yes failure_show_msg=yes max_requests=100 dovecot driver = pam } plugin { quota = fs sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0660 } unix_listener auth-master { mode = 0600 } user = root } service imap-login { inet_listener imap { port = 0 } process_limit = 256 process_min_avail = 6 } service managesieve-login { process_limit = 256 process_min_avail = 6 } service pop3-login { inet_listener pop3 { port = 0 } process_limit = 256 process_min_avail = 6 } ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: <20120608190243.1ccf5aa8@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 18.36, Andreas Meyer wrote: > > > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > > > What can I do? Wouldn't it be great to get the new dovecot working with > > my users and the old passwd file? > > The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. > I wonder ./configure, make and make install went through, but for some reason the /usr/lib/dovecot/modules directory was not updated. Could it be because there was the old version 1.0.5 still running while installing the new one? I'll try to do a make install again while the dovecot is stopped and then start the new version and see what happens. Andreas From h.reindl at thelounge.net Fri Jun 8 20:10:35 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:10:35 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608190243.1ccf5aa8@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> Message-ID: <4FD2320B.6070107@thelounge.net> Am 08.06.2012 19:02, schrieb Andreas Meyer: > Timo Sirainen wrote: > >> On 8.6.2012, at 18.36, Andreas Meyer wrote: >> >>> Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: >>> >>> What can I do? Wouldn't it be great to get the new dovecot working with >>> my users and the old passwd file? >> >> The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. >> > > I wonder ./configure, make and make install went through, but for some > reason the /usr/lib/dovecot/modules directory was not updated. Could > it be because there was the old version 1.0.5 still running while > installing the new one? ouch - why are you doing such rough installs instead taking some time to learn how to build packages for your OS? the benefit of package-systems like rpm/deb is that obsolete files are removed on updates and you have clean installs over many years and major upgrades of any software as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a recent src.rpm and replace rebuild new versions for older releases the additional benefit is that you can do this on a dedicated virtual machine with devel-packages, GCC and so on which is all not needed on the production systems AND you can easily use this packages on testing machines followed by a crontrolled rollout even for software with a handful of scripts -> on my servers and workstations NEVER get any software installed without a package and there are only two exceptions: VMware Workstation and ZendStudio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 20:31:02 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 19:31:02 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2320B.6070107@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> Message-ID: <20120608193102.37d4662d@itx.bitcorner.intern> Reindl Harald wrote: > > I wonder ./configure, make and make install went through, but for some > > reason the /usr/lib/dovecot/modules directory was not updated. Could > > it be because there was the old version 1.0.5 still running while > > installing the new one? > > ouch - why are you doing such rough installs instead taking some time > to learn how to build packages for your OS? > > the benefit of package-systems like rpm/deb is that obsolete files > are removed on updates and you have clean installs over many years > and major upgrades of any software > > as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a > recent src.rpm and replace rebuild new versions for older releases > > the additional benefit is that you can do this on a dedicated virtual > machine with devel-packages, GCC and so on which is all not needed on > the production systems AND you can easily use this packages on > testing machines followed by a crontrolled rollout > > even for software with a handful of scripts -> on my servers and > workstations NEVER get any software installed without a package > and there are only two exceptions: VMware Workstation and ZendStudio ;-) I never ever built a rpm using sources since years. I always build and install from the sources. So ok, made a fresh make install and found out that the directory /usr/lib/dovecot/modules and its contents were not created after deleting manually the old /usr/lib/dovecot directory. Got this snipped from the make install output: make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' Making install in trash make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: F?r das Ziel ?install-exec-am? ist nichts zu tun. test -z "/usr/lib/dovecot" || /bin/mkdir -p "/usr/lib/dovecot" /bin/sh ../../../libtool --mode=install /usr/bin/install -c lib11_trash_plugin.la '/usr/lib/dovecot' libtool: install: warning: relinking `lib11_trash_plugin.la' libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh /home/mail1/dovecot-2.1.7/libtool --tag CC --mode=relink gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath /usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt ) *** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! libtool: relink: gcc -shared -fPIC -DPIC .libs/trash-plugin.o -Wl,-rpath -Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt -O2 -Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT /usr/lib/dovecot/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai /usr/lib/dovecot/lib11_trash_plugin.la libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a libtool: finish: PATH="/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin" ldconfig -n /usr/lib/dovecot Andreas From h.reindl at thelounge.net Fri Jun 8 20:36:18 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:36:18 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608193102.37d4662d@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> Message-ID: <4FD23812.4070204@thelounge.net> Am 08.06.2012 19:31, schrieb Andreas Meyer: > Reindl Harald wrote: >> even for software with a handful of scripts -> on my servers and >> workstations NEVER get any software installed without a package >> and there are only two exceptions: VMware Workstation and ZendStudio > > ;-) I never ever built a rpm using sources since years. I always > build and install from the sources a good time to start again :-) i missed to tell another benefit: you have to specify every installed file in the %files section, so you are aware of changes in any folder-structure, as long it builds wtihout complaining with a new source-version you can be pretty sure all is sane this time virtualization is a real improvement * build packages outside production environment * provide local repos in the own LAN * setup testing machins with real data * test upgrades with real data in this life i will never ever setup a server on bare metal without having VMware ESXi as backend (clone, snapshots..) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From acrow at integrafin.co.uk Fri Jun 8 20:58:24 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 18:58:24 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD1DE75.5000606@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> Message-ID: <4FD23D40.2050001@integrafin.co.uk> On 08/06/12 12:13, Alex Crow wrote: > Hi list, > > I've just set up a 2.1.7 server, and have migrated a couple of > accounts across from a 2.0.15 server, keeping the old configs. I have > a strange problem on the new box in that altmove just doesn't work. I > have my main storage under /home/email, indexes under /home/indexes > and ALT under /home/email_archive. > > When I run the altmove command, the following broken symlink is > created in /home/email/integrafin.co.uk/acrow: > > lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> > /home/email_archive/integrafin.co.uk/a/acrow/mailboxes > > But nothing is created in the archive other than the empty directory: > /home/email_archive/integrafin.co.uk/a/acrow. > > My mail_location is: > > mail_location = > mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n > > This worked perfectly on the older server. I have attached my doveconf > -a output. > > Any help much appreciated. > > Regards > > Alex > BTW I need to add that even with -v -D there were no complaints from dovecot altmove, and nothing untoward in /var/log/maillog. I also forgot to specify that I'm running on Centos6.2, all updates applied, package was built with a combo of the spec file from ATRPMs and the latest source tarball. I previously had the ATRPMS 2.1.1 package installed, same issue. Please feel free to tell me if I'm doing something wrong (ie something has changed between 2.0 and 2.1 re ALT: storage. Cheers Alex From anmeyer at anup.de Fri Jun 8 21:49:26 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 20:49:26 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD23812.4070204@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> <4FD23812.4070204@thelounge.net> Message-ID: <20120608204926.3fbf6344@itx.bitcorner.intern> Reindl Harald wrote: > > ;-) I never ever built a rpm using sources since years. I always > > build and install from the sources > > a good time to start again :-) > > i missed to tell another benefit: you have to specify every > installed file in the %files section, so you are aware of > changes in any folder-structure, as long it builds wtihout > complaining with a new source-version you can be pretty sure > all is sane > > this time virtualization is a real improvement > > * build packages outside production environment > * provide local repos in the own LAN > * setup testing machins with real data > * test upgrades with real data > > in this life i will never ever setup a server on bare metal > without having VMware ESXi as backend (clone, snapshots..) > I have that beast running. There was an entry in the docecot.conf like this, created by doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf protocol imap { mail_plugin_dir = /usr/lib/dovecot/modules/imap mail_plugins = quota imap_quota } protocol pop3 { mail_plugin_dir = /usr/lib/dovecot/modules/pop3 mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } I commented it out and I can retrieved mail furthermore. :-) Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve running. Thank you everybody for the help and that great piece of software! Andreas From ghe at slsware.com Fri Jun 8 22:27:43 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 8 Jun 2012 13:27:43 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> Message-ID: On Jun 8, 2012, at 10:25 AM, Timo Sirainen wrote: > I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. Will do. What you say fits with what I see in the logs and is a lot simpler than many other suggestions. And you do have some credibility in this area :-) Thanks. -- Glenn English hand-wrapped from my Apple Mail From anmeyer at anup.de Fri Jun 8 23:34:32 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 22:34:32 +0200 Subject: [Dovecot] per user quota Message-ID: <20120608223432.390c71d0@itx.bitcorner.intern> Hello! I activated quota plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% } But when I want to do per user quota in the passwd-file ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G I get this in the logfile and can't login: Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. Same with 'storage' in the passwd-file. What's wrong? Andreas From acrow at integrafin.co.uk Sat Jun 9 00:25:39 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 22:25:39 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD23D40.2050001@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> <4FD23D40.2050001@integrafin.co.uk> Message-ID: <4FD26DD3.10109@integrafin.co.uk> > > BTW I need to add that even with -v -D there were no complaints from > dovecot altmove, and nothing untoward in /var/log/maillog. I also > forgot to specify that I'm running on Centos6.2, all updates applied, > package was built with a combo of the spec file from ATRPMs and the > latest source tarball. > > I previously had the ATRPMS 2.1.1 package installed, same issue. > > Please feel free to tell me if I'm doing something wrong (ie something > has changed between 2.0 and 2.1 re ALT: storage. > > Cheers > > Alex > I don't know how I did it (I didn't change *any* config directive) but now it magically seems to work after a reboot and umount/remount of the ALT storage area. However I still have that dangling symlink: lrwxrwxrwx 1 email email 54 Jun 8 22:05 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes Where the target doesn't exist... Cheers Alex From agt at ucsd.edu Sat Jun 9 00:53:02 2012 From: agt at ucsd.edu (Adam G Tilghman) Date: Fri, 8 Jun 2012 14:53:02 -0700 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x Message-ID: <20120608215302.GA29690@acsmail.ucsd.edu> We're planning to upgrade our site from 1.2.17 to 2.1.x within the next few months, but we must ensure our ability to revert to 1.2.17 if problems arise. I don't expect our maildir storage would present a problem, but am less certain about 2.1.x index/control files remaining readable under 1.2.17. Should I have any reason to worry? -- Adam Tilghman Systems Support / Academic Computing & Media Services agt at ucsd.edu 858-822-0711 University of California, San Diego From freebsd at grem.de Sat Jun 9 03:58:15 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 02:58:15 +0200 Subject: [Dovecot] Maildir filename has wrong S value In-Reply-To: <20120515102352.GA24117@uil.winnipeg.nl> References: <20120515102352.GA24117@uil.winnipeg.nl> Message-ID: <4FD29FA7.8040300@grem.de> On 15.5.12 12:23, Wouter de Geus wrote: > Hello folks, > > This morning I tried to open an old archive mail folder using Mutt. > However, while fetching headers it aborted. > Checking the dovecot log gave me this: > > @400000004fb21996267d37d4 imap(benv): Error: Cached message size smaller than expected (9115 < 9420) > @400000004fb21996267e8bac imap(benv): Error: Maildir filename has wrong S value, renamed the file from /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S to /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9420:2,S > @400000004fb21996267e937c imap(benv): Error: Corrupted index cache file /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/dovecot.index.cache: Broken physical size for mail UID 294 > @400000004fb21996267eaaec imap(benv): Error: read(/home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S) failed: Input/output error (uid=294) > @400000004fb219962680683c imap(benv): Info: Disconnected: Internal error occurred. Refer to server log for more information. [2012-05-15 10:53:32] in=6503 out=192718 > > I've retried opening this folder several times, but each time Dovecot only fixes 1 file and then aborts. > (the folder apparently has a lot more files with incorrect sizes). > My question here is: Why does dovecot abort? Isn't the issue fixed after the rename? > > Also: The files are not corrupted or unreadable, reading them through the commandline works fine. > I've looked through my backups and saw that at least half a year ago this mismatch in size was already present. > > I've been running dovecot for quite a while, so the cause of this size mismatch might very well be a issue in an older version of dovecot / my configuration. > Right now I'm running dovecot 2.1.6, but I've been running the v1.2 version for quite a while before that. > > Is this something that can be improved in dovecot so it doesn't abort after 1 rename? > (of course I could script a rename operation, but that seems like a workaround to me) > > Thanks for reading. > > Wouter. > > > > > My current configuration: > ========================= > # 2.1.6: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32.32-g3d14ce7 x86_64 Slackware 11.0.0 > base_dir = /var/run/dovecot2/ > disable_plaintext_auth = no > first_valid_uid = 89 > info_log_path = /dev/stderr > last_valid_uid = 89 > log_path = /dev/stderr > log_timestamp = > mail_debug = yes > mail_location = maildir:~/Maildir > mail_max_userip_connections = 50 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify e > nvironment mailbox date > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > type = private > } > passdb { > driver = vpopmail > } > plugin { > autocreate = INBOX.Spam > quota = maildir > sieve = ~/.sieve/dovecot.sieve > sieve_dir = ~/.sieve > sieve_global_dir = /etc/dovecot/sieve/ > sieve_subaddress_sep = -+ > } > protocols = imap pop3 sieve > service auth { > unix_listener auth-master { > group = vchkpw > mode = 0660 > } > unix_listener auth-userdb { > group = vchkpw > mode = 0660 > } > } > service imap-login { > inet_listener imap { > address = [::] * > port = 143 > } > inet_listener imaps { > address = [::] * > port = 993 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service managesieve-login { > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service pop3-login { > inet_listener pop3 { > address = [::] * > port = 110 > } > inet_listener pop3s { > address = [::] * > port = 995 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > ssl_cert = ssl_cipher_list = ALL:!LOW > ssl_key = userdb { > driver = vpopmail > } > verbose_proctitle = yes > protocol lda { > hostname = mail.benv.junerules.com > info_log_path = /var/log/dovecot/dovecot2-deliver.log > log_path = /var/log/dovecot/dovecot2-deliver-errors.log > mail_plugins = sieve > postmaster_address = postmaster at benv.junerules.com > sendmail_path = /var/qmail/bin/sendmail > } > protocol imap { > imap_max_line_length = 64 k > mail_plugins = quota imap_quota autocreate > } > protocol pop3 { > mail_plugins = quota autocreate > pop3_no_flag_updates = no > pop3_uidl_format = %v-%u > } > ================================= > I've been facing the same issue today in a similar setup (qmail + vpopmail + dovecot) and figured, that the qmail maildir++ patch I'm using miscalculates the size of mail, since it ignores Delivered-To and Return-Path in the size calculation. Fixing this and reinstalling qmail-local ( plus fixing existing mail using doveadm fetch -u username text all > /dev/null ) solved the problem for me. The problematic line in qmail-local.c is: s += fmt_ulong(s,st.st_size); *s++ = 0; which should be: s += fmt_ulong(s,st.st_size+rpline.len+dtline.len); *s++ = 0; (for FreeBSD users: I submitted a patch to the qmail port, fixing this) http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/168870 Fixing this also fixed fts_squat for me (dovecot 2.1.7) -- Michael From freebsd at grem.de Sat Jun 9 04:07:56 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 03:07:56 +0200 Subject: [Dovecot] squat not working in 2.1 In-Reply-To: <4F4DF7F7.8020405@in.tum.de> References: <4F3FA5D3.8050101@jkart.de> <761E2C44-272D-4F6A-8A33-7FAFB1F011E1@leuxner.net> <4F428323.8050404@fastmail.fm> <6A93411B-4058-4A7D-9F94-452403AE83ED@iki.fi> <4F4DF7F7.8020405@in.tum.de> Message-ID: <4FD2A1EC.4000304@grem.de> On 29.2.12 11:03, Christoph Bu?enius wrote: > On 21.02.2012 01:18, Timo Sirainen wrote: >> On 20.2.2012, at 19.30, Metro Domain Admin wrote: >> >>> Squat is apparently deprecated: >>> http://dovecot.org/list/dovecot/2011-December/062630.html >> >> Yes, but it should still work.. > > As far as I can tell from my tests, squat has stopped working in 2.1. > > Let's take a user who does not have any mails yet, and deliver a first > mail to him: > > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now create an IMAP session, select INBOX, and do a search: > > * 1 EXISTS > * 1 RECENT > * OK [UNSEEN 1] First unseen. > * OK [UIDVALIDITY 1330509552] UIDs valid > * OK [UIDNEXT 2] Predicted next UID > * OK [HIGHESTMODSEQ 1] Highest > . OK [READ-WRITE] Select completed. > >>> . search text test > * SEARCH > . OK Search completed (0.006 secs). > > (Should have returned 1 message.) > > Deliver the same message again: > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now in the existing session, run the search command three more times: > > >>> . search text test > * SEARCH > * 2 EXISTS > * 2 RECENT > . OK Search completed (0.000 secs). > >>> . search text test > * SEARCH 2 > . OK Search completed (0.002 secs). > >>> . search text test > * SEARCH > . OK Search completed (0.000 secs). > > It found the message once, but the next time it didn't. So the squat > search does not actually seem to work any more. I know it's > deprecated, I just wanted to note this. > > Cheers, > Christoph > I had the same symptoms (dovecot 2.1.7), but in my case the reason were corrupted Maildir filenames (S=xxxx and the actual file size differed, which among other things also caused trouble in fts_squat). Those files were a result of a bug in the qmail-maildir++ patch. For details see http://www.dovecot.org/list/dovecot/2012-June/066281.html -- Michael From ott at mirix.org Sat Jun 9 04:55:12 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 03:55:12 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FD2AD00.2050805@mirix.org> On 2012-06-05 23:43, Timo Sirainen wrote: > On 5.6.2012, at 23.33, Michescu Andrei wrote: > >>> I agree, in practice this is not an issue compared to the unavailability >>> of the service, but on longer IMAP sessions (e.g. transferring a big >>> file) the connection loss is noticeable. >> >> It is noticeable for somebody that really waits for a large email. > > And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? Yes, there is. You have to replicate the entire state of the IMAP session (protocol states, buffers, TLS state etc.) and the TCP state of the connection. The state of the IMAP session is (in theory) easily replicable (although you probably have to rely on internals of the TLS implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via i2d_SSL_SESSION, though this is meant to resume session via TLS) and for TCP there is RTCP [1]. RTCP intercepts the TCP session is able to recover the TCP state. It works without any modification of the operating system (at the moment limited to Linux). If this would be implemented in Dovecot it would really set it apart from other IMAP servers and software that I've seen so far. Being able to transparently handle failover of a TCP connection is unique. > I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. Load rebalancing would probably be another feature that separates Dovecot from other IMAP servers. Regards, Matthias-Christian [1] http://rtcp.sourceforge.net/ From rnalrd at gmail.com Sat Jun 9 16:04:13 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 15:04:13 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339247053.4285.92.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL BTW I forgot to say that I've already disjoined and rejoined the server to the domain. I saw someone suggested that on the list (I wasn't subscribe until now). -- leonardo From tss at iki.fi Sat Jun 9 17:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 9 Jun 2012 17:11:07 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FD2AD00.2050805@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> Message-ID: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > Yes, there is. You have to replicate the entire state of the IMAP > session (protocol states, buffers, TLS state etc.) and the TCP state of > the connection. The state of the IMAP session is (in theory) easily > replicable (although you probably have to rely on internals of the TLS > implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via > i2d_SSL_SESSION, though this is meant to resume session via TLS) Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? > and for > TCP there is RTCP [1]. RTCP intercepts the TCP session is able to > recover the TCP state. It works without any modification of the > operating system (at the moment limited to Linux). Thanks for this too. > If this would be implemented in Dovecot it would really set it apart > from other IMAP servers and software that I've seen so far. Being able > to transparently handle failover of a TCP connection is unique. Yes. From ott at mirix.org Sat Jun 9 17:35:42 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 16:35:42 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> Message-ID: <4FD35F3E.8040901@mirix.org> On 2012-06-09 16:11, Timo Sirainen wrote: > On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > >> Yes, there is. You have to replicate the entire state of the IMAP >> session (protocol states, buffers, TLS state etc.) and the TCP state of >> the connection. The state of the IMAP session is (in theory) easily >> replicable (although you probably have to rely on internals of the TLS >> implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via >> i2d_SSL_SESSION, though this is meant to resume session via TLS) > > Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? The Apache httpd module mod_ssl uses it. GnuTLS has similar functions with gnutls_db_*, although it's also only intended to be used to resume a session. Have look at the Apache httpd module mod_gnutls. Regards, Matthias-Christian From rnalrd at gmail.com Sat Jun 9 18:49:41 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 17:49:41 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339256981.4285.99.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL > > > "wbinfo -u" reports all the users of the domain and "ntlm_auth > --username=%name% --domain="%domain%" gets authenticated successfully. > > > Debugging winbind I can see the following error: > > > [2012/06/08 14:18:11.129611, 10] > winbindd/winbindd.c:651(process_request) > process_request: unknown request fn number 14 > [2012/06/08 14:18:11.129671, 10] > winbindd/winbindd.c:738(winbind_client_response_written) > winbind_client_response_written[2822:unknown request]: delivered > response to client Upgrading to Dovecot 2.1.5 did not help. -- leo From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 19:51:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 18:51:27 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user [solved] is logged in via IMAP In-Reply-To: <20120608031622.GA13898@daniel.localdomain> References: <20120608031622.GA13898@daniel.localdomain> Message-ID: <20120609165127.GA9833@daniel.localdomain> Daniel Parthey wrote: > we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: > > Error: Recent flags state corrupted for mailbox > Error: Corrupted dbox file > Error: Corrupted transaction log file > > It looks like a LMTP director problem. The user has IMAP IDLE connections > open and lmtp delivers to another host. This leads to nfs corruption problems. > > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- > Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 > offset=32856 > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 > -> 83 > Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: > marked corrupted > > How to enable the LMTP director to deliver to the correct mailbox host? The reason were different usernames for different protocols (lmtp and imap) of the same user, which resulted in different target hosts in the director: LMTP director was using username at example.org -> Host mail01 IMAP director was using username at dovecotmail.example.org -> Host mail04 > # 2.0.20: /etc/dovecot-director/dovecot-director.conf > passdb { > args = proxy=y nopassword=y user=%n at dovecotmail.%d > driver = static > } Removing the user mapping in the static imap passdb solved the problem: passdb { args = proxy=y nopassword=y driver = static } Now the user is directed to the same host for all protocols again. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 20:09:30 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 19:09:30 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120608223432.390c71d0@itx.bitcorner.intern> References: <20120608223432.390c71d0@itx.bitcorner.intern> Message-ID: <20120609170930.GA10032@daniel.localdomain> Hello Andreas, Andreas Meyer wrote: > I activated quota > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=+10%% > } > > But when I want to do per user quota in the passwd-file > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G It looks like you are at least missing a space between userdb_mail=maildir:~/ and userdb_quota_rule. > I get this in the logfile and can't login: > > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. > > Same with 'storage' in the passwd-file. What's wrong? You forgot to attach your "doveconf -n" output. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:20:47 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:20:47 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD1C71B.4040109@um.es> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> <4FD1C71B.4040109@um.es> Message-ID: <20120609182047.GA10833@daniel.localdomain> Angel L. Mateo wrote: > El 07/06/12 14:12, Urban Loesch escribi?: > ># Space separated list of trusted network ranges. Connections from these > ># IPs are allowed to override their IP addresses and ports (for logging and > ># for authentication checks). disable_plaintext_auth is also ignored for > ># these networks. Typically you'd specify your IMAP proxy servers here. > >login_trusted_networks = > > > I didn't find that option in any example config file, but it's > working. Maybe it must be documented in somewhere. This command lists all available options of your release: doveconf Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:40:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:40:18 +0200 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <20120609184018.GA10990@daniel.localdomain> James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. Have a look at http://wiki2.dovecot.org/Director > Here is a sample of some of the errors I'm seeing: > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > Error: Log synchronization error at seq=2,offset=556 for > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > next_uid = 3 mdbox format requires a correct index and you will lose flags, if you lose the index file. The index will be automatically tried to restore from mails in the storage. You should avoid accessing the same user directory from different NFS clients, since this often leads to corruptions or invalid files. You need a director which ensures that one directory is only accessed from one host at the same time. This applies to IMAP, POP3, LMTP etc, which are all writing to the mailbox. Then you should access all mailboxes only via the director listener ports. > My dovecot config is: You posted only the configuration of your mailbox instance and might have a look your director configuration too: doveconf -c /etc/dovecot-director/dovecot-director.conf -n (or wherever your director configuration is located) Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:48:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:48:53 +0200 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <20120609184853.GA11176@daniel.localdomain> root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and > backtrace messages in syslog on Ubuntu. The messages are shown below. If > every user is going to generate these types of errors, I'm thinking maybe > it makes sense to remove all the .imap directories and let Dovecot create > new clean ones. I realize that may slow things down for awhile while > Dovecot is rebuilding new files. Which mail storage format (mbox,maildir,sdbox,mdbox) are you using and is it stored on NFS? Would you provide your "doveconf -n" output for dovecot 2.0.13, please? You might also have a look at imapsync[1] for clean mass migration from one architecture to another. Regards Daniel [1] http://imapsync.lamiral.info/ From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:11:04 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:11:04 +0200 Subject: [Dovecot] Deliver quota-warning via director Message-ID: <20120609191104.GA11812@daniel.localdomain> Hi there, I'm using NFS with Dovecot 2.0.20 and would like to deliver a quota warning to the user using the LMTP director. I have configured quota warnings according to http://wiki2.dovecot.org/Quota/Configuration But it seems that lda delivers the mail directly to the local filesystem and is not using our lmtp director, which prevents NFS mailboxes from getting corrupted. Is there a way to tell lda to use LMTP or the director and ignore the quota while delivering the notification? Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:19:58 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:19:58 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <4FD0EB43.8070104@lal.in2p3.fr> References: <4FD0EB43.8070104@lal.in2p3.fr> Message-ID: <20120609191958.GA12009@daniel.localdomain> Hi Emiliano, Emiliano Rago wrote: > I need to set up a weird dovecot configuration: > > 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme > 2) inside a ssl tunnel I'd like to authenticate only with plain auth You might try to set up two instances of dovecot, one for plain, one for ssl: http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 23:04:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 22:04:53 +0200 Subject: [Dovecot] director and doveadm server In-Reply-To: <4FD1C8E0.4010807@um.es> References: <4FD1C8E0.4010807@um.es> Message-ID: <20120609200453.GA12401@daniel.localdomain> Hello Angel, Angel L. Mateo wrote: > I've been reading doc at http://wiki2.dovecot.org/Director to > configure my servers. My question is regarding configuration of > doveadm server. > > I have configured both, director and backend servers, as described > in that doc, but I don't know how to run doveadm commands in > director servers. > > doveadm is working, because I can run commands, but they are > executed in local (director) server. See http://wiki2.dovecot.org/Tools/Doveadm/Mailbox doveadm help doveadm help who A few doveadm commands allow the -S socket_path argument where socket_path can be a hostname:port combination of your director doveadm service: altmove [-u |-A] [-S ] [-r] expunge [-u |-A] [-S ] fetch [-u |-A] [-S ] force-resync [-u |-A] [-S ] import [-u |-A] [-S ] index [-u |-A] [-S ] move [-u |-A] [-S ] purge [-u |-A] [-S ] search [-u |-A] [-S ] The http://wiki2.dovecot.org/Director article explains how to set up a "Doveadm server" on a specific port. After you have set up your doveadm server correctly, an example command might look like this: doveadm search -A -S director:24245 mailbox "*" all > but doveadm who seems to be executed just in local: For "doveadm who" however, you need a local anvil socket, which provides the necessary information: doveadm who -a /var/run/dovecot/anvil Remember there is also the proxy list command, since the director is just a proxy with a hash table which always proxies the same username to the same backend: doveadm proxy list > And another question about this... what is the local config option? > I haven't found it documented anywhere. I assume the local { } section is to restrict the inside options to client IPs located in a specific subnet. Regards Daniel From anmeyer at anup.de Sat Jun 9 23:22:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 9 Jun 2012 22:22:11 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120609170930.GA10032@daniel.localdomain> References: <20120608223432.390c71d0@itx.bitcorner.intern> <20120609170930.GA10032@daniel.localdomain> Message-ID: <20120609222211.375f54d3@itx.bitcorner.intern> Daniel Parthey wrote: > Hello Andreas, > > Andreas Meyer wrote: > > I activated quota > > > > plugin { > > quota = maildir:User quota > > quota_rule = *:storage=1GB > > # 10% of 1GB = 100MB > > quota_rule2 = Trash:storage=+10%% > > } > > > > But when I want to do per user quota in the passwd-file > > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G > > It looks like you are at least missing a space between userdb_mail=maildir:~/ > and userdb_quota_rule. Wow, great! The space was missing and now it works. > You forgot to attach your "doveconf -n" output. ok, next time. > Regards, > Daniel Andreas From tss at iki.fi Sun Jun 10 00:00:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:00:52 +0300 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <073BC709-698B-4C65-B06E-05ED5D0E7343@iki.fi> On 6.6.2012, at 23.27, root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and Yeah, there's still some problem with properly handling index file recreation when CPU architecture (endianess) change is detected. Better just delete your index files, since they have to be regenerated anyway. From tss at iki.fi Sun Jun 10 00:10:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:10:23 +0300 Subject: [Dovecot] Deliver quota-warning via director In-Reply-To: <20120609191104.GA11812@daniel.localdomain> References: <20120609191104.GA11812@daniel.localdomain> Message-ID: <80D54D29-C13A-405C-9528-2591F2296108@iki.fi> On 9.6.2012, at 22.11, Daniel Parthey wrote: > But it seems that lda delivers the mail directly to > the local filesystem and is not using our lmtp director, > which prevents NFS mailboxes from getting corrupted. > > Is there a way to tell lda to use LMTP or the director > and ignore the quota while delivering the notification? That's a bit tricky problem. Even if LDA used LMTP, it couldn't ignore quota since LMTP server is the one enforcing it. Perhaps you need to create two LMTP ports, one with a "quota ignored" configuration. Then you need to somehow get the mail delivered there (maybe send it to your MTA and route it from there). Or write a script that sends the mail directly to the LMTP port on director. From tss at iki.fi Sun Jun 10 00:12:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:12:57 +0300 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x In-Reply-To: <20120608215302.GA29690@acsmail.ucsd.edu> References: <20120608215302.GA29690@acsmail.ucsd.edu> Message-ID: On 9.6.2012, at 0.53, Adam G Tilghman wrote: > > We're planning to upgrade our site from 1.2.17 to 2.1.x within the > next few months, but we must ensure our ability to revert to 1.2.17 > if problems arise. > > I don't expect our maildir storage would present a problem, > but am less certain about 2.1.x index/control files remaining > readable under 1.2.17. > > Should I have any reason to worry? 1.2.17 can read v2.0 indexes without problems (it has some forwards compatibility code). I don't think I added any incompatible changes to v2.1 either, at least nothing major.. From tss at iki.fi Sun Jun 10 00:17:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:17:14 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FCF549F.70404@ehu.es> References: <4FCF549F.70404@ehu.es> Message-ID: On 6.6.2012, at 16.01, Joseba Torre wrote: > I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. > > First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: > > $ sudo doveadm director map > user mail server ip expire time > 158.227.4.186 2012-06-06 13:34:12 > 158.227.4.186 2012-06-06 13:34:27 > 158.227.4.186 2012-06-06 13:34:34 > > (I don't know if that is good or not) > > I've tried with 3 different users and ips to no change, users are always directed to the same host. Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status " to see where they should go. > Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: > > Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Looks like there's a bug when only one director is used. I'll try and fix it later.. From tss at iki.fi Sun Jun 10 00:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:19:15 +0300 Subject: [Dovecot] director: backend health monitoring In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> Message-ID: <289A7537-83E1-4EBF-BCF8-C06C67403839@iki.fi> On 8.6.2012, at 4.25, ???????? ????????? ?????????? wrote: > I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, but it's not a very high priority right now. From petr at bravenec.eu Sat Jun 9 23:23:05 2012 From: petr at bravenec.eu (Petr Bravenec) Date: Sat, 09 Jun 2012 22:23:05 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message Message-ID: <1543861.4fk9cArhjB@hrabos> It is few months ago I requested help with combination dovecot - dovecot- antispam plugin and dspam. Now I got into troubles with a lot of spam delivering to users inbox. Problem described bellow is now better hidden but stil remains: When moving a message from INBOX to Junk, dspam got an empty message. I made a wrapper about dspamc and there is no input on stdio. The dspam was not trained (got an empty message). Looking to source code of dspam and antispam plugin I suspect the dovecot not to sending any content to plugin when moving from inbox to junk. Petr Bravenec Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > On 25-01-12 08:05, Petr Bravenec wrote: > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > my Junk folder. In the maillog I have found this message: > > > > dspam[25060]: empty message (no data received) > > Gentoo has included the antispam plugin from Johannes historically, but > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > really made clear by the gentoo ebuild is that the forked plugin needs a > slightly different config. > > I use the config below with dovecot 2.0.17 and a git checkout for > dovecot-antispam: > > ===8<======== > plugin { > antispam_signature = X-DSPAM-Signature > antispam_signature_missing = move > antispam_spam_pattern_ignorecase = Junk;Junk.* > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > Messages > > # Backend specific > antispam_backend = dspam > antispam_dspam_binary = /usr/bin/dspamc > antispam_dspam_args = > --user;%u;--deliver=;--source=error;--signature=%%s > antispam_dspam_spam = --class=spam > antispam_dspam_notspam = --class=innocent > #antispam_dspam_result_header = X-DSPAM-Result > } > > > -- > Regards, > Tom From yggdrasil at gmx.co.uk Sun Jun 10 01:09:57 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Sat, 09 Jun 2012 23:09:57 +0100 Subject: [Dovecot] Dovecot setup fails w. multiple mail locations (gnus/dovecot/offlineimap) Message-ID: <87vcj087d6.fsf@gmx.co.uk> Hi, I am trying to setup a Gnus - Dovecot - Offlineimap - Webmail (Gmail / Fastmail) chain and cannot configure the correct behaviour. Any advice to get this working properly would be very appreciated! I have set up Offlineimap to synchronise two mail accounts into separate folders under ~/Maildir. After running Offlineimap, the folders look as below. Maildir/ |-- Gmail | |-- cur | |-- dovecot.index.log | |-- dovecot-uidlist | |-- dovecot-uidvalidity | |-- dovecot-uidvalidity.4fd3b80e | |-- [Gmail].All\ Mail | |-- [Gmail].Drafts | |-- [Gmail].Important | |-- [Gmail].Sent\ Mail | |-- [Gmail].Spam | |-- [Gmail].Starred | |-- [Gmail].Trash | |-- INBOX | |-- new | |-- Personal | |-- Receipts | |-- tmp | |-- Travel | `-- Work `-- Fastmail |-- cur |-- dovecot.index.log |-- dovecot.mailbox.log |-- dovecot-uidlist |-- dovecot-uidvalidity |-- dovecot-uidvalidity.4fd3b75e |-- INBOX |-- INBOX.Drafts |-- INBOX.Sent\ Items `-- INBOX.Trash The Dovecot config is below. (I have set up a blank "MailTest" directory as inbox, believing that this may preserve the two imap directories better for offlineimap synching (not sure if this is correct)). ,---- | mail_location = maildir:~/Maildir:LAYOUT=fs | | namespace inbox { | location = maildir:~/MailTest | inbox = yes | } | | namespace mygmail { | type = private | separator = . | prefix = "mygmail." | location = maildir:%h/Maildir/Gmail/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } | | namespace myfastmail { | type = private | separator = . | prefix = "myfastmail." | location = maildir:%h/Maildir/FASTMAIL/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } `---- Accessing dovecot through gnus with this setup only sees the files in the directories that are not prefixed (e.g. under Fastmail, INBOX is the only seen folder, all INBOX.subfolder are not there). Removing the prefix manually they can be seen again however (e.g. INBOX.subfolder -> subfolder). If I remove LAYOUT=fs in the dovecot config, nothing is seen at all, although the directories look like proper Maildirs! A second issue is that running Offlineimap a second time seems to work ok for gmail, but Fastmail complains that "cannot create directory '.'"? Thanks! -- Johnny Dovecot 2.1.6 Offlineimap 6.5.2.1 Ma Gnus v0.6 From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 10 02:56:03 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 10 Jun 2012 01:56:03 +0200 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication Message-ID: <20120609235603.GA17490@daniel.localdomain> Hi doveadm search -u user at example.org -S localhost:19000 all produces the following error in the logs: dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication What am I missing? * tcpdump of tcp communication on port 19000 is attached * dovecot.conf is attached Regards Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: dump Type: application/octet-stream Size: 1239 bytes Desc: tcpdump.dat URL: -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = bf79a088601795554d6d428ece2ea92a1c91ae11 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From voytek at sbt.net.au Sun Jun 10 05:41:33 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Sun, 10 Jun 2012 12:41:33 +1000 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <4FD1E3E8.8020103@thelounge.net> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> <4FD1E3E8.8020103@thelounge.net> Message-ID: <057f0c34-b168-4d1d-885d-4de87f969f4c@email.android.com> Reindl >imapsync is your friend Thanks for suggestion. After a few false starts, with impasync saying source server dropped connection, it seemed to have worked. But, now, my K9 email client seems to download entire inbox... rather than last 25 messages... Also, in Squirrel, recent messages before sync seems preceded by old messages, then, messages since sync... any tips on this..? Voytek -- Sent from my Moom with K-9 Mail. Please excuse my brevity. From a.kostyrev at serverc.ru Sun Jun 10 13:48:36 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 21:48:36 +1100 Subject: [Dovecot] director userdb problem Message-ID: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:05:28 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:05:28 +1100 Subject: [Dovecot] director userdb problem In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:30:49 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:30:49 +1100 Subject: [Dovecot] director userdb problem [solved] In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EE@Delta.sc.local> Faxe on #dovecot helped me: iterate_query = select MBOX_NAME AS username from M_MAILBOX; with no where clause sorry for wasting your time. -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 10:05 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] director userdb problem It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From dovecot at bravenec.eu Sun Jun 10 14:41:51 2012 From: dovecot at bravenec.eu (Petr Bravenec) Date: Sun, 10 Jun 2012 13:41:51 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message In-Reply-To: <1543861.4fk9cArhjB@hrabos> References: <1543861.4fk9cArhjB@hrabos> Message-ID: <1664144.As4LCKexvr@hrabos> It looks that I have misconfigured the dovecot plugin: plugin { antispam_dspam_binary = /usr/bin/dspam # should be dspam # antispam_dspam_binary = /usr/bin/dspamc # does not work antispam_signature = X-DSPAM-Signature antispam_signature_missing = move antispam_spam_pattern_ignorecase = Junk;Junk.* antispam_trash_pattern_ignorecase = Trash;Deleted Items antispam_backend = dspam antispam_dspam_args = --user;%u;--deliver=;--source=error;-- signature=%%s antispam_dspam_spam = --class=spam antispam_dspam_notspam = --class=innocent } Petr Bravenec Dne So 9. ?ervna 2012 22:23:05 Petr Bravenec napsal(a): > It is few months ago I requested help with combination dovecot - dovecot- > antispam plugin and dspam. > > Now I got into troubles with a lot of spam delivering to users inbox. > Problem described bellow is now better hidden but stil remains: > > When moving a message from INBOX to Junk, dspam got an empty message. > I made a wrapper about dspamc and there is no input on stdio. The dspam was > not trained (got an empty message). > > Looking to source code of dspam and antispam plugin I suspect the dovecot > not to sending any content to plugin when moving from inbox to junk. > > Petr Bravenec > > Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > > On 25-01-12 08:05, Petr Bravenec wrote: > > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > > my Junk folder. In the maillog I have found this message: > > > > > > dspam[25060]: empty message (no data received) > > > > Gentoo has included the antispam plugin from Johannes historically, but > > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > > really made clear by the gentoo ebuild is that the forked plugin needs a > > slightly different config. > > > > I use the config below with dovecot 2.0.17 and a git checkout for > > dovecot-antispam: > > > > ===8<======== > > plugin { > > > > antispam_signature = X-DSPAM-Signature > > antispam_signature_missing = move > > antispam_spam_pattern_ignorecase = Junk;Junk.* > > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > > > > Messages > > > > # Backend specific > > antispam_backend = dspam > > antispam_dspam_binary = /usr/bin/dspamc > > antispam_dspam_args = > > > > --user;%u;--deliver=;--source=error;--signature=%%s > > > > antispam_dspam_spam = --class=spam > > antispam_dspam_notspam = --class=innocent > > #antispam_dspam_result_header = X-DSPAM-Result > > > > } > > > > > > -- > > Regards, > > > > Tom From fxmulder at gmail.com Mon Jun 11 06:38:09 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:38:09 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: <20120609184018.GA10990@daniel.localdomain> References: <20120609184018.GA10990@daniel.localdomain> Message-ID: On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < daniel.parthey at informatik.tu-chemnitz.de> wrote: > James Devine wrote: > > I'm playing with running dovecot over NFS and I am running into some > > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and > my > > setup includes 1 nfs server and 1 client running postfix/dovecot. In > > testing I am running postal via the command: > > > > postal -t 10 -c 10 localhost users399 > > > > The test file has a list of 399 users to deliver to. I've provided a > > sample of the errors I'm receiving and my configuration below, I am > running > > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > > to resolve it? My ultimate goal is to setup multiple clients with > director > > so each user is still handled on a single machine, however with a single > > machine I still seem to be having issues. > > Have a look at > http://wiki2.dovecot.org/Director > > > Here is a sample of some of the errors I'm seeing: > > > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > > dbox header size: 0 > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > > Error: Log synchronization error at seq=2,offset=556 for > > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > > next_uid = 3 > > mdbox format requires a correct index and you will lose flags, > if you lose the index file. The index will be automatically tried > to restore from mails in the storage. > > You should avoid accessing the same user directory from different > NFS clients, since this often leads to corruptions or invalid files. > > You need a director which ensures that one directory is only accessed > from one host at the same time. This applies to IMAP, POP3, LMTP etc, > which are all writing to the mailbox. > > Then you should access all mailboxes only via the director listener ports. > > > My dovecot config is: > > You posted only the configuration of your mailbox instance > and might have a look your director configuration too: > > doveconf -c /etc/dovecot-director/dovecot-director.conf -n > > (or wherever your director configuration is located) > > Regards > Daniel > Right now there is no director, I am only trying to get a single client running postfix/dovecot talking to a single nfs server without error and that's where I am having trouble From fxmulder at gmail.com Mon Jun 11 06:41:49 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:41:49 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: <20120609184018.GA10990@daniel.localdomain> Message-ID: By client I meant NFS client running postfix/dovecot servers On Sun, Jun 10, 2012 at 9:38 PM, James Devine wrote: > > On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < > daniel.parthey at informatik.tu-chemnitz.de> wrote: > >> James Devine wrote: >> > I'm playing with running dovecot over NFS and I am running into some >> > issues. I have followed the guide at http://wiki2.dovecot.org/NFSand my >> > setup includes 1 nfs server and 1 client running postfix/dovecot. In >> > testing I am running postal via the command: >> > >> > postal -t 10 -c 10 localhost users399 >> > >> > The test file has a list of 399 users to deliver to. I've provided a >> > sample of the errors I'm receiving and my configuration below, I am >> running >> > dovecot 2.0.19. Any idea what I might be doing wrong and what I might >> do >> > to resolve it? My ultimate goal is to setup multiple clients with >> director >> > so each user is still handled on a single machine, however with a single >> > machine I still seem to be having issues. >> >> Have a look at >> http://wiki2.dovecot.org/Director >> >> > Here is a sample of some of the errors I'm seeing: >> > >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): >> > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid >> > dbox header size: 0 >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): >> > Error: Log synchronization error at seq=2,offset=556 for >> > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but >> > next_uid = 3 >> >> mdbox format requires a correct index and you will lose flags, >> if you lose the index file. The index will be automatically tried >> to restore from mails in the storage. >> >> You should avoid accessing the same user directory from different >> NFS clients, since this often leads to corruptions or invalid files. >> >> You need a director which ensures that one directory is only accessed >> from one host at the same time. This applies to IMAP, POP3, LMTP etc, >> which are all writing to the mailbox. >> >> Then you should access all mailboxes only via the director listener ports. >> >> > My dovecot config is: >> >> You posted only the configuration of your mailbox instance >> and might have a look your director configuration too: >> >> doveconf -c /etc/dovecot-director/dovecot-director.conf -n >> >> (or wherever your director configuration is located) >> >> Regards >> Daniel >> > > Right now there is no director, I am only trying to get a single client > running postfix/dovecot talking to a single nfs server without error and > that's where I am having trouble > From werb at hasos.com Mon Jun 11 08:20:47 2012 From: werb at hasos.com (Roland) Date: Mon, 11 Jun 2012 07:20:47 +0200 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix Message-ID: <201206110720.47881.werb@hasos.com> Hello everybody, I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: checking for pam_start in -lpam... no configure: error: Can't build with PAM support: libpam not found The same or a similar problem seems to have appeared 4 years ago: http://www.dovecot.org/list/dovecot/2008-February/028750.html Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Thanks in advance, Roland From jeetuindian at gmail.com Mon Jun 11 08:56:48 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 11 Jun 2012 11:26:48 +0530 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: Hi guys, Any updates on it. I observed that when no of connections increasing then its getting disconnected. Means when increasing no of users then its happening. On Mon, Jun 4, 2012 at 3:50 PM, Jitendra Bhaskar wrote: > Hi, > > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 > of existing connection > Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > > > > > -- > * Thanks & Regards * > *Jitendra Kumar Bhaskar* > Cell:- +91 7306311531 > +91 8102997821 > > -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From jesper at dahlnyerup.dk Mon Jun 11 11:09:07 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 10:09:07 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <4FB8FFD7.5040301@enas.net> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> Message-ID: <20120611080907.GA11882@jespernyerup.dk> On May 20 16:29, Urban Loesch wrote: > I checked my kernel and the patch mentioned in > https://bugzilla.redhat.com/show_bug.cgi?id=681578 > > (comment 31) is not applied. It comes in version 3.0.30 and 3.2.17. > > I will see what tomorrow happens under more load. > If I have the problem again, I give 3.2.17 a chance. We've seen similar behavior on a similar system with a similar workload. We've tried a 3.0.31 - after the epoll patch was applied upstream - without seeing a difference. Right now we're running a 3.3.7 with vs2.3.3.4, and this has reduced the problem quite a bit, but not eliminated it completely. Stracing the processes in D state from before they hang has just revealed something interesting, however, pointing to an issue with inotify rather than epoll. [snip] [...] 15414 23:27:36 inotify_init() = 12 <0.000024> [...] 15414 23:27:36 close(12 15414 23:28:51 <... close resumed> ) = 0 <74.593917> 15414 23:28:51 close(9 15414 23:28:51 <... close resumed> ) = 0 <0.000080> 15414 23:28:51 exit_group(0) = ? [/snip] In short, as far as we can tell, all the processes in D state appear to be waiting to close the file handle they got from their inotify_init(), and eventually all these close()s go through almost simultaneously. Right now we're trawling for locking issues related to inotify, with our focus mainly at the VServer patch set. I would very much appreciate updates on your - or anyone else's - findings and progress. Yours, Jesper Nyerup. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From a.kostyrev at serverc.ru Mon Jun 11 12:27:01 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 20:27:01 +1100 Subject: [Dovecot] director: non standart ports at backends Message-ID: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> hello, I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. For example, pop3 is at 1110 and pop3s at 1995 (on backend side). is it possible? how should I separate this ports in director's config? it's easy for one port: for example lmtp - you just use passdb in protocol lmtp {} From amateo at um.es Mon Jun 11 13:19:39 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 11 Jun 2012 12:19:39 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> Message-ID: <4FD5C63B.7040904@um.es> El 08/06/12 18:43, Timo Sirainen escribi?: > On 8.6.2012, at 19.33, Reindl Harald wrote: > >>> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. >> >> depends on the usecase / workload >> >> having dovecot as proxy for other imap-backends and 1 process per connection >> will heavily raise up process-count and memory-overhead while memory >> may be needed for the imap-backend (like dbmail) and datanases >> >> process_limit = 15 >> client_limit = 300 >> >> this way you can have 4500 proxy-connections and use most time >> not more than 4-5 processes > > Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? From joseba.torre at ehu.es Mon Jun 11 13:43:03 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 12:43:03 +0200 Subject: [Dovecot] Director problems In-Reply-To: References: <4FCF549F.70404@ehu.es> Message-ID: <4FD5CBB7.9010301@ehu.es> El 09/06/12 23:17, Timo Sirainen escribi?: > On 6.6.2012, at 16.01, Joseba Torre wrote: > >> I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. >> >> First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: >> >> $ sudo doveadm director map >> user mail server ip expire time >> 158.227.4.186 2012-06-06 13:34:12 >> 158.227.4.186 2012-06-06 13:34:27 >> 158.227.4.186 2012-06-06 13:34:34 >> >> (I don't know if that is good or not) >> >> I've tried with 3 different users and ips to no change, users are always directed to the same host. > > Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. > >> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >> >> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced > > Looks like there's a bug when only one director is used. I'll try and fix it later.. Thanks a lot for your support From trybowski at aeropolis.pl Mon Jun 11 14:23:23 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 13:23:23 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? Message-ID: Hello all, it is strange, but Dovecot 2.x still didn't make it into Debian (not even backports). It exists in testing, but that's still a long wait. OTOH there are official packages built every day (referenced from the download page). This puzzles me: why isn't there a build created from each stable, released version of Dovecot, so that users of Debian Stable could benefit from the new version, and run it on production environment? Could you (I mean ? the Dovecot team) provide such packages? This wouldn't require any major amount of work, since you already have daily builds produced. You would just have to run that building system once per each released version and keep it available for download. The reason for this is relatively simple: I'm about to implement a new mail server, and I'd like to keep to Debian Stable while using Dovecot 2.x. This will make future updates much easier, as I won't have to face 1.2 -> 2.0 migration on a production system. Regards, KT From tss at iki.fi Mon Jun 11 14:45:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:45:43 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD5C63B.7040904@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: On 11.6.2012, at 13.19, Angel L. Mateo wrote: >> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >> > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Yes. > Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. > > What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. From tss at iki.fi Mon Jun 11 14:48:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:48:33 +0300 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: <49EE70D0-58D7-462D-82A8-FB56B02986CA@iki.fi> On 4.6.2012, at 13.20, Jitendra Bhaskar wrote: > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of > existing connection This happens before restart, not during it? doveconf -n output? Are you using Dovecot auth for anything external, like Postfix/Exim? From tss at iki.fi Mon Jun 11 14:51:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:51:48 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611080907.GA11882@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > Stracing the processes in D state from before they hang has just > revealed something interesting, however, pointing to an issue with > inotify rather than epoll. > > [snip] > [...] > 15414 23:27:36 inotify_init() = 12 <0.000024> > [...] > 15414 23:27:36 close(12 > 15414 23:28:51 <... close resumed> ) = 0 <74.593917> > 15414 23:28:51 close(9 > 15414 23:28:51 <... close resumed> ) = 0 <0.000080> > 15414 23:28:51 exit_group(0) = ? > [/snip] > > In short, as far as we can tell, all the processes in D state appear to > be waiting to close the file handle they got from their inotify_init(), > and eventually all these close()s go through almost simultaneously. Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: echo 0 > /proc/sys/fs/inotify/max_user_watches echo 0 > /proc/sys/fs/inotify/max_user_instances From tss at iki.fi Mon Jun 11 14:55:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:55:32 +0300 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <708F1898-C96C-4F01-88D6-61833EFBF531@iki.fi> On 7.6.2012, at 1.07, James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. Which NFS server? Which NFS client (Linux)? > In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. .. > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 Yeah, something's broken. I'd try: 1. Try Dovecot v2.1.7. I don't think v2.0.19 had these problems anymore but wouldn't hurt to try. 2. Try if you can reproduce the same problem with local filesystem. 3. Try another NFS server or client.. From tss at iki.fi Mon Jun 11 14:59:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:59:06 +0300 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix In-Reply-To: <201206110720.47881.werb@hasos.com> References: <201206110720.47881.werb@hasos.com> Message-ID: <191E7B2A-41D1-4595-A584-C13DC8076CFF@iki.fi> On 11.6.2012, at 8.20, Roland wrote: > I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: > > checking for pam_start in -lpam... no > configure: error: Can't build with PAM support: libpam not found > > The same or a similar problem seems to have appeared 4 years ago: > http://www.dovecot.org/list/dovecot/2008-February/028750.html > > Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Dovecot doesn't expect anything. gcc/ld expects things. You'll need to use the generic options to tell where the PAM files are, something like: LDFLAGS=-L/where/is/pam/lib CPPFLAGS=-I/where/is/pam/include ./configure From tss at iki.fi Mon Jun 11 15:01:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:01:27 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:09:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:09:04 +0300 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication In-Reply-To: <20120609235603.GA17490@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> Message-ID: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> On 10.6.2012, at 2.56, Daniel Parthey wrote: > doveadm search -u user at example.org -S localhost:19000 all > produces the following error in the logs: > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > What am I missing? It's possible that this is just broken in v2.0. Try v2.1. From tss at iki.fi Mon Jun 11 15:16:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:16:16 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120608165902.GI89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Message-ID: <1339416976.5967.29.camel@hurina> On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > Hi list, > > i noticed that when doing imap gssapi authentication with kerberos, > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > and doveconf -n also show this setting. If i combine the keytabs in > krb5.keytab it works. Is there another location where i should put my > configuration regarding gssapi/kerberos ? Try if this works: import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME Then start Dovecot with: KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME environment is being called too late. From tss at iki.fi Mon Jun 11 15:21:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:21:08 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD14895.8040707@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> Message-ID: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> On 8.6.2012, at 3.34, Tom Lieuallen wrote: > Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). You should be able to use prefix=iphonemail/shared/ From oni-neko at gmx.net Mon Jun 11 15:28:37 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Mon, 11 Jun 2012 14:28:37 +0200 Subject: [Dovecot] question about changing certificate Message-ID: <20120611122837.317410@gmx.net> Good day! I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. next I get from managesieve-login, pop3-login and imap-login the following log entries: Fatal: Can't load private key file /etc/ssl/private/dovecot.pem: Key is for a different cert than /etc/ssl/certs/dovecot.pem some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? I'm pretty sure I'm just overlooking something completely obvious, but what? =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From tss at iki.fi Mon Jun 11 15:30:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:30:59 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87txynzuqs.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> Message-ID: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> On 7.6.2012, at 6.06, SATOH Fumiyasu wrote: >>>> Dovecot auth process has a problem >>>> that Dovecot auth delays exiting about between 20 and >>>> 60 seconds when Dovecot dovecot (master) process is already >>>> terminated by an administrator. > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > with PAM passdb. This PAM environment is configured for > local UNIX passwd file only (no LDAP). I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: /etc/init.d/dovecot start telnet localhost 143 x login foo bar x logout /etc/init.d/dovecot stop No dovecot processes left. From tss at iki.fi Mon Jun 11 15:33:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:33:32 +0300 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace In-Reply-To: <4FD0C843.4070503@ibl.fr> References: <4FD0C843.4070503@ibl.fr> Message-ID: On 7.6.2012, at 18.26, Karl Oulmi wrote: > namespace snap { > prefix = INBOX.snapshot.h0. > hidden = no > inbox = no > list = yes > location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u > type = private > } > > > The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! The INBOX should be accessible as the INBOX.snapshot.h0 itself. From a.kostyrev at serverc.ru Mon Jun 11 15:39:00 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 23:39:00 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> thanks Timo, for you time but I still don't get it) should I return "port" with just "port_num1,port_num2" value or how? I've tried to google an example but with no success. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:01 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:43:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:43:52 +0300 Subject: [Dovecot] Different but probably related issue In-Reply-To: <1338883767.4514.23.camel@jlt3.sipsolutions.net> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> <1338883767.4514.23.camel@jlt3.sipsolutions.net> Message-ID: On 5.6.2012, at 11.09, Johannes Berg wrote: > Unfortunately, I don't. I can only suggest, as a test, trying with some > other storage format -- I only use Maildir -- to see if the problem is > really in the interaction with mdbox. I'm fairly sure that's likely the > problem, maybe the plugin doesn't pass something through append that is > needed by mdbox, but I've never even attempted to understand mdbox. > > Maybe Timo can comment. Timo, you can find the latest code here: > http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary I don't see anything obviously wrong in there.. Perhaps antispam_save_finish() returns failure for some reason and dbox doesn't handle that properly? From tss at iki.fi Mon Jun 11 15:47:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:47:50 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> Message-ID: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From tss at iki.fi Mon Jun 11 16:16:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:16:06 +0300 Subject: [Dovecot] fts_lucene crashing In-Reply-To: References: Message-ID: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> On 30.5.2012, at 22.13, Joe Beaubien wrote: >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file >>>>>> lucene-wrapper.cc: line 196: unreached > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed my > specific issue. I got you a gdb trace like you asked in a previous mail. I > hope that can help. If I didn't get the correct backtrace, or if you need > some other info from gdb let me know. Thanks. The problem was pretty far away from where I thought it was. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 From tss at iki.fi Mon Jun 11 16:25:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:25:37 +0300 Subject: [Dovecot] dsync migration with preserving pop3 uidl In-Reply-To: <4FBE0A9C.8090406@stable.cz> References: <4FBE0A9C.8090406@stable.cz> Message-ID: On 24.5.2012, at 13.17, Tom?? Herceg wrote: > I'm trying to migrate messages from icewarp (merak) mailserver to dovecot via > dsync, IMAP migration is looking fine, but I'm unable to migrate pop3 uidls from > originating server, probably is something wrong with configuration, but I don't > know what. The only documentation i found is on the wiki: > http://wiki2.dovecot.org/Migration/Dsync where is bad writen mail_plugins = > pop3-migration, i corrected it to mail_plugins = pop3_migration, but it still > didn't work, here is my configuration: .. > namespace { > hidden = yes > list = yes list=no would be better so clients don't accidentally access this. > location = pop3c: > prefix = POP3/ > } > I'm runnig dsync this way: > /usr/bin/time -f "%E" doveadm -vD -o imapc_user=test1 at irock.cz -o > imapc_password=***** backup -u test1 at irock.cz -f -R imapc:/tmp-ram/imapc-test1 You need to change pop3c_user and pop3c_password also in this command line. > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address I wonder what these are. Also I wonder why the weren't any messages about missing/wrong user+pass for pop3c. From tss at iki.fi Mon Jun 11 16:32:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:32:11 +0300 Subject: [Dovecot] multi-instance doveadm user -m woes In-Reply-To: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> References: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> Message-ID: On 11.5.2012, at 18.06, David Warden wrote: > I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens: > > [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden > doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) Thanks, fixed: http://hg.dovecot.org/dovecot-2.1/rev/98f2c12eccdb From tss at iki.fi Mon Jun 11 16:56:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:56:31 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FD5CBB7.9010301@ehu.es> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> Message-ID: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> On 11.6.2012, at 13.43, Joseba Torre wrote: >>> I've tried with 3 different users and ips to no change, users are always directed to the same host. >> >> Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. > > I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. The "randomness" is basically md5(username)%2. >>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>> >>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >> >> Looks like there's a bug when only one director is used. I'll try and fix it later.. > > Thanks a lot for your support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 From tomislav.mihalicek at gmail.com Mon Jun 11 17:03:46 2012 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Mon, 11 Jun 2012 07:03:46 -0700 (PDT) Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <33993325.post@talk.nabble.com> Here you go... cat /etc/apt/sources.list # latest dovecot # apt-get install debian-dovecot-auto-keyring deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Krzysztof Trybowski wrote: > > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. > > Regards, KT > > -- View this message in context: http://old.nabble.com/Dovecot-2.1-stable-packages-for-Debian--tp33992548p33993325.html Sent from the Dovecot mailing list archive at Nabble.com. From joseba.torre at ehu.es Mon Jun 11 17:15:36 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 16:15:36 +0200 Subject: [Dovecot] Director problems In-Reply-To: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> Message-ID: <4FD5FD88.6000005@ehu.es> >>>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>>> >>>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >>> >>> Looks like there's a bug when only one director is used. I'll try and fix it later.. >> >> Thanks a lot for your support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 > Works perfectly, thank you From trybowski at aeropolis.pl Mon Jun 11 17:31:10 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 16:31:10 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Hello Tomislav, it doesn't seem to be what I'm looking for. These repositories are referenced from the download site, but with an information that these are built hourly and thus include any newest changes to the source. Also a warning follows: ?Needless to say: do NOT use these repositories for systems that need to be STABLE.? What I'm looking for are packages of a released versions of 2.1, that can be used in a production environment. Regards, KT From gedalya at gedalya.net Mon Jun 11 17:36:31 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 10:36:31 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD6026F.4070704@gedalya.net> On 6/11/2012 10:31 AM, Krzysztof Trybowski wrote: > On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek > wrote: >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > Hello Tomislav, > it doesn't seem to be what I'm looking for. These repositories are > referenced from the download site, but with an information that these > are built hourly and thus include any newest changes to the source. > Also a warning follows: ?Needless to say: do NOT use these > repositories for systems that need to be STABLE.? > > What I'm looking for are packages of a released versions of 2.1, that > can be used in a production environment. > > Regards, KT http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592959 http://www.prato.linux.it/~mnencia/debian/dovecot-squeeze/ - I'm using this and can say it works http://people.debian.org/~morph/dovecot2-bpo60/ From nerijus.kislauskas at ktu.lt Mon Jun 11 17:38:51 2012 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Mon, 11 Jun 2012 17:38:51 +0300 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: <4FD602FB.1030406@ktu.lt> On 06/11/2012 05:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main They are not official packages. As I understand, questioner asks for official ones. As a matter of fact - there are none for stable. You can try to use it from testing with apt pinning and package priorities. For example: /etc/apt/apt.conf or /etc/apt/apt.conf.d/99stable: APT::Default-Release "stable"; /etc/apt/preferences.d/dovecot Package: dovecot* Pin: release a=testing Pin-Priority: 999 and use "apt-policy show dovecot-" to check. Testing packages still receives a lot of changes, so it will be a little bit annoying for frequent updates. Let me know if you choose that way and if it works for you. -- Sincerely, Nerijus Kislauskas From l.messner at physik.tu-berlin.de Mon Jun 11 17:43:45 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 16:43:45 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <1339416976.5967.29.camel@hurina> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> Message-ID: <20120611144345.GK89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 03:16:16PM +0300, Timo Sirainen wrote: > On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > > Hi list, > > > > i noticed that when doing imap gssapi authentication with kerberos, > > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > > and doveconf -n also show this setting. If i combine the keytabs in > > krb5.keytab it works. Is there another location where i should put my > > configuration regarding gssapi/kerberos ? > > Try if this works: > > import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > Then start Dovecot with: > > KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > environment is being called too late. It's still looking inside the default krb5.keytab . /var/log/dovecot.log: Jun 11 16:26:55 master: Info: Dovecot v2.1.7 starting up Jun 11 16:26:55 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Jun 11 16:26:55 auth: Debug: auth client connected (pid=82646) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82648) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82647) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82649) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82651) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82653) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82655) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82652) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82656) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82657) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82650) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82654) Jun 11 16:27:05 auth: Debug: auth client connected (pid=82669) Jun 11 16:27:06 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=DLX+JDPCLwCClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=29743 Jun 11 16:27:06 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 11 16:27:06 auth: Debug: client out: CONT 1 Jun 11 16:27:06 auth: Debug: client in: CONT Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 11 16:27:08 auth: Debug: client out: FAIL 1 Jun 11 16:27:18 auth: Debug: auth client connected (pid=82673) Jun 11 16:27:18 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:22 imap-login: Info: Aborted login (auth failed, 1 attempts in 16 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= Jun 11 16:27:38 auth: Debug: auth client connected (pid=82681) Jun 11 16:27:38 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:45 master: Warning: Killed with signal 15 (by pid=82684 uid=0 code=kill) From michael at orlitzky.com Mon Jun 11 18:07:52 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Mon, 11 Jun 2012 11:07:52 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <4FD609C8.9060809@orlitzky.com> On 06/11/12 07:23, Krzysztof Trybowski wrote: > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. To wind up in Debian stable, a package has to go through a bunch of testing, and that takes a long time. So you're never going to have official packages for new software in Debian stable. That's kind of the point of stable =) From joe.beaubien at gmail.com Mon Jun 11 18:13:17 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Mon, 11 Jun 2012 11:13:17 -0400 Subject: [Dovecot] fts_lucene crashing In-Reply-To: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> References: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> Message-ID: Thank you sir for the fix. On Mon, Jun 11, 2012 at 9:16 AM, Timo Sirainen wrote: > On 30.5.2012, at 22.13, Joe Beaubien wrote: > > >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file > >>>>>> lucene-wrapper.cc: line 196: unreached > > > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed > my > > specific issue. I got you a gdb trace like you asked in a previous mail. > I > > hope that can help. If I didn't get the correct backtrace, or if you need > > some other info from gdb let me know. > > > Thanks. The problem was pretty far away from where I thought it was. > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 > > From fumiyas at osstech.jp Mon Jun 11 18:24:44 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 00:24:44 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> Message-ID: <87d3557txf.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 15:30:59 +0300, Timo Sirainen wrote: > >>>> Dovecot auth process has a problem > >>>> that Dovecot auth delays exiting about between 20 and > >>>> 60 seconds when Dovecot dovecot (master) process is already > >>>> terminated by an administrator. > > > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > > with PAM passdb. This PAM environment is configured for > > local UNIX passwd file only (no LDAP). > > I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: > > /etc/init.d/dovecot start > telnet localhost 143 > x login foo bar > x logout > /etc/init.d/dovecot stop > > No dovecot processes left. If an auth client remains a connection to dovecot/auth, dovecot/auth does NOT exit immediately when dovecot master exits. (1) Install Postfix and Dovecot. # apt-get install postfix dovecot (2) Configure Postfix /etc/postfix/main.cf with the following: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: service auth { unix_listener auth-userdb { } unix_listener /var/spool/postfix/private/auth { mode = 0666 } } (4) Start postfix and dovecot service. # /etc/init.d/dovecot start # /etc/init.d/postfix start (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. $ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 sugar.osstech.co.jp ESMTP Postfix AUTH PLAIN dummy 535 5.7.8 Error: authentication failed: QUIT 221 2.0.0 Bye Connection closed by foreign host. Or use netcat-openbsd to connect to dovecot/auth socket: # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & (6) Stop dovecot service. # /etc/init.d/dovecot stop -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ From tss at iki.fi Mon Jun 11 18:26:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:26:57 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611144345.GK89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: On 11.6.2012, at 17.43, Leon Me?ner wrote: >> Try if this works: >> >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME >> >> Then start Dovecot with: >> >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot >> >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME >> environment is being called too late. > > It's still looking inside the default krb5.keytab . Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. From tss at iki.fi Mon Jun 11 18:32:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:32:35 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87d3557txf.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: On 11.6.2012, at 18.24, SATOH Fumiyasu wrote: > If an auth client remains a connection to dovecot/auth, > dovecot/auth does NOT exit immediately when dovecot master exits. Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > (1) Install Postfix and Dovecot. > > # apt-get install postfix dovecot > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = > smtpd_sasl_type = dovecot > smtpd_sasl_path = private/auth > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > service auth { > unix_listener auth-userdb { > } > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > > (4) Start postfix and dovecot service. > > # /etc/init.d/dovecot start > # /etc/init.d/postfix start > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > $ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 sugar.osstech.co.jp ESMTP Postfix > AUTH PLAIN dummy > 535 5.7.8 Error: authentication failed: > QUIT > 221 2.0.0 Bye > Connection closed by foreign host. > > Or use netcat-openbsd to connect to dovecot/auth socket: > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > (6) Stop dovecot service. > > # /etc/init.d/dovecot stop And (7) /etc/init.d/dovecot start fails? From l.messner at physik.tu-berlin.de Mon Jun 11 18:51:24 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 17:51:24 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: <20120611155124.GM89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > >> Try if this works: > >> > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > >> > >> Then start Dovecot with: > >> > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > >> > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > >> environment is being called too late. > > > > It's still looking inside the default krb5.keytab . > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . I will update the machine to 8.3 (which is the latest release in 8.x), recompile and report my findings tomorrow. thanks, Leon From fumiyas at osstech.jp Mon Jun 11 19:39:47 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 01:39:47 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: <87bokp7qgc.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 18:32:35 +0300, Timo Sirainen wrote: > > If an auth client remains a connection to dovecot/auth, > > dovecot/auth does NOT exit immediately when dovecot master exits. > > Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: > > May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? Yes: AIX 6.1, 7.1 No: Debian GNU/Linux stable, testing, unstable / Solaris 10 -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ > > (1) Install Postfix and Dovecot. > > > > # apt-get install postfix dovecot > > > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_security_options = > > smtpd_sasl_type = dovecot > > smtpd_sasl_path = private/auth > > > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > > > service auth { > > unix_listener auth-userdb { > > } > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > } > > > > (4) Start postfix and dovecot service. > > > > # /etc/init.d/dovecot start > > # /etc/init.d/postfix start > > > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > > > $ telnet localhost 25 > > Trying 127.0.0.1... > > Connected to localhost. > > Escape character is '^]'. > > 220 sugar.osstech.co.jp ESMTP Postfix > > AUTH PLAIN dummy > > 535 5.7.8 Error: authentication failed: > > QUIT > > 221 2.0.0 Bye > > Connection closed by foreign host. > > > > Or use netcat-openbsd to connect to dovecot/auth socket: > > > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? From acrow at integrafin.co.uk Mon Jun 11 22:05:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 20:05:57 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued Message-ID: <4FD64195.5070006@integrafin.co.uk> Hi, Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Disconnected: Internal error occurred. Refer to server log for more information. [2012-06-11 19:57:43] in=308 out=820 Jun 11 19:57:43 alsace dovecot: auth: Debug: auth client connected (pid=1957) Ideally I'd like shared mailboxes to work in the first click - any ideas? Cheers Alex From gedalya at gedalya.net Mon Jun 11 22:39:39 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 15:39:39 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120611122837.317410@gmx.net> References: <20120611122837.317410@gmx.net> Message-ID: <4FD6497B.6090007@gedalya.net> On 06/11/2012 08:28 AM, oni-neko at gmx.net wrote: > Good day! > > I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). > When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) > > Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. > As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. Are both files identical, do they both contain the private key? Why keep two copies of the same file? That's confusing. If you don't want to use separate files for the certificate and the private key then just concatenate them both in a single file, private key first, and make sure it's owned by root and readable by no one but root. Then just point ssl_cert_file and ssl_key_file to the same file. That should be more clear and consistent. Your file should look like this: -----BEGIN PRIVATE KEY----- ....etc... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- ....etc... -----END CERTIFICATE----- Followed by any intermediate CA certificates that might be necessary. > some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? If there's no reference to this file in dovecot's configuration then dovecot isn't using it. Maybe someone else e.g. postfix, maybe someone used to use it.. does it matter? It doesn't look like this is the source of your trouble. From tss at iki.fi Mon Jun 11 22:56:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:56:06 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87bokp7qgc.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> <87bokp7qgc.wl%fumiyas@osstech.jp> Message-ID: <6DEAF109-1B51-4060-BD38-D05BEC09BABB@iki.fi> On 11.6.2012, at 19.39, SATOH Fumiyasu wrote: > At Mon, 11 Jun 2012 18:32:35 +0300, > Timo Sirainen wrote: >>> If an auth client remains a connection to dovecot/auth, >>> dovecot/auth does NOT exit immediately when dovecot master exits. >> >> Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: >> >> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > >>> (6) Stop dovecot service. >>> >>> # /etc/init.d/dovecot stop >> >> And (7) /etc/init.d/dovecot start fails? > > Yes: AIX 6.1, 7.1 > No: Debian GNU/Linux stable, testing, unstable / Solaris 10 OK, so this is AIX specific. Two problems: 1) I have no access to AIX to test and debug this, 2) even if I did, I'm not very motivated in debugging possibly hours for a system that is very rarely used in email servers.. (If any AIX user wanted to buy one of the Dovecot support services, I could look into this and get it fixed in some way.) It would also be possible to modify the sources a bit to get the pending processes killed immediately at shutdown. From tss at iki.fi Mon Jun 11 22:58:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:58:03 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD64195.5070006@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> Message-ID: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> On 11.6.2012, at 22.05, Alex Crow wrote: > Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: > > Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U > nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox From acrow at integrafin.co.uk Mon Jun 11 23:35:33 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 21:35:33 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> Message-ID: <4FD65695.1030100@integrafin.co.uk> On 11/06/12 20:58, Timo Sirainen wrote: > On 11.6.2012, at 22.05, Alex Crow wrote: > >> Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: >> >> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 > http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox > > Thanks Timo, So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? I would like the person viewing the shared box to be able to see the message status set by the sharing party. Cheers Alex From jesper at dahlnyerup.dk Tue Jun 12 00:37:13 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 23:37:13 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: <20120611213713.GA28704@jespernyerup.dk> On Jun 11 14:51, Timo Sirainen wrote: > On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > > > In short, as far as we can tell, all the processes in D state appear to > > be waiting to close the file handle they got from their inotify_init(), > > and eventually all these close()s go through almost simultaneously. > > Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: > > echo 0 > /proc/sys/fs/inotify/max_user_watches > echo 0 > /proc/sys/fs/inotify/max_user_instances I can confirm that this removes the symptoms, and that it doesn't affect the service. Obviously IDLEing users are now only notified upon polling of the file system, but the I/O overhead of doing this seems minimal. It may be important to note, that even though load on our servers surpass 2000, both Dovecot and the server as a whole is responsive and servicing requests, up until the point where Dovecot reaches its configured maximal number of child processes. We're still chasing the root cause in the kernel or the VServer patch set. We'll of course make sure to post our findings here, and I'd very much appreciate to hear about other people's progress. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From tss at iki.fi Tue Jun 12 00:51:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:51:32 +0300 Subject: [Dovecot] v2.0.21 released Message-ID: http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig + dict: file backend supports now also fcntl/flock locking optionally - imap-login: Memory leak fixed - imap: Non-UTF8 input on SEARCH command parameters could have crashed - auth: Fixed crash with DIGEST-MD5 when attempting to do master user login without master passdbs. - sdbox: Don't use more fds than necessary when copying mails. - mdbox kept the user's storage locked a bit longer than it needed to From tss at iki.fi Tue Jun 12 00:55:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:55:00 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD65695.1030100@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: On 11.6.2012, at 23.35, Alex Crow wrote: >>> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >>> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 >> http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox >> >> > > Thanks Timo, > > So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. From tss at iki.fi Tue Jun 12 00:57:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:57:21 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <722AEC19-15CD-4569-ADDD-CEDB355E1EAB@iki.fi> On 12.6.2012, at 0.37, Jesper Dahl Nyerup wrote: >> Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: >> >> echo 0 > /proc/sys/fs/inotify/max_user_watches >> echo 0 > /proc/sys/fs/inotify/max_user_instances > > I can confirm that this removes the symptoms, and that it doesn't affect > the service. Obviously IDLEing users are now only notified upon polling > of the file system, but the I/O overhead of doing this seems minimal. It actually doesn't increase I/O overhead at all. Dovecot always does polling, even with inotify, since inotify doesn't necessarily work with shared filesystems (e.g. NFS). The main difference is that users don't get immediate notifications of new mails now, but have to wait for mailbox_idle_check_interval. From lists at sfricke.de Tue Jun 12 02:32:45 2012 From: lists at sfricke.de (Stefan Fricke) Date: Tue, 12 Jun 2012 01:32:45 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist Message-ID: <1660278.PoqUOhb7Bf@x> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. It works well but I can't get Sieve working. I always get the error that the target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to create it? Here is my doveconf -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } ssl_cert = was automatically rejected:%n%r } From walkerrichardj at gmail.com Tue Jun 12 06:44:10 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:44:10 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles Message-ID: I'm attempting to replace (a) a very old setup that has POP (qpopper) access to inboxes and a separate UW IMAP server that provides folders, with (b) a shiny new mail setup with dovecot providing both inboxes and IMAP support. For the new mail server I created a virtual machine running a minimal Fedora 16 installation and installed sendmail, MIMEDefang, SpamAssassin, ClamAV, procmail, and dovecot. I have kept installing updates as they become available. For now I'm running the old and new mail setups in parallel; I have configured the original sendmail server to forward copies of incoming messages to the new sendmail running on the virtual machine. I then compare the results (e.g., how spam filtering is working). I've kept as much as possible of the original _style_ of setup as possible, which in particular means using sendmail, and message delivery through procmail to mbox files in /var/spool/mail. The key difference is the use of dovecot to provide IMAP access to the inbox and IMAP folders. Because of the legacy setup, my desktop access to email is via Thunderbird 2.0.0.22 on a very old Mac PowerBook G4 to work with both old and new setups and I have two windows open to make comparison possible. (Yes, both mail servers are on separate computers, not on this notebook.) Mostly this is working fine (after a fair bit of tweaking, including adding custom SELinux rules to get rid of all AVCs). I put the notebook to sleep overnight, and in the morning I open it up and see what happens. After a few minutes, the window with the old setup does its POP fetch; the window with the new setup almost straightaway shows the new messages in its version of the inbox. Not quite: again, for legacy reasons I have some Thunderbird filters, and I have duplicated those (still within Thunderbird) for the new setup. The filters are: 1. Move messages tagged as spam by SpamAssassin to the Junk folder. 2. Move messages from GeoNetwork-related senders to a "GeoNetwork" folder. 3. Move all remaining messages to the "In" folder. Most mornings this works just fine. But not always. Sometimes I get duplicates in the "In" and "GeoNetwork" folders of the new dovecot-based setup. I used to get _garbled_ duplicates (with extra random bits of other messages at the end of the duplicates) in the new setup, which I presumed must be due to a locking configuration mismatch. Having fixed that (see below) I no longer get garbled duplicates, but I do still sometimes (including today) get identical duplicates. This seems to happen when one of the incoming messages has a very large attachment - but you may wish to treat that as hearsay. I attach below: 0. The line from /etc/mtab on the new server that covers the filesystem (i.e., including /var/spool and /home). 1. Output of "doveconf -n" and a note about how I modified locking from the Fedora default. 2. Output of "procmail -v". 3. Sendmail procmail mailer config (for good measure; I don't think you need this). 4. An excerpt from /var/log/maillog on the new server showing the beginning of dovecot processing this morning when I opened my notebook. 5. A link to the dovecot raw log files of my "INBOX" and "In" folder processing from this morning. You'll see from the dovecot log files that Thunderbird sends expunge commands, but the expunged messages hang around -- indeed, the same messages get expunged several times! And eventually they get fetched again -- hence the duplicates I see in Thunderbird. Given that INBOX.out contains: 08:56:53.765423 * 537 EXISTS 08:56:53.765423 * 533 RECENT and then, after many expunges: 08:56:58.441341 * 16 EXPUNGE 08:56:58.441341 * 11 EXPUNGE 08:56:58.441341 * 3 EXPUNGE 08:56:58.441341 * 539 EXISTS 08:56:58.441341 * 536 RECENT 08:56:58.441341 9 OK Expunge completed. it looks like I still have a locking problem. I have tried very hard to understand the locking options in dovecot.conf and to match dovecot with procmail -- apparently, there is more to do. 0. The line from /etc/mtab for the filesystem: ---------- /dev/mapper/vg_f16i386serverbasic-lv_root / ext4 rw,seclabel,relatime,user_xattr,acl,barrier=1,data=ordered 0 0 ---------- 1. doveconf -n says: ---------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.3.6-3.fc16.i686.PAE i686 Fedora release 16 (Verne) mail_debug = yes mail_privileged_group = mail namespace { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u prefix = "#mbox/" separator = / type = private } namespace { inbox = no location = maildir:~/Maildir prefix = separator = / type = private } passdb { driver = pam } service imap-login { inet_listener imap { address = localhost } } service imap { executable = imap postlogin } service pop3-login { inet_listener pop3 { address = localhost } } service postlogin { executable = script-login -d rawlog -t } ssl_cert = Copyright (c) 1997-2001, Philip A. Guenther Submit questions/answers to the procmail-related mailinglist by sending to: And of course, subscription and information requests for this list to: Locking strategies: dotlocking, fcntl() Default rcfile: $HOME/.procmailrc It may be writable by your primary group Your system mailbox: /var/spool/mail/rw ---------- (There is no $HOME/.procmailrc or other system-wide procmailrc.) 3. The mailer as defined in sendmail.cf says: ---------- Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=procmail -t -Y -a $h -d $u ---------- 4. The relevant lines from /var/log/maillog: ---------- Jun 12 08:56:53 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21618, TLS Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:56:58 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21625, TLS Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:57:03 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21632, TLS Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= ---------- 5. dovecot raw logs for "INBOX" and "In". Because I have trouble comparing times in epoch format, I've run the logs through a little filter that replaces the timestamps at the beginning of each line with a timestamp in HH:MM:SS.nanosecond format in local time. I've carefully deleted lots of (what I hope are) lines you don't need from the logs. E.g., I deleted the middle section of a block of FETCH statements, leaving the first few and the last few. Please let me know if I deleted too much -- I was trying to be helpful. And of course I replaced e-mail address/subject lines/etc with XXXXXXXXXX. Although the Thunderbird filters are "supposed" to be run in the order I listed above, it seems that Thunderbird fetches all headers, works out what messages should be filtered to which folders, and then sends corresponding IMAP commands that copy the messages to the other folders in a _different_ order of the filters. (I.e., the INBOX log shows copy/store/expunge operations in the order "In", "Junk", then "GeoNetwork", rather than "Junk", "GeoNetwork", "In".) I have renamed the in/out log files as INBOX.in, INBOX.out, In.in, In.out and uploaded them to: https://sites.google.com/site/rwdownloadssite/dovecot-logs Thanks in advance to anyone who is willing to take a look and advise what I need to do. From walkerrichardj at gmail.com Tue Jun 12 06:58:33 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:58:33 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles In-Reply-To: References: Message-ID: On 12/06/2012, Richard Walker wrote: > 1. Output of "doveconf -n" and a note about how I modified locking > from the Fedora default. Oops, I can send more of the config if necessary -- again, I was trying to be "helpful" by cutting out the default settings. The output of "doveconf | grep lock" is: dotlock_use_excl = yes lock_method = fcntl mail_max_lock_timeout = 0 mbox_dotlock_change_timeout = 2 mins mbox_lock_timeout = 5 mins mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl pop3_lock_session = no From a.kostyrev at serverc.ru Tue Jun 12 10:29:03 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 12 Jun 2012 18:29:03 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Message-ID: <213B51F00051AE48A9F0E112880177178F79F1@Delta.sc.local> Thanks, that worked! I ended up with: password_query = select 'y' as proxy, \ NULL AS password, \ 'y' as nopassword, \ case '%a' \ when 110 then 2110 \ when 995 then 2995 \ when 143 then 2143 \ when 993 then 2993 \ when 24 then 224 \ when 4190 then 24190 end \ as port, \ case '%a' \ when 995 then 'any-cert' \ when 993 then 'any-cert' end \ as `ssl`; -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:48 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From rago at lal.in2p3.fr Tue Jun 12 12:41:47 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 11:41:47 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <20120609191958.GA12009@daniel.localdomain> References: <4FD0EB43.8070104@lal.in2p3.fr> <20120609191958.GA12009@daniel.localdomain> Message-ID: <4FD70EDB.6060105@lal.in2p3.fr> On 06/09/2012 09:19 PM, Daniel Parthey wrote: > Hi Emiliano, > > Emiliano Rago wrote: >> I need to set up a weird dovecot configuration: >> >> 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme >> 2) inside a ssl tunnel I'd like to authenticate only with plain auth > > You might try to set up two instances of dovecot, one for plain, one for ssl: > > http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Uhmmm, I don't like too much that solution, anyway, thank you very much! Regards, Emiliano From amateo at um.es Tue Jun 12 13:23:28 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:23:28 +0200 Subject: [Dovecot] Problem with lmtp director proxy Message-ID: <4FD718A0.50605@um.es> Hi, I have a timeout problem only when I have heavy load in my system. I have two director servers directing to 4 backend servers. The problem is when my smtp relays tries to deliver mail to my users via lmtp (proxied with director). In the smtp logs I have: Jun 12 11:41:18 xenon13 postfix/lmtp[4248]: 4433E5D5A0: to=, relay=pop.um.es[155.54.212.106]:24, delay=31, delays=0.41/0.06/0/30, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) If I look for this connection in the director servers I have: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) and in one of the final server (the one for the user in question): Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) So the mail seems to be correctly delivered in about 30 seconds. All my postfix timeouts are bigger than this time: lmtp_connect_timeout = 0s lmtp_connection_cache_time_limit = 2s lmtp_connection_reuse_time_limit = 300s lmtp_data_done_timeout = 600s lmtp_data_init_timeout = 120s lmtp_data_xfer_timeout = 180s lmtp_lhlo_timeout = 300s lmtp_mail_timeout = 300s lmtp_pix_workaround_delay_time = 10s lmtp_pix_workaround_threshold_time = 500s lmtp_quit_timeout = 300s lmtp_rcpt_timeout = 300s lmtp_rset_timeout = 20s lmtp_sasl_auth_cache_time = 90d lmtp_starttls_timeout = 300s lmtp_tls_session_cache_timeout = 3600s lmtp_xforward_timeout = 300s So... why do I have this error? As a side effect this mail was delivered twice in the user's mailbox, this is one and the other when postfix retries again. Any help? Thank you -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From janfrode at tanso.net Tue Jun 12 13:38:54 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 12 Jun 2012 12:38:54 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <20120612103854.GA29754@dibs.tanso.net> On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: > I have two director servers directing to 4 backend servers. Which dovecot version are you running on your directors and backends? We're running 2.0.14 plus the below linked patches and have not since this problem since applying the last one. http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c -jf From amateo at um.es Tue Jun 12 13:47:40 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:47:40 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <20120612103854.GA29754@dibs.tanso.net> References: <4FD718A0.50605@um.es> <20120612103854.GA29754@dibs.tanso.net> Message-ID: <4FD71E4C.1010509@um.es> El 12/06/12 12:38, Jan-Frode Myklebust escribi?: > On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: >> I have two director servers directing to 4 backend servers. > > Which dovecot version are you running on your directors and backends? > 2.1.5 > We're running 2.0.14 plus the below linked patches and have not > since this problem since applying the last one. > > > http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c > I have checked if those patchs are included: * The first one seems not to apply, because it's for lmtp-proxy.c and this file seems completely different than the one in the patch * The second is already applied -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From rago at lal.in2p3.fr Tue Jun 12 15:08:31 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 14:08:31 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders Message-ID: <4FD7313F.9060406@lal.in2p3.fr> Hi, I'd like to subscribe folder with doveadm: doveadm mailbox subscribe -u rago public.Conferences This command doesn't work, while it works with an ordinary folder. However it's possible to subscribe to the folder with an imap connection: 1 login rago "mypasswd" 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in 2 LSUB "" * * LSUB () "." "INBOX" 2 OK Lsub completed. 3 SUBSCRIBE "public.Conferences" 3 OK Subscribe completed. 4 LSUB "" * * LSUB () "." "INBOX" * LSUB () "." "public.Conferences" 4 OK Lsub completed. Am I doing anything wrong? This is my conf, thx for help, Emiliano # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 5 (Tikanga) ext4 auth_cache_size = 128 M auth_master_user_separator = * auth_mechanisms = plain cram-md5 mail_location = maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = . type = private } namespace { list = children location = maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } namespace { list = children location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC prefix = public. separator = . subscriptions = no type = public } passdb { args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt driver = passwd-file } passdb { args = /etc/dovecot/master-shared driver = passwd-file master = yes } passdb { args = /etc/dovecot/master-shared driver = passwd-file } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db sieve = /data/MAIL/SIEVE/%u/dovecot.sieve sieve_dir = /data/MAIL/SIEVE/%u } postmaster_address = root protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = mailreader mode = 0600 user = mailreader } } service imap-login { process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /etc/dovecot/postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = good day! Did anybody in here decide to go for commercial support from Dovecot Solutions Oy ? I'd like to know if you are satisfied with what they provide? if time of support reaction is really as what is stated at their site and stuff like that. From forall at stalowka.info Tue Jun 12 16:15:13 2012 From: forall at stalowka.info (For@ll) Date: Tue, 12 Jun 2012 15:15:13 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On 11.06.2012 16:03, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > I'm looking the same version but for Ubuntu Server 12.04. From lists at kokelnet.de Tue Jun 12 16:49:33 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Tue, 12 Jun 2012 15:49:33 +0200 Subject: [Dovecot] =?utf-8?q?Dovecot_2=2E1_stable_packages_for_Debian=3F?= In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: Am 12.06.2012 15:15, schrieb For at ll: > I'm looking the same version but for Ubuntu Server 12.04. I use the packages from https://launchpad.net/~christian-roessner-net/+archive/ppa in production. Also the description of this ppa warns to use these packages only if you're able to help youself and it's a development ppa. But I have had no problems yet with these packages. I think there aren't packages out there someone would provide support for. So, compile it or use those development/ community packages or wait until dovecot 2.1 will get into debian/ubuntu stable. Regards, Tobias Hachmer From e-frog at gmx.de Tue Jun 12 19:17:54 2012 From: e-frog at gmx.de (e-frog) Date: Tue, 12 Jun 2012 18:17:54 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD76BB2.7040906@gmx.de> On 12.06.2012 15:15, wrote For at ll: > On 11.06.2012 16:03, Tomislav Mihalicek wrote: >> >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> > > I'm looking the same version but for Ubuntu Server 12.04. > 2.1.7 just landed in quantal yesterday: https://launchpad.net/ubuntu/+source/dovecot From user+dovecot at localhost.localdomain.org Tue Jun 12 20:00:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 12 Jun 2012 19:00:27 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <1660278.PoqUOhb7Bf@x> References: <1660278.PoqUOhb7Bf@x> Message-ID: <4FD775AB.8010503@localhost.localdomain.org> On 06/12/2012 01:32 AM Stefan Fricke wrote: > I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. > It works well but I can't get Sieve working. I always get the error that the > target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to > create it? Not with your current configuration. See: http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 > > Here is my doveconf -n: > > # 2.0.19: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS > mail_debug = yes > mail_location = maildir:~/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 sieve > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH: > +MEDIUM > ssl_key = userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 10 > } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > } > protocol lda { > deliver_log_format = msgid=%m: %$ > mail_plugins = sieve > postmaster_address = postmaster > quota_full_tempfail = yes > rejection_reason = Your message to <%t> was automatically rejected:%n%r > } > > > Regards, Pascal -- The trapper recommends today: cafefeed.1216418 at localdomain.org From tss at iki.fi Tue Jun 12 20:15:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 20:15:22 +0300 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <4FD775AB.8010503@localhost.localdomain.org> References: <1660278.PoqUOhb7Bf@x> <4FD775AB.8010503@localhost.localdomain.org> Message-ID: <854C866C-44BB-4EF4-95A3-D765ED980833@iki.fi> On 12.6.2012, at 20.00, Pascal Volk wrote: > On 06/12/2012 01:32 AM Stefan Fricke wrote: >> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. >> It works well but I can't get Sieve working. I always get the error that the >> target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to >> create it? > > Not with your current configuration. See: > http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 Even better (more standard): Use fileinto :create "box"; From toml at engr.orst.edu Tue Jun 12 21:16:52 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Tue, 12 Jun 2012 11:16:52 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> Message-ID: <4FD78794.1030905@engr.orst.edu> On 6/11/12 5:21 AM, Timo Sirainen wrote: > On 8.6.2012, at 3.34, Tom Lieuallen wrote: > >> Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox& maildir). > > You should be able to use prefix=iphonemail/shared/ Timo et all, Unfortunately, that did not work. l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. So, the shared folders are listed twice when I do not include a prefix and neither are shown at all when I do include a prefix. namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = shared } I'm assuming I'm testing this correctly and in the best way. :-) thank you Tom Lieuallen From l.messner at physik.tu-berlin.de Tue Jun 12 21:56:13 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Tue, 12 Jun 2012 20:56:13 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611155124.GM89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> <20120611155124.GM89928@rosa.physik.tu-berlin.de> Message-ID: <20120612185613.GB80625@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 05:51:24PM +0200, Leon Me?ner wrote: > On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > > > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > >> i > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > >> > > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > > >> environment is being called too late. > > > > > > It's still looking inside the default krb5.keytab . > > > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. > > I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . > I will update the machine to 8.3 (which is the latest release in 8.x), Updating and recompiling did not help. I don't know where to look for the problem though. If i use the kerberos utilities with KRB5_KTNAME the environment variable is beeing picked up ok. 19:22_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab ktutil list /etc/mail3.krb5.keytab: Vno Type Principal 1 des-cbc-crc imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md4 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md5 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des3-cbc-sha1 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 19:34_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab kinit -k imap/mail3.physik-pool.tu-berlin.de 19:39_root at mail3:/usr/ports/mail/dovecot# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE Issued Expires Principal Jun 12 19:39:11 Jun 13 05:39:11 krbtgt/PCPOOL.PHYSIK.TU-BERLIN.DE at PCPOOL.PHYSIK.TU-BERLIN.DE From dmiller at amfes.com Tue Jun 12 21:56:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 12 Jun 2012 11:56:45 -0700 Subject: [Dovecot] gnutls support In-Reply-To: <1284640879.3030.460.camel@kurkku.sapo.corppt.com> References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: On 9/16/2010 5:41 AM, Timo Sirainen wrote: > On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >> Other than license issues, is there an advantage to using gnutls vs >> openssl? Or is openssl superior - at least in the current implementations? > Dovecot's GNUTLS support was written long time ago and its API has > changed since. It doesn't work. But a working GNUTLS support would still > be nice some day. I don't much like OpenSSL. > > With 2.1.7 - is GNUTLS supported? -- Daniel From tss at iki.fi Tue Jun 12 21:59:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 21:59:44 +0300 Subject: [Dovecot] gnutls support In-Reply-To: References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: <22E936E6-12A6-449E-A82F-6E1B5061FA9E@iki.fi> On 12.6.2012, at 21.56, Daniel L. Miller wrote: > On 9/16/2010 5:41 AM, Timo Sirainen wrote: >> On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >>> Other than license issues, is there an advantage to using gnutls vs >>> openssl? Or is openssl superior - at least in the current implementations? >> Dovecot's GNUTLS support was written long time ago and its API has >> changed since. It doesn't work. But a working GNUTLS support would still >> be nice some day. I don't much like OpenSSL. > With 2.1.7 - is GNUTLS supported? No, and I have no plans to add it. But I don't mind if someone sends a patch. From acrow at integrafin.co.uk Tue Jun 12 22:34:50 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Tue, 12 Jun 2012 20:34:50 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: <4FD799DA.6020508@integrafin.co.uk> > That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. > > Timo, Thanks, I pointed them both the to same location (I keep my indexes on an SSD array) and now shared folders seem to work fine. Cheers for your help, Alex From anmeyer at anup.de Tue Jun 12 23:41:33 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Tue, 12 Jun 2012 22:41:33 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: References: Message-ID: <20120612224133.6ae2eedb@itx.bitcorner.intern> Timo Sirainen wrote: > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > + dict: file backend supports now also fcntl/flock locking optionally > - imap-login: Memory leak fixed > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > login without master passdbs. > - sdbox: Don't use more fds than necessary when copying mails. > - mdbox kept the user's storage locked a bit longer than it needed to > Please can some soul explain the naming conventions used to release this software? Tue Jun 12 00:51:56 EEST 2012 Released v2.0.21. Tue May 29 22:24:49 EEST 2012 Released v2.1.7. I don't understand the numbering. Andreas From Ralf.Hildebrandt at charite.de Tue Jun 12 23:42:58 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Tue, 12 Jun 2012 22:42:58 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <20120612204258.GE13775@charite.de> * Andreas Meyer : > Timo Sirainen wrote: > > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > > > + dict: file backend supports now also fcntl/flock locking optionally > > - imap-login: Memory leak fixed > > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > > login without master passdbs. > > - sdbox: Don't use more fds than necessary when copying mails. > > - mdbox kept the user's storage locked a bit longer than it needed to > > > > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering. 2.0 and 2.1 are different branches. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From h.reindl at thelounge.net Tue Jun 12 23:45:40 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 12 Jun 2012 22:45:40 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <4FD7AA74.7030504@thelounge.net> Am 12.06.2012 22:41, schrieb Andreas Meyer: > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering the same as PHP http://www.php.net/archive/2012.php#id2012-05-08-1 PHP 5.4.3 and PHP 5.3.13 Released be happy that there is software where you not forced to upgrade as soon as a new manjor/minor version is out -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From amateo at um.es Wed Jun 13 09:58:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 08:58:46 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <4FD83A26.3030209@um.es> Hi, I have checked in almost every error I had that the error is produced whenever happens a timeout of 30 seconds between opening the connection between the director and backend server and the final delivery of the message in the user's mailbox. When I have mails with just a few of recipients, I have no problem because this 30 seconds timeout is never reached. But when I have mails with more recipients and my storage has workload it is sometimes reached. But I haven't found any configuration for this 30 seconds timeout. What could it be this option? Because I have configured proxy_timeout=120 in proxy configuration: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host Looking for this timeout in the code, I have found these defines: director/director.c:#define DIRECTOR_RECONNECT_TIMEOUT_MSECS (30*1000) director/director.c:#define DIRECTOR_USER_MOVE_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_SEND_USERS_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS (30*1000) director/director-request.c:#define DIRECTOR_REQUEST_TIMEOUT_SECS 30 lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) Could it be one of these timeouts? In this case... is there any way to configure it without changing code? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From oni-neko at gmx.net Wed Jun 13 10:47:02 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Wed, 13 Jun 2012 09:47:02 +0200 Subject: [Dovecot] question about changing certificate In-Reply-To: <4FD6497B.6090007@gedalya.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> Message-ID: <20120613074702.115300@gmx.net> thank you for your answer! -------- Original-Nachricht -------- > Datum: Mon, 11 Jun 2012 15:39:39 -0400 > Von: Gedalya > An: dovecot at dovecot.org > Betreff: Re: [Dovecot] question about changing certificate > Are both files identical, do they both contain the private key? umm, no, ok, I think I see at least part of the problem: I have only the certificate, but no key =/ durr, ok, that is way obvious as a problem. next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? thank you for answering my obviously quite, umm, uninformed questions =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From rago at lal.in2p3.fr Wed Jun 13 12:59:15 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 11:59:15 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD7313F.9060406@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> Message-ID: <4FD86473.8010104@lal.in2p3.fr> Hi, what it's happening with the doveadm command below is that the file modified is /data/MAIL/PUBLIC/subscriptions while I'd like to modify the file /data/MAIL/rago/subscriptions With subscriptions=no every user can subscribe to public folder, so perhaps this behaviour is inappropriate; suggestions? Thanks, Emiliano Rago On 06/12/2012 02:08 PM, Emiliano Rago wrote: > Hi, > > I'd like to subscribe folder with doveadm: > > doveadm mailbox subscribe -u rago public.Conferences > > This command doesn't work, while it works with an ordinary folder. > However it's possible to subscribe to the folder with an imap connection: > > 1 login rago "mypasswd" > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > RIGHTS=texk] Logged in > 2 LSUB "" * > * LSUB () "." "INBOX" > 2 OK Lsub completed. > 3 SUBSCRIBE "public.Conferences" > 3 OK Subscribe completed. > 4 LSUB "" * > * LSUB () "." "INBOX" > * LSUB () "." "public.Conferences" > 4 OK Lsub completed. > > Am I doing anything wrong? > > This is my conf, thx for help, > Emiliano > > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > Server release 5 (Tikanga) ext4 > auth_cache_size = 128 M > auth_master_user_separator = * > auth_mechanisms = plain cram-md5 > mail_location = > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date > mbox_write_locks = fcntl > namespace { > inbox = yes > location = > prefix = > separator = . > type = private > } > namespace { > list = children > location = > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > prefix = shared.%%u. > separator = . > subscriptions = no > type = shared > } > namespace { > list = children > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > prefix = public. > separator = . > subscriptions = no > type = public > } > passdb { > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > driver = passwd-file > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > master = yes > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_anyone = allow > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > sieve_dir = /data/MAIL/SIEVE/%u > } > postmaster_address = root > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > unix_listener auth-userdb { > group = mailreader > mode = 0600 > user = mailreader > } > } > service imap-login { > process_min_avail = 8 > service_count = 0 > vsz_limit = 512 M > } > service imap-postlogin { > executable = script-login /etc/dovecot/postlogin.sh > user = $default_internal_user > } > service imap { > executable = imap imap-postlogin > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > userdb { > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > allow_all_users=yes > driver = static > } > protocol lda { > mail_plugins = acl sieve > } > protocol imap { > mail_max_userip_connections = 128 > mail_plugins = acl imap_acl > } From gedalya at gedalya.net Wed Jun 13 13:14:51 2012 From: gedalya at gedalya.net (Gedalya) Date: Wed, 13 Jun 2012 06:14:51 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120613074702.115300@gmx.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> <20120613074702.115300@gmx.net> Message-ID: <4FD8681B.4070609@gedalya.net> On 06/13/2012 03:47 AM, oni-neko at gmx.net wrote: > next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? You certainly can't use the certificate without the key. And I guess dovecot needs ssl_key_file, unless it would be smart enough to figure it out for itself when you omit it. Either way, here is basically how it works. A certificate is not a secret, you in fact push it down to every connecting client. A certificate is something that identifies a server, and the private key is what makes it possible for you to demonstrate that you are the owner of the certificate. When a CA signs your certificate, you send them the public half of your key, and they make a certificate from it, and sign it, and that basically says: we were convinced that the entity that holds this key has a legitimate connection to this domain name. All that remains is for you to prove to the world that you are actually you = you are in possession of the private key. So, dovecot actually needs the key to do this mathematical magic every time a client connects. From amateo at um.es Wed Jun 13 14:15:00 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 13:15:00 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: <4FD87634.9000407@um.es> On 11/06/12 13:45, Timo Sirainen wrote: > On 11.6.2012, at 13.19, Angel L. Mateo wrote: > >>> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >>> >> What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? > > Yes. > >> Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. >> >> What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? > > If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. > I'm trying to configure it this way, so I have configure process_limit to the number of cores and client_limit big enough to attempt the maximum number of connections configured at the backends. In my test environment I have configured (this is extracted from doveconf -n output): service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } When I made the first connection, there's no problem, but if I try a second while the first is still open, I get: Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): client_limit (1) reached, client connections are being dropped Why is telling me that client_limit is reached? What client_limit is used? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Wed Jun 13 15:06:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:06:01 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD87634.9000407@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> Message-ID: <1339589161.25551.0.camel@innu> On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: > In my test environment I have configured (this is extracted from > doveconf -n output): > > service imap-login { > client_limit = 10740 > executable = imap-login director > process_limit = 1 > process_min_avail = 1 > } > > When I made the first connection, there's no problem, but if I try a > second while the first is still open, I get: > > Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): > client_limit (1) reached, client connections are being dropped > > Why is telling me that client_limit is reached? What client_limit is used? Dunno. What Dovecot version? Show the whole doveconf -n? You don't have multiple dovecot.confs, right? From amateo at um.es Wed Jun 13 15:15:30 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 14:15:30 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339589161.25551.0.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> Message-ID: <4FD88462.5070908@um.es> On 13/06/12 14:06, Timo Sirainen wrote: > On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: >> In my test environment I have configured (this is extracted from >> doveconf -n output): >> >> service imap-login { >> client_limit = 10740 >> executable = imap-login director >> process_limit = 1 >> process_min_avail = 1 >> } >> >> When I made the first connection, there's no problem, but if I try a >> second while the first is still open, I get: >> >> Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): >> client_limit (1) reached, client connections are being dropped >> >> Why is telling me that client_limit is reached? What client_limit is used? > > Dunno. What Dovecot version? Show the whole doveconf -n? You don't have > multiple dovecot.confs, right? > > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have multiple.confs but, because I'm managing configuration with puppet, is easier for me to have a few "service imap-login" entries in the 10-master.conf file. In previous checks I did, it seems to be mixed without problems, but I'm going to try to manually mixed them. What I have is: service imap-login { inet_listener imap { #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } # Number of connections to handle before starting a new process. Typically # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 # is faster. #service_count = 1 # Number of processes to always keep waiting for more connections. #process_min_avail = 0 # If you set service_count=0, you probably need to grow this. #vsz_limit = $default_vsz_limit } ... service imap-login { executable = imap-login director client_limit = 10740 process_limit = 1 process_min_avail = 1 } -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-4-amd64 x86_64 Ubuntu 10.04.4 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.187 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/expunged:INDEX=/var/indexes/%n prefix = .EXPUNGED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted:INDEX=/var/indexes/%n prefix = .DELETED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted/expunged:INDEX=/var/indexes/%n prefix = .DELETED/.EXPUNGED/ separator = / subscriptions = no type = private } namespace { inbox = yes location = prefix = separator = / } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } protocols = imap pop3 lmtp imap lmtp pop3 service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } service imap { process_limit = 5120 process_min_avail = 1 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { client_limit = 2500 executable = pop3-login director process_limit = 1 process_min_avail = 1 } service pop3 { process_min_avail = 1 } ssl = no ssl_cert = References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> Message-ID: <1339590528.25551.2.camel@innu> On Wed, 2012-06-13 at 14:15 +0200, Angel L. Mateo wrote: > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have > multiple.confs but, because I'm managing configuration with puppet, is > easier for me to have a few "service imap-login" entries in the > 10-master.conf file. In previous checks I did, it seems to be mixed > without problems, but I'm going to try to manually mixed them. What I > have is: .. > service imap-login { > # Number of connections to handle before starting a new process. > Typically > # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 > # is faster. > #service_count = 1 Oh, right, service_count=1 is the default and that overrides client_limit. Set it to 0. From tss at iki.fi Wed Jun 13 15:39:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:39:47 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339590528.25551.2.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> Message-ID: <1339591187.25551.3.camel@innu> On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: > Oh, right, service_count=1 is the default and that overrides > client_limit. Set it to 0. http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 From tss at iki.fi Wed Jun 13 15:50:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:50:33 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD86473.8010104@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> Message-ID: <1339591833.25551.4.camel@innu> Does it work if you do it via imap? echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > Hi, > > what it's happening with the doveadm command below is that > the file modified is /data/MAIL/PUBLIC/subscriptions > while I'd like to modify the file /data/MAIL/rago/subscriptions > > With subscriptions=no every user can subscribe to public folder, > so perhaps this behaviour is inappropriate; suggestions? > > Thanks, > Emiliano Rago > > > On 06/12/2012 02:08 PM, Emiliano Rago wrote: > > Hi, > > > > I'd like to subscribe folder with doveadm: > > > > doveadm mailbox subscribe -u rago public.Conferences > > > > This command doesn't work, while it works with an ordinary folder. > > However it's possible to subscribe to the folder with an imap connection: > > > > 1 login rago "mypasswd" > > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > > RIGHTS=texk] Logged in > > 2 LSUB "" * > > * LSUB () "." "INBOX" > > 2 OK Lsub completed. > > 3 SUBSCRIBE "public.Conferences" > > 3 OK Subscribe completed. > > 4 LSUB "" * > > * LSUB () "." "INBOX" > > * LSUB () "." "public.Conferences" > > 4 OK Lsub completed. > > > > Am I doing anything wrong? > > > > This is my conf, thx for help, > > Emiliano > > > > # 2.0.9: /etc/dovecot/dovecot.conf > > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > > Server release 5 (Tikanga) ext4 > > auth_cache_size = 128 M > > auth_master_user_separator = * > > auth_mechanisms = plain cram-md5 > > mail_location = > > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > > > maildir_very_dirty_syncs = yes > > managesieve_notify_capability = mailto > > managesieve_sieve_capability = fileinto reject envelope > > encoded-character vacation subaddress comparator-i;ascii-numeric > > relational regex imap4flags copy include variables body enotify > > environment mailbox date > > mbox_write_locks = fcntl > > namespace { > > inbox = yes > > location = > > prefix = > > separator = . > > type = private > > } > > namespace { > > list = children > > location = > > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > > prefix = shared.%%u. > > separator = . > > subscriptions = no > > type = shared > > } > > namespace { > > list = children > > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > > prefix = public. > > separator = . > > subscriptions = no > > type = public > > } > > passdb { > > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > > driver = passwd-file > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > master = yes > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > plugin { > > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > > acl_anyone = allow > > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > > sieve_dir = /data/MAIL/SIEVE/%u > > } > > postmaster_address = root > > protocols = imap sieve > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > unix_listener auth-userdb { > > group = mailreader > > mode = 0600 > > user = mailreader > > } > > } > > service imap-login { > > process_min_avail = 8 > > service_count = 0 > > vsz_limit = 512 M > > } > > service imap-postlogin { > > executable = script-login /etc/dovecot/postlogin.sh > > user = $default_internal_user > > } > > service imap { > > executable = imap imap-postlogin > > } > > ssl_cert = > ssl_key = > userdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > userdb { > > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > > allow_all_users=yes > > driver = static > > } > > protocol lda { > > mail_plugins = acl sieve > > } > > protocol imap { > > mail_max_userip_connections = 128 > > mail_plugins = acl imap_acl > > } > From tss at iki.fi Wed Jun 13 15:59:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:59:29 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD83A26.3030209@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> Message-ID: <1339592369.25551.7.camel@innu> On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: > I have checked in almost every error I had that the error is produced > whenever happens a timeout of 30 seconds between opening the connection > between the director and backend server and the final delivery of the > message in the user's mailbox. > > When I have mails with just a few of recipients, I have no problem > because this 30 seconds timeout is never reached. But when I have mails > with more recipients and my storage has workload it is sometimes reached. Ah, so it's not really a bug. I thought it might be because there had been such problems before. > But I haven't found any configuration for this 30 seconds timeout. What > could it be this option? Because I have configured proxy_timeout=120 in > proxy configuration: > > pass_attrs = > irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host This should work.. > lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) This is the default, but proxy_timeout should override it. What do you get in logs with auth_debug=yes? From rago at lal.in2p3.fr Wed Jun 13 16:24:02 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 15:24:02 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <1339591833.25551.4.camel@innu> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> Message-ID: <4FD89472.2070002@lal.in2p3.fr> It works! Thanks! Emiliano On 06/13/2012 02:50 PM, Timo Sirainen wrote: > Does it work if you do it via imap? > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: >> Hi, >> >> what it's happening with the doveadm command below is that >> the file modified is /data/MAIL/PUBLIC/subscriptions >> while I'd like to modify the file /data/MAIL/rago/subscriptions >> >> With subscriptions=no every user can subscribe to public folder, >> so perhaps this behaviour is inappropriate; suggestions? >> >> Thanks, >> Emiliano Rago >> >> >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: >>> Hi, >>> >>> I'd like to subscribe folder with doveadm: >>> >>> doveadm mailbox subscribe -u rago public.Conferences >>> >>> This command doesn't work, while it works with an ordinary folder. >>> However it's possible to subscribe to the folder with an imap connection: >>> >>> 1 login rago "mypasswd" >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL >>> RIGHTS=texk] Logged in >>> 2 LSUB "" * >>> * LSUB () "." "INBOX" >>> 2 OK Lsub completed. >>> 3 SUBSCRIBE "public.Conferences" >>> 3 OK Subscribe completed. >>> 4 LSUB "" * >>> * LSUB () "." "INBOX" >>> * LSUB () "." "public.Conferences" >>> 4 OK Lsub completed. >>> >>> Am I doing anything wrong? >>> >>> This is my conf, thx for help, >>> Emiliano >>> >>> # 2.0.9: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux >>> Server release 5 (Tikanga) ext4 >>> auth_cache_size = 128 M >>> auth_master_user_separator = * >>> auth_mechanisms = plain cram-md5 >>> mail_location = >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u >>> >>> maildir_very_dirty_syncs = yes >>> managesieve_notify_capability = mailto >>> managesieve_sieve_capability = fileinto reject envelope >>> encoded-character vacation subaddress comparator-i;ascii-numeric >>> relational regex imap4flags copy include variables body enotify >>> environment mailbox date >>> mbox_write_locks = fcntl >>> namespace { >>> inbox = yes >>> location = >>> prefix = >>> separator = . >>> type = private >>> } >>> namespace { >>> list = children >>> location = >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u >>> prefix = shared.%%u. >>> separator = . >>> subscriptions = no >>> type = shared >>> } >>> namespace { >>> list = children >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC >>> prefix = public. >>> separator = . >>> subscriptions = no >>> type = public >>> } >>> passdb { >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt >>> driver = passwd-file >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> master = yes >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> plugin { >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 >>> acl_anyone = allow >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve >>> sieve_dir = /data/MAIL/SIEVE/%u >>> } >>> postmaster_address = root >>> protocols = imap sieve >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> mode = 0666 >>> } >>> unix_listener auth-userdb { >>> group = mailreader >>> mode = 0600 >>> user = mailreader >>> } >>> } >>> service imap-login { >>> process_min_avail = 8 >>> service_count = 0 >>> vsz_limit = 512 M >>> } >>> service imap-postlogin { >>> executable = script-login /etc/dovecot/postlogin.sh >>> user = $default_internal_user >>> } >>> service imap { >>> executable = imap imap-postlogin >>> } >>> ssl_cert =>> ssl_key =>> userdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> userdb { >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u >>> allow_all_users=yes >>> driver = static >>> } >>> protocol lda { >>> mail_plugins = acl sieve >>> } >>> protocol imap { >>> mail_max_userip_connections = 128 >>> mail_plugins = acl imap_acl >>> } >> > > From tss at iki.fi Wed Jun 13 16:38:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:38:43 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD78794.1030905@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> Message-ID: <1339594723.25551.8.camel@innu> On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: > namespace { > hidden = yes > inbox = no > list = children > location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u > prefix = iphonemail/sharedimap/ > separator = / > type = shared type=public and same for the other shared namespace. The type=shared namespaces are for mailboxes shared between users. From tss at iki.fi Wed Jun 13 16:40:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:40:22 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD89472.2070002@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> <4FD89472.2070002@lal.in2p3.fr> Message-ID: <1339594822.25551.9.camel@innu> OK. v2.1 should have fixed this also for doveadm subscribe. On Wed, 2012-06-13 at 15:24 +0200, Emiliano Rago wrote: > It works! Thanks! > > Emiliano > > On 06/13/2012 02:50 PM, Timo Sirainen wrote: > > Does it work if you do it via imap? > > > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > >> Hi, > >> > >> what it's happening with the doveadm command below is that > >> the file modified is /data/MAIL/PUBLIC/subscriptions > >> while I'd like to modify the file /data/MAIL/rago/subscriptions > >> > >> With subscriptions=no every user can subscribe to public folder, > >> so perhaps this behaviour is inappropriate; suggestions? > >> > >> Thanks, > >> Emiliano Rago > >> > >> > >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: > >>> Hi, > >>> > >>> I'd like to subscribe folder with doveadm: > >>> > >>> doveadm mailbox subscribe -u rago public.Conferences > >>> > >>> This command doesn't work, while it works with an ordinary folder. > >>> However it's possible to subscribe to the folder with an imap connection: > >>> > >>> 1 login rago "mypasswd" > >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > >>> RIGHTS=texk] Logged in > >>> 2 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> 2 OK Lsub completed. > >>> 3 SUBSCRIBE "public.Conferences" > >>> 3 OK Subscribe completed. > >>> 4 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> * LSUB () "." "public.Conferences" > >>> 4 OK Lsub completed. > >>> > >>> Am I doing anything wrong? > >>> > >>> This is my conf, thx for help, > >>> Emiliano > >>> > >>> # 2.0.9: /etc/dovecot/dovecot.conf > >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > >>> Server release 5 (Tikanga) ext4 > >>> auth_cache_size = 128 M > >>> auth_master_user_separator = * > >>> auth_mechanisms = plain cram-md5 > >>> mail_location = > >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > >>> > >>> maildir_very_dirty_syncs = yes > >>> managesieve_notify_capability = mailto > >>> managesieve_sieve_capability = fileinto reject envelope > >>> encoded-character vacation subaddress comparator-i;ascii-numeric > >>> relational regex imap4flags copy include variables body enotify > >>> environment mailbox date > >>> mbox_write_locks = fcntl > >>> namespace { > >>> inbox = yes > >>> location = > >>> prefix = > >>> separator = . > >>> type = private > >>> } > >>> namespace { > >>> list = children > >>> location = > >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > >>> prefix = shared.%%u. > >>> separator = . > >>> subscriptions = no > >>> type = shared > >>> } > >>> namespace { > >>> list = children > >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > >>> prefix = public. > >>> separator = . > >>> subscriptions = no > >>> type = public > >>> } > >>> passdb { > >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > >>> driver = passwd-file > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> master = yes > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> plugin { > >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > >>> acl_anyone = allow > >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > >>> sieve_dir = /data/MAIL/SIEVE/%u > >>> } > >>> postmaster_address = root > >>> protocols = imap sieve > >>> service auth { > >>> unix_listener /var/spool/postfix/private/auth { > >>> mode = 0666 > >>> } > >>> unix_listener auth-userdb { > >>> group = mailreader > >>> mode = 0600 > >>> user = mailreader > >>> } > >>> } > >>> service imap-login { > >>> process_min_avail = 8 > >>> service_count = 0 > >>> vsz_limit = 512 M > >>> } > >>> service imap-postlogin { > >>> executable = script-login /etc/dovecot/postlogin.sh > >>> user = $default_internal_user > >>> } > >>> service imap { > >>> executable = imap imap-postlogin > >>> } > >>> ssl_cert = >>> ssl_key = >>> userdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> userdb { > >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > >>> allow_all_users=yes > >>> driver = static > >>> } > >>> protocol lda { > >>> mail_plugins = acl sieve > >>> } > >>> protocol imap { > >>> mail_max_userip_connections = 128 > >>> mail_plugins = acl imap_acl > >>> } > >> > > > > > From amateo at um.es Wed Jun 13 17:57:42 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 16:57:42 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339592369.25551.7.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> Message-ID: <4FD8AA66.7050909@um.es> El 13/06/12 14:59, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: >> I have checked in almost every error I had that the error is produced >> whenever happens a timeout of 30 seconds between opening the connection >> between the director and backend server and the final delivery of the >> message in the user's mailbox. >> >> When I have mails with just a few of recipients, I have no problem >> because this 30 seconds timeout is never reached. But when I have mails >> with more recipients and my storage has workload it is sometimes reached. > > Ah, so it's not really a bug. I thought it might be because there had > been such problems before. > >> But I haven't found any configuration for this 30 seconds timeout. What >> could it be this option? Because I have configured proxy_timeout=120 in >> proxy configuration: >> >> pass_attrs = >> irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host > > This should work.. > >> lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) > > This is the default, but proxy_timeout should override it. > But then, why timeout is reached after only 30 seconds? Could it be other define timeout like DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS? > What do you get in logs with auth_debug=yes? > I've got always auth_debug=yes. In the director server, logs are: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) but I have checked with newer errors, all I see in logs are "Connect from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not produced any more (maybe because director has this information yet?) At backend servers are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' From tss at iki.fi Wed Jun 13 18:17:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 18:17:57 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8AA66.7050909@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> Message-ID: <1339600677.25551.12.camel@innu> On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: > user=user1 proxy host=155.54.211.163 proxy_refresh=450 That says proxy_refresh, not proxy_timeout. > but I have checked with newer errors, all I see in logs are "Connect > from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not > produced any more (maybe because director has this information yet?) Director shouldn't affect it. There should still be auth input lines logged. doveconf -n? From toml at engr.orst.edu Wed Jun 13 19:58:19 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Wed, 13 Jun 2012 09:58:19 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <1339594723.25551.8.camel@innu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> Message-ID: <4FD8C6AB.6040909@engr.orst.edu> On 6/13/12 6:38 AM, Timo Sirainen wrote: > On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: >> namespace { >> hidden = yes >> inbox = no >> list = children >> location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u >> prefix = iphonemail/sharedimap/ >> separator = / >> type = shared > > type=public and same for the other shared namespace. The type=shared > namespaces are for mailboxes shared between users. > Unfortunately, it still isn't working. namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = public } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = public } l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. l list "sharedimap/" * * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" l OK List completed. l list "iphonemail/sharedimap/" * * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. It seems to me like the logic for deciding which namespaces to follow is something like this: * If mail prefix = "", inspect and potentially use all namespaces * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. thank you Tom Lieuallen From tss at iki.fi Wed Jun 13 20:07:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 20:07:23 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD8C6AB.6040909@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: On 13.6.2012, at 19.58, Tom Lieuallen wrote: >> type=public and same for the other shared namespace. The type=shared >> namespaces are for mailboxes shared between users. > > Unfortunately, it still isn't working. .. > It seems to me like the logic for deciding which namespaces to follow is something like this: > > * If mail prefix = "", inspect and potentially use all namespaces > > * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. > > In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? From amateo at um.es Wed Jun 13 20:11:36 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 19:11:36 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339600677.25551.12.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> Message-ID: <4FD8C9C8.6090608@um.es> El 13/06/12 17:17, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: >> user=user1 proxy host=155.54.211.163 proxy_refresh=450 > > That says proxy_refresh, not proxy_timeout. > >> but I have checked with newer errors, all I see in logs are "Connect >> from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not >> produced any more (maybe because director has this information yet?) > > Director shouldn't affect it. There should still be auth input lines > logged. doveconf -n? > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends So, at director servers the only logs I have are the one I have already sent. At the backend server, I have more logs, that are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: none: root=, index=, control=, inbox=, alt= Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: user1 home= uid=261853 gid=1001 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=262339 gid=1001 ... (more recipients for the same message) Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=255606 gid=1001 ... (more recipients for the same message) Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: Effective uid=255606, gid=1001, home= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: maildir++: root=/Maildir, index=/var/indexes/, control=, inbox=/Maildir, alt= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: using sieve path for user's script: /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: opening script /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: script binary /.dovecot.svbin successfully loaded Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: binary save: not saving binary /.dovecot.svbin, because it is already stored Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: executing script from /.dovecot.svbin Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) I have attached output of doveconf -n. What I have observed is that problem ocurrs when I have mails with lot of recipients, and happens to all recipients which data ends more than 30 seconds after the connection was established. Maybe this timeout has to be counted since the begining of the data command, not the establishment of the tcp connection, or, if this is another timer, the first should be greater. -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.185 155.54.211.186 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director } service imap { process_limit = 5120 process_min_avail = 6 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { executable = pop3-login director } ssl = no ssl_cert = Hi Sir/Madam, I am using dovecot with postfix email server to deliver our mails. Our requirement is to save mail file with different name. So Please help me to locate the module which save mail to inbox. -- -- Thanks & regards Neeraj Gupta Software Engineer Email Id : neeraj6117 at gmail.com Mo:+91-9990366116 From CMarcus at Media-Brokers.com Wed Jun 13 22:36:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 13 Jun 2012 15:36:58 -0400 Subject: [Dovecot] Please help me out. In-Reply-To: References: Message-ID: <4FD8EBDA.5080801@Media-Brokers.com> On 2012-06-13 2:02 PM, neeraj gupta wrote: > Hi Sir/Madam, > > I am using dovecot with postfix email server to deliver our mails. > Our requirement is to save mail file with different name. > So Please help me to locate the module which save mail to inbox. No idea what you are asking for... but if you really want to dictate somehow the actual filename(s) that are stored on the filesystem, please don't, and rather explain what problem you are trying to solve that you think this is a good solution to. -- Best regards, Charles From nairda91 at hotmail.com Wed Jun 13 23:46:20 2012 From: nairda91 at hotmail.com (arleal) Date: Wed, 13 Jun 2012 13:46:20 -0700 (PDT) Subject: [Dovecot] Auth password problem Message-ID: <34008289.post@talk.nabble.com> i have debian squeeze. i have installed mds with ldap integration and i want to use dovecot/LDAP but i have problems with login. I have dovecot 1.2. I try all of dovecot wiki but i dont know how to configure it good dovecot.conf protocols = imap imaps pop3 pop3s listen = *, :: auth_verbose = yes auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes login_greeting = royoleal.com mailserver ready. mail_location = maildir:/home/users/%u/Maildir disable_plaintext_auth = no ssl_cert_file = /etc/ssl/certs/mail.pem ssl_key_file = /etc/ssl/private/mail.key log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.log # IMAP configuration protocol imap { mail_plugins = quota imap_quota } # POP3 configuration protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_plugins = quota } # LDA configuration protocol lda { postmaster_address = postmaster auth_socket_path = /var/run/dovecot/auth-master mail_plugins = quota } # LDAP authentication auth default { mechanisms = plain login passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = dovecot group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } And this is dovecot-ldap.conf hosts = 127.0.0.1 auth_bind = yes ldap_version = 3 dn = cn=admin,dc=royoleal,dc=com dnpass = royoleal base = dc=royoleal,dc=com auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com scope = subtree user_attrs = uidNumber=uid,gidNumber=gid user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) pass_attrs = mail=mail,userPassword=password pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) default_pass_scheme = CRYPT When i try login with telnet or other program i have this problem in dovecot.log Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=14 3 rport=55040 resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid credentials (given password: prueba) Jun 13 22:45:13 auth(default): Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): Info: client out: FAIL 1 user=prueba at royoleal.com Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip= 127.0.0.1, secured Thanks. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34008289.html Sent from the Dovecot mailing list archive at Nabble.com. From ben at versang.com Thu Jun 14 10:20:05 2012 From: ben at versang.com (Ben Versang) Date: Thu, 14 Jun 2012 17:20:05 +1000 Subject: [Dovecot] Sieve stopped working Message-ID: Hi, I have installed RoundCube a couple of years ago on a Snow Leopard server. All nice and dandy up to today. Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. When I run ps aux |grep sieve it is not returning anything to me suggesting that the problem is not with sieve it-self but rather with Dovecot not starting the sieve. If anyone could give me some leads I can't think of anyting else. netstat -a |grep 2000 returns returns nothing telnet localhost 2000 Trying ::1... telnet: connect to address ::1: Connection refused Trying fe80::1... telnet: connect to address fe80::1: Connection refused Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused telnet: Unable to connect to remote host The rest of mail functions are working fine (IMAP, SMTP...). Thanks in advance Ben From voytek at sbt.net.au Thu Jun 14 10:34:45 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Thu, 14 Jun 2012 17:34:45 +1000 Subject: [Dovecot] migrating v.1 to v.2 Message-ID: I have a working Dovecot/MySQL with version 1.x I'm looking at setting a new server using ver. 2 I'm currently pre-planning: can I use config files from ver 1 installation on version 2 setup 'as is'; or what's a proper way to do such migration/upgrade ? -- V From nick+dovecot at bunbun.be Thu Jun 14 10:40:44 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Thu, 14 Jun 2012 09:40:44 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: Message-ID: <4FD9957C.9080605@bunbun.be> Voytek Eymont wrote: > I have a working Dovecot/MySQL with version 1.x > > I'm looking at setting a new server using ver. 2 > > I'm currently pre-planning: > can I use config files from ver 1 installation on version 2 setup 'as is'; > or what's a proper way to do such migration/upgrade ? > Hi, this question has been asked numerous times. It's also (in my case) the 1st couple of hits when searching in Google for "dovecot wiki upgrading". Try this http://wiki2.dovecot.org/Upgrading/ Rgds, N. From mikkel at euro123.dk Thu Jun 14 11:14:11 2012 From: mikkel at euro123.dk (Mikkel) Date: Thu, 14 Jun 2012 10:14:11 +0200 Subject: [Dovecot] disable_plaintext_auth = no as no effect on IMAP/POP3 logins Message-ID: <4FD99D53.7010300@euro123.dk> Hello In my installation the disable_plaintext_auth does not appear to take effect. I can see that the value is correct using doveconf -a but it doesn't change anything. Whenever attempting to log in using IMAP I get this: * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. POP3 login attempts give this error: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections Besides adding disable_plaintext_auth=no to dovecot.conf I also tried adding it specifically to the imap section. I also tried to invoke it just for certain networks, like this: remote 0.0.0.0 { disable_plaintext_auth = no } But none of this takes any effect either. Adding the testing network as trusted networks is working fine removing the error. But I would rather not add the whole internet to the trusted network section just to allow plain text logins in imap. I'm in the process of migrating form 1.1 to 2.1 so this configuration is for testing things out and is mainly based on the default configuration files comming with the centos installation. I should add that everything else in this setup is working fine. I did many searches for information on this topic but nothing I could find apply to my case. I'm sorry to post such a long conf but I'm not sure what parts I could have safely omitted. Here goes: # doveconf -a # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 2 mins auth_cache_size = 0 auth_cache_ttl = 2 mins auth_debug = no auth_debug_passwords = no auth_default_realm = plain auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = plain login digest-md5 cram-md5 apop ntlm auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = no doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ first_valid_gid = 1 first_valid_uid = 105 hostname = usrmta01.talkactive.net imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_host = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = /var/log/dovecot/dovecot.run instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = /var/log/dovecot/dovecot.err log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = always mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = yes mail_nfs_storage = yes mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = yes namespace inbox { hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = no special_use = \Drafts } mailbox Junk { auto = no special_use = \Junk } mailbox Sent { auto = no special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Trash { auto = no special_use = \Trash } prefix = separator = subscriptions = yes type = private } passdb { args = /local/config/dovecot-sql.conf default_fields = deny = no driver = sql master = no override_fields = pass = no } plugin { quota = maildir quota_rule2 = Trash:storage=+10M:messages=+100 quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 sieve_extensions = +imapflags +notify trash = /local/config/dovecot-trash.conf } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener /var/spool/postfix/private/auth { group = mode = 0666 user = } unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 256 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 256 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = ssl_cert = References: <4FD99D53.7010300@euro123.dk> Message-ID: <4FD9ABA2.1030908@euro123.dk> I just found the solution by coincidence. It appears there is a configuration file named: /etc/dovecot/conf.d/10-ssl.conf In that file the following line was active ssl = required That setting apparently overrides what disable_plaintext_auth has to say. After commenting out the ssl=required entry everything works as expected :-) Regards, Mikkel Den 14/06/12 10.14, Mikkel skrev: > Hello > > In my installation the disable_plaintext_auth does not appear to take > effect. > I can see that the value is correct using doveconf -a but it doesn't > change anything. > > Whenever attempting to log in using IMAP I get this: > * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but > your client did it anyway. If anyone was listening, the password was > exposed. > ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on > non-secure (SSL/TLS) connections. > > POP3 login attempts give this error: > -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) > connections > > Besides adding disable_plaintext_auth=no to dovecot.conf I also tried > adding it specifically to the imap section. > I also tried to invoke it just for certain networks, like this: > > remote 0.0.0.0 { > disable_plaintext_auth = no > } > > But none of this takes any effect either. Adding the testing network as > trusted networks is working fine removing the error. > But I would rather not add the whole internet to the trusted network > section just to allow plain text logins in imap. > > I'm in the process of migrating form 1.1 to 2.1 so this configuration is > for testing things out and is mainly based on the default configuration > files comming with the centos installation. > I should add that everything else in this setup is working fine. > > > I did many searches for information on this topic but nothing I could > find apply to my case. > > I'm sorry to post such a long conf but I'm not sure what parts I could > have safely omitted. > Here goes: > > > # doveconf -a > # 2.1.1: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) > auth_anonymous_username = anonymous > auth_cache_negative_ttl = 2 mins > auth_cache_size = 0 > auth_cache_ttl = 2 mins > auth_debug = no > auth_debug_passwords = no > auth_default_realm = plain > auth_failure_delay = 2 secs > auth_first_valid_uid = 500 > auth_gssapi_hostname = > auth_krb5_keytab = > auth_last_valid_uid = 0 > auth_master_user_separator = > auth_mechanisms = plain > auth_realms = plain login digest-md5 cram-md5 apop ntlm > auth_socket_path = auth-userdb > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = no > auth_use_winbind = no > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > auth_username_format = %Lu > auth_username_translation = > auth_verbose = no > auth_verbose_passwords = no > auth_winbind_helper_path = /usr/bin/ntlm_auth > auth_worker_max_count = 30 > base_dir = /var/run/dovecot > config_cache_size = 1 M > debug_log_path = > default_client_limit = 1000 > default_idle_kill = 1 mins > default_internal_user = dovecot > default_login_user = dovenull > default_process_limit = 100 > default_vsz_limit = 256 M > deliver_log_format = msgid=%m: %$ > dict_db_config = > director_doveadm_port = 0 > director_mail_servers = > director_servers = > director_user_expire = 15 mins > disable_plaintext_auth = no > dotlock_use_excl = no > doveadm_allowed_commands = > doveadm_password = > doveadm_proxy_port = 0 > doveadm_socket_path = doveadm-server > doveadm_worker_count = 0 > dsync_alt_char = _ > first_valid_gid = 1 > first_valid_uid = 105 > hostname = usrmta01.talkactive.net > imap_capability = > imap_client_workarounds = > imap_id_log = > imap_id_send = > imap_idle_notify_interval = 2 mins > imap_logout_format = in=%i out=%o > imap_max_line_length = 64 k > imapc_host = > imapc_master_user = > imapc_password = > imapc_port = 143 > imapc_rawlog_dir = > imapc_ssl = no > imapc_ssl_ca_dir = > imapc_ssl_verify = yes > imapc_user = %u > import_environment = TZ > info_log_path = /var/log/dovecot/dovecot.run > instance_name = dovecot > last_valid_gid = 0 > last_valid_uid = 0 > lda_mailbox_autocreate = no > lda_mailbox_autosubscribe = no > lda_original_recipient_header = > libexec_dir = /usr/libexec/dovecot > listen = *, :: > lmtp_proxy = no > lmtp_save_to_detail_mailbox = no > lock_method = fcntl > log_path = /var/log/dovecot/dovecot.err > log_timestamp = "%b %d %H:%M:%S " > login_access_sockets = > login_greeting = Dovecot ready. > login_log_format = %$: %s > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c > login_trusted_networks = > mail_access_groups = > mail_attachment_dir = > mail_attachment_fs = sis posix > mail_attachment_hash = %{sha1} > mail_attachment_min_size = 128 k > mail_cache_fields = flags > mail_cache_min_mail_count = 0 > mail_chroot = > mail_debug = no > mail_fsync = always > mail_full_filesystem_access = no > mail_gid = > mail_home = > mail_location = > mail_log_prefix = "%s(%u): " > mail_max_keyword_length = 50 > mail_max_lock_timeout = 0 > mail_max_userip_connections = 10 > mail_never_cache_fields = imap.envelope > mail_nfs_index = yes > mail_nfs_storage = yes > mail_plugin_dir = /usr/lib64/dovecot > mail_plugins = quota > mail_prefetch_count = 0 > mail_privileged_group = > mail_save_crlf = no > mail_temp_dir = /tmp > mail_uid = > mailbox_idle_check_interval = 30 secs > mailbox_list_index = no > maildir_broken_filename_sizes = no > maildir_copy_with_hardlinks = yes > maildir_stat_dirs = no > maildir_very_dirty_syncs = no > master_user_separator = > mbox_dirty_syncs = yes > mbox_dotlock_change_timeout = 2 mins > mbox_lazy_writes = yes > mbox_lock_timeout = 5 mins > mbox_md5 = apop3d > mbox_min_index_size = 0 > mbox_read_locks = fcntl > mbox_very_dirty_syncs = no > mbox_write_locks = fcntl > mdbox_preallocate_space = no > mdbox_rotate_interval = 0 > mdbox_rotate_size = 2 M > mmap_disable = yes > namespace inbox { > hidden = no > ignore_on_failure = no > inbox = yes > list = yes > location = > mailbox Drafts { > auto = no > special_use = \Drafts > } > mailbox Junk { > auto = no > special_use = \Junk > } > mailbox Sent { > auto = no > special_use = \Sent > } > mailbox "Sent Messages" { > auto = no > special_use = \Sent > } > mailbox Trash { > auto = no > special_use = \Trash > } > prefix = > separator = > subscriptions = yes > type = private > } > passdb { > args = /local/config/dovecot-sql.conf > default_fields = > deny = no > driver = sql > master = no > override_fields = > pass = no > } > plugin { > quota = maildir > quota_rule2 = Trash:storage=+10M:messages=+100 > quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 > sieve_extensions = +imapflags +notify > trash = /local/config/dovecot-trash.conf > } > pop3_client_workarounds = > pop3_enable_last = no > pop3_fast_size_lookups = no > pop3_lock_session = no > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_no_flag_updates = no > pop3_reuse_xuidl = no > pop3_save_uidl = no > pop3_uidl_format = %08Xu%08Xv > pop3c_host = > pop3c_password = > pop3c_port = 110 > pop3c_rawlog_dir = > pop3c_ssl = no > pop3c_ssl_ca_dir = > pop3c_ssl_verify = yes > pop3c_user = %u > postmaster_address = > protocols = imap pop3 lmtp > quota_full_tempfail = no > recipient_delimiter = + > rejection_reason = Your message to <%t> was automatically rejected:%n%r > rejection_subject = Rejected: %s > sendmail_path = /usr/sbin/sendmail > service anvil { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = anvil > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 1 > protocol = > service_count = 0 > type = anvil > unix_listener anvil-auth-penalty { > group = > mode = 0600 > user = > } > unix_listener anvil { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = auth -w > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener auth-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = auth > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener /var/spool/postfix/private/auth { > group = > mode = 0666 > user = > } > unix_listener auth-client { > group = > mode = 0600 > user = > } > unix_listener auth-login { > group = > mode = 0600 > user = $default_internal_user > } > unix_listener auth-master { > group = > mode = 0600 > user = > } > unix_listener auth-userdb { > group = > mode = 0666 > user = > } > unix_listener login/login { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service config { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = config > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = config > unix_listener config { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service dict { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dict > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dict { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service director { > chroot = . > client_limit = 0 > drop_priv_before_exec = no > executable = director > extra_groups = > fifo_listener login/proxy-notify { > group = > mode = 00 > user = > } > group = > idle_kill = 4294967295 secs > inet_listener { > address = > port = 0 > ssl = no > } > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener director-admin { > group = > mode = 0600 > user = > } > unix_listener director-userdb { > group = > mode = 0600 > user = > } > unix_listener login/director { > group = > mode = 00 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service dns_client { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dns-client > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dns-client { > group = > mode = 0666 > user = > } > unix_listener login/dns-client { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service doveadm { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = doveadm-server > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener doveadm-server { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service imap-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = imap-login > extra_groups = > group = > idle_kill = 0 > inet_listener imap { > address = > port = 143 > ssl = no > } > inet_listener imaps { > address = > port = 993 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = imap > service_count = 0 > type = login > user = $default_login_user > vsz_limit = 256 M > } > service imap { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = imap > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = imap > service_count = 1 > type = > unix_listener login/imap { > group = > mode = 0666 > user = > } > user = > vsz_limit = 256 M > } > service indexer-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = indexer-worker > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 10 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = > vsz_limit = 18446744073709551615 B > } > service indexer { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = indexer > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service ipc { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = ipc > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener ipc { > group = > mode = 0600 > user = > } > unix_listener login/ipc-proxy { > group = > mode = 0600 > user = $default_login_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service lmtp { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = lmtp > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = lmtp > service_count = 0 > type = > unix_listener lmtp { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service log { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = log > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = log > unix_listener log-errors { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service pop3-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = pop3-login > extra_groups = > group = > idle_kill = 0 > inet_listener pop3 { > address = > port = 110 > ssl = no > } > inet_listener pop3s { > address = > port = 995 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = login > user = $default_login_user > vsz_limit = 18446744073709551615 B > } > service pop3 { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = pop3 > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = > unix_listener login/pop3 { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service ssl-params { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = ssl-params > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = startup > unix_listener login/ssl-params { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service stats { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = stats > extra_groups = > fifo_listener stats-mail { > group = > mode = 0600 > user = > } > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener stats { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > shutdown_clients = yes > ssl = required > ssl_ca = > ssl_cert = ssl_cert_username_field = commonName > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL > ssl_client_cert = > ssl_client_key = > ssl_crypto_device = > ssl_key = ssl_key_password = > ssl_parameters_regenerate = 1 weeks > ssl_protocols = !SSLv2 > ssl_verify_client_cert = no > stats_command_min_time = 1 mins > stats_domain_min_time = 12 hours > stats_ip_min_time = 12 hours > stats_memory_limit = 16 M > stats_session_min_time = 15 mins > stats_user_min_time = 1 hours > submission_host = > syslog_facility = mail > userdb { > args = > default_fields = > driver = prefetch > override_fields = > } > userdb { > args = /local/config/dovecot-sql.conf > default_fields = > driver = sql > override_fields = > } > valid_chroot_dirs = > verbose_proctitle = no > verbose_ssl = no > version_ignore = no > protocol lda { > mail_plugins = quota quota sieve trash > } > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > tb-lsub-flags > imap_logout_format = bytes=%i/%o > mail_plugins = quota quota imap_quota trash > } > protocol pop3 { > mail_plugins = quota quota > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_uidl_format = %08Xu%08Xv > } > > > Regards, Mikkel From branko at majic.rs Thu Jun 14 13:36:25 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 12:36:25 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34008289.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> Message-ID: <20120614123625.68527101@zetkin.int.primekey.se> Now, this answer won't help you, but you might find it useful (I've been fiddling with slapd access controls and what-not, so this helped me a lot). :) The best thing to debug the LDAP issues is to set the olcLogLevel in the slapd configuration tree to 256 - this way you'd get enough information to see what's going on when Dovecot tries to talk with the slapd server, and you won't get overwhelmed by the debugging information. On Debian Squeeze you'll also have to make sure you've set-up the log facility for slapd (by default it uses local4). You could add a file /etc/rsyslog.d/slapd.conf with the following line: local4.* /var/log/slapd.log Did you try logging-in by hand as well to the LDAP server? You could do it with, say: ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) arleal wrote: > > i have debian squeeze. i have installed mds with ldap integration and > i want to use dovecot/LDAP but i have problems with login. I have > dovecot 1.2. > > I try all of dovecot wiki but i dont know how to configure it good > > dovecot.conf > > protocols = imap imaps pop3 pop3s > listen = *, :: > auth_verbose = yes > auth_debug = yes > auth_debug_passwords = yes > mail_debug = yes > verbose_ssl = yes > login_greeting = royoleal.com mailserver ready. > mail_location = maildir:/home/users/%u/Maildir > disable_plaintext_auth = no > ssl_cert_file = /etc/ssl/certs/mail.pem > ssl_key_file = /etc/ssl/private/mail.key > log_path = /var/log/dovecot.log > info_log_path = /var/log/dovecot.log > > # IMAP configuration > protocol imap { > mail_plugins = quota imap_quota > } > > # POP3 configuration > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_plugins = quota > } > > # LDA configuration > protocol lda { > postmaster_address = postmaster > auth_socket_path = /var/run/dovecot/auth-master > mail_plugins = quota > } > > # LDAP authentication > > auth default { > mechanisms = plain login > > passdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > userdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0660 > user = dovecot > group = mail > } > > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > > > And this is dovecot-ldap.conf > > hosts = 127.0.0.1 > auth_bind = yes > ldap_version = 3 > dn = cn=admin,dc=royoleal,dc=com > dnpass = royoleal > base = dc=royoleal,dc=com > auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com > scope = subtree > user_attrs = uidNumber=uid,gidNumber=gid > user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > pass_attrs = mail=mail,userPassword=password > pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > default_pass_scheme = CRYPT > > When i try login with telnet or other program i have this problem in > dovecot.log > > > Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 > PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 > lport=14 3 rport=55040 > resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 > auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid > credentials (given password: prueba) Jun 13 22:45:13 auth(default): > Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): > Info: client out: FAIL 1 user=prueba at royoleal.com > Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=PLAIN, rip=127.0.0.1, > lip= 127.0.0.1, secured > > Thanks. -- Branko Majic Please use only Free formats when sending attachments to me. ?????? ????? ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From amateo at um.es Thu Jun 14 14:32:13 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 14 Jun 2012 13:32:13 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339591187.25551.3.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> <1339591187.25551.3.camel@innu> Message-ID: <4FD9CBBD.2020701@um.es> El 13/06/12 14:39, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: >> Oh, right, service_count=1 is the default and that overrides >> client_limit. Set it to 0. > > http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 > Thank you. This solved my problem. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013988.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013988.html Sent from the Dovecot mailing list archive at Nabble.com. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013987.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013987.html Sent from the Dovecot mailing list archive at Nabble.com. From branko at majic.rs Thu Jun 14 22:51:05 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 21:51:05 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34013987.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> <34013987.post@talk.nabble.com> Message-ID: <20120614215105.7944d8d3@trotsky.home.majic.rs> On Thu, 14 Jun 2012 12:18:35 -0700 (PDT) arleal wrote: > > I forgot see the ldap log. > In the ldap.log i cant see nothing about that user trying to login > with user prueba. > > That autenticate good. > > root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > Enter LDAP Password: > dn:uid=prueba,ou=Users,dc=royoleal,dc=com > > With telnet error of authentication. Hm... Since you're using Dovecot, can you see Dovecot logging-in onto the server and performing queries (for user information)? I'll probably take another look at your config tomorrow (I've got Dovecot talking to my LDAP on Squeeze, although a bit different configuration in my case). -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From voytek at sbt.net.au Fri Jun 15 02:32:28 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:32:28 +1000 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: <4FD9957C.9080605@bunbun.be> References: <4FD9957C.9080605@bunbun.be> Message-ID: Nick, thanks, and, apologies: I did have a brief look at the docs, clearly, not searched enough, my fault. the docs are amazing, and, excellent, and, have precise anwser, mea culpa > upgrading". Try this http://wiki2.dovecot.org/Upgrading/ -- Voytek From voytek at sbt.net.au Fri Jun 15 02:50:52 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:50:52 +1000 Subject: [Dovecot] imap max user ip conn, what's a safe increase? Message-ID: <6d5f54f3b9ba7f071def2453e9c15665.squirrel@sbt.net.au> I have dovecot 1.x, all's working well, thanks now that I'm using K9 mail on Android phone, whenever I try to access emails with an imap collect 'pass' from Snapper mail client on Palm, I get: "max number of connections from user+ip exceeded" I'm currently at default (unspecified) of 10 imap/3 pop what's a reasonable next number of IMAP connections I should up it to ? that won't bite on the backside...? 12 ? 20 ? when I run IMAP pass from Snapper, I only run it over inbox, maybe one other folder, max 2 folders, so 12 should do ? /etc/dovecot# grep max_user * dovecot.conf: #mail_max_userip_connections = 10 dovecot.conf: #mail_max_userip_connections = 3 -- Voytek From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 03:46:16 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 02:46:16 +0200 Subject: [Dovecot] Sieve stopped working In-Reply-To: References: Message-ID: <20120615004616.GA11872@daniel.localdomain> Hi Ben, Ben Versang wrote: > Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. > > netstat -a |grep 2000 returns > returns nothing > > telnet localhost 2000 > Trying 127.0.0.1... > telnet: connect to address 127.0.0.1: Connection refused > telnet: Unable to connect to remote host > > The rest of mail functions are working fine (IMAP, SMTP...). Did you have a look at the wiki article? http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due to the IANA port assignment for the ManageSieve service. Maybe you're looking at the wrong port. Please attach the output of doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From nick+dovecot at bunbun.be Fri Jun 15 10:57:40 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Fri, 15 Jun 2012 09:57:40 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: <4FD9957C.9080605@bunbun.be> Message-ID: <4FDAEAF4.3010908@bunbun.be> Hi Voytek, no apologies needed; Timo created an excellent wiki so that should be the 1st thing to search. But if there's anything unclear just ask. I'm not an expert but made the transitions from 1.2 -> 2.0 -> 2.1 thanks to this documentation. N. Voytek Eymont wrote: > Nick, > > thanks, and, apologies: > > I did have a brief look at the docs, clearly, not searched enough, my fault. > > the docs are amazing, and, excellent, and, have precise anwser, > mea culpa > >> upgrading". Try this http://wiki2.dovecot.org/Upgrading/ > > > From gedalya at gedalya.net Fri Jun 15 21:43:28 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:43:28 -0400 Subject: [Dovecot] doveadm backup panic Message-ID: <4FDB8250.8020600@gedalya.net> using latest auto build didn't help. this happens only with a specific account. # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup -u =----- at domain.com -R imapc: dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(---- at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7627bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7628658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb76e2e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb763a034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb76399d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb76e0297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb76df1e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb76f468b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Aborted From gedalya at gedalya.net Fri Jun 15 21:50:09 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:50:09 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB8250.8020600@gedalya.net> References: <4FDB8250.8020600@gedalya.net> Message-ID: <4FDB83E1.1070302@gedalya.net> On 06/15/2012 02:43 PM, Gedalya wrote: > using latest auto build didn't help. > this happens only with a specific account. > > # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup > -u =----- at domain.com -R imapc: > dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame > changed > dsync(---- at domain.com): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) > [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) > [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) > [0xb7627bf9] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) > [0xb7628658] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) > [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) > [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) > [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) > [0xb76e2e61] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) > [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) > [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) > [0xb763a034] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) > [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) > [0xb76399d0] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) > [0xb76e0297] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) > [0xb76df1e6] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] > -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) > [0xb76f468b] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) > [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> > doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) > [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> > doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> > doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] > Aborted > gdb: Starting program: /usr/bin/doveadm -o imapc_user=mailaccount at domain.com -o imapc_password=******* backup -u mailaccount at domain.com -R imapc: [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". dsync(mailaccount at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(mailaccount at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb7e5f7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7e49bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7e4a658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb7e4a75a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb7efe005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb7f00aa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb7f04e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb7f05a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb7f05aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb7e5c034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb7e5ce8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb7e5b9d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb7f02297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb7f011e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb7efffde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb7f1668b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb7f167cc] -> /usr/bin/doveadm() [0x8072510] -> /usr/bin/doveadm() [0x8072789] -> /usr/bin/doveadm() [0x80729b2] -> /usr/bin/doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> /usr/bin/doveadm() [0x806b6e1] -> /usr/bin/doveadm() [0x806b736] -> /usr/bin/doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> /usr/bin/doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Program received signal SIGABRT, Aborted. 0xb7fe1424 in __kernel_vsyscall () (gdb) bt full #0 0xb7fe1424 in __kernel_vsyscall () No symbol table info available. #1 0xb7cd8941 in raise () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #2 0xb7cdbd72 in abort () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #3 0xb7e4d0b0 in default_fatal_finish (type=, status=) at failures.c:191 backtrace = 0x80930a0 "/usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr"... #4 0xb7e4d1a1 in default_fatal_handler (ctx=0xbfffef94, format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed", args=0xbfffefb4 "U\001") at failures.c:205 status = 0 #5 0xb7e1f99e in i_panic (format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed") at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = 0xbfffefb4 "U\001" #6 0xb7e5f7ce in pool_data_stack_realloc (pool=0x8092fd0, mem=0x8093000, old_size=32, new_size=64) at mempool-datastack.c:118 dpool = 0x8092fd0 #7 0xb7e49bf9 in buffer_alloc (buf=0x8092fe0, size=64) at buffer.c:32 __FUNCTION__ = "buffer_alloc" #8 0xb7e4a658 in buffer_check_limits (data_size=4, pos=32, buf=0x8092fe0) at buffer.c:64 new_size = 36 #9 buffer_get_space_unsafe (_buf=0x8092fe0, pos=32, size=4) at buffer.c:273 buf = 0x8092fe0 #10 0xb7e4a75a in buffer_append_space_unsafe (buf=0x8092fe0, size=4) at buffer.c:279 No locals. #11 0xb7efe005 in array_append_space_i (array=) at ../../../../src/lib/array.h:232 data = #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} kw = _data_stack_cur_id = 6 lseq = 341 rseq = 341 mailp = list = 0x80c72c8 flags_list = 0x80c7458 atom = 0x80c7570 "679" rec = flags = MAIL_SEEN ---Type to continue, or q to quit--- fetch_uid = 679 uid = 679 i = j = keywords = {arr = {buffer = 0x8092fe0, element_size = 4}, v = 0x8092fe0, v_modifiable = 0x8092fe0} seen_flags = __FUNCTION__ = "imapc_untagged_fetch" #13 0xb7f00aa9 in imapc_storage_untagged_cb (reply=0xbffff184, context=0x80c53e8) at imapc-storage.c:170 mcb__foreach_end = 0x80fd648 storage = 0x80c53e8 mbox = 0x80fd2c8 cb = mcb = 0x80fd638 #14 0xb7f04e61 in imapc_connection_input_untagged (conn=0x80c1950) at imapc-connection.c:906 imap_args = 0x80c7228 name = 0x80c72a0 "FETCH" value = parser = 0x80c7170 reply = {name = 0x80c72a0 "FETCH", num = 341, args = 0x80c7228, file_args = 0x80c1b08, file_args_count = 0, resp_text_key = 0x0, resp_text_value = 0x0, untagged_box_context = 0x80fd2c8} ret = #15 0xb7f05a3d in imapc_connection_input_one (conn=0x80c1950) at imapc-connection.c:1061 tag = 0x80c7290 "*" ret = -1 #16 imapc_connection_input_pending (conn=0x80c1950) at imapc-connection.c:1407 _data_stack_cur_id = 5 ret = #17 0xb7f05aac in imapc_connection_input (conn=0x80c1950) at imapc-connection.c:1100 errstr = ret = #18 0xb7e5c034 in io_loop_call_io (io=0x80d3d28) at ioloop.c:379 ioloop = 0x81655e0 t_id = 4 #19 0xb7e5ce8e in io_loop_handler_run (ioloop=0x81655e0) at ioloop-epoll.c:213 ctx = 0x80d3d58 events = 0x0 event = 0x80dec28 list = 0x80e3bb0 io = ---Type to continue, or q to quit--- tv = {tv_sec = 299, tv_usec = 999988} events_count = 1 msecs = ret = 1 i = j = call = #20 0xb7e5b9d0 in io_loop_run (ioloop=0x81655e0) at ioloop.c:398 No locals. #21 0xb7f02297 in imapc_client_run_pre (client=) at imapc-client.c:142 connp = prev_ioloop = 0x80984c8 #22 imapc_client_run (client=0x80c5bf0) at imapc-client.c:161 No locals. #23 0xb7f011e6 in imapc_storage_run (storage=0x80c53e8) at imapc-storage.c:118 No locals. #24 0xb7efffde in imapc_sync_index (ctx=0x80e6bb8) at imapc-sync.c:351 mbox = 0x80fd2c8 sync_rec = {uid1 = 3221222620, uid2 = 3086630900, type = 134997136, add_flags = 244 '\364', remove_flags = 63 '?', keyword_idx = 3085040665, guid_128 = "mK\361\267,\364\377\277\334\364\377\277\060\346\f\b"} seq1 = 3085537268 seq2 = 135130168 #25 imapc_sync_begin (force=, ctx_r=, mbox=0x80fd2c8) at imapc-sync.c:422 ctx = 0x80e6bb8 sync_flags = ret = #26 imapc_sync (mbox=0x80fd2c8) at imapc-sync.c:464 sync_ctx = force = #27 imapc_mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at imapc-sync.c:498 mbox = 0x80fd2c8 capabilities = changes = false ret = #28 0xb7f1668b in mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1320 _data_stack_cur_id = 3 ctx = #29 0xb7f167cc in mailbox_sync (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1368 ctx = ---Type to continue, or q to quit--- status = {sync_delayed_expunges = 0} #30 0x08072510 in local_mailbox_open (guid=0x80e0e18, box_r=0xbffff4dc, worker=) at dsync-worker-local.c:791 lbox = 0x80ce610 box = 0x80fd2c8 metadata = {guid = "\210y\236\267\210\364\377\277\r\r?`\006\000", virtual_size = 13252281656649187328, cache_fields = 0x80fd2b8, precache_fields = 3080616300} #31 0x08072789 in iter_local_mailbox_open (iter=0x80ec1e8) at dsync-worker-local.c:826 worker = 0x80ce348 guid = 0x80e0e18 box = search_args = ret = #32 0x080729b2 in local_worker_msg_iter_next (_iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker-local.c:972 iter = 0x80ec1e8 mail = guid = #33 0x08070a69 in dsync_worker_msg_iter_next (iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker.c:122 _data_stack_cur_id = 2 ret = #34 0x0806b6e1 in dsync_brain_msg_iter_next (iter=0xb79e7960) at dsync-brain-msgs.c:84 ret = 1 #35 0x0806b736 in dsync_brain_msg_sync_mailbox_end (iter1=0xb79e7960, iter2=0xb79e79b8) at dsync-brain-msgs.c:360 ret = #36 0x0806bc7b in dsync_brain_msg_sync_mailbox_more (sync=) at dsync-brain-msgs.c:392 No locals. #37 dsync_brain_msg_sync_more (sync=0xb79e7028) at dsync-brain-msgs.c:407 mailboxes = 0xb79e7070 count = 26 mailbox_idx = #38 0x0806a3ab in dsync_brain_sync_msgs (brain=) at dsync-brain.c:736 mailboxes = {arr = {buffer = 0x80f6ab8, element_size = 88}, v = 0x80f6ab8, v_modifiable = 0x80f6ab8} pool = 0x80f6aa8 ret = #39 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:857 No locals. #40 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #41 0x0806b202 in dsync_brain_subs_list_finished (brain=) at dsync-brain.c:169 No locals. ---Type to continue, or q to quit--- #42 dsync_worker_subs_input (context=0x80ed188) at dsync-brain.c:222 list = 0x80ed188 subs = {vname = 0x0, storage_name = 0x0, ns_prefix = 0x0, last_change = 0} unsubs = {name_sha1 = {guid = '\000' }, ns_prefix = 0x0, last_change = 0} ret = #43 0x0806a715 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:842 No locals. #44 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #45 0x0806b060 in dsync_brain_mailbox_list_finished (brain=) at dsync-brain.c:98 No locals. #46 dsync_worker_mailbox_input (context=0x80d73c8) at dsync-brain.c:125 list = 0x80d73c8 dsync_box = {name = 0x0, name_sep = 0 '\000', name_sha1 = {guid = '\000' }, mailbox_guid = { guid = '\000' }, uid_validity = 0, uid_next = 0, message_count = 0, first_recent_uid = 0, highest_modseq = 0, last_change = 0, flags = 0, cache_fields = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, v_modifiable = 0x0}} dup_box = 0x80d1cd0 ret = #47 0x0806a755 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:833 No locals. #48 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #49 0x0806b298 in dsync_brain_sync_all (brain=0x80c1b70) at dsync-brain.c:897 old_state = DSYNC_STATE_GET_MAILBOXES __FUNCTION__ = "dsync_brain_sync_all" #50 0x08068445 in cmd_dsync_start (ctx=0x809ef98, worker1=, worker2=) at doveadm-dsync.c:342 brain = 0x80c1b70 #51 0x08068aa7 in cmd_dsync_run (_ctx=0x809ef98, user=0x80b4020) at doveadm-dsync.c:387 ctx = 0x809ef98 worker1 = 0x80ce348 worker2 = 0x80ba350 workertmp = lock_path = lock = 0x809efc4 lock_fd = ret = 0 #52 0x08054510 in doveadm_mail_next_user (error_r=0xbffffa5c, ctx=0x809ef98, input=) at doveadm-mail.c:311 ret = 0 ---Type to continue, or q to quit--- #53 doveadm_mail_next_user (ctx=0x809ef98, input=, error_r=0xbffffa5c) at doveadm-mail.c:270 error = ret = #54 0x08054fd0 in doveadm_mail_cmd (cmd=0x809d000, argc=, argv=0x80981e4) at doveadm-mail.c:518 input = {module = 0x0, service = 0x807b55c "doveadm", username = 0x8098245 "mailaccount at domain.com", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = { s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x809ef98 getopt_args = wildcard_user = 0x0 error = 0xb7cbb054 "" ret = c = #55 0x08055489 in doveadm_mail_try_run (cmd_name=0x809823b "backup", argc=5, argv=0x80981d4) at doveadm-mail.c:577 cmd__foreach_end = 0x809d03c cmd = 0x809d000 cmd_name_len = 6 __FUNCTION__ = "doveadm_mail_try_run" #56 0x08054151 in main (argc=5, argv=0x80981d4) at doveadm.c:376 cmd_name = i = quick_init = false c = From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:03:06 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:03:06 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> Message-ID: <20120615200306.GA8276@daniel.localdomain> Timo Sirainen wrote: > On 10.6.2012, at 2.56, Daniel Parthey wrote: > > > doveadm search -u user at example.org -S localhost:19000 all > > produces the following error in the logs: > > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > > > What am I missing? > > It's possible that this is just broken in v2.0. Try v2.1. mail01: 2.0.20 mail02: 2.1.7 mail03: 2.0.20 mail04: 2.0.20 Director for user at example.org currently points to mail02. Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), gettings segfaults on mail02 now. Got a core dump and created a gdb backtrace: mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all [...] 67b3b72453278b4f6a3d000051abeb58 447 67b3b72453278b4f6a3d000051abeb58 448 67b3b72453278b4f6a3d000051abeb58 449 67b3b72453278b4f6a3d000051abeb58 450 67b3b72453278b4f6a3d000051abeb58 451 67b3b72453278b4f6a3d000051abeb58 452 67b3b72453278b4f6a3d000051abeb58 453 67b3b72453278b4f6a3d000051abeb58 454 67b3b72453278b4f6a3d000051abeb58 455 67b3b72453278b4f6a3d000051abeb58 456 Segmentation fault (core dumped) gdb /usr/bin/doveadm /root/core (gdb) bt full #0 0x00007f953cbb9e32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007f953cc6eea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in ?? () No symbol table info available. #3 0x0000000000415667 in doveadm_print () No symbol table info available. #4 0x000000000041638d in ?? () No symbol table info available. #5 0x00007f953cf3f176 in io_loop_call_io () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #6 0x00007f953cf401ff in io_loop_handler_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #7 0x00007f953cf3f118 in io_loop_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #8 0x00007f953cf2b403 in master_service_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #9 0x0000000000414cae in ?? () No symbol table info available. #10 0x0000000000414dd2 in doveadm_mail_server_flush () No symbol table info available. #11 0x000000000041009a in ?? () No symbol table info available. #12 0x0000000000410501 in doveadm_mail_try_run () No symbol table info available. #13 0x0000000000417051 in main () No symbol table info available. Can you help to fix these segfaults, please? Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:11:33 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:11:33 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615200306.GA8276@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> Message-ID: <20120615201133.GA8541@daniel.localdomain> > mail01: 2.0.20 > mail02: 2.1.7 > mail03: 2.0.20 > mail04: 2.0.20 > > Director for user at example.org currently points to mail02. > > Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), > gettings segfaults on mail02 now. > > Got a core dump and created a gdb backtrace: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > [...] > 67b3b72453278b4f6a3d000051abeb58 447 > 67b3b72453278b4f6a3d000051abeb58 448 > 67b3b72453278b4f6a3d000051abeb58 449 > 67b3b72453278b4f6a3d000051abeb58 450 > 67b3b72453278b4f6a3d000051abeb58 451 > 67b3b72453278b4f6a3d000051abeb58 452 > 67b3b72453278b4f6a3d000051abeb58 453 > 67b3b72453278b4f6a3d000051abeb58 454 > 67b3b72453278b4f6a3d000051abeb58 455 > 67b3b72453278b4f6a3d000051abeb58 456 > Segmentation fault (core dumped) (gdb) bt full #0 0x00007ff6c763de32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007ff6c76f2ea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in printf (value=0x64697567
) at /usr/include/bits/stdio2.h:105 No locals. #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 hdr = #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 headers = 0x1c37120 #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 text = 0x0 #6 server_handle_input (conn=0x1c4ab10) at server-connection.c:150 str = 0x1c28938 i = #7 server_connection_input (conn=0x1c4ab10) at server-connection.c:254 data = 0x1c4eae0 "b4f6a3d000051abeb58\t450\t67b3b72453278b4f6a3d000051abeb58\t451\t67b3b72453278b4f6a3d000051abeb58\t452\t67b3b72453278b4f6a3d000051abeb58\t453\t67b3b72453278b4f6a3d000051abeb58\t454\t67b3b72453278b4f6a3d000051ab"... size = 8192 line = reply = #8 0x00007ff6c79c3176 in io_loop_call_io (io=0x1c386d0) at ioloop.c:379 ioloop = 0x1c30820 t_id = 2 #9 0x00007ff6c79c41ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x1c35ff0 event = 0x1c36660 list = 0x1c30350 io = 0x64697567 tv = {tv_sec = 59, tv_usec = 945631} msecs = ret = i = 0 call = false #10 0x00007ff6c79c3118 in io_loop_run (ioloop=0x1c30820) at ioloop.c:398 No locals. #11 0x00007ff6c79af403 in master_service_run (service=0x1c306d0, callback=0xffffe906) at master-service.c:544 No locals. #12 0x0000000000414cae in doveadm_server_flush_one (server=0x1c46b00) at doveadm-mail-server.c:149 count = 0 #13 0x0000000000414dd2 in doveadm_mail_server_flush () at doveadm-mail-server.c:307 server = 0x1c46b00 #14 0x000000000041009a in doveadm_mail_cmd (cmd=0x1c35ca8, argc=4, argv=0x1c303a0) at doveadm-mail.c:529 ctx = 0x1c36cb0 getopt_args = 0x4336e6 "AS:u:" wildcard_user = 0x0 error = ret = 0 c = #15 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x1c303f0 "search", argc=1227192544, argv=0x437727) at doveadm-mail.c:577 cmd__foreach_end = 0x1c35e28 cmd = 0x1c35ca8 cmd_name_len = 0 __FUNCTION__ = "doveadm_mail_try_run" #16 0x0000000000417051 in main (argc=4, argv=0x1c30388) at doveadm.c:373 cmd_name = 0x1c303f0 "search" quick_init = false c = From tss at iki.fi Sat Jun 16 02:04:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:04:21 +0300 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB83E1.1070302@gedalya.net> References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: On 15.6.2012, at 21.50, Gedalya wrote: > #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 > old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d From tss at iki.fi Sat Jun 16 02:13:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:13:47 +0300 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615201133.GA8541@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> Message-ID: <1339802027.5967.31.camel@hurina> On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all .. > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > hdr = > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > headers = 0x1c37120 > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > text = 0x0 Hmm. See if the attached patch fixes it? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1177 bytes Desc: not available URL: From tss at iki.fi Sat Jun 16 02:22:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:22:22 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8C9C8.6090608@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> Message-ID: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> On 13.6.2012, at 20.11, Angel L. Mateo wrote: > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 Director adds proxy_refresh, but preserves proxy_timeout. From gedalya at gedalya.net Sat Jun 16 03:44:55 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 20:44:55 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: <4FDBD707.9030106@gedalya.net> On 06/15/2012 07:04 PM, Timo Sirainen wrote: > On 15.6.2012, at 21.50, Gedalya wrote: > >> #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 >> old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d > Yes, works now! Thank you. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 16 13:55:07 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 16 Jun 2012 12:55:07 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: Message-ID: > When i telnet to imap server and execute by hand > 1 login user password > select foldername > search body "someword" sorry it was 2 and 3 just like 1 at login. > > it works fine, and at blazing speed except first run (indexing). > i already indexed everything by doveadm index offline to prevent server > overload if multiple users (after i tell them) will try fulltext search. > > All great BUT it doesn't work in thunderbird. Just gives zero results. > > i used tcpdump to check how thunderbird executes it and it uses > > search undeleted body "someword" > > tried manually and it DOES NOT WORK. always give empty results. > > even search all body "someword" doesn't work. > > while > > search body "someword" > > > always work very well. > > what's wrong? > > # 2.1.7: /usr/local/etc/dovecot/dovecot.conf > # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no > listen = * > mail_location = maildir:~/Maildir > mail_plugins = fts fts_squat > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = } > passdb { > args = /usr/local/etc/dovecot/deny-users > deny = yes > driver = passwd-file > } > passdb { > driver = pam > } > plugin { > fts = squat > fts_squat = partial=4 full=10 > } > protocols = imap > ssl_cert = ssl_key = userdb { > driver = passwd > } > protocol imap { > mail_plugins = fts fts_squat > } > > From jonrysh at pacbell.net Sat Jun 16 22:08:27 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 12:08:27 -0700 Subject: [Dovecot] Import from Evolution Message-ID: <1339873707.2732.11.camel@amito> I need to import the mail database generated by the evolution mail reader into dovecot. Evolution stores its mail in maildir format (fully standards compatible, I think); I would be using the maildir format in dovecot. Is there anything in the wiki, etc. explaining exactly how to do this? Why do this? Evolution is hopelessly broken, and is not likely to be fixed in the forseeable future, and I would like to keep my mails in maildir form. Reviews of kmail are very bad, and thunderbird uses the mbox format for storage. Thanks in advance - jon From p at state-of-mind.de Sat Jun 16 23:16:36 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 16 Jun 2012 22:16:36 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339873707.2732.11.camel@amito> References: <1339873707.2732.11.camel@amito> Message-ID: <20120616201636.GB6858@state-of-mind.de> * Jonathan Ryshpan : > I need to import the mail database generated by the evolution mail > reader into dovecot. Evolution stores its mail in maildir format (fully > standards compatible, I think); I would be using the maildir format in > dovecot. Is there anything in the wiki, etc. explaining exactly how to > do this? > > Why do this? Evolution is hopelessly broken, and is not likely to be > fixed in the forseeable future, and I would like to keep my mails in > maildir form. Reviews of kmail are very bad, and thunderbird uses the > mbox format for storage. If it is native maildir you can configure that/your account to use maildir and simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it will create the necessary index files and you are ready to use it. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From jonrysh at pacbell.net Sun Jun 17 00:23:38 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 14:23:38 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1339881818.2732.29.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. Sounds good. I'm sure than when you write "mailbox", you mean the folders (and not the index files) in the evolution mail database, located at ~/.local/share/evolution/mail/local and whose contents start: $ ls -lA ..#evolution.Junk.cmeta .jango.ibex.index.data ..#evolution.Trash.cmeta .jfour/ ..cmeta .jfour.cmeta ..maildir++ .jfour.ibex.index .Drafts/ .jfour.ibex.index.data .Drafts.cmeta .joer/ .Outbox/ .joer.cmeta .Outbox.cmeta .joyce/ <...> and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the system (via fetchmail and local sendmail). Please excuse me for double checking; evolution has archived 218,886 messages in 132 folders, and I want to avoid trouble if possible. Thanks for your help - jon From p at state-of-mind.de Sun Jun 17 01:04:31 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sun, 17 Jun 2012 00:04:31 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339881818.2732.29.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1339881818.2732.29.camel@amito> Message-ID: <20120616220430.GB12243@state-of-mind.de> * Jonathan Ryshpan : > On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > > * Jonathan Ryshpan : > > > I need to import the mail database generated by the evolution mail > > > reader into dovecot. Evolution stores its mail in maildir format (fully > > > standards compatible, I think); I would be using the maildir format in > > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > > do this? > > > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > > fixed in the forseeable future, and I would like to keep my mails in > > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > > mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > Sounds good. > > I'm sure than when you write "mailbox", you mean the folders (and not > the index files) in the evolution mail database, located at Yes, I mean the folders and not the index files > ~/.local/share/evolution/mail/local and whose contents start: > $ ls -lA > ..#evolution.Junk.cmeta .jango.ibex.index.data > ..#evolution.Trash.cmeta .jfour/ > ..cmeta .jfour.cmeta > ..maildir++ .jfour.ibex.index > .Drafts/ .jfour.ibex.index.data > .Drafts.cmeta .joer/ > .Outbox/ .joer.cmeta > .Outbox.cmeta .joyce/ > <...> > and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the > system (via fetchmail and local sendmail). I don't mean $MAIL. > Please excuse me for double checking; evolution has archived 218,886 > messages in 132 folders, and I want to avoid trouble if possible. I am a friend of double checking. :) p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From wojtek at wojtek.tensor.gdynia.pl Sun Jun 17 15:04:22 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sun, 17 Jun 2012 14:04:22 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: >> maildir form. Reviews of kmail are very bad, and thunderbird uses the >> mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. if you want to use any of those hopeless programs just turn message caching in them (folder synchronization off in thunderbird) and login to dovecot, even on localhost. kmail v.3 is barely usable, v4 is good. From bradley.giesbrecht at gmail.com Sun Jun 17 18:19:05 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Sun, 17 Jun 2012 08:19:05 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message Message-ID: Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. I have an "doveadm search" that returns the messages that have the attachments I am after. Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? Or is there a doveadm command for this? Regards, Bradley Giesbrecht (pixilla) From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 17 21:33:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 17 Jun 2012 20:33:38 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <1339802027.5967.31.camel@hurina> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> <1339802027.5967.31.camel@hurina> Message-ID: <20120617183338.GA14271@daniel.localdomain> Timo Sirainen wrote: > On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > .. > > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > > hdr = > > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > > headers = 0x1c37120 > > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > > text = 0x0 > > Hmm. See if the attached patch fixes it? > > diff -r a28c8043842d src/doveadm/doveadm-print.c > --- a/src/doveadm/doveadm-print.c Sat Jun 16 02:03:53 2012 +0300 > +++ b/src/doveadm/doveadm-print.c Sat Jun 16 02:13:03 2012 +0300 The patch seems to fix the problem. Thanks. Regards Daniel -- https://plus.google.com/103021802792276734820 From amateo at um.es Mon Jun 18 09:52:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 08:52:37 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> Message-ID: <4FDED035.1010804@um.es> El 16/06/12 01:22, Timo Sirainen escribi?: > On 13.6.2012, at 20.11, Angel L. Mateo wrote: > >> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends > > The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > >> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 > I don't have any log like this. > "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > >> Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 > > Director adds proxy_refresh, but preserves proxy_timeout. > I can find these logs, but they don't include any proxy_timeout option, all of them are like: Jun 18 08:26:26 myotis41 dovecot: lmtp(640): Debug: auth input: user= proxy host=155.54.211.164 proxy_refresh=450 But I have found, I think, the problem... I had configured 2 user backends: !include auth-master.conf.ext !include auth-ldap.conf.ext The first for master password, and the other, to get users from a ldap directory. In my auth-ldap.conf.ext I changed the ldap driver for passdb to static (I can't check user password in the director for other reasons), so I had: passdb { driver = static args = proxy=y nopassword=y } userdb { driver = prefetch } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } so, although in the dovecot-ldap.conf.ext I have: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host it seems that it isn't used and proxy_timeout it's not defined. So I have changed passdb definition to be: passdb { driver = static args = proxy=y nopassword=y proxy_timeout=120 } and now logs are like: Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 Is this correct? From voytek at sbt.net.au Mon Jun 18 09:54:15 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Mon, 18 Jun 2012 16:54:15 +1000 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing Message-ID: I'm trying to setup a new server on centos 6, from old dovecot 1.x I installed 'dovecot --version 2.1.1' from dovecot rpm I converted conf file as per migration specs, also, copied sql conf across when I try to retrieve email, log has *1: dovecot.conf -m *2 and sql conf *3 follows *1------------------------------- dovecot: master: Dovecot v2.1.1 starting up (core dumps disabled) dovecot: auth-worker(26890): mysql(127.0.0.1): Connected to database zzz dovecot: imap-login: Login: user=, method=PLAIN, rip=111.22.33.5, lip=111.22.33.4, mpid=26892, TLS dovecot: imap(name at tld): Error: user name at tld: Initialization failed: namespace configuration error: inbox=yes namespace missing dovecot: imap(name at tld): Error: Invalid user settings. Refer to server log for more information. *2----------------------------------- # doveconf -n # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_cache_size = 1 k auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:~/Maildir mail_privileged_group = mail mbox_write_locks = fcntl namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } user = root } ssl = required ssl_cert = Hi Timo, thank you very much for your quick reply. I tried that but it is not possible to SELECT such a mailbox. I have in dovecot.conf: --- mail_location=maildir:/data/messages%h namespace private { separator = / prefix = location = maildir:/data/messages%h inbox = yes list = yes } namespace public { separator = / prefix = greetings/ location = maildir:/data/greetings%h inbox = no list = yes hidden = yes } --- Messages are coming in from EXIM separated by a special HEADER into this two folders. For INBOX this works fine but not for greetings, although the maildir files are being created upon delivery. Sample IMAP Session AFTER delivering a greeting-type message: --- 01 OK Logged in. >> 02 list "" "*" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "greetings" * LIST (\HasNoChildren) "/" "greetings/INBOX" 02 OK List completed. >> 03 select "greetings/INBOX" 03 NO Mailbox doesn't exist: INBOX >> 04 select greetings 04 NO Mailbox doesn't exist: greetings --- What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? I am very sorry for having to bother you again, but I don't know what we are doing wrong here. (Dovecot version is 1.1.16) Guido Weiler -----Urspr?ngliche Nachricht----- Von: Timo Sirainen [mailto:tss at iki.fi] Gesendet: Montag, 11. Juni 2012 22:48 An: Guido Weiler Betreff: Re: Dovecot Maildir - How to Seperate mail folders You should be able to do this with namespaces. namespace { prefix = INBOX/VeryImportantMessages/ location = maildir:/very/important/messages hidden = yes } On 8.6.2012, at 18.09, Guido Weiler wrote: > Hello Timo, > > for one of our latest dovecot/IMAP-projects, we need to separate physical locations of some special IMAP folders. > So to make, for example the "INBOX/VeryImportantMessages"-Folder is on a completely different volume or mount point than the mails in INBOX or other user generated imap subfolders. > > Can you tell me if there is any possible way to implement this / change it in dovecots maildir implementation, or maybe it is already planned to do so in further versions of dovecot? > > We have to treat all messages in that one special folder with an extended backup scenario, and I think it would be the best if we can implement to have an additional mail_location parameter in dovecot.conf (e.g. important_mail_location). > > We are somewhat familiar with the dovecot source code since we already implemented plugins and other modifications to dovecot 1.1.16 but any advise or information is very appreciated. > > Kind regards, > > > Guido Weiler From amateo at um.es Mon Jun 18 12:56:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 11:56:56 +0200 Subject: [Dovecot] Sieve and fileinto encoding change? Message-ID: <4FDEFB68.7070807@um.es> Hello, I have changed from debian servers (debian lenny 5) running dovecot 1.1.16 to new ones with ubuntu 12.04 and dovecot 2.1.5 and now I'm having problems with sieve filters storing mails in folders with spanish characters (accents). Myh problem is the one described at http://www.dovecot.org/list/dovecot/2009-October/044061.html and http://dovecot.org/list/dovecot/2009-July/041690.html, that is, in my sieve scripts (generated with horde ingo) folder's names are in utf-7 instead of utf-8. Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... From tss at iki.fi Mon Jun 18 16:49:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:49:58 +0300 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message In-Reply-To: References: Message-ID: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. > > I have an "doveadm search" that returns the messages that have the attachments I am after. > > Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? > > Or is there a doveadm command for this? No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. From tss at iki.fi Mon Jun 18 16:50:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:50:53 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FDED035.1010804@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> Message-ID: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> On 18.6.2012, at 9.52, Angel L. Mateo wrote: > El 16/06/12 01:22, Timo Sirainen escribi?: >> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >> >>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >> >> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >> >>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >> > I don't have any log like this. Then you don't have auth_debug=yes. > Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 > > Is this correct? Yeah. From tss at iki.fi Mon Jun 18 16:51:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:51:42 +0300 Subject: [Dovecot] Sieve and fileinto encoding change? In-Reply-To: <4FDEFB68.7070807@um.es> References: <4FDEFB68.7070807@um.es> Message-ID: <51856467-76F5-4B86-9083-3B5DCB27C46B@iki.fi> On 18.6.2012, at 12.56, Angel L. Mateo wrote: > Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... Because v1.1 worked incorrectly and v2.1 works correctly :) From tss at iki.fi Mon Jun 18 16:53:39 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:53:39 +0300 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: On 18.6.2012, at 12.17, Guido Weiler wrote: > 01 OK Logged in. >>> 02 list "" "*" > * LIST (\HasNoChildren) "/" "INBOX" > * LIST (\Noselect \HasChildren) "/" "greetings" > * LIST (\HasNoChildren) "/" "greetings/INBOX" > 02 OK List completed. >>> 03 select "greetings/INBOX" > 03 NO Mailbox doesn't exist: INBOX >>> 04 select greetings > 04 NO Mailbox doesn't exist: greetings > > --- > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > (Dovecot version is 1.1.16) Fixed in newer versions, upgrade. From tss at iki.fi Mon Jun 18 16:55:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:55:34 +0300 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing In-Reply-To: References: Message-ID: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> On 18.6.2012, at 9.54, Voytek Eymont wrote: > I'm trying to setup a new server on centos 6, from old dovecot 1.x > > I installed 'dovecot --version 2.1.1' from dovecot rpm > I converted conf file as per migration specs, also, copied sql conf across .. > dovecot: imap(name at tld): Error: user name at tld: Initialization failed: > namespace configuration error: inbox=yes namespace missing Easiest fix: remove 15-mailboxes.conf Alternative fix: modify this namespace to actually work. Probably adding inbox=yes inside it is enough to do that. From tss at iki.fi Mon Jun 18 17:06:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:06:33 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: Message-ID: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> On 16.6.2012, at 13.55, Wojciech Puchar wrote: > even search all body "someword" doesn't work. > > while > > search body "someword" > > always work very well. > > what's wrong? Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Anyway, fts-lucene backend works better than fts-squat. From kruk at epsilon.eu.org Mon Jun 18 16:45:56 2012 From: kruk at epsilon.eu.org (Mariusz Kruk) Date: Mon, 18 Jun 2012 15:45:56 +0200 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location Message-ID: <4FDF3114.4070704@epsilon.eu.org> I've just stumbled across a strange thing which seems to be a bug. It happens in 2.0.9 as well as 2.0.11 in which I tested it. dovecot -n output: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) listen = * mail_location = maildir:~/mail mail_plugins = " quota listescape" mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = / type = private } passdb { driver = pam } plugin { quota = maildir:User quota quota_rule = *:storage=1G } protocols = imap ssl_cert = &1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 If I either disable listescape or change namespace separator to dot, the path gets resolved correctly (although it's still wrong behaviour with '.' as separator, just happens to give right result in this case). # strace -e trace=stat doveadm quota recalc -u testimap 2>&1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 And in this case quota info gets updated correctly. I believe this is a bug but maybe I'm missing something about listescape configuration. Regards Mariusz Kruk From tss at iki.fi Mon Jun 18 17:08:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:08:46 +0300 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location In-Reply-To: <4FDF3114.4070704@epsilon.eu.org> References: <4FDF3114.4070704@epsilon.eu.org> Message-ID: On 18.6.2012, at 16.45, Mariusz Kruk wrote: > I've just stumbled across a strange thing which seems to be a bug. > It happens in 2.0.9 as well as 2.0.11 in which I tested it. Listescape has some unfixable problems in v2.0. You've most likely hit one of them. v2.1 had some larger changes and fixes listescape to work perfectly. From amateo at um.es Mon Jun 18 17:47:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 16:47:09 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> Message-ID: <4FDF3F6D.2030903@um.es> El 18/06/12 15:50, Timo Sirainen escribi?: > On 18.6.2012, at 9.52, Angel L. Mateo wrote: > >> El 16/06/12 01:22, Timo Sirainen escribi?: >>> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >>> >>>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >>> >>> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >>> >>>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >>> >> I don't have any log like this. > > Then you don't have auth_debug=yes. > I had this option. Relooking I have found these logs. I didn't see them before because of the format and because they aren't related with lmtp. I have them in the form: Jun 18 12:18:30 myotis41 dovecot: auth: Debug: master out: PASS#01160#011user=#011proxy#011proxy_timeout=150 >> Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 >> >> Is this correct? > > Yeah. Anyway, with the last change (defining the proxy_timeout at the static passdb definition, default 30 seconds timeout hasn't been applied anymore. From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 20:21:48 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 19:21:48 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: i repost my question as it probably wasn't received properly - i did it just after subscribing possibly too early. thanks for answers ---------------------------------------------- just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: >> always work very well. >> >> what's wrong? > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Thanks. so - my post actually got right. sorry for repost! just got this delayed! > > Anyway, fts-lucene backend works better than fts-squat. Better in what respect? less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) From tss at iki.fi Mon Jun 18 20:30:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 20:30:21 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: On 18.6.2012, at 20.23, Wojciech Puchar wrote: >> Anyway, fts-lucene backend works better than fts-squat. > Better in what respect? > > less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) Squat index updates are somewhat slow, especially if the index is large. From dovecot at beardz.net Mon Jun 18 20:35:29 2012 From: dovecot at beardz.net (Jase Thew) Date: Mon, 18 Jun 2012 18:35:29 +0100 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 Message-ID: <4FDF66E1.5050009@beardz.net> Hi, I upgraded from Dovecot v2.0.16 to v2.1.7 over night and I noticed this morning that one of my daily reports which lists summarised mailbox sizes per user has started listing nonsense for vsizes. The reporting script at its core calls : doveadm -f flow mailbox status -A -t 'messages vsize' '*' It appears that Dovecot 2.1.7 is not resetting the vsize after collating the sum total of mailboxes sizes for each user, so that vsize just constantly increases as it iterates over each user. Eg: # doveadm -f flow mailbox status -A -t 'messages vsize' '*' accounts at example.com messages=1 vsize=759 adam at example.com messages=0 vsize=759 amy at example.com messages=24 vsize=51699697 andy at example.com messages=5446 vsize=3220940815 anna at example.com messages=50 vsize=3224035563 careers at example.com messages=1 vsize=3224036311 craig at example.com messages=2471 vsize=4421343199 creative at example.com messages=189 vsize=4426884182 david at example.com messages=8 vsize=4440729729 davidw at example.com messages=0 vsize=4440729729 enquiries at example.com messages=1 vsize=4440730491 gemma at example.com messages=4109 vsize=6349098844 gin at example.com messages=86 vsize=6392599904 holly at example.com messages=2000 vsize=7200342663 ian at example.com messages=0 vsize=7200342663 info at example.com messages=4 vsize=7200558689 jackie at example.com messages=2 vsize=7200721146 jade at example.com messages=137 vsize=7210548548 jake at example.com messages=16667 vsize=15260532446 katie at example.com messages=1 vsize=15260533375 mark at example.com messages=0 vsize=15260533375 mike.a at example.com messages=9 vsize=15261474205 mike.s at example.com messages=296 vsize=15314352543 mike at example.com messages=6357 vsize=20631446344 nick at example.com messages=1184 vsize=21038046728 social at example.com messages=65 vsize=21038935461 will at example.com messages=85 vsize=21057572390 [SNIP] The same occurs with -u '*@example.com' in place of -A, and also for 'all' in place of 'messages vsize'. Is this expected behaviour in 2.1.x compared to 2.0.x, or have I stumbled upon a bug? Regards, Jase Thew. From admin at postia.de Mon Jun 18 20:44:38 2012 From: admin at postia.de (Martin Weil) Date: Mon, 18 Jun 2012 19:44:38 +0200 Subject: [Dovecot] dovecot-sieve and LMT Message-ID: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Dear list, My mail server is working perfectly. So I am trying to add feature after feature, until I have all the features I need. This has worked fine until now. I am trying to get dovecot-sieve to work. So I activated dovecot-lda and the sieve plugin and told postfix to use deliver instead of procmail. After restarting all services I then created a test sieve file. Obviously I have not yet understood the whole process completely because, it simply does not work. I suspect some permission problems or misconfiguration of the sieve file, but I am not sure where to look for solutions. -rw-r--r-- 1 2001 2001 116 2012-06-16 21:25 /var/mail/vmail/domain.com/user/dovecot.sieve dovecot.sieve require "fileinto"; if header :contains ["subject"] ["Test"] { fileinto ".Folder1"; } else { fileinto ".Folder2"; } Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) As far as I can tell there are no errors reported anywhere, I checked mail.log and syslog. 2001 is the virtual uid/gid of this particular user. If anyone can help me with this it would be great. The Mailserver works very well apart from this. There was one odd thing apart from this. In the docs I read that auth-master has to be running for deliver to work correctly. I did not know this before, but mails were delivered correctly after I started using deliver. So is there a need for auth-master to be running or not? Thanks a lot Martin dovecot -n output: # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab091.2 i686 Ubuntu 10.04.4 LTS reiserfs log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps lda ssl: required ssl_cert_file: /home/mweil/CA/cert.pem ssl_key_file: /home/mweil/CA/key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 25 mail_privileged_group: mail mail_uid: 10000 mail_gid: 10000 mail_location: maildir:/var/mail/vmail/%d/%n/mail mbox_write_locks: fcntl dotlock lda: postmaster_address: postmaster at domain.com mail_plugins: sieve mail_plugin_dir: /usr/lib/dovecot/modules/lda auth default: user: nobody passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 432 plugin: sieve: /var/mail/vmail/%d/%u/dovecot.sieve postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix inet_interfaces = all mailbox_command = /usr/lib/dovecot/deliver mailbox_size_limit = 0 message_size_limit = 102400000 mydestination = host.domain.net, localhost, mydomain = domain.com myhostname = host.domain.com mynetworks = 127.0.0.1 myorigin = $mydomain readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_client_restrictions = smtpd_error_sleep_time = 1s smtpd_hard_error_limit = 20 smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated reject_unauth_destination reject_unverified_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_login_maps = pgsql:/etc/postfix/lookup/pgsql_sasl_senders.cf smtpd_sender_restrictions = smtpd_soft_error_limit = 10 smtpd_tls_auth_only = yes smtpd_tls_cert_file = /home/mweil/CA/cert.pem smtpd_tls_key_file = /home/mweil/CA/key.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_alias.cf virtual_gid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_gid.cf virtual_mailbox_base = /var/mail/vmail/ virtual_mailbox_domains = domain.com virtual_mailbox_limit = 0 virtual_mailbox_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_accounts.cf virtual_uid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_uid.cf From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 21:06:02 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 20:06:02 +0200 (CEST) Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: thank you very much for help! On Mon, 18 Jun 2012, Timo Sirainen wrote: > On 18.6.2012, at 20.23, Wojciech Puchar wrote: > >>> Anyway, fts-lucene backend works better than fts-squat. >> Better in what respect? >> >> less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) > > Squat index updates are somewhat slow, especially if the index is large. > > > From ms at mur.at Tue Jun 19 01:41:16 2012 From: ms at mur.at (Martin Schitter) Date: Tue, 19 Jun 2012 00:41:16 +0200 Subject: [Dovecot] pop3c_master_user Message-ID: <4FDFAE8C.9000208@mur.at> the configuration keyword "pop3c_master_user" mentioned in the dsync migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does not work for dovecot 2.1.7. a config line like: "pop3c_master_user = cyrus" will produce this error: doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line 33: Unknown setting: pop3c_master_user it's not defined in: src/lib-storage/index/pop3c/pop3c-settings.* is this feature not enabled with intention? btw. another question: will 'doveadm backup' mirror all the IMAP ACL information? thanks martin From alec at alec.pl Tue Jun 19 10:51:56 2012 From: alec at alec.pl (A.L.E.C) Date: Tue, 19 Jun 2012 09:51:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Message-ID: <4FE02F9C.5070208@alec.pl> On 06/18/2012 07:44 PM, Martin Weil wrote: > require "fileinto"; > if header :contains ["subject"] ["Test"] { > fileinto ".Folder1"; > } else { > fileinto ".Folder2"; > } > > Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) Don't add a dot on the beggining of the folder name in sieve scripts. Use fileinto :create "folder" or lda_mailbox_autocreate option to create non-existing folders. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From admin at postia.de Tue Jun 19 11:17:26 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 10:17:26 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE02F9C.5070208@alec.pl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> Message-ID: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Hi. Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. if header :contains ["subject"] ["Test"] { fileinto :create "Folder1"; } else { fileinto :create "Folder2"; } The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Thanks Martin Am 19.06.2012 um 09:51 schrieb A.L.E.C: > On 06/18/2012 07:44 PM, Martin Weil wrote: >> require "fileinto"; >> if header :contains ["subject"] ["Test"] { >> fileinto ".Folder1"; >> } else { >> fileinto ".Folder2"; >> } >> >> Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) > > Don't add a dot on the beggining of the folder name in sieve scripts. > Use fileinto :create "folder" or lda_mailbox_autocreate option to create > non-existing folders. > > -- > Aleksander 'A.L.E.C' Machniak > LAN Management System Developer [http://lms.org.pl] > Roundcube Webmail Developer [http://roundcube.net] > --------------------------------------------------- > PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From stephan at rename-it.nl Tue Jun 19 11:29:23 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 10:29:23 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Message-ID: <4FE03863.6030403@rename-it.nl> Op 6/19/2012 10:17 AM, Martin Weil schreef: > Hi. > > Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. > > if header :contains ["subject"] ["Test"] { > fileinto :create "Folder1"; > } else { > fileinto :create "Folder2"; > } > > The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting Regards, Stephan. From admin at postia.de Tue Jun 19 12:20:21 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 11:20:21 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE03863.6030403@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> Message-ID: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Am 19.06.2012 um 10:29 schrieb Stephan Bosch: > Op 6/19/2012 10:17 AM, Martin Weil schreef: >> Hi. >> >> Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. >> >> if header :contains ["subject"] ["Test"] { >> fileinto :create "Folder1"; >> } else { >> fileinto :create "Folder2"; >> } >> >> The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. > > Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting > > Regards, > > Stephan. Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. But I am afraid sieve is still not working. Mails are still delivered to INBOX. Martin From stephan at rename-it.nl Tue Jun 19 13:44:56 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 12:44:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Message-ID: <4FE05828.6020104@rename-it.nl> Op 6/19/2012 11:20 AM, Martin Weil schreef: > > Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. > > After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. > > But I am afraid sieve is still not working. Mails are still delivered to INBOX. Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. Regards, Stephan. From admin at postia.de Tue Jun 19 16:13:51 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 15:13:51 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE05828.6020104@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > Op 6/19/2012 11:20 AM, Martin Weil schreef: >> >> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >> >> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >> >> But I am afraid sieve is still not working. Mails are still delivered to INBOX. > > Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. > > Regards, > > Stephan. Thanks a lot for this tip. It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. Thanks a lot again. Martin From ef at math.uni-bonn.de Tue Jun 19 16:14:14 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Tue, 19 Jun 2012 15:14:14 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location Message-ID: <20120619131413.GN48358@trav.math.uni-bonn.de> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? I have mail_location = maildir:/import/mail/%n/:INDEX=/var/db/dovecot/indexes/%n and, in the plugin section, home = /import/mail/%n/home sieve = /import/mail/%n/dovecot.sieve sieve_dir = /import/mail/%n/sieve I would like to partially move users to another location (different file server) by using an LDAP entry. I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. The VirtualUsers/Home Wiki enty contains an example for relative paths user_attrs = .., mailDirectory=home=/var/vmail/%$ which I do not understand. From stephan at rename-it.nl Tue Jun 19 16:36:59 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 15:36:59 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: <4FE0807B.9070504@rename-it.nl> Op 6/19/2012 3:13 PM, Martin Weil schreef: > Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > >> Op 6/19/2012 11:20 AM, Martin Weil schreef: >>> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >>> >>> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >>> >>> But I am afraid sieve is still not working. Mails are still delivered to INBOX. >> Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. >> >> Regards, >> >> Stephan. > > Thanks a lot for this tip. > It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. The :create tag doesn't work unless the mailbox extension is active; you need to add the following to the top of your Sieve script to use it: require "mailbox"; Regards, Stephan. From bradley.giesbrecht at gmail.com Tue Jun 19 16:51:06 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Tue, 19 Jun 2012 06:51:06 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message [SOLVED] In-Reply-To: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> References: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> Message-ID: On Jun 18, 2012, at 6:49 AM, Timo Sirainen wrote: > On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > >> Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. >> >> I have an "doveadm search" that returns the messages that have the attachments I am after. >> >> Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? >> >> Or is there a doveadm command for this? > > No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. I used an imap client to create an imap folder named "unpack" , searched for the messages I needed and then moved them into the unpack folder. I then used munpack to unpack the messages from the unpack folder to a local disk directory. http://ftp.andrew.cmu.edu/pub/mpack/ Regards, Bradley Giesbrecht (pixilla) From dovecot at bestewogibt.de Tue Jun 19 20:12:40 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 19:12:40 +0200 Subject: [Dovecot] Trouble with Trash Message-ID: <4FE0B308.4040102@bestewogibt.de> Hi guys and girls, Version: 2.0.19 - running on Ubuntu 12.04 LTS Server dovecot -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.3.1 x86_64 Ubuntu 12.04 LTS mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = was automatically rejected:%n%r } My problem is, that actually old mails in the Thrash-Folder are deleted. This is crap, because I want to look at some mails again. I'm not sure if my Thunderbird does it or Dovecot. I don't think, TB does it, there's actually no option, I think. Any ideas? P.S.: Sorry for the bad english. -- "If you haven?t found it yet, keep looking. Don?t settle." Dominic Pratt Fachinformatiker Systemintegration Handy: +49 173 8371427 From delrio at mie.utoronto.ca Tue Jun 19 20:54:47 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Tue, 19 Jun 2012 13:54:47 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0B308.4040102@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> Message-ID: <4FE0BCE7.6060809@mie.utoronto.ca> On 06/19/12 01:12 PM, Dominic Pratt wrote: > > My problem is, that actually old mails in the Thrash-Folder are > deleted. This is crap, because I want to look at some mails again. I'm > not sure if my Thunderbird does it or Dovecot. I don't think, TB does > it, there's actually no option, I think. > Thunderbird - Accounts - Server settings - Empty Trash on Exit From dovecot at bestewogibt.de Tue Jun 19 21:15:59 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 20:15:59 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0BCE7.6060809@mie.utoronto.ca> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> Message-ID: <4FE0C1DF.1060900@bestewogibt.de> As already said... I don't think it's TB: http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Thanks anyway. Am 19.06.2012 19:54, schrieb Oscar del Rio: > Thunderbird - Accounts - Server settings - Empty Trash on Exit From tss at iki.fi Wed Jun 20 02:36:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 02:36:14 +0300 Subject: [Dovecot] message parser: Fixed infinite loop when parsing a specific message. Message-ID: <1340148974.5967.52.camel@hurina> I committed this change to all hg branches: http://hg.dovecot.org/dovecot-2.1/rev/4461b48fcc1f After that I realized that it doesn't actually matter, because it fixes only a situation where input buffer's size is less than 84 bytes. This happened on a test program where I was using a 64 byte buffer, but the real code in Dovecot always uses much larger buffers. So, don't worry, there's no way to actually DOS Dovecot with this. No need for distro people to create any security releases. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 20 03:32:07 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 20 Jun 2012 02:32:07 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0C1DF.1060900@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: Dominic Pratt schrieb: >As already said... I don't think it's TB: >http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Hi Dominic, since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. Thunderbird might expire the mails in your Trash mailbox if they exceed a specified age or a specified message count. Please check your system date and the retention times of mails in your trash mailbox. Right click on the folder. Regards Daniel From a.kostyrev at serverc.ru Wed Jun 20 05:03:17 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 13:03:17 +1100 Subject: [Dovecot] director map and mysql Message-ID: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> hello! Is "doveadm director map" command suppose to work when I store "host" value in mysql table? It gives me nothing in output with no errors in log. I've successfully setup directors with static passdb, and decided to give a try setup with storing host value in mysql table. The proxying is actually working, I'm just unhappy with no output from "doveadm director map". on the other hand output from "doveadm director map" is not empty, when I configure my password_query not to return host from table. director's settings in dovecot.sql is: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } director_servers = 192.168.5.125 director_mail_servers = 192.168.5.110 192.168.5.111 service doveadm { inet_listener { port = 24245 } } protocol doveadm { auth_socket_path = director-userdb } doveadm_proxy_port = 24245 in /etc/dovecot/dovecot-sql.conf at director there's password_query = SELECT \ NULL AS password,\ 'Y' as nopassword, \ 'Y' AS proxy, \ MBOX_NAME as user, \ host2 as host \ from M_MAILBOX \ where MBOX_NAME = '%u' user_query = SELECT \ MBOX_NAME AS username, \ MAIL_DIRECTORY as home \ from M_MAILBOX \ where MBOX_NAME = '%u'; iterate_query = select MBOX_NAME AS username from M_MAILBOX; backend's conf: service doveadm { inet_listener { port = 24245 } } From tss at iki.fi Wed Jun 20 05:22:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 05:22:25 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From claude at phyto.qc.ca Wed Jun 20 05:28:39 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Tue, 19 Jun 2012 22:28:39 -0400 Subject: [Dovecot] troncated email Message-ID: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Hi, I'm on fc16 with dovecot and Claws Mail version 3.8.0 All email in INBOX are troncated as they arrive. I only get the title, from and date but no more core message could someone guide me so I find a solution for my problem. cannot lose my email Regards, Claude From a.kostyrev at serverc.ru Wed Jun 20 06:40:42 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 14:40:42 +1100 Subject: [Dovecot] director map and mysql In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> thanks! but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? I planned to setup two dovecot storage servers where all mailboxes are mirrored between these two servers with dsync replication like described in http://www.dovecot.org/list/dovecot/2012-March/064243.html but I don't want this user to be redirected to two these servers in round-robin fashion. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: Wednesday, June 20, 2012 1:22 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director map and mysql On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From jesper at dahlnyerup.dk Wed Jun 20 09:35:05 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Wed, 20 Jun 2012 08:35:05 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <20120620063504.GA2187@jespernyerup.dk> On Jun 11 23:37, Jesper Dahl Nyerup wrote: > We're still chasing the root cause in the kernel or the VServer patch > set. We'll of course make sure to post our findings here, and I'd very > much appreciate to hear about other people's progress. We still haven't found a solution, but here's what we've got thus far: - The issue is not VServer specific. We're able to reproduce it on recent vanilla kernels. - The issue has a strong correlation with the number of processor cores in the machine. The behavior is impossible to provoke on a dual core workstation, but is very widespread on 16 or 24 core machines. One of my colleagues has written a snippet of code that reproduces and exposes the problem, and we've sent this to the Inotify maintainers and the kernel mailing list, hoping that someone more familiar with the code will be quicker to figure out what is broken. If anyone's interested - either in following the issue or the code snippet that reproduces it - here's the post: http://thread.gmane.org/gmane.linux.kernel/1315430 As this is clearly a kernel issue, we're going to try to keep the discussion there, and I'll probably not follow up here, until the issue has been resolved. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From klimenko.n at theitidea.ru Wed Jun 20 10:24:47 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Wed, 20 Jun 2012 11:24:47 +0400 Subject: [Dovecot] sieve and namespace Message-ID: <4FE17ABF.5010303@theitidea.ru> HI I'm tryin to set up sieve the way so it will put incoming message into Junk folder, which is described via namespace. Unfortunately rule doesn't work and message is put into Inbox. If i change destination folder to folder not described via namespace in the same rule the message is placed to that folder. please help dovecot 1.2.9 namespace: type: private prefix: Junk/ location: maildir:/opt/mail/Junk/INBOX:LAYOUT=fs hidden: yes list: yes subscriptions: yes From bind at enas.net Wed Jun 20 12:36:33 2012 From: bind at enas.net (Urban Loesch) Date: Wed, 20 Jun 2012 11:36:33 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120620063504.GA2187@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> <20120620063504.GA2187@jespernyerup.dk> Message-ID: <4FE199A1.9090301@enas.net> Hi, yesterday I disabled the inotify as mentioned in the previous post and it works for me also. Thanks to all for the hint. On 20.06.2012 08:35, Jesper Dahl Nyerup wrote: > On Jun 11 23:37, Jesper Dahl Nyerup wrote: >> We're still chasing the root cause in the kernel or the VServer patch >> set. We'll of course make sure to post our findings here, and I'd very >> much appreciate to hear about other people's progress. > > We still haven't found a solution, but here's what we've got thus far: > > - The issue is not VServer specific. We're able to reproduce it on > recent vanilla kernels. > > - The issue has a strong correlation with the number of processor cores > in the machine. The behavior is impossible to provoke on a dual core > workstation, but is very widespread on 16 or 24 core machines. For the records: I have the problem on 2 different machines with different CPU's - PE2950 with 2x Intel Xeon X5450 3.00Ghz (8) CPU's (problem happens not so often as with PER610) - PER610 with 2x Intel Xeon X5650 2.67GHz (24) CPU's > > One of my colleagues has written a snippet of code that reproduces and > exposes the problem, and we've sent this to the Inotify maintainers and > the kernel mailing list, hoping that someone more familiar with the code > will be quicker to figure out what is broken. > > If anyone's interested - either in following the issue or the code > snippet that reproduces it - here's the post: > http://thread.gmane.org/gmane.linux.kernel/1315430 As you described on the kernel maillinglist, I can confirm. The higher the number of cpu's, the worse it gets. > > As this is clearly a kernel issue, we're going to try to keep the > discussion there, and I'll probably not follow up here, until the issue > has been resolved. > > Jesper. Thanks Urban From CMarcus at Media-Brokers.com Wed Jun 20 12:36:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 05:36:56 -0400 Subject: [Dovecot] troncated email In-Reply-To: <20120619222839.0c083529@oligoextra.phyto.qc.ca> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Message-ID: <4FE199B8.5060304@Media-Brokers.com> On 2012-06-19 10:28 PM, Claude G?linas wrote: > I'm on fc16 with dovecot and Claws Mail version 3.8.0 We are much more interested in the dovecot version (and configuration - dovecot -n output is helpful there) than the version of Claws Mail. > All email in INBOX are troncated as they arrive. I only get the title, > from and date but no more core message > > could someone guide me so I find a solution for my problem. cannot lose > my email Since most of our Crystal Balls are broken, you will likely have to be much more precise in your request for help, by providing actual excerpts from logs while accessing mail, and you may even have to resort to enabling debugging... Start here: http://wiki2.dovecot.org/WhyDoesItNotWork Otherwise, you may get more help from a Fedora support list. -- Best regards, Charles From kayasaman at gmail.com Wed Jun 20 12:38:59 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Wed, 20 Jun 2012 10:38:59 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: Hi, I'm trying to setup Dovecot with MS AD and am using this as my guide: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm I can definitely access information on the AD server using wbinfo -g and wbinfo -u..... Currently my dovecot.conf file looks like this: # v1.1: #auth_ntlm_use_winbind = yes # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # If you're using POP3, you'll need this: #pop3_uidl_format = %g # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static allow_all_users=yes } According to the documentation I should be using: userdb static { ... } which seems to be Dovecot v1. config, and additionally the "allow_all_users=yes" statement when added seems again v1. config since Dovecot 2. won't even start? In the meantime when not using "allow_all_users" Dovecot throws up these errors: Jun 20 11:30:40 master: Warning: Killed with signal 15 (by pid=4149 uid=0 code=kill) Jun 20 11:30:48 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:30:48 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:30:59 master: Warning: Killed with signal 15 (by pid=4182 uid=0 code=kill) Jun 20 11:31:13 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:31:13 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:32:38 master: Warning: Killed with signal 15 (by pid=4245 uid=0 code=kill) Jun 20 11:32:58 imap-login: Warning: Auth connection closed with 1 pending requests (max 0 secs, pid=4265, EOF) Jun 20 11:32:58 auth: Fatal: master: service(auth): child 4266 killed with signal 11 (core not dumped - set service auth { drop_priv_before_exec=yes }) -- this was after adding: passdb { driver = static } to the mix. I'm using Dovecot 2.1.3 on FreeBSD 8.2 RELEASE x64. Can anyone help me configuring Dovecot to authenticate? Regards, Kaya From amateo at um.es Wed Jun 20 12:40:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:40:19 +0200 Subject: [Dovecot] dovecot 2.1.5 performance Message-ID: <4FE19A83.8080407@um.es> Hello, I'm migrating from 1.1.16 running in 4 debian lenny servers virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with VMWare, but I'm having lots a performance problems. I don't think that virtualization platform could be the problem, because the new servers running in xenserver has the same problems than running in vmware. I have about 70000 user accounts, most of them without real activity (they are students who doesn't read his email or have its account redirected to other provider). I have about 700-1000 concurrent imap connections. I have storage in nfs (nfsv3, the nfs server is a celerra), but indexes are in local filesystems (each server has its own index fs). Mailboxes are in maildir format. Old servers and actual director servers are load balanced with an radware appdirector load balancer (the new backend servers don't need to be balanced because I'm using a director farm) In the old platform I have scenario number 2 described at http://wiki2.dovecot.org/NFS, but in the new ones I have a director proxy directing all connections from each user to the same server (I don't specify any server for the user, director selects it according to the hash algorithm it has). Some doubts I have for the recommended in that url: * mmap_disable: both single and multi server configurations have mmap_disable=yes but in index file section says that you need it if you have your index files stored in nfs. I have it stored locally. Do I need mmap_disable=yes? What it's the best? * dotlock_use_excl: it is set to no in both configurations, but the comment says that it is needed only in nfsv2. Since I have nfs3, I have it set it to yes. * mail_nfs_storage: In single server is set to no, but in multi server it set to yes. Since I have a director in front of my backend server, what is the recommended? With this configuration, when I have a few connections (about 300-400 imap connections) everything is working fine, but when I disconnect the old servers and direct all my users' connections to the new servers I have lot of errors. server loads increments to over 300 points, with a very high io wait. With atop, I could see that of my 6 cores, I have one with almost 100% waiting for i/o and the other with almost 100% idle, but load of the server is very, very high. With the old servers, I have performance problems, access to mail is slow, but it works. But with the new ones it doesn't work at all. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Wed Jun 20 12:46:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:46:09 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <4FE19BE1.6070702@um.es> On 20/06/12 11:40, Angel L. Mateo wrote: > Hello, > > I'm migrating from 1.1.16 running in 4 debian lenny servers > virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in > 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with > VMWare, but I'm having lots a performance problems. I don't think that > virtualization platform could be the problem, because the new servers > running in xenserver has the same problems than running in vmware. > > I have about 70000 user accounts, most of them without real > activity (they are students who doesn't read his email or have its > account redirected to other provider). I have about 700-1000 concurrent > imap connections. > > I have storage in nfs (nfsv3, the nfs server is a celerra), but > indexes are in local filesystems (each server has its own index fs). > Mailboxes are in maildir format. > > Old servers and actual director servers are load balanced with an > radware appdirector load balancer (the new backend servers don't need to > be balanced because I'm using a director farm) > > In the old platform I have scenario number 2 described at > http://wiki2.dovecot.org/NFS, but in the new ones I have a director > proxy directing all connections from each user to the same server (I > don't specify any server for the user, director selects it according to > the hash algorithm it has). > > Some doubts I have for the recommended in that url: > > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? > > With this configuration, when I have a few connections (about > 300-400 imap connections) everything is working fine, but when I > disconnect the old servers and direct all my users' connections to the > new servers I have lot of errors. server loads increments to over 300 > points, with a very high io wait. With atop, I could see that of my 6 > cores, I have one with almost 100% waiting for i/o and the other with > almost 100% idle, but load of the server is very, very high. > > With the old servers, I have performance problems, access to mail > is slow, but it works. But with the new ones it doesn't work at all. > > Any idea? > I forgot attaching my doveconf. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_verbose = yes default_process_limit = 1000 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_debug = yes mail_fsync = always mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_nfs_storage = yes mail_privileged_group = mail maildir_stat_dirs = yes mdbox_rotate_size = 20 M passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes dovecot driver = pam } plugin { lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = References: <4FE19A83.8080407@um.es> <4FE19BE1.6070702@um.es> Message-ID: <4FE19EAD.4050400@ehu.es> El 20/06/12 11:46, Angel L. Mateo escribi?: > On 20/06/12 11:40, Angel L. Mateo wrote: >> Hello, >> >> I'm migrating from 1.1.16 running in 4 debian lenny servers >> virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in >> 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with >> VMWare, but I'm having lots a performance problems. I don't think that >> virtualization platform could be the problem, because the new servers >> running in xenserver has the same problems than running in vmware. >> >> I have about 70000 user accounts, most of them without real >> activity (they are students who doesn't read his email or have its >> account redirected to other provider). I have about 700-1000 concurrent >> imap connections. >> >> I have storage in nfs (nfsv3, the nfs server is a celerra), but >> indexes are in local filesystems (each server has its own index fs). >> Mailboxes are in maildir format. >> >> Old servers and actual director servers are load balanced with an >> radware appdirector load balancer (the new backend servers don't need to >> be balanced because I'm using a director farm) >> >> In the old platform I have scenario number 2 described at >> http://wiki2.dovecot.org/NFS, but in the new ones I have a director >> proxy directing all connections from each user to the same server (I >> don't specify any server for the user, director selects it according to >> the hash algorithm it has). >> >> Some doubts I have for the recommended in that url: >> >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? >> As I see it, director ensures that only 1 server is accesing any given file, so you don't need any special conf (so mmap_disable=no & mail_nfs_storage=no) From tss at iki.fi Wed Jun 20 13:05:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 13:05:32 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <1340186732.5967.71.camel@hurina> On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? mmap_disable is used only for index files, so with local indexes use "no". (If indexes were on NFS, "no" would probably still work but I'm not sure if the performance would be better or worse. Errors would also trigger SIGBUS crashes.) > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. "yes" is ok. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? With director you can set this to "no". > With this configuration, when I have a few connections (about 300-400 > imap connections) everything is working fine, but when I disconnect the > old servers and direct all my users' connections to the new servers I > have lot of errors. Real errors that show up in Dovecot logs? What kind of errors? > server loads increments to over 300 points, with a > very high io wait. With atop, I could see that of my 6 cores, I have one > with almost 100% waiting for i/o and the other with almost 100% idle, > but load of the server is very, very high. Does the server's disk IO usage actually go a lot higher, or is it simply waiting without doing much of anything? I wonder if this is related to the inotify problems: http://dovecot.org/list/dovecot/2012-June/066474.html Another thought: Since indexes are stored locally, is it possible that the extra load comes simply from building the indexes on the new servers, while they already exist on the old ones? > mail_fsync = always v1.1 did the equivalent of mail_fsync=optimized. You could see if that makes a difference. > maildir_stat_dirs = yes Do you actually need this? It causes unnecessary disk IO and probably not needed in your case. > default_process_limit = 1000 Since you haven't enabled high-performance mode for imap-login processes and haven't otherwise changed the service imap-login settings, this means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. From amateo at um.es Wed Jun 20 13:49:24 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 12:49:24 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE1AAB4.9030404@um.es> On 20/06/12 12:05, Timo Sirainen wrote: > On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? > > mmap_disable is used only for index files, so with local indexes use > "no". (If indexes were on NFS, "no" would probably still work but I'm > not sure if the performance would be better or worse. Errors would also > trigger SIGBUS crashes.) > >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. > > "yes" is ok. > >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? > > With director you can set this to "no". > Ok, I'm going to change it. >> With this configuration, when I have a few connections (about 300-400 >> imap connections) everything is working fine, but when I disconnect the >> old servers and direct all my users' connections to the new servers I >> have lot of errors. > > Real errors that show up in Dovecot logs? What kind of errors? > Lot of errors like: Jun 20 12:42:37 myotis31 dovecot: imap(vlo): Warning: Maildir /home/otros/44/016744/Maildir/.INBOX.PRUEBAS: Synchronization took 278 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts) Jun 20 12:42:38 myotis31 dovecot: imap(vlo): Warning: Transaction log file /var/indexes/vlo/.INBOX.PRUEBAS/dovecot.index.log was locked for 279 seconds and in the relay server, lots of timeout errors delivering to lmtp: un 20 12:38:29 xenon14 postfix/lmtp[12004]: D48D55D4F7: to=, relay=pop.um.es[155.54.212.106]:24, delay=150, delays=0.09/0/0/150, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) >> server loads increments to over 300 points, with a >> very high io wait. With atop, I could see that of my 6 cores, I have one >> with almost 100% waiting for i/o and the other with almost 100% idle, >> but load of the server is very, very high. > > Does the server's disk IO usage actually go a lot higher, or is it > simply waiting without doing much of anything? I wonder if this is > related to the inotify problems: > http://dovecot.org/list/dovecot/2012-June/066474.html > Now we have rollbacked to the old servers, so I don't know. Next time we try, I'll check this. > Another thought: Since indexes are stored locally, is it possible that > the extra load comes simply from building the indexes on the new > servers, while they already exist on the old ones? > I don't think so, because: * In the old servers, we have no "director like" mechanism. One IP is always directed to the same server (during a session timeout, today could be one server and tomorrow another different), but mail is delivered randomly through one of the server. * Since last week (when we started migration) all mail is delivered into the mailboxes by the new servers, passing through director. So new server's indexes should be updated. >> mail_fsync = always > > v1.1 did the equivalent of mail_fsync=optimized. You could see if that > makes a difference. > I'll try this. >> maildir_stat_dirs = yes > > Do you actually need this? It causes unnecessary disk IO and probably > not needed in your case. > My fault. I understood the explanation completely wrong. I thought that yes should do what actually does no. I have fixed it. >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > I know it. I have to tune it. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From wojtek at wojtek.tensor.gdynia.pl Wed Jun 20 14:30:35 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 20 Jun 2012 13:30:35 +0200 (CEST) Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE1AAB4.9030404@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE1AAB4.9030404@um.es> Message-ID: >> > I know it. I have to tune it. > > -- he did not only changed Dovecot but OS. I would bet it is his OS problem - as he stated 100% of single core is used while 6 are available. something definitely not dovecot dependent. i would recommend installing exactly the same version of old dovecot on new OS and test it. From delrio at mie.utoronto.ca Wed Jun 20 16:45:06 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 20 Jun 2012 09:45:06 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: <4FE1D3E2.9010205@mie.utoronto.ca> On 06/19/12 08:32 PM, Daniel Parthey wrote: > Dominic Pratt schrieb: > >> As already said... I don't think it's TB: >> http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg > since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. The only other way I can think of that Dovecot could delete messages would be if there is a "doveadm expunge" cron job running on the server. From weiler.guido at bergersysteme.com Wed Jun 20 17:06:25 2012 From: weiler.guido at bergersysteme.com (Guido Weiler) Date: Wed, 20 Jun 2012 14:06:25 +0000 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: > Date: Mon, 18 Jun 2012 16:53:39 +0300 > From: Timo Sirainen > To: Dovecot Mailing List > Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders > Message-ID: > Content-Type: text/plain; charset=us-ascii > > On 18.6.2012, at 12.17, Guido Weiler wrote: > > > 01 OK Logged in. > >>> 02 list "" "*" > > * LIST (\HasNoChildren) "/" "INBOX" > > * LIST (\Noselect \HasChildren) "/" "greetings" > > * LIST (\HasNoChildren) "/" "greetings/INBOX" > > 02 OK List completed. > >>> 03 select "greetings/INBOX" > > 03 NO Mailbox doesn't exist: INBOX > >>> 04 select greetings > > 04 NO Mailbox doesn't exist: greetings > > > > --- > > > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there > isn't a mailbox with this name? > > > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > > (Dovecot version is 1.1.16) > > Fixed in newer versions, upgrade. > ------------------------------ Thank you. Can you tell me if this bug belongs to the LIST command only? Or is it generally impossible to SELECT such mailboxes with this version? Best Regards, Guido Weiler From CMarcus at Media-Brokers.com Wed Jun 20 17:19:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 10:19:56 -0400 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: <4FE1DC0C.7070008@Media-Brokers.com> Guido, when Timo says its time to upgrade, upgrade. On 2012-06-20 10:06 AM, Guido Weiler wrote: >> Date: Mon, 18 Jun 2012 16:53:39 +0300 >> From: Timo Sirainen >> To: Dovecot Mailing List >> Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders >> Message-ID: >> Content-Type: text/plain; charset=us-ascii >> >> On 18.6.2012, at 12.17, Guido Weiler wrote: >> >>> 01 OK Logged in. >>>>> 02 list "" "*" >>> * LIST (\HasNoChildren) "/" "INBOX" >>> * LIST (\Noselect \HasChildren) "/" "greetings" >>> * LIST (\HasNoChildren) "/" "greetings/INBOX" >>> 02 OK List completed. >>>>> 03 select "greetings/INBOX" >>> 03 NO Mailbox doesn't exist: INBOX >>>>> 04 select greetings >>> 04 NO Mailbox doesn't exist: greetings >>> >>> --- >>> >>> What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there> isn't a mailbox with this name? >>> >>> I am very sorry for having to bother you again, but I don't know what we are doing wrong here. >>> (Dovecot version is 1.1.16) >> >> Fixed in newer versions, upgrade. >> > ------------------------------ > > Thank you. Can you tell me if this bug belongs to the LIST command only? > Or is it generally impossible to SELECT such mailboxes with this version? > > Best Regards, > > Guido Weiler -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From rventura at h-st.com Wed Jun 20 18:50:43 2012 From: rventura at h-st.com (Romer Ventura) Date: Wed, 20 Jun 2012 10:50:43 -0500 Subject: [Dovecot] GlusterFS + Dovecot Message-ID: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From tss at iki.fi Wed Jun 20 19:04:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 19:04:02 +0300 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: On 20.6.2012, at 18.50, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? I've heard Dovecot complains about index corruption once in a while with glusterfs, even when not in multi-master mode. I wouldn't use it without some heavy stress testing first (with imaptest tool). From acrow at integrafin.co.uk Wed Jun 20 19:39:55 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Wed, 20 Jun 2012 17:39:55 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? Message-ID: <4FE1FCDB.6080503@integrafin.co.uk> Hi, I'm trying to access the IMAP archives with Thunderbird but can't seem to get it to work. I have tried an unencrypted connection, SSL and TLS but with no success. Any ideas? Thanks Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From masch at masch.it Wed Jun 20 20:07:44 2012 From: masch at masch.it (Mark Schmale) Date: Wed, 20 Jun 2012 19:07:44 +0200 Subject: [Dovecot] Problem with Dovecot 2.0/2.1 and MySQL 5.1 Message-ID: <20120620190744.4f01672f@mark_laptop> Hi everyone, since some time I got problems with dovecot & mysql. I got the problem with version 2.0.x and upgraded to 2.1.7 to check if its gone. But its not :( The logs just tell me this: dovecot: auth: Error: auth worker: Aborted request: Worker process died unexpectedly If I change to a sqlite setup, everything works fine. Here are some informations. I hope someone can tell me whats wrong with my system/setup. I really dont think that this is a bug because someone else should have hit that before me. doveconf - n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.2-hardened-r1 x86_64 Gentoo Base System release 2.1 auth_verbose = yes mail_location = maildir:~/%d/mail/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail user = vmail } } ssl_cert = module = passdb_result = PASSDB_RESULT_INTERNAL_FAILURE password = 0x0 scheme = ret = __FUNCTION__ = "sql_query_callback" #2 0x00007fb891c3c940 in driver_sqlpool_query_callback (result=0x7fb891e82f60, request=0x7fb891e82e50) at driver-sqlpool.c:635 db = 0x7fb891e66540 conn = 0x0 conndb = 0x7fb891e66910 #3 0x00007fb891c3dbe0 in driver_mysql_query (db=, query=, callback=0x7fb891c3c8c0 , context=0x7fb891e82e50) at driver-mysql.c:296 result = 0x7fb891e82f60 #4 0x00007fb891c3cc41 in driver_sqlpool_query (_db=0x7fb891e66540, query=0x7fb891e561c8 "SELECT CONCAT( u.username, '@', d.name ) AS user, password FROM mail_user AS u LEFT JOIN mail_domains AS d ON u.domain = d.id WHERE u.username = 'masch' AND d.name = 'masch.it'", callback=0x7fb891c31960 , context=0x7fb891e82c08) at driver-sqlpool.c:657 db = 0x7fb891e66540 request = 0x7fb891e82e50 conn = 0x7fb891e667c0 #5 0x00007fb891c23b49 in auth_worker_handle_passv (args=0x7fb891e560b8, id=1, client=) at auth-worker-client.c:200 auth_request = 0x7fb891e82a80 passdb = password = 0x7fb891e55ff2 "somepassword" passdb_id = 1 #6 auth_worker_handle_line (line=, client=) at auth-worker-client.c:559 args = out>0x7fb891e560a8 id = 1 ret = false #7 auth_worker_input (client=0x7fb891e80650) at auth-worker-client.c:647 _data_stack_cur_id = 3 line = ret = true #8 0x00007fb89179f4b6 in io_loop_call_io (io=0x7fb891e80970) at ioloop.c:379 ioloop = 0x7fb891e5e390 t_id = 2 #9 0x00007fb8917a043f in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7fb891e69100 events = event = 0x7fb891e69170 list = 0x7fb891e809c0 io = tv = {tv_sec = 59, tv_usec = 999508} msecs = ret = 1 i = j = call = #10 0x00007fb89179ed50 in io_loop_run (ioloop=0x7fb891e5e390) at ioloop.c:398 No locals. #11 0x00007fb891786a87 in master_service_run (service=0x7fb891e5e240, callback=) at master-service.c:544 No locals. #12 0x00007fb891c289a3 in main (argc=2, argv=0x7fb891e5e080) at main.c:373 c = best regards, Mark Schmale From claude at phyto.qc.ca Thu Jun 21 02:49:16 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Wed, 20 Jun 2012 19:49:16 -0400 Subject: [Dovecot] troncated email In-Reply-To: <4FE199B8.5060304@Media-Brokers.com> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> <4FE199B8.5060304@Media-Brokers.com> Message-ID: <20120620194916.44c68160@oligoextra.phyto.qc.ca> Le Wed, 20 Jun 2012 05:36:56 -0400, Charles Marcus a ?crit : > On 2012-06-19 10:28 PM, Claude G?linas wrote: > > I'm on fc16 with dovecot and Claws Mail version 3.8.0 > > We are much more interested in the dovecot version (and configuration > - dovecot -n output is helpful there) than the version of Claws Mail. > > > All email in INBOX are troncated as they arrive. I only get the > > title, from and date but no more core message > > > > could someone guide me so I find a solution for my problem. cannot > > lose my email > > Since most of our Crystal Balls are broken, you will likely have to > be much more precise in your request for help, by providing actual > excerpts from logs while accessing mail, and you may even have to > resort to enabling debugging... > > Start here: http://wiki2.dovecot.org/WhyDoesItNotWork > > Otherwise, you may get more help from a Fedora support list. > here is the dovecot -n # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.2.7-1.fc16.x86_64 x86_64 Fedora release 16 (Verne) disable_plaintext_auth = no mail_location = maildir:~/mail/INBOX:LAYOUT=fs maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service imap-login { inet_listener imap { address = localhost } } service pop3-login { inet_listener pop3 { address = localhost } } ssl_cert = -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 dear honorable doctor timo reading the list I saw appear a new style for the "writing of INBOX". namely this example mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = I do not know how to use it can you help me now is my config ~]# /usr/sbin/dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-32 i686 CentOS release 5.8 (Final) auth_mechanisms = plain login base_dir = /var/run/dovecot/ lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = [::] log_path = /var/log/maillog log_timestamp = %Y-%m-%d %H:%M:%S login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = maildir:~/Maildir mail_max_userip_connections = 30 mail_plugins = " quota trash zlib" mailbox_list_index = yes maildir_broken_filename_sizes = yes managesieve_notify_capability = mailto managesieve_sieve_capability = comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus virustest namespace { inbox = yes location = prefix = separator = . } passdb { driver = pam } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Sent autosubscribe4 = Drafts deleted_to_trash_folder = Trash plugin = $mail_plugins autocreate managesieve sieve quota quota = maildir:User quota quota_exceeded_message = Quota exceeded, please go to http://www.fakessh.eu/over_quota_help.html for instructions on how to fix this. quota_rule = *:storage=10GB quota_rule2 = Trash:storage=+10% quota_rule3 = Spam:storage=+20% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /var/sieve-scripts/roundcube.sieve sieve_dir = ~/sieve sieve_global_path = whatever trash = /etc/dovecot/dovecot-trash.conf.ext zlib_save = bz2 zlib_save_level = 9 } protocols = sieve imap pop3 service anvil { client_limit = 6000 } service auth { client_limit = 6000 process_limit = 1 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0600 user = postfix } unix_listener auth-master { mode = 0666 } unix_listener auth-userdb { mode = 0666 } vsz_limit = 64 M } service imap-login { client_limit = 0 inet_listener imap { port = 0 } inet_listener imaps { address = * , [::] port = 993 } process_limit = 1024 service_count = 1 vsz_limit = 64 M } service imap { process_limit = 1024 process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve-login { inet_listener managesieve-login { address = * , [::] port = 2000 } process_limit = 1 vsz_limit = 64 M } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { address = * , [::] port = 995 } process_limit = 1 vsz_limit = 64 M } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = mail } user = dovecot } ssl_ca = References: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> Message-ID: Timo, thanks Timo Sirainen wrote: >Easiest fix: remove 15-mailboxes.conf > This didn't seem to fix it, though, perhaps I failed to test it properly >Alternative fix: modify this namespace to actually work. Probably >adding inbox=yes inside it is enough to do that. With some trepidation, I inserted the string where I thought it should go, and, bingo, it started working as expected. I probably should removed the full path from SQL query, and put in the Conf file as docs suggest, but I might leave that for another day. Thank you again, Voytek -- Swyped on Motrix with K-9 Mail. Please excuse my brevity. From p at state-of-mind.de Thu Jun 21 09:32:52 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Thu, 21 Jun 2012 08:32:52 +0200 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <4FE264AB.1090600@smtp.fakessh.eu> References: <4FE264AB.1090600@smtp.fakessh.eu> Message-ID: <20120621063252.GB2417@state-of-mind.de> * ml : > dear honorable doctor timo > > reading the list I saw appear a new style for the "writing of INBOX". > namely this example > > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = This 'new' type of writing defines mailboxes for SPECIAL-USE as defined in http://tools.ietf.org/rfc/rfc6154.txt. > I do not know how to use it can you help me now is my config If your mail clients support it, they will automatically map their mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you have assigned the respective $special_use option to. If they don't nothing will change. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 316 bytes Desc: Digital signature URL: From kayasaman at gmail.com Thu Jun 21 09:36:58 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Thu, 21 Jun 2012 07:36:58 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: I think the issue seems to be the mechanism between Dovecot and AD, so basically PAM..... I adapted my pam.d file to this: # auth auth sufficient pam_krb5.so no_warn try_first_pass debug #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account #account required pam_nologin.so #account required pam_unix.so account required pam_krb5.so in the hope that this config would work: userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static # args = uid=500 gid=500 home=/ZPOOL_1/%u # allow_all_users=yes } passdb { driver = pam } However I am still having issues :-( Regards, Kaya From stan at hardwarefreak.com Thu Jun 21 10:50:02 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 21 Jun 2012 02:50:02 -0500 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D22A.9050200@hardwarefreak.com> On 6/20/2012 10:50 AM, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system? I have not, but can tell you from experience and education that distributed filesystems don't work well with transactional workloads such as IMAP and SMTP. The two reasons are high latency and problems with file locking, as Timo mentioned. Instead of asking if anyone here has tried to use GlusterFS, why not describe your situation and ask for advice on a solution? That usually works much better, and you gain valuable insight. -- Stan From robert at schetterer.org Thu Jun 21 10:57:43 2012 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 21 Jun 2012 09:57:43 +0200 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D3F7.5000709@schetterer.org> Am 20.06.2012 17:50, schrieb Romer Ventura: > Hello, > > > > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? > > > > It says that it can be presented as a NFS, CIFS and as GlusterFS using the > native client, technically using the client would allow the machine to read > and write to it, therefore, I think that Dovecot would not care about it. > Correct? > > > > Anyone out there used this setup?? > > > > Thanks. > > reading the faqs i wouldnt recommend it yet, but as Timo said try with performance tests first -- Best Regards MfG Robert Schetterer From amateo at um.es Thu Jun 21 11:44:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 10:44:56 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE2DF08.7040400@um.es> El 20/06/12 12:05, Timo Sirainen escribi?: > >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > According to http://wiki2.dovecot.org/LoginProcess Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? From zimmys76 at web.de Thu Jun 21 11:46:50 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 21 Jun 2012 10:46:50 +0200 Subject: [Dovecot] public namespace Message-ID: <015301cd4f8a$68b0f0c0$3a12d240$@web.de> Hello, dovecot -n # 2.0.18: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_privileged_group = vmail mail_uid = 5000 namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/%n/public prefix = Public/ separator = / subscriptions = no type = public } i?m a little bit confused but I hope I find help here. The user mailboxes work perfectly just the public mailbox is a little bit tricky I expect that all public maildirs be placed under /var/mail/vhosts/%d/public. ?They are created by defining a public namespace, under which all the shared mailboxes are?. For those special users, I have set the maillocation via passwd file to /%d/public/%n, all other users have /%d/%n. So we have following folder structure \public \public\.info \public\.lager \public\.buchhaltung And so on That?s works fine, but with subfolder start the problems. When the info-?user? loggs on and creates a subfolder under his INBOX(called hust2) then no other people can see this. Otherside, if a ?normal? user creates a folder in public folder info(called hust), the info ?user? can? t see this one. If I look to filesystem, the reason is clear: %d/public/.info# ls -la insgesamt 32 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 cur -rwxrwx---+ 1 vmail vmail 51 Jun 21 09:50 dovecot-uidlist -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:50 dovecot-uidvalidity.4fe04b06 drwx--S---+ 5 vmail vmail 78 Jun 19 11:54 .INBOX.hust2 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 new -rw-rw----+ 1 vmail vmail 18 Jun 19 11:51 subscriptions drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 tmp drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .Trash %d/public# ls -la insgesamt 16 -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:51 dovecot-uidvalidity.4fe04b36 drwx--S---+ 7 vmail vmail 4096 Jun 21 09:50 .info drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .info.hust A look to the info mailbox makes it clear: info at BLABLA \INBOX \hust2 >create by info user in his mailbox \Trash \Public \info >his own public share \hust >create by other user in public folder What I need is: %d/public/lager/cur %d/public/lager/new %d/public/lager/tmp %d/public/lager/.foo %d/public/lager/.foo.bar %d/public/ info /cur %d/public/ info /new %d/public/ info /tmp %d/public/info/.hust %d/public/info/.hust.deeperhust %d/public/info/.hust2 All public maildirs under /%d/public/%n Must I create a namespace for all public maildirs?: namespace { location = maildir:/var/mail/vhosts/%d/public/info } namespace { location = maildir:/var/mail/vhosts/%d/public/lager } I can? t figure out on my own, please give me an explanation. Thanks for soon comment. Daniel From tss at iki.fi Thu Jun 21 12:53:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 12:53:59 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE2DF08.7040400@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> Message-ID: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> On 21.6.2012, at 11.44, Angel L. Mateo wrote: > El 20/06/12 12:05, Timo Sirainen escribi?: >> >>> default_process_limit = 1000 >> >> Since you haven't enabled high-performance mode for imap-login processes >> and haven't otherwise changed the service imap-login settings, this >> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. >> > According to http://wiki2.dovecot.org/LoginProcess > > Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). > > I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? > > If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. I guess you don't have many SSL/TLS connections. From amateo at um.es Thu Jun 21 13:01:10 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 12:01:10 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> Message-ID: <4FE2F0E6.1020406@um.es> El 21/06/12 11:53, Timo Sirainen escribi?: > > Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. > > I guess you don't have many SSL/TLS connections. I'm not using SSL/TLS (it is done by a ssl accelerator, so connections to backend is plain) From CMarcus at Media-Brokers.com Thu Jun 21 14:12:43 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 21 Jun 2012 07:12:43 -0400 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <20120621063252.GB2417@state-of-mind.de> References: <4FE264AB.1090600@smtp.fakessh.eu> <20120621063252.GB2417@state-of-mind.de> Message-ID: <4FE301AB.3070403@Media-Brokers.com> On 2012-06-21 2:32 AM, Patrick Ben Koetter

wrote: > This 'new' type of writing defines mailboxes for SPECIAL-USE as > defined in http://tools.ietf.org/rfc/rfc6154.txt. > > If your mail clients support it, they will automatically map their > mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you > have assigned the respective $special_use option to. > > If they don't nothing will change. Out of curiosity, do you (or does anyone else) know of a list of clients that do (or don't) support this (what I consider to be most *excellent*) feature? Specifically, what about the most problematic clients I know of - Outlook and Apple Mail? Maybe the wiki could be updated with this info, and us users could keep it up to date as time goes on? -- Best regards, Charles From tompru at jla.rutgers.edu Thu Jun 21 17:48:29 2012 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 21 Jun 2012 10:48:29 -0400 Subject: [Dovecot] doveadm proxy kick in director setups Message-ID: <20120621144829.GA8792@hawkeye.rutgers.edu> Something I noticed on a 2.1.7 director test cluster (two directors, three backends): 'doveadm proxy kick user' will kick all connections for that user on that director only. Any additional connections on other directors will remain active unless the command is run on all directors. Are the proxy and director sub-commands intended to be separate and distinct in their operation? If so, then this makes sense, as a proxy isn't necessarily a director. Are there any plans for a proxy kick equivalent that would work across directors? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 145 email: tompru at jla.rutgers.edu phone: (732) 445-2634 From emailbuilder88 at yahoo.com Thu Jun 21 21:05:24 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:05:24 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) Message-ID: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Hi, We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.? It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this.? Am I correct or is it less clear-cut? Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? TIA From tss at iki.fi Thu Jun 21 21:13:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 21:13:21 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> On 21.6.2012, at 21.05, email builder wrote: > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this. Am I correct or is it less clear-cut? If you disable index index files in Dovecot, its performance should be slightly better than Courier. With index files the performance is typically much better in Dovecot, especially if you use a (non-caching) webmail. > Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? If you don't migrate any existing users, I guess this doesn't differ much from any other optimized Dovecot installation. Usually large installations (>1M users) use NetApp NFS + Dovecot director. You might also want to enable full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other things. From emailbuilder88 at yahoo.com Thu Jun 21 21:32:46 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:32:46 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files Message-ID: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. I know Sieve scripts are plain text files, but need to be compiled for use.? I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly.? But a couple questions: * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script?? I would need to replicate this manually. * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user?? Are there issues with this? * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Thank you From emailbuilder88 at yahoo.com Thu Jun 21 23:05:25 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 13:05:25 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> Message-ID: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Thank you very much for the fast reply. >> We are building a new system that will support a large number of users >> (high volume, high concurrent usage, etc).? We have played with Dovecot, but in >> most serious applications we have traditionally used Courier IMAP.? It's my >> (lay) understanding that with indexing and perhaps other things in Dovecot, it >> might perform better than Courier in larger environments like this.? Am I >> correct or is it less clear-cut? > > If you disable index index files in Dovecot, its performance should be slightly > better than Courier. With index files the performance is typically much better > in Dovecot, especially if you use a (non-caching) webmail. Interesting.? What would be the motivations for disabling indexing? Indexing is by default enabled? Do you know what webmails are caching vs. non-caching?? Am I correct that what you're pointing out is that with non-caching webmails you will notice IMAP performance differences more readily but that a caching webmail application might be better no matter which IMAP server because it reduces the need for webmail to make IMAP connections? >> Any tips on making the migration (not migrating an existing system, I mean >> migrating our paradigm - things to consider, things to watch out for)? > > If you don't migrate any existing users, I guess this doesn't differ > much from any other optimized Dovecot installation. Usually large installations > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > things. Ah, I didn't know about Director.? That looks very nice.? I had in mind that we would have to use Perdition, but an integrated solution might be good. Anyone have any thoughts or opinions considering Perdition vs. Director? Full text searches don't hurt performance too bad? Thanks for the other links, I will certainly go read up on them. From tss at iki.fi Thu Jun 21 23:22:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:22:44 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <1340310164.5967.86.camel@hurina> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: > Thank you very much for the fast reply. > > >> We are building a new system that will support a large number of users > > >> (high volume, high concurrent usage, etc). We have played with Dovecot, but in > >> most serious applications we have traditionally used Courier IMAP. It's my > >> (lay) understanding that with indexing and perhaps other things in Dovecot, it > >> might perform better than Courier in larger environments like this. Am I > >> correct or is it less clear-cut? > > > > If you disable index index files in Dovecot, its performance should be slightly > > better than Courier. With index files the performance is typically much better > > in Dovecot, especially if you use a (non-caching) webmail. > > Interesting. What would be the motivations for disabling indexing? > Indexing is by default enabled? Yes, enabled by default. There aren't many good reasons for disabling indexing. > Do you know what webmails are caching vs. non-caching? Nearly all of them are non-caching. (I don't know of any caching ones.) > Am I correct that what you're pointing out is that with non-caching > webmails you will notice IMAP performance differences more readily > but that a caching webmail application might be better no matter > which IMAP server because it reduces the need for webmail to make > IMAP connections? It's not about the IMAP connections themselves, but how often they fetch message (meta)data. http://www.imapwiki.org/Benchmarking should explain this better. Dovecot's indexing can lower the disk I/O usage perhaps by 10x compared to Courier. > >> Any tips on making the migration (not migrating an existing system, I mean > >> migrating our paradigm - things to consider, things to watch out for)? > > > > If you don't migrate any existing users, I guess this doesn't differ > > much from any other optimized Dovecot installation. Usually large installations > > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > > things. > > Ah, I didn't know about Director. That looks very nice. I had in mind that > we would have to use Perdition, but an integrated solution might be good. > > Anyone have any thoughts or opinions considering Perdition vs. Director? Dovecot proxy has several Dovecot-specific features that make it work better than perdition (forwards client IP address to backend, handle CAPABILITY stuff better, maybe other things). > Full text searches don't hurt performance too bad? They should improve the performance, at least from the user's point of view when doing a search on webmail. But yes, the indexing itself does cost CPU cycles, disk I/O and disk usage (perhaps 30% more disk space). From h.reindl at thelounge.net Thu Jun 21 23:34:15 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:34:15 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38547.4060407@thelounge.net> Am 21.06.2012 22:22, schrieb Timo Sirainen: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) roundcube can if configured additionally you should install imapproxy on the webserver wehre your webmail is running and configure the webmail for using 127.0.0.1 - so only one connection per user is persistent instead make a new one for each ajax-request -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From lists at necoro.eu Thu Jun 21 23:37:55 2012 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Thu, 21 Jun 2012 22:37:55 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38623.5050303@necoro.eu> Am 21.06.2012 22:22, schrieb Timo Sirainen: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) At least roundcube (v0.7.1 here) has some caching options: ------------------[excerpt from roundcubes main.inc.php]------------- // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. $rcmail_config['imap_cache'] = null; // Enables messages cache. Only 'db' cache is supported. $rcmail_config['messages_cache'] = false; -------------------------[end]---------------------------------------- But I don't know, whether this is the sort of caching you are referring to. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From bdh at machinehum.com Thu Jun 21 23:37:52 2012 From: bdh at machinehum.com (Brian Hayden) Date: Thu, 21 Jun 2012 15:37:52 -0500 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: On Jun 21, 2012, at 3:22 PM, Timo Sirainen wrote: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Thank you very much for the fast reply. >> >>>> We are building a new system that will support a large number of users >> >>>> (high volume, high concurrent usage, etc). We have played with Dovecot, but in >>>> most serious applications we have traditionally used Courier IMAP. It's my >>>> (lay) understanding that with indexing and perhaps other things in Dovecot, it >>>> might perform better than Courier in larger environments like this. Am I >>>> correct or is it less clear-cut? >>> >>> If you disable index index files in Dovecot, its performance should be slightly >>> better than Courier. With index files the performance is typically much better >>> in Dovecot, especially if you use a (non-caching) webmail. >> >> Interesting. What would be the motivations for disabling indexing? >> Indexing is by default enabled? > > Yes, enabled by default. There aren't many good reasons for disabling > indexing. > >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) Prayer, from University of Cambridge, or Chickadee, a fork of it. It's essentially a proper IMAP client in C that runs on a server, and uses HTTPS (via an embedded server, no external dependency on apache or etc.) to the end user just to deliver the display. When I was on the email project for the University of Minnesota, I modified it heavily for interface and to add some features that admins are used to having in systems where apache is involved (virtual hosts, things like that). I have it available (GPL) as a vanilla, de-branded package--Chickadee. Website is currently offline as I've been switching hosts, anyone who's interested can feel free to drop me a line. -Brian From tss at iki.fi Thu Jun 21 23:44:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:44:33 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38547.4060407@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> Message-ID: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> On 21.6.2012, at 23.34, Reindl Harald wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >>> Do you know what webmails are caching vs. non-caching? >> >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > roundcube can if configured > > additionally you should install imapproxy on the webserver > wehre your webmail is running and configure the webmail for > using 127.0.0.1 - so only one connection per user is > persistent instead make a new one for each ajax-request Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. From h.reindl at thelounge.net Thu Jun 21 23:48:03 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:48:03 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <4FE38883.8000808@thelounge.net> Am 21.06.2012 22:44, schrieb Timo Sirainen: > On 21.6.2012, at 23.34, Reindl Harald wrote: > >> Am 21.06.2012 22:22, schrieb Timo Sirainen: >>>> Do you know what webmails are caching vs. non-caching? >>> >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> roundcube can if configured >> >> additionally you should install imapproxy on the webserver >> wehre your webmail is running and configure the webmail for >> using 127.0.0.1 - so only one connection per user is >> persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. depends on network-latency, parallel users and last but not least count of folders - if you have 30 folders and roundcube refreshs every 20 seconds it will make in the worst case 180 connections for one user per minute maybe a bechmark with high load shows other values but felt performance in our setup is much better with imapproxy in front - roundcube feels like a desktop client -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:52:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:52:22 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? From h.reindl at thelounge.net Thu Jun 21 23:54:23 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:54:23 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> Message-ID: <4FE389FF.2080106@thelounge.net> Am 21.06.2012 22:52, schrieb Timo Sirainen: > On 21.6.2012, at 23.48, Reindl Harald wrote: > >>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. >> >> depends on network-latency, parallel users and last but >> not least count of folders - if you have 30 folders and >> roundcube refreshs every 20 seconds it will make in the >> worst case 180 connections for one user per minute > > Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? not 100% sure i simply tried it with proxy, was happy that it feels faster and last but not least i have lesser entries in maillog which goes to a central mysql-server for self-developed web-interfaces -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:57:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:57:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute > > maybe a bechmark with high load shows other values > > but felt performance in our setup is much better with > imapproxy in front - roundcube feels like a desktop client Oh, and of course it also depends on Dovecot configuration :) Authentication cache is needed and login processes must be in high performance mode. There is still the extra work of forking a new imap process (could also be avoided with yet another config option) and some other extra CPU usage, but those shouldn't cause much of a difference. The extra network latency during login is a good point though. From slusarz at curecanti.org Fri Jun 22 00:07:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:07:52 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <20120621150752.Horde.Mln7K4F5lbhP440ot73xbcA@bigworm.curecanti.org> Quoting Timo Sirainen : > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) IMP is caching (message/mailbox/folder listing), with full QRESYNC/CONDSTORE support. michael From lists at wildgooses.com Fri Jun 22 00:48:31 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:48:31 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE389FF.2080106@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> Message-ID: <4FE396AF.4070309@wildgooses.com> On 21/06/2012 21:54, Reindl Harald wrote: > and last but not least i have lesser entries in maillog which > goes to a central mysql-server for self-developed web-interfaces I recently added imapproxy to my Roundcube installation. Benchmarks showed a very slight slowdown, but as you point out it reduced the login count from dovecot and I use a login script to kind of report last login / length of session and this tallies better with an imap desktop user now I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) On average I think few users should use it.. Or at least benchmark and add it reluctantly... Ed From lists at wildgooses.com Fri Jun 22 00:55:04 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:55:04 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE39838.1030508@wildgooses.com> On 21/06/2012 21:37, Ren? Neumann wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >>> Do you know what webmails are caching vs. non-caching? >> Nearly all of them are non-caching. (I don't know of any caching ones.) > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. > > - Ren? It is caching, but unless your mysql / memcache server is lower latency than your dovecot server, then the caching does very little. I tested it very briefly and it added a lot of latency to my results when adding a mysql cache. However, my setup has the mysql/dovecot/roundcube all on the same machine, so latency is minimal. Roughly I found that the amount of caching is absolutely massive, eg roughly subject headers, message ids and more for every message in every folder. This meant multiple seconds of latency on first login and then slight additional latency on every folder view. I guess this might breakeven in the situation of a roundcube installation in an office and dovecot on the far end of an ADSL line with 60-100ms+ of latency and bandwidth constraints, but it's really, really hard to see it's sensible for two machines in the same datacenter with an uncontended network connection between them This isn't to say that the caching isn't sensible for use with other mail servers, but I don't see it offers any benefit for most Dovecot installations? However, very clever and full featured webmail client! Ed W P.S. Sogo has a kind of caching in that it has a clientside javascript cache. Not what was meant, but for all practical purposes much more useful... From slusarz at curecanti.org Fri Jun 22 00:58:01 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:58:01 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE396AF.4070309@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> Message-ID: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Quoting Ed W : > I think the conclusion is that imapproxy is not necessary. There > are some advantages (eg with high network latency between web and > imap server, and reducing apparent login count), and some > disadvantages (extra complexity, slowdown) Not entirely true. See this thread: http://markmail.org/thread/z7ctwle2go6zafas Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. michael From tss at iki.fi Fri Jun 22 01:12:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 01:12:04 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: On 22.6.2012, at 0.58, Michael M Slusarz wrote: >> I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) > > Not entirely true. See this thread: > > http://markmail.org/thread/z7ctwle2go6zafas > > Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. Well, I had completely forgotten about it :) Reading my old mail: > There isn't a whole lot of state to be saved really. Mailbox GUID, UIDVALIDITY, > HIGHESTMODSEQ gives the mailbox state. Then you have the language/etc. states. > Clients could restore their earlier state from days ago, as long as Dovecot > still has the necessary .log records available (similar to how QRESYNC works). Yeah .. Perhaps something like: 1. if client issues LOGOUT XSTATE 2. And server sees that it can actually save all of the state (some things are a bit tricky, and probably not worth the trouble in initial implementation) 3. Then the server server sends * OK XSTATE * BYE 4. The client can pipeline after LOGIN/AUTHENTICATE: a XSTATERESTORE a OK Yeah! or a NO Not gonna work. Perhaps even a real RFC for this thing? .. If it's worth it.. Would save at least a few X bytes from network traffic :) From yggdrasil at gmx.co.uk Fri Jun 22 02:28:10 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 00:28:10 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve Message-ID: <87y5ng1bzp.fsf@gmx.co.uk> Hi, I am trying to st up Offlineimap to use Dovecots LDA to be able to use Sieve for mail filtering, but am not sure how to get this working. I think the right way would be to use 'preauthtunnel' in .offlineimaprc and try the setup below, which doesn't work. ,----.offlineimaprc | [Repository LocalRepository] | type = IMAP | preauthtunnel = ssh -q localhost '/usr/libexec/dovecot/deliver -d myloginid' `---- If I go via the network card, the snch is fine, but Sieve can't be used? ,---- | [Repository LocalRepository] | type = IMAP | preauthtunnel = MAIL=maildir:$HOME/Maildir/myMailDir /usr/libexec/dovecot/deliver -d mylogonid | remotehost = localhost | port = 143 | remoteuser = mylogonid | remotepass = mypassword `---- Has anyone got any tips on how to get offlineimap to send mail to Dovecot in a way that Siev3e can be used? thanks! -- Johnny From a.kostyrev at serverc.ru Fri Jun 22 05:27:38 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 13:27:38 +1100 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <213B51F00051AE48A9F0E112880177178F7A43@Delta.sc.local> We've considered using gluster for our mail storage a month ago. I've seen index corruption even if mail was delivered by lmtp sequentially some split-brains with no clear reason with more than 2000 mails in box we had to wait for 40sec to open mailbox through roundcube, so we've decided to go for dsync replication instead with common mysql database for user storage and imap/pop3/lmtp proxy. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Romer Ventura Sent: Thursday, June 21, 2012 2:51 AM To: dovecot at dovecot.org Subject: [Dovecot] GlusterFS + Dovecot Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From emailbuilder88 at yahoo.com Fri Jun 22 05:28:50 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 19:28:50 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> Message-ID: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> > Oh, and of course it also depends on Dovecot configuration :) Authentication > cache is needed and login processes must be in high performance mode. I.e., I think: http://wiki2.dovecot.org/LoginProcess http://wiki2.dovecot.org/Authentication/Caching > There is > still the extra work of forking a new imap process (could also be avoided with > yet another config option) Are you referring to client_limit or service_count or something else as yet undeveloped? Speaking of which, I cannot understand the different between those two.? Hints in the configuration file (10-master.conf) and the wiki make them sound like they do the same thing -- ?? From tss at iki.fi Fri Jun 22 05:44:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 05:44:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: On 22.6.2012, at 5.28, email builder wrote: >> Oh, and of course it also depends on Dovecot configuration :) Authentication >> cache is needed and login processes must be in high performance mode. > > I.e., I think: > > http://wiki2.dovecot.org/LoginProcess > http://wiki2.dovecot.org/Authentication/Caching Yes. >> There is >> still the extra work of forking a new imap process (could also be avoided with >> yet another config option) > > Are you referring to client_limit or service_count or something else as yet undeveloped? service imap { service_count = 0 } (default=1) allows imap processes to be reused for more than 1 connection. The downside is that if there are any bugs in Dovecot, they might accidentally expose another user's email data to the wrong user. That's very unlikely to happen but since this isn't a performance problem in most (if any) systems I don't want to enable it by default. Dovecot code is written so that write buffer overflows (= arbitrary code execution) is minimized to be as zero possibility as I could think of, but read buffer overflows (= exposing data within the process) isn't treated nearly as much with paranoia. > Speaking of which, I cannot understand the different between those two. Hints in the > configuration file (10-master.conf) and the wiki make them sound like they do the same > thing -- ?? service_count limits the maximum of client_limit. One connection = one service. Once a process has serviced "service_count" number of connections it disconnects itself. There can never be more than "client_limit" number of simultaneous connections. The important stuff to understand about these are: * service_count=1: The most secure setting for a process. The process serves a single connection and kills itself. No possibility of data leaking to unintended connection. * service_count=0, client_limit=1: The process does blocking operations (e.g. blocking disk IO). You don't want one connection's blocking operation to affect other connections. But you're not paranoid about security, since in case of some bugs some data might leak to unintended connection. * service_count>0: Restart process ever N connections, just in case it leaks some memory. * client_limit>1: Limit the amount of CPU/memory a single process takes. The process should never be blocking on disk I/O or locks or anything else. This means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound processes it's fine. Maybe these could be copy&pasted to the wiki2/Services. From emailbuilder88 at yahoo.com Fri Jun 22 08:27:18 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 22:27:18 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> >>> Oh, and of course it also depends on Dovecot configuration :) >>> Authentication >>> cache is needed and login processes must be in high performance mode. >> >> I.e., I think: >> >> http://wiki2.dovecot.org/LoginProcess >> http://wiki2.dovecot.org/Authentication/Caching > > Yes. > >>> There is >>> still the extra work of forking a new imap process (could also be >>> avoided with >>> yet another config option) >> >> Are you referring to client_limit or service_count or something else as yet >> undeveloped? > > service imap { service_count = 0 } (default=1) allows imap processes to be > reused for more than 1 connection. The downside is that if there are any bugs in > Dovecot, they might accidentally expose another user's email data to the > wrong user. That's very unlikely to happen but since this isn't a > performance problem in most (if any) systems I don't want to enable it by > default. Dovecot code is written so that write buffer overflows (= arbitrary > code execution) is minimized to be as zero possibility as I could think of, but > read buffer overflows (= exposing data within the process) isn't treated > nearly as much with paranoia. > >> Speaking of which, I cannot understand the different between those two.? >> Hints in the >> configuration file (10-master.conf) and the wiki make them sound like they >> do the same >> thing -- ?? > > service_count limits the maximum of client_limit. One connection = one service. > Once a process has serviced "service_count" number of connections it > disconnects itself. There can never be more than "client_limit" number > of simultaneous connections. The important stuff to understand about these are: > > * service_count=1: The most secure setting for a process. The process serves a > single connection and kills itself. No possibility of data leaking to unintended > connection. > * service_count=0, client_limit=1: The process does blocking operations (e.g. > blocking disk IO). You don't want one connection's blocking operation to > affect other connections. But you're not paranoid about security, since in > case of some bugs some data might leak to unintended connection. > * service_count>0: Restart process ever N connections, just in case it leaks > some memory. > * client_limit>1: Limit the amount of CPU/memory a single process takes. The > process should never be blocking on disk I/O or locks or anything else. This > means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound > processes it's fine. So really, a new process is created under *two* circumstances?? 1. when a process reaches client_limit number of *simultaneous* connections or? 2. when a process has serviced service_count number of connections.? Is this correct? So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 Thanks for the help!??? From aerion82 at gmail.com Fri Jun 22 08:49:54 2012 From: aerion82 at gmail.com (Aerion Stevens) Date: Fri, 22 Jun 2012 15:49:54 +1000 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend service on same server Message-ID: Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From a.kostyrev at serverc.ru Fri Jun 22 09:29:25 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 17:29:25 +1100 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server In-Reply-To: References: Message-ID: <213B51F00051AE48A9F0E112880177178F7A46@Delta.sc.local> I've already tortured Timo about that. check this thread out: http://www.dovecot.org/list/dovecot/2012-June/066315.html -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Aerion Stevens Sent: Friday, June 22, 2012 4:50 PM To: dovecot at dovecot.org Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From stephan at rename-it.nl Fri Jun 22 10:08:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:08:05 +0200 Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <4FE419D5.1060409@rename-it.nl> On 6/21/2012 8:32 PM, email builder wrote: > We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. > > I know Sieve scripts are plain text files, but need to be compiled for use. I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly. But a couple questions: > > * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? This is the script file that the sieve= setting points to. The term 'active' only has real meaning when ManageSieve is used. Then, the active script file is a symbolic link that points into the sieve_dir= directory, thereby selecting which script is active. > * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script? I would need to replicate this manually. It makes the symbolic link. Compiling the script is done automatically when the script is first executed at delivery. > * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user? Are there issues with this? You can pre-compile it, but the plaintext script must also exist at the indicated location. Sieve always looks for the plaintext script and only when that is found it checks for the presence of an earlier compiled binary. > * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Yes. Regards, Stephan. From stephan at rename-it.nl Fri Jun 22 10:10:20 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:10:20 +0200 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <87y5ng1bzp.fsf@gmx.co.uk> References: <87y5ng1bzp.fsf@gmx.co.uk> Message-ID: <4FE41A5C.4050609@rename-it.nl> On 6/22/2012 1:28 AM, Johnny wrote: > Hi, > > I am trying to st up Offlineimap to use Dovecots LDA to be able to use > Sieve for mail filtering, but am not sure how to get this working. I > think the right way would be to use 'preauthtunnel' in .offlineimaprc > and try the setup below, which doesn't work. [...] > Has anyone got any tips on how to get offlineimap to send mail to > Dovecot in a way that Siev3e can be used? Could you show your dovecot config (dovecot -n output) here? I'm wondering whether you have enabled the Sieve plugin for LDA. Regards, Stephan. From emailbuilder88 at yahoo.com Fri Jun 22 10:32:12 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:32:12 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <4FE419D5.1060409@rename-it.nl> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> <4FE419D5.1060409@rename-it.nl> Message-ID: <1340350332.34438.YahooMailNeo@web39301.mail.mud.yahoo.com> Thanks for the reply -- >> We have some scripts that take care of some tasks when creating new email > accounts, such as creating some default mail filter rules. >> >> I know Sieve scripts are plain text files, but need to be compiled for >> use.? I see that you can use seivec to compile scripts manually, which can help >> me create .dovecot.svbin which can be placed where needed and permissioned >> correctly.? But a couple questions: >> >> * Sieve has the concept of an active script - is this merely whatever is >> compiled into the .dovecot.svbin file? > > This is the script file that the sieve= setting points to. The term > 'active' only has real meaning when ManageSieve is used. Then, the > active script file is a symbolic link that points into the sieve_dir= directory, > thereby selecting which script is active. > >> * Does dovecot (managesieve) do any other housekeeping when a user sieve >> script is installed and set as the active script?? I would need to replicate >> this manually. > > It makes the symbolic link. Compiling the script is done automatically when the > script is first executed at delivery. > >> * If the default script is always the same (sorry, for us, the solution >> isn't global scripts), would it work to compile that script once, keep the >> compiled version somewhere and merely copy it into the correct place for a new >> user?? Are there issues with this? > > You can pre-compile it, but the plaintext script must also exist at the > indicated location. Sieve always looks for the plaintext script and only when > that is found it checks for the presence of an earlier compiled binary. Oh, so it's even easier.? Our setup script can just put the plain text sieve script in the right place, create the .dovecot.sieve symlink and that's enough? Pasting in a precompiled would save a few CPU cycles upon first delivery? Great, thanks again. From emailbuilder88 at yahoo.com Fri Jun 22 10:42:47 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:42:47 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? Message-ID: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> We're considering a move from Courier to Dovecot.? So far, looks like it's not too bad, but the most challenging obstacle is what to do about our local delivery.? Factors: 1. we use a lot of maildrop "features" that are impossible in sieve without piping to an external program (would rather not re-write our working maildrop scripts in another language) 2. would love to try dbox 3. we use IMAP/Maildir++ quotas (looks like with a little finesse it's possible to get maildrop and dovecot to play nice on this account, yes?) I saw it suggested to just call LDA from maildrop for any maildrop "to" commands (hmmm, what about "cc"?) here: http://article.gmane.org/gmane.mail.imap.dovecot/56120 How much overhead will this take?? Would it be possible or advisable to use LMTP instead if that would help?? Is this idea just too crazy? From emailbuilder88 at yahoo.com Fri Jun 22 11:24:27 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:24:27 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <1340353467.4539.YahooMailNeo@web39306.mail.mud.yahoo.com> > We're considering a move from Courier to Dovecot.? So far, looks like > it's not too bad, but the most challenging obstacle is what to do about > our local delivery.? Factors: > > 1. we use a lot of maildrop "features" that are impossible in sieve > > without piping to an external program (would rather not re-write our > working maildrop scripts in another language) > > 2. would love to try dbox > > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) > > > I saw it suggested to just call LDA from maildrop for any maildrop > "to" commands (hmmm, what about "cc"?) here: > > http://article.gmane.org/gmane.mail.imap.dovecot/56120 > > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? Oh, doing this would also have benefit of updating dovecot indexes upon delivery, and we could ignore point 3 about the quotas and just let dovecot handle deliver time quotas too right?? (remove quota support from maildrop) Also saw a suggestion to do it a little different: http://article.gmane.org/gmane.mail.imap.dovecot/44897 So maildrop to "| foo" to "! foo at bar.com" cc "| foo" cc "! foo at bar.com" are left as is then to "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " to "| /dev/null" or just: to "| /usr/lib/dovecot/dovecot-lda -m " and cc "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " or just: cc "| /usr/lib/dovecot/dovecot-lda -m " and the default end-of-script (INBOX) delivery for maildrop (an assumed "to 'INBOX'" command) can probably be replaced with one or the other of: xfilter "/usr/lib/dovecot/dovecot-lda" to "| /dev/null" or: to "| /usr/lib/dovecot/dovecot-lda" Does any of this make sense?? I wonder how it will look to the MTA (postfix here) when delivery fails.? It's also creating duplicate user lookups for the two delivery agents which isn't great. Maybe it'd be better to consider learning how to re-write our needed maildrop scripts as shell scripts (maildrop is close enough to bash I guess) and making sieve pipe out to them? From Ralf.Hildebrandt at charite.de Fri Jun 22 11:48:32 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 10:48:32 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <20120622084832.GH16499@charite.de> * email builder : > 1. we use a lot of maildrop "features" that are impossible in sieve We're calling deliver from maildropc > 2. would love to try dbox For that you'd need to call deliver from maildropc > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) deliver/dovecot is handling Maildir++ quotas just fine. > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? does maildrop speak LMTP? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From emailbuilder88 at yahoo.com Fri Jun 22 11:59:19 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:59:19 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <20120622084832.GH16499@charite.de> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> Message-ID: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> >> 1. we use a lot of maildrop "features" that are impossible in >> sieve > > We're calling deliver from maildropc Ah, so this is actually sane enough of an idea that someone really uses it?? Is the performance reasonable?? Bounces or deferred mail all work as expected?? What syntax did you use to replace to/cc with calls to LDA? >> 2. would love to try dbox > > For that you'd need to call deliver from maildropc I take it you didn't try this >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse >> it's possible to get maildrop and dovecot to play nice on this >> account, yes?) > > deliver/dovecot is handling Maildir++ quotas just fine. But if you call dovecot LDA you're not limited to Maildir++ quotas, right?? You can strip quota support out of maildrop and just let dovecot LDA and dovecot IMAP enforce quotas which keeps things more simple, no? >> How much overhead will this take?? Would it be possible or >> advisable to use LMTP instead if that would help?? Is this >> idea just too crazy? > > does maildrop speak LMTP? Good point From Ralf.Hildebrandt at charite.de Fri Jun 22 12:27:13 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 11:27:13 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <20120622092713.GJ16499@charite.de> * email builder : > > >> 1. we use a lot of maildrop "features" that are impossible in > > >> sieve > > > > We're calling deliver from maildropc > > Ah, so this is actually sane enough of an idea that someone > really uses it?? Is the performance reasonable?? Bounces or > deferred mail all work as expected?? What syntax did you use > to replace to/cc with calls to LDA? I'll send you my /etc/maildroprc it's working OK. I'm using deliver where I can, only a few things are done by maildrop/mailbot > >> 2. would love to try dbox > > > > For that you'd need to call deliver from maildropc > > I take it you didn't try this Exactly. > >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > >> it's possible to get maildrop and dovecot to play nice on this > >> account, yes?) > > > > deliver/dovecot is handling Maildir++ quotas just fine. > > But if you call dovecot LDA you're not limited to Maildir++ > quotas, right? Correct. > ? You can strip quota support out of maildrop and just let dovecot LDA > and dovecot IMAP enforce quotas which keeps things more simple, no? Since I'm delegating all delivery to deliver, except for pipes, I'm using the quota facilities of deliver/dovecot -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tss at iki.fi Fri Jun 22 12:47:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 12:47:31 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> Message-ID: <33DFF34D-EC88-4DBB-8B10-EA6BA1597F64@iki.fi> On 22.6.2012, at 8.27, email builder wrote: > So really, a new process is created under *two* circumstances? 1. when a > process reaches client_limit number of *simultaneous* connections or 2. when > a process has serviced service_count number of connections. Is this correct? Yes. > So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 It would work, but for login processes the service_count can be 0. I haven't seen them leaking any memory recently. One somewhat annoying thing with service_count>1 is that the processes have to wait until all of the connections have disconnected before shutting down. For processes handling long running connections (especially IMAP) this can mean that you'll end up with a lot of processes that are ready to shutdown but a couple of connections prevent it from doing this. From yggdrasil at gmx.co.uk Fri Jun 22 14:35:09 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 12:35:09 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <4FE41A5C.4050609@rename-it.nl> (Stephan Bosch's message of "Fri, 22 Jun 2012 09:10:20 +0200") References: <87y5ng1bzp.fsf@gmx.co.uk> <4FE41A5C.4050609@rename-it.nl> Message-ID: <87wr2zinpu.fsf@gmx.co.uk> Hi Stephan, Stephan Bosch writes: > On 6/22/2012 1:28 AM, Johnny wrote: >> Hi, >> >> I am trying to st up Offlineimap to use Dovecots LDA to be able to use >> Sieve for mail filtering, but am not sure how to get this working. I >> think the right way would be to use 'preauthtunnel' in .offlineimaprc >> and try the setup below, which doesn't work. > [...] >> Has anyone got any tips on how to get offlineimap to send mail to >> Dovecot in a way that Siev3e can be used? > > Could you show your dovecot config (dovecot -n output) here? I'm > wondering whether you have enabled the Sieve plugin for LDA. > I haven't set up Sieve yet, as I haven't been able to figure out how to use the Dovecot LDA. Or is this not required to run Sieve? Here's my config: ,---- | mbox_write_locks = fcntl | | namespace inbox { | | hidden = no | | inbox = yes | | list = yes | | location = | | mailbox Drafts { | | special_use = \Drafts | | } | | mailbox Junk { | | special_use = \Junk | | } | | mailbox Sent { | | special_use = \Sent | | } | | mailbox "Sent Messages" { | | special_use = \Sent | | } | | mailbox Trash { | | special_use = \Trash | | } | | prefix = | | separator = . | | subscriptions = yes | | type = private | | } | | passdb { | | args = scheme=MD5 username_format=%u /etc/dovecot/users | | driver = passwd-file | | } | | protocols = imap | | service auth { | | unix_listener auth-userdb { | | mode = 0666 | | } | | } | | ssl = required | | ssl_cert = Hi Timo, any idea whats this related too ? dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrbytes 21703727 < 25193928 -- Best Regards MfG Robert Schetterer From tss at iki.fi Fri Jun 22 16:34:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 16:34:33 +0300 Subject: [Dovecot] dovecot stats error In-Reply-To: <4FE46641.4030801@schetterer.org> References: <4FE46641.4030801@schetterer.org> Message-ID: <494CA511-4DC1-402B-9A00-D0678BBB1BF4@iki.fi> On 22.6.2012, at 15.34, Robert Schetterer wrote: > Hi Timo, > any idea whats this related too ? > > dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats > shrank: mrbytes 21703727 < 25193928 Which Dovecot version? I thought I fixed this already.. From Benoit.Branciard at univ-paris1.fr Fri Jun 22 16:59:18 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Fri, 22 Jun 2012 15:59:18 +0200 Subject: [Dovecot] cumulative userdb ? Message-ID: <4FE47A36.5090003@univ-paris1.fr> in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? that is, for all users: - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? This is *different* from the "multiple databases" setup described in http://wiki2.dovecot.org/Authentication/MultipleDatabases, where it is meant as "failover": the second database is looked up only if the user isn't found in the first database. -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From robertcoore at yahoo.com Fri Jun 22 18:46:35 2012 From: robertcoore at yahoo.com (robert coore) Date: Fri, 22 Jun 2012 15:46:35 +0000 (UTC) Subject: [Dovecot] permissions on auth-userdb References: Message-ID: googlemail.com> writes: > > Hi.. > > im still trying to upgrade to 2.0. > Im getting: > dovecot: lda: Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=10000(vmail) egid=10000(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) > > the error is correct caus its owned by root. My Questions is who should own it ? > Im not sure how that works, what process/user calls the auth-userdb ? > The auth-userdb returns the args generated in master.conf, right ? > > i think comment out the user and group setting in master.conf will fix > it but im not sure if that is the securest way. > > the mails come from postfix via dovecot-lda > > Hans > > master.conf > service auth { > # auth_socket_path points to this userdb socket by default. It's typically > # used by dovecot-lda, doveadm, possibly imap process, etc. Its default > # permissions make it readable only by root, but you may need to relax these > # permissions. Users that have access to this socket are able to get a list > # of all usernames and get results of everyone's userdb lookups. > unix_listener auth-userdb { > mode = 0600 > #user = vmail > #group = vmail > } > > auth-ldap.conf.ext > passdb { > driver = ldap > args = /etc/dovecot/dovecot-ldap.conf.ext > } > userdb { > driver = static > args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ > mail=/home/MAILBOXES/%u/mail > } > > Hi all was getting the same errors took me 2 days to understand what it was saying to me but i finally solved it if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the owner and the premissions are srw-------- so vmail has not right to call or even use the process What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb I also did a chmod g+r /var/run/dovecot/auth-userdb ls -l /var/run/dovecot/auth-userdb srw----r-- 1 vmail vmail my unix_listener auth-userdb { mode = 600 { protocol lda { auth_socket_path = /var/run/dovecot/auth-userdb log_path = /home/vmail/dovecot-deliver.log that worked for me 1. havent restarted the dovecot service dont know if it will keep the settings. From tss at iki.fi Fri Jun 22 21:46:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 21:46:06 +0300 Subject: [Dovecot] cumulative userdb ? In-Reply-To: <4FE47A36.5090003@univ-paris1.fr> References: <4FE47A36.5090003@univ-paris1.fr> Message-ID: <643DEB67-BA15-4D0A-B157-5DAAC0A4276D@iki.fi> On 22.6.2012, at 16.59, Benoit Branciard wrote: > in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? > > that is, for all users: > - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), > - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? I've also wanted this a few times. But no, not possible currently. From ncjeffgus at zimage.com Sat Jun 23 00:24:36 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Fri, 22 Jun 2012 14:24:36 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" Message-ID: <1340400276.12426.9.camel@maclinux> I'm getting an error backing up mailboxes. I'm using the mirror command: dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o mail_home=/home/.incoming_mail_migrations/users/bob dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX dsync-remote(vmail): Error: command BOX-LIST failed dsync-local(vmail): Error: Worker server's mailbox iteration failed The mail user doesn't yet exist on the destination yet, thus the use of the mail_home parameter. I found a mailing list message where a person was having a similar problem but I couldn't find confirmation that the issue was resolved. In our case, the backup goes from maildir to mdbox format (we can't to convert to mdbox). Things seemed to be moving along, but there are quite a few examples of dsync failing. I think the issue happens more often with large mailboxes ( > 50GB ). We're running version 2.0.13. doveconf -n: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) auth_mechanisms = plain login default_client_limit = 15000 default_process_limit = 10000 disable_plaintext_auth = no listen = * mail_gid = vmail mail_location = maildir:~/Maildir mail_plugins = zlib mail_uid = vmail mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { zlib_save = gz } protocols = imap pop3 service auth { client_limit = 10000 unix_listener auth-userdb { mode = 0666 } } service imap-postlogin { executable = script-login /usr/bin/postlogin-imap.sh user = $default_internal_user } service imap { drop_priv_before_exec = yes executable = imap process_limit = 10000 } service pop3-postlogin { executable = script-login /usr/bin/postlogin-pop.sh user = $default_internal_user } } service pop3 { drop_priv_before_exec = yes executable = pop3 process_limit = 2500 } ssl_cert = References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340415602.12632.2.camel@amito> On Sun, 2012-06-17 at 14:04 +0200, Wojciech Puchar wrote: > >> maildir form. Reviews of kmail are very bad, and thunderbird uses the > >> mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > if you want to use any of those hopeless programs just turn message > caching in them (folder synchronization off in thunderbird) and login to > dovecot, even on localhost. > > kmail v.3 is barely usable, v4 is good. It looks like you don't like any of the email programs we've discussed. Which email programs do you like? BTW: kmail on my system is 4.8.3 -- In more detail: $ kmail --version Qt: 4.8.2 KDE Development Platform: 4.8.3 (4.8.3) KMail: 4.8.3 Thanks - jon From jonrysh at pacbell.net Sat Jun 23 05:02:55 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Fri, 22 Jun 2012 19:02:55 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340416975.12632.19.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. I have now set up dovecot on my system, and should now be in business, but when Thunderbird connects to Dovecot it doesn't see any folders. Here is the situation. Please excuse the length of this message; I have tried to include all useful information. My system is Fedora-17 Linux with all updates running on x86_64 hardware. Dovecot is installed and running with this configuration: $ dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_location = mbox:~/Dovecot:INBOX=/var/spool/mail/%u mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: <1340400276.12426.9.camel@maclinux> Message-ID: <746A0B68-368B-40D3-ACAB-8A39BDFDA99D@mediatemple.net> Hey, just a point of clarification. In at least some of the cases (possibly all, I'll leave that up to Jeff to state) an initial dsync (as documented in Jeff's message) was completed successfully and the problem occurred when we ran a second (using exactly the same cmd) time to catch any changes since the original sync (since the initial sync took many hours). Doug On Jun 22, 2012, at 2:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > > dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: > 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX > dsync-remote(vmail): Error: command BOX-LIST failed > dsync-local(vmail): Error: Worker server's mailbox iteration failed > > The mail user doesn't yet exist on the destination yet, thus the use of > the mail_home parameter. > I found a mailing list message where a person was having a similar > problem but I couldn't find confirmation that the issue was resolved. > In our case, the backup goes from maildir to mdbox format (we can't to > convert to mdbox). Things seemed to be moving along, but there are quite > a few examples of dsync failing. I think the issue happens more often > with large mailboxes ( > 50GB ). > We're running version 2.0.13. > doveconf -n: > > # 2.0.13: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) > auth_mechanisms = plain login > default_client_limit = 15000 > default_process_limit = 10000 > disable_plaintext_auth = no > listen = * > mail_gid = vmail > mail_location = maildir:~/Maildir > mail_plugins = zlib > mail_uid = vmail > mmap_disable = yes > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > } > passdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > plugin { > zlib_save = gz > } > protocols = imap pop3 > service auth { > client_limit = 10000 > unix_listener auth-userdb { > mode = 0666 > } > } > service imap-postlogin { > executable = script-login /usr/bin/postlogin-imap.sh > user = $default_internal_user > } > service imap { > drop_priv_before_exec = yes > executable = imap > process_limit = 10000 > } > service pop3-postlogin { > executable = script-login /usr/bin/postlogin-pop.sh > user = $default_internal_user > } > } > service pop3 { > drop_priv_before_exec = yes > executable = pop3 > process_limit = 2500 > } > ssl_cert = ssl_key = userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = zlib > } > protocol lda { > mail_plugins = zlib > } > protocol imap { > mail_max_userip_connections = 100 > mail_plugins = zlib > } > protocol pop3 { > mail_max_userip_connections = 30 > mail_plugins = zlib > } > > > ...Jeff > From manu at netbsd.org Sat Jun 23 08:04:30 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Sat, 23 Jun 2012 07:04:30 +0200 Subject: [Dovecot] pop3-throttle Message-ID: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Hello I am having a hard time with users using POP while leaving mailboxes of several gigabyte cumulated. This causes a lot of disk I/O and kills performancs for everyone. I try to encourage people migrating to IMAP, but that migration will take some time, and therefore I am looking for alterantive ways to workaround the problem. I found pop3-throttle-plugin.c, which seems a smart way to solve the problem, unfortunately it comes with no documentation. I was able to build it and load it, bu itsays nothing in the logs. Is there any doc somewhere? Any advices on how to set it up? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu at netbsd.org From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:20:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:20:23 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: > > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). what is large? >? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. >? It's my (lay) understanding that with indexing and perhaps other things >in Dovecot, it might perform better than Courier in larger environments >like this.? Am I correct or is it less clear-cut? No idea how well courier IMAP performs. But have idea how well dovecot performs. I don't have large configs like thousands of users as i don't handle "herd of random users" style cases, but in every place i have dovecot IMAP takes unnoticable amount of server load. Just make a test. Definitely use maildir format, not mbox. dovecot heavily accesses it's index files. they are not large relative to e-mail sizes. With really large case if I/O will limit you i would recommend using SSD storage to keep just indexes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:21:38 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:21:38 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: > > Nearly all of them are non-caching. (I don't know of any caching ones.) which is definite adventage in spite of it's numerous security holes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:22:37 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:22:37 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:30:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:30:18 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: >> kmail v.3 is barely usable, v4 is good. > > It looks like you don't like any of the email programs we've discussed. > Which email programs do you like? it depends whether you ask what I personally use or what i recommend to my clients. I personally use alpine exclusively. I don't like GUI interfaces. And i use alpine directly handling maildir so it's not about IMAP. But if you need mail client over IMAP - alpine can do this, but cannot cache. mutt can cache if you like that program. i don't - in spite of much better functionality. alpine have lowest keypress to amount of word done ratio of any mail program i know. For my clients it depends - windoze: exclusively thunderbird. It's FAR FAR from perfect but still best you can get under windoze. - X11 terminal based config: well... it's funny but too thunderbird. All QT based programs are useless with X11 over network. Thunderbird works fine. I disable "folder synchronization" as well as indexing in it, so it's acceptably fast. The need to connecting over localhost from account X to account X to dovecot-imap is quite stupid but not a problem. For now it is thunderbird 10.0.5esr - both windows and FreeBSD From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:32:39 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:32:39 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: For Jonathan Ryshpan: for no obvious reason my IP is blocked at AT&T mail server you use. From michael at think-for-yourself.org Sat Jun 23 12:20:18 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 02:20:18 -0700 Subject: [Dovecot] Hardware infrastructure for email system Message-ID: <4FE58A52.8050708@think-for-yourself.org> Hi, I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read several threads in the areas of my questions here. While there are some that come close I haven't yet been able to get all my questions answered. I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. So right now both dovecot and roundcube run on the same box which is a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID 6, so only local storage using maildir. So far it's been holding up fine, but it's beginning to show signs of overload now. I also expect an increase in users over the next few months up to somewhere between 10 - 20,000 mail boxes. Hence the re-planning. My first priority in redesigning my setup is reliability. I definitely need something fail-save and as close to always on as possible. Next is performance. And while the budget is of course limited for the moment I'm setting that aside and will worry about that when the time comes. Now here is my question(s): In order to support up to 20,000 mailboxes (distributed over several times-zones so they won't all be used at the same time) with a very reliable service with good performance, what do I actually need? Do I need(ul) SAN or is it just a "would be nice to have"? If yes, why and what would be appropriate for my needs? Or will a setup with a few more servers like the ones I already have, using something like DRBD and distributing services (imap, http, spamd etc) onto different boxes do? I know I have more reading to do on all the different options out there, but would like some input from people that have experience in this area so I can focus on the stuff that's right for my situation. Michael From jonrysh at pacbell.net Sat Jun 23 12:23:35 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 23 Jun 2012 02:23:35 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: <1340443415.20888.8.camel@amito> On Sat, 2012-06-23 at 10:30 +0200, Wojciech Puchar wrote: > >> kmail v.3 is barely usable, v4 is good. > > > > It looks like you don't like any of the email programs we've discussed. > > Which email programs do you like? > > it depends whether you ask what I personally use or what i recommend to my > clients. > > I personally use alpine exclusively. I don't like GUI interfaces. And i > use alpine directly handling maildir so it's not about IMAP. But if you > need mail client over IMAP - alpine can do this, but cannot cache. > > mutt can cache if you like that program. i don't - in spite of much better > functionality. alpine have lowest keypress to amount of word done ratio of > any mail program i know. > > For my clients it depends > > - windoze: exclusively thunderbird. It's FAR FAR from perfect but still > best you can get under windoze. > > - X11 terminal based config: well... it's funny but too thunderbird. All > QT based programs are useless with X11 over network. Thunderbird works > fine. I disable "folder synchronization" as well as indexing in it, so > it's acceptably fast. The need to connecting over localhost from account > X to account X to dovecot-imap is quite stupid but not a problem. > > For now it is thunderbird 10.0.5esr - both windows and FreeBSD I want to be able to read and write HTML, since my correspondents use and expect it, so alpine is out. I had been happy with evolution, but it is now badly broken under KDE, and I am in process of changing to Thunderbird, as you see. Thanks for the advice - jon From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:01:30 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:01:30 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340442919.20888.4.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> <1340442919.20888.4.camel@amito> Message-ID: sorry for replying through that links but - as you may see - replying to Jonathan will not work. If AT&T have such strange policy then i am just sorry. It sings the beginning of end of open internet if more companies will start to do this, and result in few huge corporations handling everything. Not happy world to live. On Sat, 23 Jun 2012, Jonathan Ryshpan wrote: > On Sat, 2012-06-23 at 10:32 +0200, Wojciech Puchar wrote: >> For Jonathan Ryshpan: >> >> for no obvious reason my IP is blocked at AT&T mail server you use. > > I'm not sure what's going on, but I suspect the problem is this: Many US > mail servers refuse to accept mail from any servers that they have not > approved; if mail is coming direct from you to ATT, rather than via some > large ISP, it will likely be refused. This is supposed to reduce the > amount of spam (fat chance). > > Thanks for your reply - jon > > > From lists at wildgooses.com Sat Jun 23 13:21:02 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 23 Jun 2012 11:21:02 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE5988E.3010101@wildgooses.com> On 23/06/2012 09:22, Wojciech Puchar wrote: >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> At least roundcube (v0.7.1 here) has some caching options: >> >> ------------------[excerpt from roundcubes main.inc.php]------------- >> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and >> 'memcache'. >> $rcmail_config['imap_cache'] = null; >> >> // Enables messages cache. Only 'db' cache is supported. >> $rcmail_config['messages_cache'] = false; >> -------------------------[end]---------------------------------------- >> >> But I don't know, whether this is the sort of caching you are >> referring to. > > what's a point of caching imap, except your webmail service is not > locally connected (localhost or LAN) to imap server? Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Ed From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:24:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:24:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: >>> But I don't know, whether this is the sort of caching you are referring >>> to. >> >> what's a point of caching imap, except your webmail service is not locally >> connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an > expensive operation, especially if you just asked for items 585-600 a moment > ago? > fine. how about overhead of cache itself? From p at state-of-mind.de Sat Jun 23 13:25:56 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 23 Jun 2012 12:25:56 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <20120623102555.GA5497@state-of-mind.de> Michael, * Michael Wessel : > I'm currently (re-)planning my email setup and have been doing some > research. I have done some searches and read several threads in the > areas of my questions here. While there are some that come close I > haven't yet been able to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about > 2000 active accounts. I have a separate SMTP server for outbound > mail and auth is done against a separate LDAP server. In front of > the POP/IMAP server I have another SMTP (4 in parallel actually) > server that receives and filters inbound mail through a company > specific, proprietary filter before the mail hits the POP/IMAP > server. LDAP & SMTP servers are ESXi VMs. Do people use 'real' mail clients to connect and IDLE too? > So right now both dovecot and roundcube run on the same box which is > a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in > RAID 6, so only local storage using maildir. So far it's been > holding up fine, but it's beginning to show signs of overload now. I > also expect an increase in users over the next few months up to > somewhere between 10 - 20,000 mail boxes. Hence the re-planning. > > My first priority in redesigning my setup is reliability. I > definitely need something fail-save and as close to always on as > possible. Next is performance. And while the budget is of course > limited for the moment I'm setting that aside and will worry about > that when the time comes. > > Now here is my question(s): > > In order to support up to 20,000 mailboxes (distributed over several > times-zones so they won't all be used at the same time) with a very > reliable service with good performance, what do I actually need? > > Do I need(ul) SAN or is it just a "would be nice to have"? If yes, > why and what would be appropriate for my needs? Or will a setup with > a few more servers like the ones I already have, using something > like DRBD and distributing services (imap, http, spamd etc) onto > different boxes do? Will the server enforce quota? What will be the average mailbox size? Do people share content e.g. mailings with attachments that go out to all recipients? What might be the maximum number of clients using the server at one time? Will all users use the same client product e.g. roundcube? What's your backup strategy? What do you use to backup mailboxes? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From CMarcus at Media-Brokers.com Sat Jun 23 13:29:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:29:26 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340400276.12426.9.camel@maclinux> References: <1340400276.12426.9.camel@maclinux> Message-ID: <4FE59A86.7020208@Media-Brokers.com> On 2012-06-22 5:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > # 2.0.13: /etc/dovecot/dovecot.conf As you are aware (since you participated in the thread discussion about this months ago), Timo is working on a total rewrite of dsync, and if memory serves, it is mainly for 2.1+, and it is not recommend to use it in earlier versions if you need reliability (ie, 2.0.x, as you are using)... So, by all means, update and help timo make it better! Timo? Care to elaborate on where you are with this, and how much of the rewrite is being applied to 2.1 (all of it?), or backported to earlier versions? -- Best regards, Charles From CMarcus at Media-Brokers.com Sat Jun 23 13:34:06 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:34:06 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: References: Message-ID: <4FE59B9E.1050009@Media-Brokers.com> It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... On 2012-06-22 11:46 AM, robert coore wrote: > googlemail.com> writes: > >> >> Hi.. >> >> im still trying to upgrade to 2.0. >> Im getting: >> dovecot: lda: Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=10000(vmail) egid=10000(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) >> >> the error is correct caus its owned by root. My Questions is who should own > it ? >> Im not sure how that works, what process/user calls the auth-userdb ? >> The auth-userdb returns the args generated in master.conf, right ? >> >> i think comment out the user and group setting in master.conf will fix >> it but im not sure if that is the securest way. >> >> the mails come from postfix via dovecot-lda >> >> Hans >> >> master.conf >> service auth { >> # auth_socket_path points to this userdb socket by default. It's typically >> # used by dovecot-lda, doveadm, possibly imap process, etc. Its default >> # permissions make it readable only by root, but you may need to relax > these >> # permissions. Users that have access to this socket are able to get a list >> # of all usernames and get results of everyone's userdb lookups. >> unix_listener auth-userdb { >> mode = 0600 >> #user = vmail >> #group = vmail >> } >> >> auth-ldap.conf.ext >> passdb { >> driver = ldap >> args = /etc/dovecot/dovecot-ldap.conf.ext >> } >> userdb { >> driver = static >> args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ >> mail=/home/MAILBOXES/%u/mail >> } >> >> > > > Hi all was getting the same errors took me 2 days to understand what it was > saying to me but i finally solved it > > > > if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the > owner and the premissions are srw-------- so vmail has not right to call or > even use the process > What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb > I also did a chmod g+r /var/run/dovecot/auth-userdb > ls -l /var/run/dovecot/auth-userdb > srw----r-- 1 vmail vmail > my unix_listener auth-userdb { > mode = 600 > { > > protocol lda { > auth_socket_path = /var/run/dovecot/auth-userdb > log_path = /home/vmail/dovecot-deliver.log > > that worked for me > 1. havent restarted the dovecot service dont know if it will keep the settings. > > > > > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From robert at schetterer.org Sat Jun 23 13:52:26 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 23 Jun 2012 12:52:26 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE59FEA.80002@schetterer.org> Am 23.06.2012 11:20, schrieb Michael Wessel: > So right now both dovecot and roundcube run on the same box which is a > Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID > 6, so only local storage using maildir. So far it's been holding up > fine, but it's beginning to show signs of overload now. I also expect an > increase in users over the next few months up to somewhere between 10 - > 20,000 mail boxes. Hence the re-planning. you should ask for paid support at Timo , or some other dovcot geeks near you -- Best Regards MfG Robert Schetterer From CMarcus at Media-Brokers.com Sat Jun 23 13:53:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:53:26 -0400 Subject: [Dovecot] Import from Evolution In-Reply-To: <1340416975.12632.19.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340416975.12632.19.camel@amito> Message-ID: <4FE5A026.20203@Media-Brokers.com> On 2012-06-22 10:02 PM, Jonathan Ryshpan wrote: > and /var/log/maillog shows the corresponding error: > > Jun 22 18:23:10 amito dovecot: imap(jonrysh): Error: > chown(/home/jonrysh/Dovecot/.imap/INBOX, group=12(mail)) failed: > Operation not permitted (egid=1000(jonrysh), group based on > /var/spool/mail/jonrysh - seehttp://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > As a complete Dovecot/IMAP newbie, I am completely confused. Any > advice will be much appreciated. Obviously a permissions problem... This may help: http://wiki2.dovecot.org/SharedMailboxes/Permissions But again, a dovecot tool to check and/or fix these itself would be nice... -- Best regards, Charles From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 14:09:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 13:09:18 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: > > I'm currently (re-)planning my email setup and have been doing some research. > I have done some searches and read several threads in the areas of my > questions here. While there are some that come close I haven't yet been able > to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about 2000 > active accounts. I have a separate SMTP server for outbound mail and auth is > done against a separate LDAP server. In front of the POP/IMAP server I have > another SMTP (4 in parallel actually) server that receives and filters > inbound mail through a company specific, proprietary filter before the mail > hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. And finally i cannot understand this dividing of servers just to merging it back using VMWare. Finally i would recommend to get rid of RAID6. It's terribly slow on writes and writes are common on mail server. Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. From h.reindl at thelounge.net Sat Jun 23 14:17:44 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:17:44 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A5D8.2050908@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> >> I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read >> several threads in the areas of my questions here. While there are some that come close I haven't yet been able >> to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP >> server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have >> another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, >> proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. > > it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. > And finally i cannot understand this dividing of servers just to merging it back using VMWare. because it is a big difference if you have anything in a single machine or splittet in virtual machines - you can move them at runtime to different hosts and if you run out of ressources for one of them you can buy a phyisclal machine, add it to the cluster and move the virtual machine without any downtime if you have all on one machine or VM you are not scaleable -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Sat Jun 23 14:23:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 14:23:02 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> On 23.6.2012, at 13.21, Ed W wrote: >>> But I don't know, whether this is the sort of caching you are referring to. >> >> what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. From h.reindl at thelounge.net Sat Jun 23 14:23:57 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:23:57 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A74D.2010201@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: > Finally i would recommend to get rid of RAID6. It's terribly slow on writes and > writes are common on mail server. depends, it is slower than RAID5, but safer > Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. oh no please do not recommend SATA crap with RAID1 and think it is faster than RAID6 - the additional writes doe snot matter if the whole disk-system is much faster and RAID1 has no benefit in performance nobody will use SATA disks for high peformance servers in production - really nobody these days! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:20:12 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:20:12 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: >> >> it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources ok - for me it is just likes. You have higher change to have the need to move at the first place doing this :) From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:21:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:21:41 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot matter > if the whole disk-system is much faster and RAID1 has no benefit > in performance OK i would not recommend anything anymore. Normally my advices are for money. > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! > at least one person. and getting a bit of money helping other increasing performance of their setup. guess who. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 16:04:47 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 15:04:47 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: >> >> Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. that is my point. and - esp. with webmail, i see no point to run such service in different place than dovecot server runs. Best - same server. Maybe - other server connected with fast LAN. From joe at tao.org.uk Sat Jun 23 18:18:40 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Sat, 23 Jun 2012 16:18:40 +0100 Subject: [Dovecot] Problems getting auto create plugin to work Message-ID: Hi there, I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? I've got this in my 20-imap.conf file: protocol imap { mail_plugins = $mail_plugins antispam autocreate } and this in my 90-plugins.conf file: plugin { autocreate = Trash autocreate2 = Spam autosubscribe = Trash autosubscribe2 = Spam ... etc } But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. Is there something else that I also need to do? Thanks, Joe From user+dovecot at localhost.localdomain.org Sat Jun 23 19:08:37 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 23 Jun 2012 18:08:37 +0200 Subject: [Dovecot] Problems getting auto create plugin to work In-Reply-To: References: Message-ID: <4FE5EA05.2090804@localhost.localdomain.org> On 06/23/2012 05:18 PM Dr Josef Karthauser wrote: > Hi there, > > I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? > > I've got this in my 20-imap.conf file: > > protocol imap { > mail_plugins = $mail_plugins antispam autocreate > } > > and this in my 90-plugins.conf file: > > plugin { > autocreate = Trash > autocreate2 = Spam > autosubscribe = Trash > autosubscribe2 = Spam > > ... etc > } Don't show us configuration file snippets, always paste `doveconf -n` output. > But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. > > Is there something else that I also need to do? ,--[ http://dovecot.org/doc/NEWS-2.1 ]-- | ? | + Added mailbox {} sections, which deprecate autocreate plugin | ? `-- Have a look at the mailbox definitions configuration file: http://hg.dovecot.org/dovecot-2.1/file/tip/doc/example-config/conf.d/15-mailboxes.conf Regards, Pascal -- The trapper recommends today: deadbeef.1217518 at localdomain.org From acrow at integrafin.co.uk Sat Jun 23 20:00:52 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 18:00:52 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE1FCDB.6080503@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> Message-ID: <4FE5F644.8000606@integrafin.co.uk> On 20/06/12 17:39, Alex Crow wrote: > Hi, > > I'm trying to access the IMAP archives with Thunderbird but can't seem > to get it to work. I have tried an unencrypted connection, SSL and TLS > but with no success. Any ideas? > > Thanks > > Alex > Hi, Still stuck here - would really like to be able to access the archives in my email client... Anyone able to see the mailing list archives in Thunderbird or other IMAP clients? Are they currently down? Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From patrickdk at patrickdk.com Sat Jun 23 20:04:40 2012 From: patrickdk at patrickdk.com (Patrick Domack) Date: Sat, 23 Jun 2012 13:04:40 -0400 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <20120623130440.Horde.n_x2XJLnE6FP5fcoWOKAhaA@mail.patrickdk.com> Quoting Reindl Harald : > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> it is already enormous overshoot in hardware specs. And i do not >> really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to >> merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources > for one of them you can buy a phyisclal machine, add it to the > cluster and move the virtual machine without any downtime > > if you have all on one machine or VM you are not scaleable Personally I found going from real hardware E51xx servers to E56xx servers to give double the performance per same speed and amount of cores for my mail server. Then moving it onto vmware slowed it down approx 15%. Overall still a let win, and using vmware for extra HA and easier maintenance is deferentially worth the slowdown. From tss at iki.fi Sat Jun 23 20:06:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:06:28 +0300 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE5F644.8000606@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> Message-ID: <1340471188.5967.88.camel@hurina> On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: > > I'm trying to access the IMAP archives with Thunderbird but can't seem > > to get it to work. I have tried an unencrypted connection, SSL and TLS > > but with no success. Any ideas? > > > > Thanks > > > > Alex > > > Hi, > > Still stuck here - would really like to be able to access the archives > in my email client... > > Anyone able to see the mailing list archives in Thunderbird or other > IMAP clients? Are they currently down? It works fine as far as I can see, even with Thunderbird. What error do you get? From andrzej.filip at gmail.com Sat Jun 23 20:09:40 2012 From: andrzej.filip at gmail.com (Andrzej A. Filip) Date: Sat, 23 Jun 2012 19:09:40 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: <4FE5F854.4050804@gmail.com> On 06/23/2012 01:23 PM, Reindl Harald wrote: > > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >> writes are common on mail server. > depends, it is slower than RAID5, but safer > >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot mat > if the whole disk-system is much faster and RAID1 has no benefit > in performance > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! Could you specify/define your idea of "high performance servers" land border? It may reduce the flame war. From dmalolepszy at optusnet.com.au Sat Jun 23 20:36:52 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 03:36:52 +1000 Subject: [Dovecot] SQLite dovecot query caching Message-ID: <4FE5FEB4.2050801@optusnet.com.au> Hi, I am wondering if Dovecot caches SQLite queries, and how well it works in high performance setups. I am particularly interested because in the below thread SQLite has been suggested as a means of Dovecot proxying connections to different ports. http://old.nabble.com/director%3A-non-standart-ports-at-backends-td33991991.html Cheers, Dominic. From tss at iki.fi Sat Jun 23 20:39:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:39:07 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE5FEB4.2050801@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> Message-ID: <1340473147.5967.89.camel@hurina> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > Hi, > > I am wondering if Dovecot caches SQLite queries, and how well it works > in high performance setups. I am particularly interested because in the > below thread SQLite has been suggested as a means of Dovecot proxying > connections to different ports. You can enable auth cache: http://wiki2.dovecot.org/Authentication/Caching From acrow at integrafin.co.uk Sat Jun 23 21:10:37 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 19:10:37 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5F854.4050804@gmail.com> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> Message-ID: <4FE6069D.2050703@integrafin.co.uk> On 23/06/12 18:09, Andrzej A. Filip wrote: > On 06/23/2012 01:23 PM, Reindl Harald wrote: >> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >>> writes are common on mail server. >> depends, it is slower than RAID5, but safer >> >>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. >> oh no please do not recommend SATA crap with RAID1 and think >> it is faster than RAID6 - the additional writes doe snot mat >> if the whole disk-system is much faster and RAID1 has no benefit >> in performance >> >> nobody will use SATA disks for high peformance servers in >> production - really nobody these days! > Could you specify/define your idea of "high performance servers" land > border? > It may reduce the flame war. > Hi, With dovecot, you can separate indexes and email, and with dbox/mdbox, have ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. Note: with *dbox your indexes are the only place your mail flags are kept, so don't risk a single drive or even RAID5 for your index store. This is what I am moving into production from dovecot 1.x on a single RAID6 array (hardware, LSI controller, 6 10k SAS drives in RAID10) which has served very well for a while but is not getting too small for all our mail. Performance has been good for up to 350 users, average mailbox size >4G, about 25-35k incoming mails per day. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 21:20:24 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 04:20:24 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340473147.5967.89.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> Message-ID: <4FE608E8.6090106@optusnet.com.au> On 24/06/12 3:39 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >> Hi, >> >> I am wondering if Dovecot caches SQLite queries, and how well it works >> in high performance setups. I am particularly interested because in the >> below thread SQLite has been suggested as a means of Dovecot proxying >> connections to different ports. > You can enable auth cache: > http://wiki2.dovecot.org/Authentication/Caching > > This is a per user caching though, it will still have to perform a sql look up each time a unique user authenticates to determine what port the proxy should forward each connection. Is that accurate? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 21:21:05 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 20:21:05 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE6069D.2050703@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: > ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, > recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go > on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. But at least an improvement From tss at iki.fi Sat Jun 23 21:57:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 21:57:08 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE608E8.6090106@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> Message-ID: <1340477828.5967.91.camel@hurina> On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: > On 24/06/12 3:39 AM, Timo Sirainen wrote: > > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > >> Hi, > >> > >> I am wondering if Dovecot caches SQLite queries, and how well it works > >> in high performance setups. I am particularly interested because in the > >> below thread SQLite has been suggested as a means of Dovecot proxying > >> connections to different ports. > > You can enable auth cache: > > http://wiki2.dovecot.org/Authentication/Caching > > > > > > This is a per user caching though, it will still have to perform a sql > look up each time a unique user authenticates to determine what port the > proxy should forward each connection. Is that accurate? It caches the passdb lookup. The cache key consists of the given % variables in the SQL query. So if your SQL query doesn't contain %n/%u then the cache doesn't add per-user entries. From acrow at integrafin.co.uk Sat Jun 23 22:06:31 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 20:06:31 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <1340471188.5967.88.camel@hurina> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> <1340471188.5967.88.camel@hurina> Message-ID: <4FE613B7.7080809@integrafin.co.uk> On 23/06/12 18:06, Timo Sirainen wrote: > On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: >>> I'm trying to access the IMAP archives with Thunderbird but can't seem >>> to get it to work. I have tried an unencrypted connection, SSL and TLS >>> but with no success. Any ideas? >>> >>> Thanks >>> >>> Alex >>> >> Hi, >> >> Still stuck here - would really like to be able to access the archives >> in my email client... >> >> Anyone able to see the mailing list archives in Thunderbird or other >> IMAP clients? Are they currently down? > It works fine as far as I can see, even with Thunderbird. What error do > you get? > > > Hi Timo, No errors at all, I just never see any folder list or messages - tcpdump shows a few packets only when TLS mode is selected, but nothing after that, Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 22:07:48 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 05:07:48 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340477828.5967.91.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> <1340477828.5967.91.camel@hurina> Message-ID: <4FE61404.1030102@optusnet.com.au> On 24/06/12 4:57 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: >> On 24/06/12 3:39 AM, Timo Sirainen wrote: >>> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >>>> Hi, >>>> >>>> I am wondering if Dovecot caches SQLite queries, and how well it works >>>> in high performance setups. I am particularly interested because in the >>>> below thread SQLite has been suggested as a means of Dovecot proxying >>>> connections to different ports. >>> You can enable auth cache: >>> http://wiki2.dovecot.org/Authentication/Caching >>> >>> >> This is a per user caching though, it will still have to perform a sql >> look up each time a unique user authenticates to determine what port the >> proxy should forward each connection. Is that accurate? > It caches the passdb lookup. The cache key consists of the given % > variables in the SQL query. So if your SQL query doesn't contain %n/%u > then the cache doesn't add per-user entries. > > Thanks Timo, I re-read the link you sent me, and it makes a lot more sense now. I will play around with the different variables (especially the port related ones), to get the desired result. Gah its late I should go to sleep! From lists at svrinformatica.it Sat Jun 23 23:39:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 22:39:43 +0200 Subject: [Dovecot] 2.0.19 segfault Message-ID: <4FE6298F.6050502@svrinformatica.it> Hi, after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): child 6714 killed with signal 11 (core dumps disabled) I tested 2.0.21 and the problem is still here. The problem seems to appear only when the client is ms outlook, thunderbird works fine Here is the captured trace (I hope this is enough and I don't need to install debug symbols for everythings): Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (gdb) bt full #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #5 0x00007f4d01f82bcf in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #6 0x00007f4d01f79e04 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #7 0x00007f4d01f7a134 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true ---Type to continue, or q to quit--- #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = ---Type to continue, or q to quit--- login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #16 0x00007f4d02c2d5a9 in _start () No symbol table info available. Nicola From acrow at integrafin.co.uk Sun Jun 24 00:13:28 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 22:13:28 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: <4FE63178.9040203@integrafin.co.uk> On 23/06/12 19:21, Wojciech Puchar wrote: >> ALT storage, so for instance you could keep your indexes in a RAID10 >> of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and >> older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a >> NAS via NFS. > > far better solution but still about 2-3 times more $/performance than > needed, and more complex than needed. > > But at least an improvement > I'd respectfully disagree. If you only keep the most recent few weeks of email you could use reasonably priced SSDs for the indexes and perhaps downgrade to SATA for your "hot" store, both of which should be max 10% of your total space with more than a few months of email. My driving factor was to have different spindle sets for each purpose. Who knows, I might have overspent and could have done it with 3 separate SATA arrays. OTOH what about an SSD caching kit on your server? Supermicro at least do them (well, my UK vendor offers them). Just have a load of big SATA drives and use the kit for caching. The last time I looked a 256GB kit was about UKP 500. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at svrinformatica.it Sun Jun 24 00:34:47 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 23:34:47 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <4FE63677.9080900@svrinformatica.it> Il 23/06/2012 22:39, Mailing List SVR ha scritto: > Hi, > > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot > 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine > > Here is the captured trace (I hope this is enough and I don't need to > install debug symbols for everythings): > > Core was generated by `dovecot/imap-login -D'. > Program terminated with signal 11, Segmentation fault. > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > (gdb) bt full > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #1 0x0000000000000134 in ?? () > No symbol table info available. > #2 0x00000000000000cd in ?? () > No symbol table info available. > #3 0x00007f4d03e97470 in ?? () > No symbol table info available. > #4 0x00007f4d01c80629 in ?? () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #5 0x00007f4d01f82bcf in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #6 0x00007f4d01f79e04 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #7 0x00007f4d01f7a134 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:499 > ret = > #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:308 > ret = > corked = true > ---Type to continue, or q to quit--- > #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at > ioloop.c:384 > ioloop = 0x7f4d03e3e680 > t_id = 2 > #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) > at ioloop-epoll.c:213 > ctx = 0x7f4d03e505a0 > events = 0x6579351d > event = 0x7f4d03e50610 > list = 0x7f4d03e93690 > io = > tv = {tv_sec = 59, tv_usec = 999832} > msecs = > ret = 1 > i = > call = > #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at > ioloop.c:405 > No locals. > #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, > callback=) at master-service.c:481 > No locals. > #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at > main.c:371 > set_pool = 0x7f4d03e3e880 > allow_core_dumps = > ---Type to continue, or q to quit--- > login_socket = 0x7f4d02800763 "login" > c = > #15 0x00007f4d021d676d in __libc_start_main () > from /lib/x86_64-linux-gnu/libc.so.6 > No symbol table info available. > #16 0x00007f4d02c2d5a9 in _start () > No symbol table info available. > > Nicola > Here is a more detailed trace, Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 RC4 () at rc4-x86_64.s:343 343 rc4-x86_64.s: File o directory non esistente. (gdb) bt full #0 RC4 () at rc4-x86_64.s:343 No locals. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in rc4_hmac_md5_cipher (ctx=, out=0x7f4d03e8d0b8 "\314V\347\335Lc\024\205\221'?\006\177\313\326?\313\317\303c\266\360\347\364\263\242\316z\326\307\320\303?\242`\303\321?\313?\177\315\305\313?\320\307u\307\320\320\303\316?z?\307\314\303\300\316v\242\313\306\316?\321c\030T SORT=DISPLAY\301\021\222RC\005D=R\244\237T\342\004\"\020ES TH\003\246AD=\247\032FS \351ULTIA&\315\025N8\032\341\255\364EZ\376\236\062 CHILDREN\\\b{\250\240\255PACE U\216\331\nLUS LIST-EXTENDED I18NLEVEL=h CO"..., in=, len=0) at e_rc4_hmac_md5.c:163 key = 0x1a rc4_off = 139968754799079 md5_off = blocks = l = plen = #5 0x00007f4d01f82bcf in tls1_enc (s=0x7f4d03e7b700, send=1) at t1_enc.c:828 ---Type to continue, or q to quit--- rec = 0x7f4d03e7bcb8 ds = 0x7f4d03e95cf0 l = 308 bs = 1 i = ii = j = k = pad = enc = 0x7f4d01f4eae0 #6 0x00007f4d01f79e04 in do_ssl3_write (s=0x7f4d03e7b700, type=23, buf=0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"..., len=292, create_empty_fragment=0) at s3_pkt.c:815 p = plen = 0x7f4d03e8d0b6 "" i = mac_size = 0 clear = prefix_len = eivlen = align = ---Type to continue, or q to quit--- wr = 0x7f4d03e7bcb8 wb = 0x7f4d03e7bc68 sess = #7 0x00007f4d01f7a134 in ssl3_write_bytes (s=0x7f4d03e7b700, type=23, buf_=0x7f4d03e7c514, len=) at s3_pkt.c:605 buf = 0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"... tot = 0 n = 292 nw = i = #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) ---Type to continue, or q to quit--- at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main (main=0x7f4d027f7a60

, argc=2, ubp_av=0x7fff37290a68, init=, fini=, ---Type to continue, or q to quit--- rtld_fini=, stack_end=0x7fff37290a58) at libc-start.c:226 result = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -1085834845464457622, 139968735532416, 140734118824544, 0, 0, 1085429787565592170, 1041548453329079914}, mask_was_saved = 0}}, priv = {pad = { 0x0, 0x0, 0x7fff37290a80, 0x1}, data = {prev = 0x0, cleanup = 0x0, canceltype = 925436544}}} not_first_call = #16 0x00007f4d02c2d5a9 in _start () Nicola From bdh at machinehum.com Sun Jun 24 01:01:47 2012 From: bdh at machinehum.com (Brian Hayden) Date: Sat, 23 Jun 2012 17:01:47 -0500 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE63178.9040203@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> <4FE63178.9040203@integrafin.co.uk> Message-ID: > On 23/06/12 19:21, Wojciech Puchar wrote: >>> ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. >> >> far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. >> >> But at least an improvement Wojciech, how many users, does your installation serve? Not raw account numbers, but real users? The things you're saying sound mostly applicable to a small, easily-dictated env. -Brian From tss at iki.fi Sun Jun 24 01:05:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 01:05:09 +0300 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <1340489109.5967.94.camel@hurina> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 > (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine Looks to me more like OpenSSL library bug. The only reason why it could be Dovecot bug is if Dovecot is causing memory corruption. Could you run imap-login via valgrind to see if this is the case? service imap-login { executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login chroot = } Also have you changed any ssl-related settings in dovecot.conf? From lists at svrinformatica.it Sun Jun 24 01:27:45 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 00:27:45 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <1340489109.5967.94.camel@hurina> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE642E1.5070609@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > attached my complete configuration, I hope there is a mistake in my config I looked at the code and there was no relevant change from dovecot 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated openssl too and this could be the problem, however is not clear to me while imap over ssl works fine with thunderdird and I see the crash in the logs for customers that seems to use ms outlook, Nicola > -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.svrinformatica.it last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at svrinformatica.it protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE647FD.4060400@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. the bug seems related to this patch: http://cvs.openssl.org/chngview?cn=22415 I'm applying just now > The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > > > From lists at svrinformatica.it Sun Jun 24 02:05:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 01:05:43 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE647FD.4060400@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE647FD.4060400@svrinformatica.it> Message-ID: <4FE64BC7.7020204@svrinformatica.it> Il 24/06/2012 00:49, Mailing List SVR ha scritto: > Il 24/06/2012 00:05, Timo Sirainen ha scritto: >> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: >> >>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot >>> 2.0.19 >>> (ubuntu precise), in my logs I have a lot of these errors: >>> >>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >>> child 6714 killed with signal 11 (core dumps disabled) >>> >>> I tested 2.0.21 and the problem is still here. The problem seems to >>> appear only when the client is ms outlook, thunderbird works fine >> Looks to me more like OpenSSL library bug. > > the bug seems related to this patch: > > http://cvs.openssl.org/chngview?cn=22415 > > I'm applying just now I can confirm that the patch listed above solve the problem, thanks for pointing me to openssl, Nicola > >> The only reason why it could >> be Dovecot bug is if Dovecot is causing memory corruption. Could you run >> imap-login via valgrind to see if this is the case? >> >> service imap-login { >> executable = /usr/bin/valgrind -q --vgdb=no >> /usr/local/libexec/dovecot/imap-login >> chroot = >> } >> >> Also have you changed any ssl-related settings in dovecot.conf? >> >> >> > > > From dovecot at r.paypc.com Sun Jun 24 02:57:09 2012 From: dovecot at r.paypc.com (Robin) Date: Sat, 23 Jun 2012 16:57:09 -0700 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE642E1.5070609@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE642E1.5070609@svrinformatica.it> Message-ID: <4FE657D5.8060205@r.paypc.com> On 6/23/2012 3:27 PM, Mailing List SVR wrote: > I looked at the code and there was no relevant change from dovecot > 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated > openssl too and this could be the problem, > > however is not clear to me while imap over ssl works fine with > thunderdird and I see the crash in the logs for customers that seems to > use ms outlook, There have been many interactions between OpenSSL (and some other SSL implementations) and some versions of schannel.dll (the system library responsible for SSL connections, used by Outlook and Internet Explorer, amongst other tools). M$ has released hotfixes addressing various problems in schannel.dll in the past, such as: http://support.microsoft.com/kb/933430 There is a fair bit of write-up online about how to configure your SSL servers to avoid problematic ciphers and socket configurations that help you avoid tripping over most of the bugs. For example: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie Whenever SSL is involved in the transaction process, always include it in your debug process as SSL negotiation is non-trivial and has been often fraught with some peril. =R= From spraker at yahoo.com Sun Jun 24 03:10:29 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:10:29 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 Message-ID: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Hello all, Just upgraded from Ubuntu 10.04 to 12.04 on a server today and went through a few issues that I finally got corrected with many different services. However, one of them - I absolutely cannot figure out. I was using Dovecot 1 in Ubuntu 10.04 - but in Ubuntu 12.04, it has been upgraded to Dovecot 2. Finally managed to get the configuration to work and get it to use MySQL as the back-end authentication method (had to install the dovecot-mysql package). But, I cannot get quotas to work. The moment I uncomment a quota line, Dovecot fails to start. Would appreciate any help with this. I am not using any of the individual configuration files on the conf.d folder - simply the dovecot.conf and dovecot-sql.conf file. Here is a copy of those. You can see the one commented line (mail_plugins under imap) simply will not work - but yet the one under POP works (although I don't think it is used): base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 33 last_valid_uid = 33 listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " mail_privileged_group = www-data passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { quota = maildir quota_rule = Trash:storage=100M } protocols = imap pop3 service auth { user = root } service imap-login { executable = /usr/lib/dovecot/imap-login } service imap { executable = /usr/lib/dovecot/imap } ssl = no userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol imap { imap_client_workarounds = mail_plugin_dir = /usr/lib/dovecot/modules/imap # mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } And for the dovecot-sql.conf file (passwords changed, of course): driver = mysql connect = dbname=horde user= password= host=localhost default_pass_scheme = PLAIN password_query = SELECT user_uid as user, user_pass as password FROM horde_users WHERE user_uid = '%u'; user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; I did not update the dovecot-sql.conf file at all - so I don't know if there maybe be some configuration issue with how it is pulling the quota limit from the database. Quotas are in bytes in the database. Certainly would appreciate any help with this. I went through the Dovecot Quota Configuration in the wiki but it wasn't any help - as I basically already have that line in the config file, but it will fail to start Dovecot. Thank you! Brian S. From tss at iki.fi Sun Jun 24 03:23:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:23:16 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.10, Brian Spraker wrote: > plugin { > quota = maildir > quota_rule = Trash:storage=100M This should be quota_rule2. Otherwise you'll just overwrite this here: > } > user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; You didn't update the quota configuration in here. Should be: concat('*:storage=', quota) AS quota_rule. BTW. This change happened during Dovecot v1.0 -> v1.1 change. Years ago for most people. :) From spraker at yahoo.com Sun Jun 24 03:29:47 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:29:47 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:23 PM > On 24.6.2012, at 3.10, Brian Spraker > wrote: > > > plugin { > >? quota = maildir > >? quota_rule = Trash:storage=100M > > This should be quota_rule2. Otherwise you'll just overwrite > this here: > > > } > > > user_query = SELECT uid, gid, home, maildir, > concat('maildir:storage=', quota) AS quota FROM horde_users > WHERE user_uid = '%u'; > > You didn't update the quota configuration in here. Should > be: concat('*:storage=', quota) AS quota_rule. > > BTW. This change happened during Dovecot v1.0 -> v1.1 > change. Years ago for most people. :) > > Thank you, Timo. I have made this change. However, I do remember before when I set set something as "quota_rule2", it was being ignored for some reason. I have updated at your response though. This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. Error in the syslog says: init: dovecot main process (xxxxx) terminated with status 89 Brian S. From tss at iki.fi Sun Jun 24 03:33:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:33:14 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.29, Brian Spraker wrote: > This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. You should also enable quota globally so it will work for doveadm and other tools you may end up using. > Error in the syslog says: > > init: dovecot main process (xxxxx) terminated with status 89 There should be another error message before this. From spraker at yahoo.com Sun Jun 24 03:45:03 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:45:03 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:33 PM > On 24.6.2012, at 3.29, Brian Spraker > wrote: > > > This still didn't correct the issue - and Dovecot won't > start when I have the mail_plugins line under 'protocol > imap' uncommented. > > You should also enable quota globally so it will work for > doveadm and other tools you may end up using. > > > Error in the syslog says: > > > > init: dovecot main process (xxxxx) terminated with > status 89 > > There should be another error message before this. > > Thank you for the fast replies Timo. I'm not sure I understand how to enable quota to work globally..? But what would be preventing it from working under 'protocol imap' as it did before? As for the log, here is the other lines that appeared above it: Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 From tss at iki.fi Sun Jun 24 03:51:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:51:12 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.45, Brian Spraker wrote: > I'm not sure I understand how to enable quota to work globally..? Just put "mail_plugins = quota" outside protocol {} sections. > But what would be preventing it from working under 'protocol imap' as it did before? No idea, the error log should say the reason. > As for the log, here is the other lines that appeared above it: > > Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) These mean that dovecot master process was stopped by init process. Why it's doing that I have no idea. > Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 Status 89 means that Dovecot should have logged an error about it. But I see no error here. I think Ubuntu is doing something weird. See what happens if you start dovecot using "dovecot -F" instead of any init script or such. From spraker at yahoo.com Sun Jun 24 04:01:46 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 18:01:46 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340499706.74316.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:51 PM > On 24.6.2012, at 3.45, Brian Spraker > wrote: > > > I'm not sure I understand how to enable quota to work > globally..? > > Just put "mail_plugins = quota" outside protocol {} > sections. > > >? But what would be preventing it from working > under 'protocol imap' as it did before? > > No idea, the error log should say the reason. > > > As for the log, here is the other lines that appeared > above it: > > > > Jun 23 19:31:13 server dovecot: master: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > Jun 23 19:31:13 server dovecot: log: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > These mean that dovecot master process was stopped by init > process. Why it's doing that I have no idea. > > > Jun 23 19:31:13 server kernel: [100996.340925] init: > dovecot main process (11580) terminated with status 89 > > Status 89 means that Dovecot should have logged an error > about it. But I see no error here. I think Ubuntu is doing > something weird. See what happens if you start dovecot using > "dovecot -F" instead of any init script or such. > > Perfect! doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/imap) failed: No such file or directory I changed it to /usr/lib/dovecot/modules and now it works fine. Thank you for the help again! Brian S. From michael at think-for-yourself.org Sun Jun 24 04:21:34 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 18:21:34 -0700 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <20120623102555.GA5497@state-of-mind.de> References: <4FE58A52.8050708@think-for-yourself.org> <20120623102555.GA5497@state-of-mind.de> Message-ID: <4FE66B9E.1080901@think-for-yourself.org> Hi p at rick and thanks for the response. On 6/23/2012 3:25 AM, Patrick Ben Koetter wrote: > Michael, > > * Michael Wessel : >> I'm currently (re-)planning my email setup and have been doing some >> research. I have done some searches and read several threads in the >> areas of my questions here. While there are some that come close I >> haven't yet been able to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about >> 2000 active accounts. I have a separate SMTP server for outbound >> mail and auth is done against a separate LDAP server. In front of >> the POP/IMAP server I have another SMTP (4 in parallel actually) >> server that receives and filters inbound mail through a company >> specific, proprietary filter before the mail hits the POP/IMAP >> server. LDAP & SMTP servers are ESXi VMs. > Do people use 'real' mail clients to connect and IDLE too? Yes, though not sure of the percentage. Most will likely use webmail, some will use POP and some will use IMAP with "real clients". Right now my guess would be about 20% IMAP with Outlook, Thunderbird and such, 10% POP and the rest webmail. > > >> So right now both dovecot and roundcube run on the same box which is >> a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in >> RAID 6, so only local storage using maildir. So far it's been >> holding up fine, but it's beginning to show signs of overload now. I >> also expect an increase in users over the next few months up to >> somewhere between 10 - 20,000 mail boxes. Hence the re-planning. >> >> My first priority in redesigning my setup is reliability. I >> definitely need something fail-save and as close to always on as >> possible. Next is performance. And while the budget is of course >> limited for the moment I'm setting that aside and will worry about >> that when the time comes. >> >> Now here is my question(s): >> >> In order to support up to 20,000 mailboxes (distributed over several >> times-zones so they won't all be used at the same time) with a very >> reliable service with good performance, what do I actually need? >> >> Do I need(ul) SAN or is it just a "would be nice to have"? If yes, >> why and what would be appropriate for my needs? Or will a setup with >> a few more servers like the ones I already have, using something >> like DRBD and distributing services (imap, http, spamd etc) onto >> different boxes do? > Will the server enforce quota? Yes, default quota is 200MB right now, some have larger quotas and a few of those hit several GB. > > What will be the average mailbox size? Since the quota is probably going to go up some I'd guess around 400MB on average. > > Do people share content e.g. mailings with attachments that go out to all > recipients? No, only on a limited basis (like cc'ing maybe 15 or so people but even that's rare) There will be somewhat large attachments involved (20-30MB) but that's mostly between individual users and users outside my system. > > What might be the maximum number of clients using the server at one time? Hard to say with the data at hand. I have a caching IMAP proxy for webmail and that has so far recorded 50 as the highest concurrent connections. So adding IMAP users to that and then extrapolating this to 20000 total boxes I'd say 4-500. > > Will all users use the same client product e.g. roundcube? No, they have their choice of any POP3/IMAP client or webmail > > What's your backup strategy? What do you use to backup mailboxes? I was afraid someone was going to ask that question... there isn't one (it hurts just writing that!) The only "backup" currently in place is redundancy on the hardware-side plus limited (i.e. only parts of the mail store) to disk backup. The VMs are easily replaced, but if my maildir goes up in smoke tomorrow then I will probably follow shortly after! So that's definitely part of what I'm working out here. Wanted to nail down the general approach first though before looking at that. > > p at rick > From CMarcus at Media-Brokers.com Sun Jun 24 12:24:01 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 05:24:01 -0400 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: <4FE6DCB1.6000807@Media-Brokers.com> On 2012-06-23 8:10 PM, Brian Spraker wrote: > Would appreciate any help with this. I am not using any of the > individual configuration files on the conf.d folder - simply the > dovecot.conf and dovecot-sql.conf file. Here is a copy of those. Please don't just copy/paste from your configs, always provide doveconf -n output. This will prove that you are using the config that you *think* you are using (one problem with debian derivatives is that they often use chroot by default which can cause problems). So, if you have something in one of those other individual conf files in conf.d causing the problem, you'll see it in the doveconf -n output. Then, when providing logs, try not to censor them too much... often the real problem can be evident one or more lines above or below the line that you *think* is the most relevant... -- Best regards, Charles From c at roessner-network-solutions.com Sun Jun 24 12:58:43 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 11:58:43 +0200 Subject: [Dovecot] 2.1.7 TLS issues Message-ID: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Hi, I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? Thanks in advance -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 13:06:07 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 06:06:07 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE6E68F.6080803@Media-Brokers.com> On 2012-06-24 5:58 AM, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for > Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 > or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and > Outlook 2010 can no longer use 143/TLS correctly. Automx delvers > 143/TLS and Outlook tells me that it can not create a secure > connection. I changed automx to use 993/SSL and everything works. > Under Thunderbird 10ESR, I get a box that tells me that I need to > change settings. When I sent mail, TB told me that it could not copy > the mail to the sent folder. I also changed to 993/SSL and everything > is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over > 143/TLS. So my guess is that it has to do with OpenSSL. Did something > change in dovecot concerning TLS? Can I change options in the built > process? Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html ? -- Best regards, Charles From ckubu at so36.net Sun Jun 24 13:21:15 2012 From: ckubu at so36.net (ckubu) Date: Sun, 24 Jun 2012 12:21:15 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 Message-ID: <201206241221.16044.ckubu@so36.net> Hello, after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work properly. something went wrong in dict service connecting the postgres backend. that happens not on every connection. the db connection data are correct, no difference connecting via tcp or linux socket. dovecot log entries: Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db- >cur_result == NULL) Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) [0x7ffc7d8e578a] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) [0x7ffc7d8e57d6] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> dovecot/dict(main+0x169) [0x4059f9] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() [0x404b59] Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 killed with signal 6 (core dumps disabled) Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota calculation error Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database maybe i have missconfigured the dovecot system, but i don't find the mistake. can anybody give me a hint ? best wiches christoph ----- doveconf -n # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 auth_mechanisms = plain login digest-md5 cram-md5 apop auth_socket_path = /var/run/dovecot/auth-userdb auth_username_translation = %@ auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ dict { acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext } disable_plaintext_auth = no first_valid_gid = 5000 first_valid_uid = 5000 hostname = mx.warenform.de last_valid_gid = 5000 last_valid_uid = 5000 listen = 178.63.63.151 2a01:4f8:121:c5::2 mail_gid = vmail mail_location = maildir:/var/vmail/%d/%n/Maildir mail_plugins = autocreate quota expire acl mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { special_use = \Junk } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Spam autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autosubscribe = Spam autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts expire = Trash expire2 = Trash.* expire3 = Spam expire_dict = proxy::expire quota = dict:User quota::proxy::quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = sieve = ~/.dovecot.sieve sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ } postmaster_address = admin at warenform.de protocols = imap pop3 sieve lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { inet_listener imap { address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener imaps { address = 178.63.63.151 2a01:4f8:121:c5::2 } process_min_avail = 16 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { address = 127.0.0.1 port = 4190 } } service pop3-login { inet_listener pop3 { address = 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener pop3s { address = 178.63.63.151 2a01:4f8:121:c5::2 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } shutdown_clients = no ssl_cert = References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> Message-ID: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> > Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: > > http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html well, the packages I built are still running under 10.04 and therefor the library has not been upgraded to 1.0.1. This is the reason for this post. My question is, if doevcot got some code or anything else that focuses on the newer 1.0.1 library, and maybe broke something in older versions? -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 14:22:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 07:22:58 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> Message-ID: <4FE6F892.5010004@Media-Brokers.com> On 2012-06-24 6:42 AM, Christian R??ner wrote: >> Maybe related to the OpenSSL bug that caused the problem (it >> sometimes helps to read/search emails on this list before posting) >> discussed just yesterday in this thread: >> >> http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html > well, the packages I built are still running under 10.04 and therefor > the library has not been upgraded to 1.0.1. This is the reason for > this post. My question is, if doevcot got some code or anything else > that focuses on the newer 1.0.1 library, and maybe broke something in > older versions? Ah, ok, missed that... Well, sorry I can't help, hopefully Timo will have an answer for you... -- Best regards, Charles From tss at iki.fi Sun Jun 24 17:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 17:19:15 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: On 24.6.2012, at 12.58, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? What was the Dovecot version you were using previously which worked? From r.vicinus at metaways.de Sun Jun 24 18:57:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Sun, 24 Jun 2012 17:57:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup Message-ID: <4FE738E9.6040706@metaways.de> Hi, i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: http://wiki2.dovecot.org/Migration/Dsync i first tried (local-mailbox port 18143 is the non dovecot imap server): /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: and got the following error: dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Sometimes (every other time?) i got the following segmentation fault: bt #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 #2 0x00007f15e32853fe in imapc_command_reply_free (conn=0x72f040) at imapc-connection.c:946 #3 imapc_connection_input_tagged (conn=0x72f040) at imapc-connection.c:1039 #4 0x00007f15e3285668 in imapc_connection_input_one (conn=0x72f040) at imapc-connection.c:1085 #5 imapc_connection_input_pending (conn=0x72f040) at imapc-connection.c:1407 #6 0x00007f15e3285922 in imapc_connection_input (conn=0x72f040) at imapc-connection.c:1100 #7 0x00007f15e2fe6176 in io_loop_call_io (io=0x792510) at ioloop.c:379 #8 0x00007f15e2fe71ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 #9 0x00007f15e2fe6118 in io_loop_run (ioloop=0x7529a0) at ioloop.c:398 #10 0x00007f15e3281e49 in imapc_client_run_pre (client=0x7333e0) at imapc-client.c:142 #11 imapc_client_run (client=0x7333e0) at imapc-client.c:161 #12 0x00007f15e3280f24 in imapc_storage_run (storage=0x732bd0) at imapc-storage.c:118 #13 0x00007f15e327f003 in imapc_save_append (_ctx=0x74dcb0) at imapc-save.c:232 #14 imapc_save_finish (_ctx=0x74dcb0) at imapc-save.c:255 #15 0x00007f15e1bf06a1 in quota_save_finish (ctx=0x74dcb0) at quota-storage.c:227 #16 0x00007f15e3292487 in mailbox_save_finish (_ctx=0x7f15e2d4ca40) at mail-storage.c:1669 #17 0x000000000042b736 in local_worker_save_msg_continue (worker=0x73c770) at dsync-worker-local.c:1681 #18 0x000000000042b98c in local_worker_msg_save (_worker=0x73c770, msg=0x7f15e38e4298, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker-local.c:1739 #19 0x000000000042b0d9 in dsync_worker_msg_save (worker=0x73c770, msg=, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker.c:234 #20 0x0000000000426ac5 in msg_get_callback (result=, data=0x7fff56096db0, context=0x78a610) at dsync-brain-msgs-new.c:79 #21 0x000000000042dca9 in local_worker_msg_get_next (worker=0x726f30, get=0x7fff56096e00) at dsync-worker-local.c:1844 #22 0x000000000042def8 in local_worker_msg_get (_worker=0x0, mailbox=, uid=3805596224, callback=0x2670, context=0x58) at dsync-worker-local.c:1865 #23 0x000000000042ace6 in dsync_worker_msg_get (worker=0x726f30, mailbox=0x7f15e38e40f1, uid=1, callback=0x426a40 , context=) at dsync-worker.c:261 #24 0x000000000042689e in dsync_brain_msg_sync_add_new_msg (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:181 #25 dsync_brain_mailbox_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:216 #26 dsync_brain_msg_sync_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:315 #27 0x0000000000426164 in dsync_brain_msg_sync_more (sync=0x7f15e38e4050) at dsync-brain-msgs.c:436 #28 0x0000000000424979 in dsync_brain_sync_msgs (brain=0x7351c0) at dsync-brain.c:736 #29 dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:857 #30 0x0000000000425849 in dsync_brain_subs_list_finished (context=0x750fa0) at dsync-brain.c:169 #31 dsync_worker_subs_input (context=0x750fa0) at dsync-brain.c:222 #32 0x0000000000424cbd in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:842 #33 0x00000000004256bc in dsync_brain_mailbox_list_finished (context=0x743a60) at dsync-brain.c:98 #34 dsync_worker_mailbox_input (context=0x743a60) at dsync-brain.c:125 #35 0x0000000000424afe in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:833 #36 0x0000000000425568 in dsync_brain_sync_all (brain=0x7351c0) at dsync-brain.c:897 #37 0x0000000000422ad6 in cmd_dsync_start (ctx=0x706560, worker1=, worker2=) at doveadm-dsync.c:342 #38 0x0000000000422dfa in cmd_dsync_run (_ctx=0x706560, user=0x7209c0) at doveadm-dsync.c:387 #39 0x000000000040f888 in doveadm_mail_next_user (ctx=0x706560, input=, error_r=0x7fff560973d0) at doveadm-mail.c:311 #40 0x0000000000410071 in doveadm_mail_cmd (cmd=0x704880, argc=7, argv=0x6fe418) at doveadm-mail.c:518 #41 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x6fe4e4 "backup", argc=1443460960, argv=0x4377c7) at doveadm-mail.c:577 #42 0x00000000004170d1 in main (argc=7, argv=0x6fe3e8) at doveadm.c:373 The other times it shows the following error message (It seams to connect both times to the non dovecot imap server): doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=1000 gid=1000 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing dsync(user at example.org): Warning: Mailbox changes caused a desync. You may want to run dsync again. dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Kind regards Reinhard From robert at schetterer.org Sun Jun 24 20:42:39 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 24 Jun 2012 19:42:39 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE7518F.60200@schetterer.org> Am 24.06.2012 16:19, schrieb Timo Sirainen: > On 24.6.2012, at 12.58, Christian R??ner wrote: > >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? > Hi Christian, i made all the way trough all versions of dovecot trunk 2.0.x and since 2.1.5 on lucid 64 no problems at , but i recent had big problems with compile other stuff on ubuntu 12.4 with openssl ( didnt checked dovecot yet ) so my bet goes to the new ssl lib on 12.04 also there were workarounds in postfix to reflect this ssl update stuff, as far i remember hte ssl lib has some more and new features wich makes software not reflecting this ,may not work or fail sometimes, it may fixed with setup parameters i.e see here http://comments.gmane.org/gmane.mail.postfix.user/229196 --snip Viktor Dukhovni: > The OpenSSL API does not provide an interface to allow older programs > to disable new protocol versions defined in later versions of the API. > > Therefore, to disable TLS 1.1 or 1.2 one has to add code that uses > the new constants introduced with OpenSSL 1.0.1. > > Proposed patch attached. That will be a solution for Postfix 2.10. Meanwhile, for earlier Postfix releases, how much of the problem can be solved by changing from: mumble_tls_mandatory_protocols = SSLv3, TLSv1 (i.e. the current default) to: mumble_tls_mandatory_protocols = !SSLv2 I don't mind that the older Postfix versions would not be able to turn on/off protocols that didn't exist at the time Postfix was released. Wietse --snipend i guees there are equal workarounds settings possible in dovecot perhaps with ssl_cipher_list ? http://wiki.dovecot.org/SSL/DovecotConfiguration sorry lot of speculate here until not testet myself -- Best Regards MfG Robert Schetterer From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 21:23:46 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 19:23:46 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <9F4DE9B0-5EDB-4F8E-8EC9-B98856EDD4FB@JLAssocs.com> Hi, I see the plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From c at roessner-network-solutions.com Sun Jun 24 23:20:05 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 22:20:05 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 23:28:21 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 21:28:21 +0100 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> On 24 Jun 2012, at 21:20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. > > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. It seems like it might not be so version-specific or even anything wrong at the server end. James. From juergen at pabel.net Sun Jun 24 23:37:00 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Sun, 24 Jun 2012 22:37:00 +0200 Subject: [Dovecot] Additional passdb result status Message-ID: <1340570220.13783.23.camel@P7230> Dear Dovecot-Team, I am implementing a plugin (for the pop3/imap process) that requires some data to provided from the authentication phase (a derivative of the password). For that, I have now implemented a passdb plugin that generates this data and I would like to "pass" this data down to the mail process (pop3/imap) via extra_fields in the reply of the authentication. The general idea is that my custom passdb plugin calculates the data, sets the extra_field and returns some error (authentication was not successful) so that the "real" passdb backend can be invoked to "really" validate the authentication data. However, in auth_request_handle_passdb_callback() the extra_fields are reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if that return code is used then any following passdb's aren't invoked any more - which makes sense with respect to user authenticiation. I would therefore like to propose that some IGNORE/CONTINUE-status to be introduced in auth/passdb.h, that would be handled in that extra_fields and possible other values are not reseted in order to allow such propagation of data from authentication process down to the mail process (which could be extracted from the reply string by parsing it). As a further implementation alternative (to the parsing of the reply string), I also propose that some new "environment" item be introduced (in auth_request) in order to allow such data passing in a generic manner. I hope you consider my proposal to be reasonable. If desired, I could implement this myself and provide a patch for merging (based on 2.0.x). If my proposal is generally unfavored, it would be great if any alternative approaches for my situation were suggested. Thanks. Regards, J?rgen PS: please reply to my e-mail (or CC me), as I have not subscribed to the dovecot list From c at roessner-network-solutions.com Mon Jun 25 01:09:10 2012 From: c at roessner-network-solutions.com (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Mon, 25 Jun 2012 00:09:10 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> Message-ID: <13AD4EF2-00E8-46E1-A5BE-39D8CFABBFD8@roessner-network-solutions.com> > >>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>>> >>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >>> >>> What was the Dovecot version you were using previously which worked? >> >> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. >> >> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. > > It seems like it might not be so version-specific or even anything wrong at the server end. I never had such problems before. When I was coding automx, all tests succeeded with Dovecot and Outlook 2007/2010 and also Thunderbird was working perfectly. So in my opinion this is a version specific problem, as it started somewhere in 2.1.4+. I am using Dovecot since 1.0 (something like this) and never had 143/TLS problems Best regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4873 bytes Desc: not available URL: From robert at schetterer.org Mon Jun 25 01:26:41 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 25 Jun 2012 00:26:41 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <4FE79421.2000908@schetterer.org> Am 24.06.2012 22:20, schrieb Christian R??ner: > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > -Christian R??ner miracle, i have no known problems with 10.04 ssl/tls 2.1.7 -- Best Regards MfG Robert Schetterer From tss at iki.fi Mon Jun 25 05:20:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 05:20:55 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <702E15F4-4689-477E-BE7D-6F1AB67C27E9@iki.fi> On 24.6.2012, at 23.20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. Well, there hasn't been many changes in the SSL code. The only thing I can think of is this memory leak fix, which temporarily wasn't implemented correctly. You could try what happens if you revert it: changeset: 14418:85ad4baedd43 user: Timo Sirainen date: Thu Apr 12 10:48:55 2012 +0300 summary: login: Another attempt at fixing SSL memory leak. changeset: 14417:f80f18d0ffa3 user: Timo Sirainen date: Thu Apr 12 10:41:44 2012 +0300 summary: login: Reverted memory leak fix, because it broke some SSL setups? changeset: 14416:584bd77c38fd user: Timo Sirainen date: Wed Apr 11 19:06:44 2012 +0300 summary: Memory leak fixes. From zdy0818 at gmail.com Mon Jun 25 05:52:55 2012 From: zdy0818 at gmail.com (DongYu.Zhen) Date: Mon, 25 Jun 2012 10:52:55 +0800 Subject: [Dovecot] dovecot support ms-tnef mail parser? Message-ID: <4FE7D287.6020507@gmail.com> Hello everybody, I used iRedMail Server with dovecot-1.2.0. I used OutLook2007 send a RTF mail and the mail can't be parsed normal. In dovecot maildir storage the mail body appeared ,/ / /------=_NextPart_000_0007_01CD52BC.99E1BE10 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat"/ How to parse ms-tnef mail by dovecot? Thank you. From ott at mirix.org Mon Jun 25 09:15:38 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Mon, 25 Jun 2012 08:15:38 +0200 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE7D287.6020507@gmail.com> References: <4FE7D287.6020507@gmail.com> Message-ID: <4FE8020A.7080806@mirix.org> On 2012-06-25 04:52, DongYu.Zhen wrote: > How to parse ms-tnef mail by dovecot? You can't do that directly in Dovecot. What you can do is to use a utility called tnef [1] (available in major GNU/Linux distributions) on the client to extract the data on the client. Otherwise you could use ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). I tried tnef on rare occasions and it worked. Regards, Matthias-Christian [1] http://sourceforge.net/projects/tnef/ [2] http://sourceforge.net/projects/ytnef/ [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding From kayasaman at gmail.com Mon Jun 25 10:20:39 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:20:39 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? Message-ID: Hi, I'm trying to configure a server to use SAMBA and Winbind to authenticate to Active Directory.... I managed to get this portion up and running even the Dovecot portion. For reference something similar to this guide: http://www.whitneytechnologies.com/?p=119 However PAM is slightly different: # cat /etc/pam.d/dovecot auth sufficient pam_krb5.so no_user_check validate account sufficient pam_permit.so This is what my dovecot.conf file looks like: # cat dovecot.conf # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static # args = uid=501 gid=1001 home=/mail/%u args = home=/mail/%u driver = static } passdb { driver = pam args = failure_show_msg=yes } Now what I would like to know is, which is better for "virtual hosting" Maildir or mbox? Basically my requirement is that I would like to separate users via either individual folders and then put each user's mbox or Maildir in the created directory, or simply name each mbox or Maildir according to the user name. First up is this possible? Secondly, how would I go about doing it? My users are not allowed to login to the system outside of IMAP as it's a Mail only server. Currently I've been looking at many links: http://satish-linuxbug.blogspot.co.uk/2008/08/freebsd-with-active-directory-single.html http://joseph.randomnetworks.com/2005/11/08/freebsd-users-and-groups-with-samba-winbind-and-active-directory/ http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind http://wiki2.dovecot.org/TestInstallation http://wiki2.dovecot.org/VirtualUsers http://www.linuxmail.info/active-directory-dovecot-pam-authentication/ http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall I'm running dovecot version 2.1.7 on FreeBSD 8.2 x64 RELEASE. The system is not being used as an MTA server meaning that only IMAP transfers are being done using MS Outlook then filtered by Thunderbird. Regards, Kaya From trever at middleearth.sapphiresunday.org Mon Jun 25 10:27:41 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:27:41 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE812ED.9060604@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Hi, > > I'm trying to configure a server to use SAMBA and Winbind to > authenticate to Active Directory.... I managed to get this portion up > and running even the Dovecot portion. > > For reference something similar to this guide: > > http://www.whitneytechnologies.com/?p=119 > > > However PAM is slightly different: > > > # cat /etc/pam.d/dovecot > auth sufficient pam_krb5.so no_user_check validate > account sufficient pam_permit.so > > > This is what my dovecot.conf file looks like: If you are using Samba 4 (possibly recent versions of S3), any reason you are not doing krb5 and ldap (for account verification, not authentication) on dovecot instead of through pam? It is a bit harder to setup, but no text passwords. I still do pam_krb5 for devices that cannot do kerberos. I am using Maildir, but my setup is currently largely idle. Trever -- "Marxist Law of Distribution of Wealth: Shortages will be divided equally among the peasants." -- Unknown From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:28:00 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:28:00 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <201BCC0D-AD89-4A07-A4F0-13C42AFC2A63@JLAssocs.com> On 25 Jun 2012, at 08:20, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? I always use Maildir in preference to mbox . . it's just such a lovely solution, imho :) (Mind you, I'm on a *nix server, so filesystem behaviour may be a consideration for non-*nix hosts.) > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > First up is this possible? > > Secondly, how would I go about doing it? In haste, I haven't been able to check your email thoroughly, but I have used passwd with an extra field appended to each user, to identify the mailbox location. If you're authenticating against ActiveDirectory, then I guess that means generating a passwd-file style 'database' from the users in ActiveDirectory and I have no idea if that's trivial. Sorry if my rushed thoughts are too sketchy to be of use, but thought I'd share my experience in case it offers any pointers. J. From trever at middleearth.sapphiresunday.org Mon Jun 25 10:37:42 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:37:42 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE81546.8000202@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > Sorry, I missed this at first. It is quite simple. I don't store it in passwd or any other place, since you are doing vmail, you might find this easiest: in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): mail_home = /home/vmail/%Ld/%Ln mail_location = maildir:~/Maildir in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and group used to access mails...?): mail_uid=vmail mail_gid=vmail Obviously, vmail may not be your user for vmail. Also, some of my notes may no longer be accurate for location, just find where it exists and edit. I hope this helps. Of course, this is a Maildir setup. mbox is probably very similar, but I have had too many mbox style mail queues go south losing all of the mail (or more than one would like), so I do Maildir, even though it isn't necessarily the best use of disk space. Trever -- "I do not fear computers. I fear the lack of them." -- Isaac Asimov From kayasaman at gmail.com Mon Jun 25 10:52:51 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:52:51 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: > > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find this > easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and > group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > > Obviously, vmail may not be your user for vmail. Also, some of my notes may > no longer be accurate for location, just find where it exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is probably very > similar, but I have had too many mbox style mail queues go south losing all > of the mail (or more than one would like), so I do Maildir, even though it > isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Thanks for the responses! Sorry if I reply to every single one in this email however, I am using Gmail's awful Web UI so I don't really have much control over what I'm doing...... To start with the reason I'm not using LDAP is because I couldn't find enough information on how to set it up! I did post here a couple of times but got no responses...... so I figured it was something that people either didn't know or found trivial. I'll take a look at the above config for Maildir format as briefly playing around with mbox it seems that folders on the / root (parent) IMAP directory are stored separately. It may be better if everything got stored under the Maildir heading.... I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! Regards, Kaya From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:58:45 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:58:45 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> On 25 Jun 2012, at 08:52, Kaya Saman wrote: > I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! I used mbox before Dovecot, but once I found Maildir, I never looked back. I've not come up with any significant advantages of mbox that count for much in my experiences and installations . . Would be interested to hear of suggested advantages that I might have overlooked or know of reasons why they're not an issue . . not sure how much the list wants to hear, but feel free to email me direct if you want. J. From CMarcus at Media-Brokers.com Mon Jun 25 11:45:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:45:15 -0400 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE8020A.7080806@mirix.org> References: <4FE7D287.6020507@gmail.com> <4FE8020A.7080806@mirix.org> Message-ID: <4FE8251B.8010008@Media-Brokers.com> On 2012-06-25 2:15 AM, Matthias-Christian Ott wrote: > On 2012-06-25 04:52, DongYu.Zhen wrote: >> How to parse ms-tnef mail by dovecot? > > You can't do that directly in Dovecot. What you can do is to use a > utility called tnef [1] (available in major GNU/Linux distributions) on > the client to extract the data on the client. Otherwise you could use > ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). > > I tried tnef on rare occasions and it worked. > > Regards, > Matthias-Christian > > [1] http://sourceforge.net/projects/tnef/ > [2] http://sourceforge.net/projects/ytnef/ > [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe > [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding Sounds like a good candidate for a plug-in. Currently I use the Lookout extension in Thunderbird to do this, but it isn't perfect... -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 11:47:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:47:55 -0400 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <4FE825BB.4030105@Media-Brokers.com> On 2012-06-24 4:37 PM, J?rgen Pabel wrote: > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. What specifically is the *purpose* of this? > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. I think it is usually preferred that you do things like this against either the current shipping/stable branch (2.1.x), or even hg (2.2)... much better chance that it would be accepted. -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 12:31:24 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:31:24 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE82FEC.1070109@Media-Brokers.com> On 2012-06-25 3:20 AM, Kaya Saman wrote: > # cat dovecot.conf > # v1.2+: > auth_use_winbind = yes Please always only provide output of doveconf -n, not copy/pastes from the config files. This proves (to yourself and everyone else) that you are using the config that dovecot is actually using - it this shows you mistakes like typos, certain deprecated/invalid settings, and even if you are editing the wrong config file(s). -- Best regards, Charles From kayasaman at gmail.com Mon Jun 25 12:34:35 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 10:34:35 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE82FEC.1070109@Media-Brokers.com> References: <4FE82FEC.1070109@Media-Brokers.com> Message-ID: On Mon, Jun 25, 2012 at 10:31 AM, Charles Marcus wrote: > On 2012-06-25 3:20 AM, Kaya Saman wrote: >> >> # cat dovecot.conf >> # v1.2+: >> auth_use_winbind = yes > > > Please always only provide output of doveconf -n, not copy/pastes from the > config files. > > This proves (to yourself and everyone else) that you are using the config > that dovecot is actually using - it this shows you mistakes like typos, > certain deprecated/invalid settings, and even if you are editing the wrong > config file(s). > > -- > > Best regards, > > Charles Thanks for the tip! I didn't know of the dovecot -n command so thanks for pointing that out to me...... It's strange as I've been fiddling around with mail servers for some time in test labs at home but I still feel like I'm on the outside looking in; oh well at least this design at work is much better even though it took forever to get the PAM potion for AD sorted out. Regards, Kaya From CMarcus at Media-Brokers.com Mon Jun 25 12:44:19 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:44:19 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> Message-ID: <4FE832F3.3000405@Media-Brokers.com> On 2012-06-25 3:58 AM, J E Lyon wrote: > I've not come up with any significant advantages of mbox that count > for much in my experiences and installations . . Would be interested > to hear of suggested advantages that I might have overlooked One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. -- Best regards, Charles From ef at math.uni-bonn.de Mon Jun 25 12:54:02 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 11:54:02 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120619131413.GN48358@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> Message-ID: <20120625095401.GT50872@trav.math.uni-bonn.de> > With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? No-one, this one? Too simple? Too stupid? Too obvious? Not possible? From branko at majic.rs Mon Jun 25 13:01:40 2012 From: branko at majic.rs (Branko Majic) Date: Mon, 25 Jun 2012 12:01:40 +0200 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <20120625120140.033c2297@zetkin.int.primekey.se> On Mon, 25 Jun 2012 08:52:51 +0100 Kaya Saman wrote: > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. For my own use I've switched to the LDAP as provider of user information and credentials (for Dovecot/Postfix/ejabberd/anything I can get to talk to the LDAP). It's not that hard to figure out, but getting used to LDAP itself can take a little bit of time. In my case I'm using the LDAP just for checking if a user is present on the system and for authentication purposes (for the mail server). Haven't tried using quota etc with LDAP. Anything in particular you're having problems coping with? :) -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 13:04:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 11:04:43 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE832F3.3000405@Media-Brokers.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> <4FE832F3.3000405@Media-Brokers.com> Message-ID: On 25 Jun 2012, at 10:44, Charles Marcus wrote: > On 2012-06-25 3:58 AM, J E Lyon wrote: >> I've not come up with any significant advantages of mbox that count >> for much in my experiences and installations . . Would be interested >> to hear of suggested advantages that I might have overlooked > > One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. > > It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... > > I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. Very interesting. I use "rdiff-backup" as a cronjob in the wee hours (, so the fact it takes a while to work out what to incrementally save, doesn't matter to me -- but the point is that I know it's an issue and have addressed it that way. I too have contemplated some automated archiving of older mail . . it's getting closer to needing to be addressed at some point soon I think. J. From CMarcus at Media-Brokers.com Mon Jun 25 14:39:35 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 07:39:35 -0400 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <4FE84DF7.7030707@Media-Brokers.com> On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap > server with doveadm backup as described there: What version of dovecot (doveconf -n output_? > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u > user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying > to run backup in wrong direction. Source is empty and destination is not. -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From r.vicinus at metaways.de Mon Jun 25 15:55:48 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 14:55:48 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE84DF7.7030707@Media-Brokers.com> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> Message-ID: <4FE85FD4.8090708@metaways.de> On 25/06/12 13:39, Charles Marcus wrote: > On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: >> i try to migrate mails from a non dovecot imap server to a dovecot imap >> server with doveadm backup as described there: > > What version of dovecot (doveconf -n output_? dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.10.10.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From tss at iki.fi Mon Jun 25 17:35:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 17:35:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625095401.GT50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 12.54, Edgar Fu? wrote: >> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? > No-one, this one? > > Too simple? Too stupid? Too obvious? Not possible? Mail/Sieve dirs can be relative to home dir, not vice versa.. > I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. Yeah, that would probably work. Maybe look into changing your directory hierarchy so mails are under home. From ef at math.uni-bonn.de Mon Jun 25 17:42:49 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 16:42:49 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: <20120625144248.GW50872@trav.math.uni-bonn.de> > Mail/Sieve dirs can be relative to home dir, not vice versa. OK, thanks. > Yeah, that would probably work. I'll try that. > Maybe look into changing your directory hierarchy so mails are under home. Too late. Also, as directories corresponding to IMAP folders always start with a dot, it appeared quite natural to me to have ``home'' and ``sieve'' at the same level as ``.dovecot'' (and ``cur'', for that matter). Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? From tss at iki.fi Mon Jun 25 19:37:56 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:37:56 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625144248.GW50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 17.42, Edgar Fu? wrote: > Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? Well, you could use a single mailDirectory LDAP attribute that expands to your mail directory to provide for all of the other home/sieve fields as well. But that requires Dovecot v2.1. From ncjeffgus at zimage.com Mon Jun 25 19:45:51 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 09:45:51 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE59A86.7020208@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> Message-ID: <1340642751.7730.2.camel@maclinux.zimage.com> On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: > > > > # 2.0.13: /etc/dovecot/dovecot.conf > > As you are aware (since you participated in the thread discussion about > this months ago), Timo is working on a total rewrite of dsync, and if > memory serves, it is mainly for 2.1+, and it is not recommend to use it > in earlier versions if you need reliability (ie, 2.0.x, as you are using)... I did try the 2.1.x version of dsync back in March. I found the version to be very unreliable. It would crash with many types of operations (e.g. maildir -> mdbox conversions). ...Jeff From tss at iki.fi Mon Jun 25 19:46:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:46:14 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: > > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. > As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Now this is copying from mdbox to imapc, which is also why you're getting the crash: > Sometimes (every other time?) i got the following segmentation fault: > > bt > #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 > #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing I think this is also because it's going to wrong direction. > i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Shouldn't be a problem. From CMarcus at Media-Brokers.com Mon Jun 25 19:49:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 12:49:37 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340642751.7730.2.camel@maclinux.zimage.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> Message-ID: <4FE896A1.4060701@Media-Brokers.com> On 2012-06-25 12:45 PM, Jeff Gustafson wrote: > On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: >>> # 2.0.13: /etc/dovecot/dovecot.conf >> As you are aware (since you participated in the thread discussion about >> this months ago), Timo is working on a total rewrite of dsync, and if >> memory serves, it is mainly for 2.1+, and it is not recommend to use it >> in earlier versions if you need reliability (ie, 2.0.x, as you are using)... > I did try the 2.1.x version of dsync back in March. I found the version > to be very unreliable. It would crash with many types of operations > (e.g. maildir -> mdbox conversions). Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. Also, that was 3 *months* ago - more than likely a lot has changed since then. I'd suggest you try again with 2.1.7... -- Best regards, Charles From tss at iki.fi Mon Jun 25 19:54:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:54:06 +0300 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE896A1.4060701@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> Message-ID: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> On 25.6.2012, at 19.49, Charles Marcus wrote: >> I did try the 2.1.x version of dsync back in March. I found the version >> to be very unreliable. It would crash with many types of operations >> (e.g. maildir -> mdbox conversions). > > Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. > > Also, that was 3 *months* ago - more than likely a lot has changed since then. > > I'd suggest you try again with 2.1.7... The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version of v2.0's dsync. I have no idea why v2.1's dsync would be less reliable than v2.0's. It only had bugfixes. Anyway, the GUID error could very well be because of buggy mailbox listing code in v2.0, which was rewritten for v2.1. From ef at math.uni-bonn.de Mon Jun 25 21:08:57 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 20:08:57 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: <20120625180857.GX50872@trav.math.uni-bonn.de> > But that requires Dovecot v2.1. I was refering to http://wiki1.dovecot.org/VirtualUsers/Home which, to my understanding, should apply to 1.2. I don't understand the Example at the bottom: > LDAP with relative directory paths > > If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: > > user_attrs = .., mailDirectory=home=/var/vmail/%$ > Then just use mail_location = maildir:~/Maildir. From trever at middleearth.sapphiresunday.org Mon Jun 25 21:20:59 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 12:20:59 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE8AC0B.40906@middleearth.sapphiresunday.org> On 06/25/2012 01:52 AM, Kaya Saman wrote: > On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams > wrote: >> On 06/25/2012 01:20 AM, Kaya Saman wrote: >> >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> >> Sorry, I missed this at first. It is quite simple. I don't store it in >> passwd or any other place, since you are doing vmail, you might find this >> easiest: >> >> in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): >> >> mail_home = /home/vmail/%Ld/%Ln >> mail_location = maildir:~/Maildir >> >> in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and >> group used to access mails...?): >> >> mail_uid=vmail >> mail_gid=vmail >> >> Obviously, vmail may not be your user for vmail. Also, some of my notes may >> no longer be accurate for location, just find where it exists and edit. >> >> I hope this helps. Of course, this is a Maildir setup. mbox is probably very >> similar, but I have had too many mbox style mail queues go south losing all >> of the mail (or more than one would like), so I do Maildir, even though it >> isn't necessarily the best use of disk space. >> >> Trever >> -- >> "I do not fear computers. I fear the lack of them." -- Isaac Asimov > Thanks for the responses! > > Sorry if I reply to every single one in this email however, I am using > Gmail's awful Web UI so I don't really have much control over what I'm > doing...... > > > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. Sorry, I missed these. I have been busy. Tim and others were very kind and helped me figure things out. I do not have any web sites where I can post things, so I will give an overview here and if you need help, either follow up privately or here. > > I'll take a look at the above config for Maildir format as briefly > playing around with mbox it seems that folders on the / root (parent) > IMAP directory are stored separately. It may be better if everything > got stored under the Maildir heading.... I've previously **only** ever > worked with Maildir but I was told that there are some benefits to > mbox which is why I decided to try to use it here! > > Regards, > > > Kaya > The only draw back I see with maildir is one file per message. This makes it resilient to corruption that mbox sees (if a message gets corrupted, you erase one message and that corruption won't propagate even if you leave it in place). In many setups this also leads to MUCH faster system. On unix systems this doesn't just waste disk space, it could lead to inode (or whatever your *nix of choice calls it) depletion. I haven't yet seen this in my setups. I archive most of my personal mail, so I have at least some of my mail going back to 1998, I think. Kerberos Directions: Microsoft suggests on linux systems that you create an account (separate from the HOST account) and add the appropriate user principal names. There are pros and cons to this, their way is a and doing it as part of the host account is b. a) On S4 dc (replace MAILSERVER_HOST and MAILSERVER_FQDN with host and host.example.org, in lowercase as I use the caps only to help me see what I need to change, respectively as fits your domain - i.e. not example.org and create some long random password and put it wherever you see $RANDOMPASSWORD) : /usr/local/samba/sbin/samba-tool newuser mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add imap/MAILSERVER_FQDN mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add smtp/MAILSERVER_FQDN mail-MAILSERVER_HOST /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ smtp/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ imap/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ mail-MAILSERVER_HOST --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD Move the mail.keytab to dovecot's main configuration directory on dovecot server (/etc/dovecot here). Then do the appropriate version of: chmod 640 /etc/dovecot/mail.keytab chown dovecot.dovenull /etc/dovecot/mail.keytab b) Make sure your local samba setup is joined to the domain. Make sure it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as part of its password management, etc. net ads keytab add smtp/mail_server_fqdn net ads keytab add imap/mail_server_fqdn You may have to edit the sam.ldb on your S4 server as many times S3 doesn't create the principals ( /usr/local/samba/bin/ldbedit -H /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ should do the trick and add userPrincipalName so that it has imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own userPrincipalName, this should give the machine account 3 userPrincipalName lines) then do the following modified for your samba krb5.keytab location (the following is how to set the extended posix ACLs on Linux, I don't know what it would be for FreeBSD, this adds read writes to dovecot user on the file krb5.keytab): setfacl -m u:dovecot:r krb5.keytab NOTE: For ldap access dovecot needs access to the krb5.keytab as I haven't figured out why, but Windows (including S4) AD doesn't like the a) method principals acting in some of the ways they need to. So, I just go with method b. Change the following or insert them into your dovecot setup modifying to fit your setup (/etc/dovecot/conf.d/10-auth.conf for me) : auth_realms = DOMAIN_FQDN auth_gssapi_hostname = HOST_FQDN auth_krb5_keytab = /etc/dovecot/mail.keytab (this is method a, b would be /etc/krb5.keytab) auth_mechanisms = gssapi gss-spnego login plain If you are using postfix anywhere, you can use dovecot as the lda (avoid messing with trying to make it deliver to the right directories, etc.) and use dovecot for the auth. Doing the later makes things overlap perfectly for auth too. LDAP (simple if you used method b, method a always gave me trouble - if people reading this know how to make method a work, I would love to read it myself as it may be more secure according to Microsoft): Create a userdb setup that reads (I do this in a file called /etc/dovecot/conf.d/auth-vmail.conf.ext): userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } Then create that dovecot-ldap.conf.ext file (again, make sure your replace DOMAIN_FQDN with example.org, or whatever it is in your setup, replacing example.org as well): hosts = DOMAIN_FQDN base = dc=example,dc=org ldap_version = 3 user_attrs = userPrincipalName=user user_filter = (&(objectClass=person)(|(mail=%u)(sAMAccountName=%u)(userPrincipalName=%u))) dn = mail-MAIL_HOST at DOMAIN_FQDN sasl_bind = yes sasl_mech = GSSAPI sasl_realm = DOMAIN_FQDN sasl_authz_id = mail-MAIL_HOST at DOMAIN_FQDN (this is for method a, method b you would think would be the machine$ account, but I found it works better without this line with method b) # For using doveadm -A: iterate_attrs = userPrincipalName=user iterate_filter = (objectClass=person) Finally, you need to do a cronjob that will keep a credential cache for the machine account around for dovecot to use to do ldap: 02 03 */2 * * /usr/bin/kinit -l 10d -k MAIL_HOST$ -c /etc/dovecot/krb5.cc && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc 03 * * * * /usr/bin/kinit -c /etc/dovecot/krb5.cc -R && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc Does the trick for me. The cronjob should be for root, hence the need for the chown. It may work as dovecot. I cannot remember if it does or not. If it does, have the cronjob be for dovecot's user. One side effect of the above ldap.conf.ext file, the mail entry (this is the mail shown in AD Users and Computers if you edit a user) becomes an alias. So, if you wish to hide users logins or have an additional email in the same domain, use the mail field (you can edit it similar to how you added the userPrincipalName above). to hide user logins, do the client setup so that it uses the alias as the from address and account name stuff while using the real login for all the login stuff. Unless I missed a step, you just need to tell Outlook, Thunderbird, etc. to do GSSAPI or SPNEGO with GSSAPI (whatever Outlook calls it). If you use postfix with dovecot lda, the aliasing stuff works. If you don't, you will have to setup some things for postfix to do the aliasing the same way. I have such ldap-users and ldap-alias.cf files. I am not sure they work as I don't remember if I ever tested them before moving to dovecot lda. They should work with method b, so long as you also add the postfix user to the read list. I find dovecot lda with sieve gives me everything I need/want, so I won't test these out. They are available to anyone upon request. Nothing here interferes with pam_krb5 stuff you mentioned. As I said, I use it myself for devices or setups that can't/don't do krb5. There you have it. I hope this helps you and others. Trever P.S. Yes, I know you said this is not an MTA box, just IMAP. I keep mentioning postfix as in my work, it works best for me and it is nice to have them work very well together. -- "Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid." -- Mark Twain From r.vicinus at metaways.de Mon Jun 25 21:21:43 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 20:21:43 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> Message-ID: <4FE8AC37.3070606@metaways.de> On 25/06/12 18:46, Timo Sirainen wrote: > On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > >> i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: >> >> http://wiki2.dovecot.org/Migration/Dsync >> >> i first tried (local-mailbox port 18143 is the non dovecot imap server): >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: >> >> and got the following error: >> >> dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. > Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. You're right it was an error in my setup that caused this problem. After fixing that problem it now works as expected. The only thing I don't get working is running it via the doveadm-server socket with: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -S /var/run/dovecot-director/doveadm-server -R -u user at example.org imapc: In the logfile on the server there is the following error message: Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed So I think that all the -o configurations aren't transfered via the doveadm-server socket. >> As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: > Now this is copying from mdbox to imapc, which is also why you're getting the crash: > >> Sometimes (every other time?) i got the following segmentation fault: >> >> bt >> #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 >> #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 > Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > >> dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing > I think this is also because it's going to wrong direction. Yes, the problem there was that it was the wrong direction. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: director.conf.txt URL: From tss at iki.fi Mon Jun 25 21:48:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:48:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625180857.GX50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> <20120625180857.GX50872@trav.math.uni-bonn.de> Message-ID: <56B9BE37-BE23-47B7-BB8C-D18BCB341FB9@iki.fi> That example means that if you have in LDAP "mailDirectory=domain.com/username" field, and you want user's home to be /var/vmail/domain.com/username, then you can set mailDirectory=home=/var/vmail/%$ where %$ gets expanded to domain.com/username. I don't think it's relevant to what you want. On 25.6.2012, at 21.08, Edgar Fu? wrote: >> But that requires Dovecot v2.1. > I was refering to > http://wiki1.dovecot.org/VirtualUsers/Home > which, to my understanding, should apply to 1.2. > I don't understand the Example at the bottom: > >> LDAP with relative directory paths >> >> If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: >> >> user_attrs = .., mailDirectory=home=/var/vmail/%$ >> Then just use mail_location = maildir:~/Maildir. > From tss at iki.fi Mon Jun 25 21:50:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:50:09 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE8AC37.3070606@metaways.de> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> <4FE8AC37.3070606@metaways.de> Message-ID: <65751386-8372-4922-B705-AF62DD04CF83@iki.fi> On 25.6.2012, at 21.21, Reinhard Vicinus wrote: > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed > > So I think that all the -o configurations aren't transfered via the doveadm-server socket. Correct. None of them are, and that's by design. From mailinglist at august.de Mon Jun 25 22:03:41 2012 From: mailinglist at august.de (mailinglist) Date: Mon, 25 Jun 2012 21:03:41 +0200 Subject: [Dovecot] started with dovecot sieve Message-ID: As I am new to dovecot and sieve I am really happy to get it working in a straight forward way. Thanks for the documentation to whom it concerns. Now I came to my limits with this failure messages in /home/rolf/.dovecot.sieve.log: sieve: info: started log at Jun 25 20:22:54. error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error. with this messages in mail.info: Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) I guess the mentioned mail is spam. However, does this tell about some wrong configuration or access rights? Any indication what to improve? I get such an error about every 6 minutes. From ncjeffgus at zimage.com Mon Jun 25 22:07:28 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 12:07:28 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> Message-ID: <1340651248.10841.1.camel@maclinux> On Mon, 2012-06-25 at 19:54 +0300, Timo Sirainen wrote: > On 25.6.2012, at 19.49, Charles Marcus wrote: > > I'd suggest you try again with 2.1.7... > > The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version > of v2.0's dsync. I have no idea why v2.1's dsync would be less > reliable than v2.0's. It only had bugfixes. > > Anyway, the GUID error could very well be because of buggy mailbox > listing code in v2.0, which was rewritten for v2.1. I will try the latest 2.1.x code and see what happens. dsync in 2.0.x seems to work just fine... most of the time. ...Jeff From juergen at pabel.net Tue Jun 26 00:42:57 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Mon, 25 Jun 2012 23:42:57 +0200 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <1340660577.4872.8.camel@P7230> Hi, I am replying to my own message because it's probably the "cleanest" reply since I am not subscribed to the mailing list and thus can't reply to Charles' message itself. > What specifically is the *purpose* of this? To encrypt the data on the server (like the zlib plugin does for compression). Said value will be password used to unlock/decrypt the encryption key stored on the server. (I have implemented several cryptographic software components, so I believe that I understand what all is required for something like such a plugin to be implemented correctly). > I think it is usually preferred that you do things like this against > either the current shipping/stable branch (2.1.x), or even hg (2.2).. > much better chance that it would be accepted. Agreed - I'm just developing on Ubuntu 12.04 which has 2.0. However, porting patches from 2.0 to 2.1/2.2 shouldn't be too hard from what I've seen so far. Cheers, J?rgen Am Sonntag, den 24.06.2012, 22:37 +0200 schrieb J?rgen Pabel: > Dear Dovecot-Team, > > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. > > However, in auth_request_handle_passdb_callback() the extra_fields are > reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if > that return code is used then any following passdb's aren't invoked any > more - which makes sense with respect to user authenticiation. I would > therefore like to propose that some IGNORE/CONTINUE-status to be > introduced in auth/passdb.h, that would be handled in that extra_fields > and possible other values are not reseted in order to allow such > propagation of data from authentication process down to the mail process > (which could be extracted from the reply string by parsing it). > > As a further implementation alternative (to the parsing of the reply > string), I also propose that some new "environment" item be introduced > (in auth_request) in order to allow such data passing in a generic > manner. > > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. > > Regards, > J?rgen > > PS: please reply to my e-mail (or CC me), as I have not subscribed to > the dovecot list > From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 00:59:14 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 25 Jun 2012 23:59:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: Message-ID: <20120625215914.GA7831@daniel.localdomain> Hi Rolf, Rolf wrote: > Now I came to my limits with this failure messages in > /home/rolf/.dovecot.sieve.log: > > sieve: info: started log at Jun 25 20:22:54. > error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: > failed to store into mailbox 'INBOX': BUG: Unknown internal error. > > with this messages in mail.info: > > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> > Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) > > I guess the mentioned mail is spam. However, does this tell about > some wrong configuration or access rights? Any indication what to > improve? I get such an error about every 6 minutes. lda ist the local delivery agent which seems to fail during delivery. "setegid(privileged) failed" looks like your lda running under a specific user is not allowed to change to the specified group id, maybe the user not a member of the configured group, but this is just a guess. For a deeper analysis we will need the full output of the following command: doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 01:47:16 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Mon, 25 Jun 2012 15:47:16 -0700 Subject: [Dovecot] What does "namespace inbox {..." mean Message-ID: <1340664436.3984.23.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. On the other hand the sample configuration coming with dovecot in my distro puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears from the wiki that the word following the namespace declarator (if this is the right word) should be either "public", "shared", or "private", and describes a property of the namespace being declared. So what does: namespace inbox {... mean? Similarly in another part of the wiki (see http://wiki2.dovecot.org/Plugins/Virtual), I read that it's possible to have namespace virtual { namespace real { ... which only increases my perplexity. Please advise! Thanks - jon From janfrode at tanso.net Tue Jun 26 09:44:10 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 26 Jun 2012 08:44:10 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <20120626064410.GA19106@dibs.tanso.net> On Thu, Jun 21, 2012 at 11:44:33PM +0300, Timo Sirainen wrote: > > > > additionally you should install imapproxy on the webserver > > wehre your webmail is running and configure the webmail for > > using 127.0.0.1 - so only one connection per user is > > persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > That was me, there -> http://dovecot.org/list/dovecot/2012-February/063666.html -jf From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 15:41:46 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 14:41:46 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626064410.GA19106@dibs.tanso.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: >>> wehre your webmail is running and configure the webmail for >>> using 127.0.0.1 - so only one connection per user is >>> persistent instead make a new one for each ajax-request >> >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. nothing strange. I really wonder if there are available FASTER implementations of imap service. Quite probably not. It's stupid how webmail works but dovecot doesn't have a problem to get new connections every now and then. just make sure you didn't set up SSL by accident. From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 16:11:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 15:11:18 +0200 (CEST) Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: > The only draw back I see with maildir is one file per message. This it is mostly adventage. > makes it resilient to corruption that mbox sees (if a message gets > corrupted, you erase one message and that corruption won't propagate > even if you leave it in place). In many setups this also leads to MUCH > faster system. On unix systems this doesn't just waste disk space, it even with 32kB block/4kB fragment filesystem under FreeBSD which is my common setup, it isn't that a problem. i just checked one of my users folder - 2.3GB in 8500 files. the average is 270 kilobytes per mail. checked few others and it looks similar. dovecot's own storage system can do something in between - packing smallest messages by a few in one file. > could lead to inode (or whatever your *nix of choice calls it) > depletion. you decide how much inode you need while creating filesystem on every unix system, except filesystems where it is allocated on demand. What you will gain is clear separation of mails. You may in any case use widely available standard unix tools to move, delete, search, whatever with this files, and dovecot would rebuild it's indexes then. The other major gain are backups. With one file per mail differential/incremental backups will work fine. As everyone do backups this is important, unless you have so cheap and quick backup system that you can just do full backup most cases. Tapes, while certainly fast, are unfortunately not a cheap solution anymore. I don't mean drive, but cartridges. The disadventages are more I/O when multiple files are processed but it is not a common case. Dovecot makes great job in indexing. The other may be (with linux) slow operation on huge directories. I wasn't using linux for 6 years and that's only what i am told from others. Possibly it is already improved in linux. In FreeBSD there is compile time option UFS_DIRHASH for kernel that make even million file directories work quick. as of latter discussion about what microsoft recommends with linux (being of course expert of everything) - i would keep silent. From joseba.torre at ehu.es Tue Jun 26 17:16:14 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Tue, 26 Jun 2012 16:16:14 +0200 Subject: [Dovecot] Director + managesieve: is it posible? Message-ID: <4FE9C42E.6010407@ehu.es> Hi, I've just tried to add managesieve to our director server, and when I try to connect they fail with Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Jun 26 12:28:13 director2 dovecot: managesieve-login: Disconnected (internal failure, 1 succesful auths): user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Is it posible to use director for this? Or only static proxy is allowed? Aaaaaaaaagur. From tss at iki.fi Tue Jun 26 17:27:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 17:27:13 +0300 Subject: [Dovecot] Director + managesieve: is it posible? In-Reply-To: <4FE9C42E.6010407@ehu.es> References: <4FE9C42E.6010407@ehu.es> Message-ID: <5A5A3920-BA5C-4A4F-A8CD-069CDF543569@iki.fi> On 26.6.2012, at 17.16, Joseba Torre wrote: > I've just tried to add managesieve to our director server, and when I try to connect they fail with > > Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= > Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> "host not given". You've not configured service managesieve-login { executable = managesieve-login director } From mailinglist at august.de Tue Jun 26 17:51:22 2012 From: mailinglist at august.de (mailinglist) Date: Tue, 26 Jun 2012 16:51:22 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120625215914.GA7831@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <7ed0b690c6cd82969f98c080b2f9678f@august.de> Am 2012-06-25 23:59, schrieb Daniel Parthey: > Hi Rolf, > > Rolf wrote: >> Now I came to my limits with this failure messages in >> /home/rolf/.dovecot.sieve.log: >> >> sieve: info: started log at Jun 25 20:22:54. >> error: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error. >> >> with this messages in mail.info: >> >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: >> client=localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: >> message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> >> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: >> from=, size=5291, nrcpt=1 (queue active) >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script >> /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user >> logfile /home/rolf/.dovecot.sieve.log may reveal additional details) >> >> I guess the mentioned mail is spam. However, does this tell about >> some wrong configuration or access rights? Any indication what to >> improve? I get such an error about every 6 minutes. > > lda ist the local delivery agent which seems to fail during delivery. > "setegid(privileged) failed" looks like your lda running under a > specific > user is not allowed to change to the specified group id, maybe the > user > not a member of the configured group, but this is just a guess. > > For a deeper analysis we will need the full output of the following > command: > > doveconf -n > > Regards, > Daniel Thank you for your kind answer, Daniel. I have installed dovecot and docecot-sieve by Debians aptitude (see dpkg -l blow). As far as I understand the "ps -f ax" output (see below) dovecot runs with root priviledges and postfix runs with its own user priviledges. The mbox files below /var/mail are owned by their respective users and have "mail" as their group, both can write, world can do nothing. I added every related system user to the mail group, also restarted postfix and dovecot. root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix As I understand it, postfix activates the lda "deliver" as user "postfix". Therefore it should be able to write to the mboxes at /var/mail. If needed dovecot can write there as well. Hope you can find something by the following 3 outputs: 1. dovecot -n, 2. ps -f ax, 3. dpkg -l Kind Regards, Rolf =========== 1 dovecot -n root at rolf14:/var/mail# dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4-4.slh.1-aptosid-amd64 x86_64 Debian wheezy/sid disable_plaintext_auth = no hostname = august.de mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail passdb { args = failure_show_msg=yes driver = pam } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_default = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at august.de protocols = " imap pop3" sendmail_path = /usr/lib/sendmail ssl_cert = (keine Beschreibung vorhanden) ii dovecot-core 1:2.1.7-2 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-gssapi (keine Beschreibung vorhanden) ii dovecot-imapd 1:2.1.7-2 secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-ldap (keine Beschreibung vorhanden) un dovecot-lmtpd (keine Beschreibung vorhanden) un dovecot-managesieved (keine Beschreibung vorhanden) un dovecot-mysql (keine Beschreibung vorhanden) un dovecot-pgsql (keine Beschreibung vorhanden) ii dovecot-pop3d 1:2.1.7-2 secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-sieve 1:2.1.7-2 sieve filters support for Dovecot un dovecot-solr (keine Beschreibung vorhanden) un dovecot-sqlite (keine Beschreibung vorhanden) root at rolf14:/var/mail# Nachricht 1 von 12 From andre.rodier at gmail.com Tue Jun 26 18:04:13 2012 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Tue, 26 Jun 2012 16:04:13 +0100 Subject: [Dovecot] userdb errors after upgrading to 2.1 Message-ID: Hello everybody, I am running debian wheezy for development and test, and I recently upgrade to dovecot 2.1.7 I am using LDAP lookups, and virtual users with the same UID/GID. Everything was working fine before, but now, I have this error when I try to send an email to a local account: -------------------------------------------------------- Jun 26 15:46:52 lapetus dovecot: lmtp(24518): Error: user user.test at indienet.com: Auth USER lookup failed Jun 26 15:46:52 lapetus dovecot: auth: Error: userdb(user.test at indienet.com,127.0.0.1): client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket -------------------------------------------------------- However, even if I set the permissions to 0666, I still have the same error. Can you point me in the right direction to fix this, please? Kind regards, Andr? Rodier From CMarcus at Media-Brokers.com Tue Jun 26 18:54:52 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 26 Jun 2012 11:54:52 -0400 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> Message-ID: <4FE9DB4C.20309@Media-Brokers.com> On 2012-03-03 1:10 PM, Thomas Leuxner wrote: > Am 03.03.2012 um 13:07 schrieb Steven Haigh: > >> I'm just wondering if anyone knows if this got implemented? I've >> beenlooking at doing this for quite some time... > Yes it was. It has been discussed extensively: > > http://www.dovecot.org/list/dovecot-news/2012-February/000213.html > http://www.dovecot.org/list/dovecot/2011-December/062327.html Thanks for the thread references Thomas, I just re-read them and didn't see my question asked... The obvious downside to the current RFC based umplementation is that it requires Client cooperation... My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. -- Best regards, Charles From kayasaman at gmail.com Tue Jun 26 19:23:49 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Tue, 26 Jun 2012 17:23:49 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE9E215.3090700@gmail.com> On 06/25/2012 08:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find > this easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user > and group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > Obviously, vmail may not be your user for vmail. Also, some of my > notes may no longer be accurate for location, just find where it > exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is > probably very similar, but I have had too many mbox style mail queues > go south losing all of the mail (or more than one would like), so I do > Maildir, even though it isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Hi, I'm just responding as the OP to say that the above was what I was looking for! Thanks Trever :-) Everything is setup and working fine now. Though responding quite late and of course having read through the latest messages within the thread I don't feel that my users will notice any difference between mbox or mdbox and Maildir format, speedwise. The reasoning behind this is that my end users unfortunately are all using M$ Outlook which is absolute garbage! FULL STOP! Comparing the IMAP capability speeds between Thunderbird and Outlook linking to my server yielded that I was able to get around 150Mbps transfer rate using T-Bird while Outlook only managed a few 100's of kbps. I think it's because 2010 relies heavily on PST's (whatever they are....) and the fact it is ultimately M$ also so it's basically built by nincompoops to be sold at hideous prices and even higher tech-support prices. In all fairness to Outlook I did manage to get a pathetic ~2Mvbps tops of transfer...... :-S Luckily I'm the only one using T-Bird or Alpine so am fine :-) Can't send any mail though as need to go through Exchange - there's no winning in the corporate world :-( Regards, Kaya From trever at middleearth.sapphiresunday.org Tue Jun 26 19:47:17 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:47:17 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E795.50506@middleearth.sapphiresunday.org> > b) Make sure your local samba setup is joined to the domain. Make sure > it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as > part of its password management, etc. > > net ads keytab add smtp/mail_server_fqdn > net ads keytab add imap/mail_server_fqdn > > > You may have to edit the sam.ldb on your S4 server as many times S3 > doesn't create the principals ( /usr/local/samba/bin/ldbedit -H > /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ > should do the trick and add userPrincipalName so that it has > imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own > userPrincipalName, this should give the machine account 3 > userPrincipalName lines) Sorry to anyone who was following what I wrote. I made a mistake. This should NOT be userPrincipalName, it should be servicePrincipalName. (There should already be 1 or 2 such lines that says HOST/host or HOST/host.fqdn) Trever From trever at middleearth.sapphiresunday.org Tue Jun 26 19:48:52 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:48:52 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E7F4.9090706@middleearth.sapphiresunday.org> On 06/26/2012 07:11 AM, Wojciech Puchar wrote: >> The only draw back I see with maildir is one file per message. This > > it is mostly adventage. Agreed. > >> makes it resilient to corruption that mbox sees (if a message gets >> corrupted, you erase one message and that corruption won't propagate >> even if you leave it in place). In many setups this also leads to MUCH >> faster system. On unix systems this doesn't just waste disk space, it > > even with 32kB block/4kB fragment filesystem under FreeBSD which is my > common setup, it isn't that a problem. > i just checked one of my users folder - 2.3GB in 8500 files. the > average is 270 kilobytes per mail. > > checked few others and it looks similar. > > > dovecot's own storage system can do something in between - packing > smallest messages by a few in one file. > >> could lead to inode (or whatever your *nix of choice calls it) >> depletion. > you decide how much inode you need while creating filesystem on every > unix system, except filesystems where it is allocated on demand. Yes, as I noted, I haven't seen this. But it could be an annoyance depending on how things were created and when. I don't believe all file systems can do allocation on demand. I don't know. > > as of latter discussion about what microsoft recommends with linux > (being of course expert of everything) - i would keep silent. > The only reason I know what they recommend is it came up on several sites that described how to setup the service principals. I read something recently on Samba lists that explains why this may be their recommendation. The funny thing is, it really isn't any different than on their systems unless they think that because it is their system the keytab is some how miraculously going to stay more secure than it would on other systems. Sorry if I seemed like I was claiming to be some super expert. I just had a lot of help to pull things together. If he was struggling to find things, I would like to help. Trever -- "Fairy tales are more than true; not because they tell us that dragons exist, but because they tell us that dragons can be beaten." -- G.K. Chesterton From role.Dovecot-Readers at JLAssocs.com Tue Jun 26 21:34:22 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Tue, 26 Jun 2012 19:34:22 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present Message-ID: Hi, After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html That explains it. Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. I'd be as happy getting my procmail script to tell Dovecot to update the index based on the flag, but I'm pretty sure that's not possible :) Any ideas greatly appreciated, thanks. ~ James. From slusarz at curecanti.org Tue Jun 26 22:03:41 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:03:41 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 23.6.2012, at 13.21, Ed W wrote: > >>>> But I don't know, whether this is the sort of caching you are >>>> referring to. >>> >>> what's a point of caching imap, except your webmail service is not >>> locally connected (localhost or LAN) to imap server? >> >> Asking for items 600-615 from a threaded list, sorted by something, >> can be an expensive operation, especially if you just asked for >> items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. > Normally there shouldn't be a need for extra caching layer except in > cases of higher network latency. Timo: I'm not sure if you are saying that all client-side caching is wrong. If so, I'm going to disagree with you, especially when dealing with more complex data structures. Let me first say that I don't take IMAP response parsing to be a computationally easy action. So it's not just network latency you are worrying about; parsing a line can be the limiting factor in many cases. For example, a deeply threaded 400 message mailbox will return a THREAD response line that will take quite a bit of recursive parsing to decode. And various FETCH criteria most definitely benefit from local caching above/beyond what dovecot provides. An example: BODYSTRUCTURE. This may be cached on the dovecot side, but when received by the MUA you have to parse the IMAP BODYSTRUCTURE response (not trivial). You also have to potentially handle IMAP response codes in the server command completion line. And the bodystructure data is probably not all that useful until converted to a usable object on the MUA side, which may be another relatively expensive operation. So a locally cached bodystructure object is a substantial performance benefit over having to recreate this data from the cached data on the dovecot side. ENVELOPE is similar. Most likely this will be converted to an object representation in the MUA so you have the same benefits as BODYSTRUCTURE. Additionally, in IMP we do things like scan for broken charset headers (e.g. Subject headers that contain non-ASCII characters) and have some algorithms to fix these issues. This "value-added" code would be prohibitively expensive if we have to do it on every mailbox access. Message flags are another benefit to caching. The list of flags may be cached on dovecot, but not having to issue a flag FETCH every time you access a mailbox can be a substantial benefit. But I will heartily agree that nobody should be caching things like headertext or bodypart data. There is little/no benefit you receive from caching this locally. This is where you should be leveraging the storage on the IMAP server. As an MUA author you can't rely on the fact that you are connecting to a competent IMAP server. You just as likely are going to be connecting to a server that implements base RFC 3501, and most likely implements that incorrectly. Not all of us are lucky to connect to Dovecot (or Cyrus). So smart caching most definitely can and will increase performance of an MUA, regardless of caching performed by the IMAP server. michael From slusarz at curecanti.org Tue Jun 26 22:09:16 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:09:16 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: <20120626130916.Horde.SApgK4F5lbhP6gjcZtb2KWA@bigworm.curecanti.org> Quoting Wojciech Puchar : > It's stupid how webmail works but dovecot doesn't have a problem to > get new connections every now and then. just make sure you didn't > set up SSL by accident. Would you mind explaining why you think it is "stupid" the way webmail works? I assume you are angry because a webmail installation will normally need to create a new IMAP connection on every user interaction at the browser level. Unfortunately, HTTP is a stateless protocol which makes webmail a disconnected client. But it is no different than other disconnected clients, e.g. mail app on a smartphone. I am confused on why you think this is stupid. The existence of disconnected clients has been contemplated since the beginning of IMAP (see RFC 1733; RFC 4549), and much work has been done to the IMAP protocol (CONDSTORE, QRESYNC, to a lesser extent SORT/THREAD) to increase performance on these clients - especially since that's where MUA usage is exploding. michael From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 23:10:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 22:10:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626201036.GA6929@daniel.localdomain> Rolf wrote: > Am 2012-06-25 23:59, schrieb Daniel Parthey: > >Hi Rolf, > > > >Rolf wrote: > >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Doesn't lda(rolf) mean it is being executed under user "rolf", not root or dovecot? How exactly do you invoke lda from your /etc/postfix/master.cf? You might also try to use LMTP via TCP to deliver mails from postfix to dovecot to work around any permission problems. > I have installed dovecot and docecot-sieve by Debians aptitude You don't seem to be the only one with these problems, see Debian BTS: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 > As far as I understand the "ps -f ax" output (see > below) dovecot runs with root privileges and postfix runs with its > own user privileges. > > root 20998 1 0 Jun25 ? Ss 0:03 /usr/sbin/dovecot -c /etc/dovecot/dovecot.conf Well, the master process often runs as root, but child processes like lda may be configured to run as an unprivileged, or even as the user which owns the mailbox. > The mbox files below /var/mail are owned by > their respective users and have "mail" as their group, both can > write, world can do nothing. I added every related system user to > the mail group, also restarted postfix and dovecot. > root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix User "rolf" is not a member of group "mail", but I don't think he needs to be, otherwise he would be able to read the mails of all users on the system and this would be a security risk. > As I understand it, postfix activates the lda "deliver" as user > "postfix". Therefore it should be able to write to the mboxes at > /var/mail. If needed dovecot can write there as well. The lda should rather switch to the owner of the respective INBOX, e.g. /var/mail/rolf. Log message "lda(rolf)" looks like this happens. To summarize, I think LMTP will be the easiest way to fix the permission problems. Otherwise you would need to fiddle out how to prevent dovecot lda from switching to group additional group "mail", since unprivileged user "rolf" is not allowed to do that. Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 23:35:00 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 13:35:00 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir Message-ID: <1340742900.2495.14.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. Each of these namespaces starts with namespace private { On the other hand the sample configuration in the documentation puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears that there has been a change in the configuration syntax after the wiki was written, and that the word following namespace no longer gives a property of the namespace, but rather its name. Is this correct? In any case, how should the configuration be modified to handle mixed mailboxes? Thanks - jon From ssilva at sgvwater.com Tue Jun 26 23:48:43 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 13:48:43 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340742900.2495.14.camel@amito> References: <1340742900.2495.14.camel@amito> Message-ID: on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > I'm trying to set up a dovecot server for which mail arrives in an mbox, > and mail is stored in a maildir. The wiki (see > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > Maildir". It advises handling this situation by creating two > namespaces: one for the mbox and the other for the maildir. Each of > these namespaces starts with > namespace private { > > On the other hand the sample configuration in the documentation puts > inbox in a namespace starting with: > namespace inbox { > # Namespace type: private, shared or public > #type = private > > It appears that there has been a change in the configuration syntax > after the wiki was written, and that the word following namespace > no longer gives a property of the namespace, but rather its name. > Is this correct? In any case, how should the configuration be modified > to handle mixed mailboxes? > > Thanks - jon > > > If you are working with 2.0 or later dovecot, you should be at http://wiki2.dovecot.org/Namespaces From tss at iki.fi Tue Jun 26 23:49:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 23:49:28 +0300 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: On 26.6.2012, at 21.34, J E Lyon wrote: > After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html > > That explains it. > > Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) > > Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions From matthieu.rakotojaona at gmail.com Tue Jun 26 21:55:04 2012 From: matthieu.rakotojaona at gmail.com (Matthieu RAKOTOJAONA) Date: Tue, 26 Jun 2012 18:55:04 +0000 (UTC) Subject: [Dovecot] Wrong headers in dovecot-crlf Message-ID: Hello everyone, I'm using the very good imaptest [0] tool to test my little imap server implementation. I've tried to use the dovecot-crlf [1] file, but it looks like there are some major issues : $ grep -n "In-Reply-To.*;" tests/data/dovecot-crlf 479:In-Reply-To: <20020806175441.GA7148 at linux.taugt.net>; from rueckert at informatik.uni-rostock.de on Tue, Aug 06, 2002 at 07:54:41PM +0200 525:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 564:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 673:In-Reply-To: <20020807231956.GA11240 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Wed, Aug 07, 2002 at 08:19:56PM -0300 795:In-Reply-To: <20020808131329.GA30775 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 10:13:30AM -0300 964:In-Reply-To: <20020808193533.GA28619 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 04:35:33PM -0300 21545:In-Reply-To: <1046294808.30811.66.camel at hurina>; from tss at iki.fi on Wed, Feb 26, 2003 at 11:26:48PM +0200 22042:In-Reply-To: <1046373554.18310.4.camel at hurina>; from tss at iki.fi on Thu, Feb 27, 2003 at 09:19:14PM +0200 23712:In-Reply-To: <20030227212127.A10927 at pcx3332.desy.de>; from Juergen.Kahnert at DESY.de on Thu, Feb 27, 2003 at 09:21:27PM +0100 25498:In-Reply-To: ; from Leslie_Viljoen at icoc.org on Thu, Mar 13, 2003 at 12:44:52PM +0200 30654:In-Reply-To: <1048667343.30187.100.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 10:29:03AM +0200 31126:In-Reply-To: <1048704303.31565.214.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 08:45:03PM +0200 31313:In-Reply-To: <1048928723.6856.21.camel at hurina>; from tss at iki.fi on Sat, Mar 29, 2003 at 11:05:23AM +0200 31820:In-Reply-To: <1049101161.884.126.camel at hurina>; from tss at iki.fi on Mon, Mar 31, 2003 at 11:59:21AM +0300 31890:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 10:12:22AM -0500 32037:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 02:19:27PM -0500 32463:In-Reply-To: <1049243642.11879.25.camel at hurina>; from tss at iki.fi on Wed, Apr 02, 2003 at 03:34:02AM +0300 As you can see, many of the "In-Reply-To" headers are polluted with some junk. The situation is the same for many "Message-ID" headers. I don't know why they are here, but I think it's a mistake. I thought I would let you know. [0] http://imapwiki.org/ImapTest [1] http://www.dovecot.org/tmp/dovecot-crlf Regards, -- Matthieu RAKOTOJAONA From jonrysh at pacbell.net Wed Jun 27 00:19:20 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 14:19:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: References: <1340742900.2495.14.camel@amito> Message-ID: <1340745560.2495.27.camel@amito> On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: > on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > > I'm trying to set up a dovecot server for which mail arrives in an mbox, > > and mail is stored in a maildir. The wiki (see > > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > > Maildir". It advises handling this situation by creating two > > namespaces: one for the mbox and the other for the maildir. Each of > > these namespaces starts with > > namespace private { > > > > On the other hand the sample configuration in the documentation puts > > inbox in a namespace starting with: > > namespace inbox { > > # Namespace type: private, shared or public > > #type = private > > > > It appears that there has been a change in the configuration syntax > > after the wiki was written, and that the word following namespace > > no longer gives a property of the namespace, but rather its name. > > Is this correct? In any case, how should the configuration be modified > If you are working with 2.0 or later dovecot, you should be at > http://wiki2.dovecot.org/Namespaces I am using 2.1.7 . I surmise from this Namespace page that the form: namespace { where is one of "public", "private", or "shared" creates an unnamed namespace of type while the form: namespace { where is none of "public", "private", or "shared", creates a namespace with the name and the default type (unspecified on this page, but probably private). The namespace can be given the type desired by an (undocumented) namespace setting: namespace inbox ( type = Is this correct? Thanks - jon From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 00:47:39 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 23:47:39 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626214739.GA8465@daniel.localdomain> Rolf wrote: > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Manual page "man 2 setegid" states that setegid() sets the effective group ID of the calling process. Unprivi- leged user processes may only set the effective group ID to the real group ID, the effective group ID or the saved set-group-ID. Your "postfix" user is a member of group "mail", but "mail" which you configured as "mail_privileged_group = vmail" is neither the primary group of user "postfix", nor is it the effective group id of the calling postfix process. Therefore you might get the error as documented in the manpage setegid(2): EPERM The calling process is not privileged (Linux: does not have the CAP_SETUID capability in the case of seteuid(), or the CAP_SET- GID capability in the case of setegid()) and euid (respectively, egid) is not the real user (group) ID, the effective user (group) ID, or the saved set-user-ID (saved set-group-ID). Regards Daniel -- https://plus.google.com/103021802792276734820 From ssilva at sgvwater.com Wed Jun 27 01:10:33 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 15:10:33 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: on 6/26/2012 2:19 PM Jonathan Ryshpan spake the following: > On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: >> on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: >>> I'm trying to set up a dovecot server for which mail arrives in an mbox, >>> and mail is stored in a maildir. The wiki (see >>> http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and >>> Maildir". It advises handling this situation by creating two >>> namespaces: one for the mbox and the other for the maildir. Each of >>> these namespaces starts with >>> namespace private { >>> >>> On the other hand the sample configuration in the documentation puts >>> inbox in a namespace starting with: >>> namespace inbox { >>> # Namespace type: private, shared or public >>> #type = private >>> >>> It appears that there has been a change in the configuration syntax >>> after the wiki was written, and that the word following namespace >>> no longer gives a property of the namespace, but rather its name. >>> Is this correct? In any case, how should the configuration be modified > >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? > > Thanks - jon > > > > I am not sure, as I am using pure maildir... Follow the wiki, as there is an example there for mbox inbox and maildir message store... Mixed mbox and Maildir If you have your INBOX as mbox in /var/mail/username and the rest of the mailboxes in Maildir format under ~/Maildir, you can do this by creating two namespaces: namespace { separator = / prefix = "#mbox/" location = mbox:~/mail:INBOX=/var/mail/%u inbox = yes hidden = yes list = no } namespace { separator = / prefix = location = maildir:~/Maildir } From slusarz at curecanti.org Wed Jun 27 01:23:23 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 16:23:23 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: <20120626162323.Horde._ABQfIF5lbhP6jZb2CnwFcA@bigworm.curecanti.org> Quoting Timo Sirainen : > Well, I had completely forgotten about it :) Reading my old mail: > >> There isn't a whole lot of state to be saved really. Mailbox GUID, >> UIDVALIDITY, >> HIGHESTMODSEQ gives the mailbox state. Then you have the >> language/etc. states. >> Clients could restore their earlier state from days ago, as long as Dovecot >> still has the necessary .log records available (similar to how >> QRESYNC works). > > Yeah .. Perhaps something like: > > 1. if client issues LOGOUT XSTATE > > 2. And server sees that it can actually save all of the state (some > things are a bit tricky, and probably not worth the trouble in > initial implementation) > > 3. Then the server server sends > * OK XSTATE > * BYE This makes sense. Although wouldn't it be: * OK [XSTATE ] State saved. > 4. The client can pipeline after LOGIN/AUTHENTICATE: > a XSTATERESTORE > a OK Yeah! > or > a NO Not gonna work. Couple of suggestions here: 1) Maybe allow XSTATERESTORE to be sent BEFORE authentication also/instead? The way that Dovecot would restore state might be different from the way another IMAP server would restore state. It's possible that another server could optimize things if, at authentication time, it knew it was going to restore state. i.e.: a XSTATERESTORE a OK Will attempt to restore state. b (LOGIN/AUTHENTICATE command) * OK [XSTATERESTOREOK] State restored. -- or -- * OK [XSTATERESTORENO] State NOT restored. b OK Logged in. 2) Could extend LOGIN/AUTHENTICATE to accept XSTATERESTORE parameter. Pros: saves round-trip. Cons: extending LOGIN/AUTHENTICATE at this stage of IMAP 4 development is probably overkill (Although this implementation already requires extending the LOGOUT command) > Perhaps even a real RFC for this thing? .. If it's worth it.. Would > save at least a few X bytes from network traffic :) It could potentially be a few more than X bytes. Here's an extreme example of the potential savings: Initial connection: ------------------- 1 (LOGIN/AUTHENTICATE) 1 OK Logged in. 2 CAPABILITY * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE ACL RIGHTS=texk 2 OK Capability completed. 3 ID ("name" "foo" "version" "1.0") * ID ("name" "foo2" "version" "bar2" "os" "linux") 3 OK ID completed 4 ENABLE QRESYNC * ENABLED QRESYNC 4 OK Enabled. 5 COMPARATOR "de;*" i;basic * COMPARATOR i;basic 5 OK Will use i;basic for collation 6 LANGUAGE DE * LANGUAGE (DE) * NAMESPACE (("" "/")) (("Other Users/" "/" "TRANSLATION" ("Andere Ben&APw-tzer/"))) (("Public Folders/" "/" "TRANSLATION" ("Gemeinsame Postf&AM8-cher/"))) 6 OK Sprachwechsel durch LANGUAGE-Befehl ausgefuehrt [IMAP session] 50 LOGOUT XSTATE * OK [XSTATE 123abc] * BYE Subsequent connection: ---------------------- 1 XSTATERESTORE 123abc 1 OK Will attempt to restore state. 2 (LOGIN/AUTHENTICATE) * OK [XSTATERESTOREOK] State restored. 2 OK Angemeldet. Given this (admittedly) extreme example, the savings are 689 bytes (+126 bytes for staterestore overhead, -815 bytes for state setup). Additionally, the server/client have to process 4 less IMAP commands. This is a significant savings IMHO. Whether or not this is appropriate for a real RFC, it would probably be useful to document in RFC fashion regardless. michael From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 08:44:16 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 07:44:16 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: > > Timo: I'm not sure if you are saying that all client-side caching is wrong. > If so, I'm going to disagree with you, especially when dealing with more > complex data structures. it is always good - on WAN links. From robert at schetterer.org Wed Jun 27 09:23:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 08:23:21 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: <4FEAA6D9.2090208@schetterer.org> Am 27.06.2012 07:44, schrieb Wojciech Puchar: >> >> Timo: I'm not sure if you are saying that all client-side caching is >> wrong. If so, I'm going to disagree with you, especially when dealing >> with more complex data structures. > > > it is always good - on WAN links. Hi, i dont wanna flame into this thread, cause its heavy tec stuff which i dont really fit in but for some webmail you can use http://imapproxy.org/ its running here fine with squirrelmail and roundcube -- Best Regards MfG Robert Schetterer From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 10:32:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 09:32:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FEAA6D9.2090208@schetterer.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: > > Hi, i dont wanna flame into this thread, cause its heavy tec stuff > which i dont really fit in > > but for some webmail you can use http://imapproxy.org/ the discussion was about if running proxy at all make sense. Proxies are to reduce traffic or server load by avoiding repetitive requests. With dovecot it's unlikely proxy itself will be faster, so second reason doesn't exist. With same computer or fast lan or virtual lan (==normal way of running webmail) first reason doesn't exist. From robert at schetterer.org Wed Jun 27 10:51:02 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 09:51:02 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: <4FEABB66.2020802@schetterer.org> Am 27.06.2012 09:32, schrieb Wojciech Puchar: >> >> Hi, i dont wanna flame into this thread, cause its heavy tec stuff >> which i dont really fit in >> >> but for some webmail you can use http://imapproxy.org/ > > the discussion was about if running proxy at all make sense. > > Proxies are to reduce traffic or server load by avoiding repetitive > requests. > > With dovecot it's unlikely proxy itself will be faster, so second reason > doesn't exist. > > With same computer or fast lan or virtual lan (==normal way of running > webmail) first reason doesn't exist. Hi, sorry ,only my meaning, beside coding layout questions about dovecot etc which is clearly not my case for questions like: "does a proxy make sense" there will never be an uni right answer the answer may ever depend on what fits best at your side general setup/layout -- Best Regards MfG Robert Schetterer From zimmys76 at web.de Wed Jun 27 10:53:36 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Wed, 27 Jun 2012 09:53:36 +0200 Subject: [Dovecot] last hope... public namespace and directory structure Message-ID: <000601cd5439$f613bc50$e23b34f0$@web.de> hello, I would like to migrate to dovecot, but I have a problem with a public namespace declaration: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid And here are the relevant parts from the configuration: namespace { location = maildir:/var/mail/vhosts/%d/public prefix = Public. separator = . type = public } namespace inbox { prefix = separator = . subscriptions = yes type = private } I assume that all folders under ./public/ are public mailboxes. The public folder itself is not a maildir, but contains the team mailboxes i.e. ./public/.sales/ ./public/.service/ ./public/.purchase/ The file passwd for those 3 samples looks like this: sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase Note: All other users have mail_location /var/mail/vhosts/%d/%n Now a have the following problem: If I login in as user sales and create a folder foo and in there a folder bar. The directory structure is: ./public/. sales /.foo and /public/. sales /.foo.bar that?s exactly what I?m expect. Now I logon as ?normal? user. I can see the namespace Public with the sales mailbox but no subfolder foo or foo.bar. Now I create also the folders foo and in there bar, but the result is to me unexpected ;-): ./public/. sales ./public/. sales.foo ./public/. sales.foo.bar Looking forward to your comment, Daniel From mailinglist at august.de Wed Jun 27 11:38:57 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:38:57 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626201036.GA6929@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: Am 2012-06-26 22:10, schrieb Daniel Parthey: > Rolf wrote: >> Am 2012-06-25 23:59, schrieb Daniel Parthey: >> >Hi Rolf, >> > >> >Rolf wrote: >> >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Doesn't lda(rolf) mean it is being executed under user "rolf", > not root or dovecot? could be. However, following your mail I tried several alternatives for grouping, made the user itself part of mail group, made postfix and dovecot part of the users real group, made all part of roots real group, made the users part of postfix and dovecot real group ... I could have made failures in trying all this combinations but the failure remained in any case. (I switched all back for security reasons, the failure is still there.) > > How exactly do you invoke lda from your /etc/postfix/master.cf? these are my lines from /etc/postfix/main.cf: #mailbox_command = procmail -a "$EXTENSION" mailbox_command = /usr/lib/dovecot/deliver if I switch procmail back on the input gets delivered and I can see them using roundcube as a client for dovecot. > > You might also try to use LMTP via TCP to deliver mails > from postfix to dovecot to work around any permission problems. > LMTP would be new to me and I fear just other hard-to-understand configuration topics. What I did as a workaround is to have a last rule in each .dovecot.sieve: fileinto "rest". It works and this way the INBOX is no longer needed. >> I have installed dovecot and docecot-sieve by Debians aptitude > > You don't seem to be the only one with these problems, see Debian > BTS: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 Do not understand how they have solved the problem. Changing 0660 to 0600 for the /var/mail/user mboxes (with user:mail for user:group) seems not to be a logical solution - have not tried that. From mailinglist at august.de Wed Jun 27 11:45:14 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:45:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626214739.GA8465@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626214739.GA8465@daniel.localdomain> Message-ID: <47949791e5f9fa35b1136eba76b378cb@august.de> Am 2012-06-26 23:47, schrieb Daniel Parthey: > Rolf wrote: >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Manual page "man 2 setegid" states that > Yes, thank you Daniel for pointing me to this subjects. Now I got a bit a deeper understanding how a file gets executed. My problem is that I do not exactly know from the error message who is starting what by which effective group id and to what group id it tries to switch. All guessing did not lead to a result. I tried: postfix is starting deliver with the effective group id "postfix" and wants to set the group id either to "mail" or to "rolf". But no success. From tss at iki.fi Wed Jun 27 12:04:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:04:19 +0300 Subject: [Dovecot] [PATCH] GSSAPI authorization and virtual users In-Reply-To: <1331057521.84875.2.camel@leela.office.red-redemption.com> References: <1330973136.70967.33.camel@leela.office.red-redemption.com> <1331057521.84875.2.camel@leela.office.red-redemption.com> Message-ID: <1340787859.25551.47.camel@innu> On Tue, 2012-03-06 at 18:12 +0000, Sam Morris wrote: > On Mon, 2012-03-05 at 20:52 +0200, Timo Sirainen wrote: > > On 5.3.2012, at 20.45, Sam Morris wrote: > > > > > 3. The credentials lookup triggers an info log message saying that > > > credentials for GSSAPI were requested, "but we have only (e.g.) > > > MD5-CRYPT". The authplugin doesn't actually want the credential, > > > but I think that the only way the authplugin can trigger a > > > passdb lookup is by requesting it. > > > > I'll look at the rest more closely later, but this should be an easy fix: request "" instead of "GSSAPI". > > Thanks for pointing that out. Here's a newer version of the patch with > that change. I also realised that the gss_buffer is not required in the > code that runs once the passdb lookup is complete, so I removed the code > that stashes it in struct gssapi_auth_request. I finally looked into this and did some changes. Does it still work? :) http://hg.dovecot.org/dovecot-2.2/rev/183adc90781c From tss at iki.fi Wed Jun 27 12:25:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:25:31 +0300 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 In-Reply-To: <4FDF66E1.5050009@beardz.net> References: <4FDF66E1.5050009@beardz.net> Message-ID: <1340789131.25551.48.camel@innu> On Mon, 2012-06-18 at 18:35 +0100, Jase Thew wrote: > The reporting script at its core calls : > > doveadm -f flow mailbox status -A -t 'messages vsize' '*' > > It appears that Dovecot 2.1.7 is not resetting the vsize after collating > the sum total of mailboxes sizes for each user, so that vsize just > constantly increases as it iterates over each user. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/d8d587bd5a29 From tss at iki.fi Wed Jun 27 12:30:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:30:01 +0300 Subject: [Dovecot] pop3c_master_user In-Reply-To: <4FDFAE8C.9000208@mur.at> References: <4FDFAE8C.9000208@mur.at> Message-ID: <1340789401.25551.49.camel@innu> On Tue, 2012-06-19 at 00:41 +0200, Martin Schitter wrote: > the configuration keyword "pop3c_master_user" mentioned in the dsync > migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does > not work for dovecot 2.1.7. > > a config line like: "pop3c_master_user = cyrus" will produce this error: > > doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf > line 33: Unknown setting: pop3c_master_user Added: http://hg.dovecot.org/dovecot-2.1/rev/06ba409a63d3 From tss at iki.fi Wed Jun 27 12:31:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:31:46 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> Message-ID: <1340789506.25551.51.camel@innu> On Wed, 2012-06-20 at 14:40 +1100, ???????? ????????? ?????????? wrote: > but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? You'll have to mark the host down in SQL, and change your SQL query to return something else for the "host" value when that host is down (either another host or NULL to let director handle it). From tss at iki.fi Wed Jun 27 12:37:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:37:13 +0300 Subject: [Dovecot] doveadm proxy kick in director setups In-Reply-To: <20120621144829.GA8792@hawkeye.rutgers.edu> References: <20120621144829.GA8792@hawkeye.rutgers.edu> Message-ID: <1340789833.25551.54.camel@innu> On Thu, 2012-06-21 at 10:48 -0400, Tom Pawlowski wrote: > Something I noticed on a 2.1.7 director test cluster (two directors, > three backends): 'doveadm proxy kick user' will kick all connections > for that user on that director only. Any additional connections on other > directors will remain active unless the command is run on all directors. > > Are the proxy and director sub-commands intended to be separate and > distinct in their operation? If so, then this makes sense, as a proxy > isn't necessarily a director. They are separate, yes. > Are there any plans for a proxy kick equivalent that would work > across directors? With director it would be possible to kick all users that match the user's 32bit hash. If there are hash collisions then it would kick also other users.. Another possibility would be to create something that allows running the same doveadm command in all directors, but ssh pretty much can do that already. :) From tss at iki.fi Wed Jun 27 12:50:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:50:20 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Message-ID: <1340790620.25551.60.camel@innu> On Sat, 2012-06-23 at 07:04 +0200, Emmanuel Dreyfus wrote: > Hello > > I am having a hard time with users using POP while leaving mailboxes > of several gigabyte cumulated. This causes a lot of disk I/O and kills > performancs for everyone. I try to encourage people migrating to > IMAP, but that migration will take some time, and therefore I am looking > for alterantive ways to workaround the problem. What mailbox format do you use? This shouldn't be a problem with for example mdbox, probably not with sdbox either and with mbox/maildir there are settings that can improve this. Or are you not talking about opening the mailbox, but about clients redownloading all the mails all the time? > I found pop3-throttle-plugin.c, which seems a smart way to solve the > problem, unfortunately it comes with no documentation. I was able to > build it and load it, bu itsays nothing in the logs. Is there any > doc somewhere? Any advices on how to set it up? It's about allowing clients to see only X new mails per Y time. But I don't see how that would help with your problem if that's related to old mails. Anyway, quick docs: "touch /etc/dovecot/pop3-throttle-enabled" to enable the throttling plugin { pop3_throttle_max_msgs = 10 pop3_throttle_max_kbytes = 1024 } Which allows a single user to see max 10 new messages or max 1 MB of new messages per 15 minutes, whichever limit comes first. After 15 minutes more messages become visible again to reach the limit. The 15 minute limit is configurable by recompiling: #define POP3_THROTTLE_STATE_RESET_SECS (60*15) From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 13:01:51 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 11:01:51 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions Timo, Thanks for pointing me in the right direction . . I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . At least I know exactly where the problems are now, thanks! ~ James. From amateo at um.es Wed Jun 27 14:10:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 27 Jun 2012 13:10:09 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache Message-ID: <4FEAEA11.1070900@um.es> Hi, We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From lists at wildgooses.com Wed Jun 27 14:40:38 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 27 Jun 2012 12:40:38 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <4FEAF136.9070509@wildgooses.com> On 23/06/2012 13:20, Wojciech Puchar wrote: >>> >>> it is already enormous overshoot in hardware specs. And i do not >>> really catch why you have "4 in parallel" servers. >>> And finally i cannot understand this dividing of servers just to >>> merging it back using VMWare. >> >> because it is a big difference if you have anything in a single >> machine or splittet in virtual machines - you can move them at >> runtime to different hosts and if you run out of ressources > > ok - for me it is just likes. You have higher change to have the need > to move at the first place doing this :) Actually, I'm a huge buyer of "virtualisation". There is *no other* way that people should be running their servers right now... (hand waving sweeping generalisation - obviously add context, etc, before taking literally). There are various types of virtualisation solution and they have pros and cons, but I think there is close to zero reason not to use some kind of virtualisation option for all new deployments. Probably he is using something clever like vmware esx - I like the theory there where you can literally fail over a running machine to new hardware, without even stopping it running, very neat. I personally use linux-vservers which are almost identical to running on bare metal server (it's kind of a fancy form of chroot), this means I don't have commercial grade failover, but it only takes 5-15 seconds to "reboot" each container, so that's an acceptable downtime for my requirements. Good luck! Ed W From manu at netbsd.org Wed Jun 27 14:55:09 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Wed, 27 Jun 2012 11:55:09 +0000 Subject: [Dovecot] pop3-throttle In-Reply-To: <1340790620.25551.60.camel@innu> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> Message-ID: <20120627115509.GF27064@homeworld.netbsd.org> On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: > What mailbox format do you use? This shouldn't be a problem with for > example mdbox, probably not with sdbox either and with mbox/maildir > there are settings that can improve this. This is mbox. > Or are you not talking about opening the mailbox, but about clients > redownloading all the mails all the time? I don't think the client downloads the whole mailbox each time. It takes so long on a 1 GB mbox that the users would have complained. However, I can see a lot of disk I/O activity for pop daemon operating on the bigger mbox (easy to spot looking at the process uid) -- Emmanuel Dreyfus manu at netbsd.org From tss at iki.fi Wed Jun 27 15:22:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:22:18 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <20120627115509.GF27064@homeworld.netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> <20120627115509.GF27064@homeworld.netbsd.org> Message-ID: <78425DD3-20B3-4155-A465-7F05140BEC27@iki.fi> On 27.6.2012, at 14.55, Emmanuel Dreyfus wrote: > On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: >> What mailbox format do you use? This shouldn't be a problem with for >> example mdbox, probably not with sdbox either and with mbox/maildir >> there are settings that can improve this. > > This is mbox. > >> Or are you not talking about opening the mailbox, but about clients >> redownloading all the mails all the time? > > I don't think the client downloads the whole mailbox each time. It > takes so long on a 1 GB mbox that the users would have complained. > However, I can see a lot of disk I/O activity for pop daemon operating > on the bigger mbox (easy to spot looking at the process uid) Try mbox_very_dirty_syncs=yes From tss at iki.fi Wed Jun 27 15:24:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:24:37 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEAEA11.1070900@um.es> References: <4FEAEA11.1070900@um.es> Message-ID: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> On 27.6.2012, at 14.10, Angel L. Mateo wrote: > We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? Nope. What do you need it for? From tss at iki.fi Wed Jun 27 15:29:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:29:00 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FE59B9E.1050009@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> Message-ID: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> On 23.6.2012, at 13.34, Charles Marcus wrote: > It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. > > Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... The problem with those is that it depends on the installation. Each user may need different permissions. Many installations don't have a way to list users to even do a userdb lookup. I guess it would be possible to write such a tool for specific installations where it could work, but it wouldn't work everywhere.. From CMarcus at Media-Brokers.com Wed Jun 27 15:34:18 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 27 Jun 2012 08:34:18 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> Message-ID: <4FEAFDCA.3060902@Media-Brokers.com> On 2012-06-27 8:29 AM, Timo Sirainen wrote: > On 23.6.2012, at 13.34, Charles Marcus wrote: >> It would be nice if there were a wiki page specifically describing >> how permissions should be set for all of the services/directories >> that dovecot uses. >> >> Even better would be a dovecot/doveconf command that would test the >> permissions and, if possible, even fix them (like the postfix >> 'set-permissions' command)... > The problem with those is that it depends on the installation. Each > user may need different permissions. Many installations don't have a > way to list users to even do a userdb lookup. I guess it would be > possible to write such a tool for specific installations where it > could work, but it wouldn't work everywhere. Hmmm... I wonder how postfix does it then... maybe it doesn't have as many potential variations I guess? Is there maybe just a basic/standard set of permissions that can work for many installations, then have a way to detect non-standard installs and just provide a link to a wiki page describing things in more detail? Is there a wiki page for this already? I didn't find one... -- Best regards, Charles From r.vicinus at metaways.de Wed Jun 27 16:10:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Wed, 27 Jun 2012 15:10:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE85FD4.8090708@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> Message-ID: <4FEB0645.6000302@metaways.de> Hi, if i delete the home directory and all content below an existing account user at example.org. Then run: /usr/bin/doveadm quota recalc -u user at example.org and afterwards: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: i get the following errors: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=501 gid=123 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.129.3.196:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Error: Can't delete mailbox INBOX: INBOX can't be deleted. dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Trash doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Sent doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Info: INBOX: only in dest (guid=54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Info: Trash: only in source (guid=7f5af7ba291b2df1a11d573bdb55d7e9) dsync(user at example.org): Info: Sent: only in source (guid=bfb2e03fdce327671e82bf173b1ccb8b) dsync(user at example.org): Info: INBOX: only in source (guid=c92f64f79f0d1ed01e6d5b314f04886c) dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox c92f64f79f0d1ed01e6d5b314f04886c dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected is this an intented behaviour or is this a bug in quota recalc? if i delete the home directory again after the quota recalc recreated it no errors are reported and the mail are all copied as intended. Kind regards Reinhard -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot.conf.txt URL: From ckubu at so36.net Wed Jun 27 16:26:21 2012 From: ckubu at so36.net (ckubu) Date: Wed, 27 Jun 2012 15:26:21 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 In-Reply-To: <201206241221.16044.ckubu@so36.net> References: <201206241221.16044.ckubu@so36.net> Message-ID: <201206271526.22116.ckubu@so36.net> hallo, > after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work > properly. something went wrong in dict service connecting the postgres > backend. that happens not on every connection. the db connection data are > correct, no difference connecting via tcp or linux socket. > > dovecot log entries: > Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 > (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || > db- > > >cur_result == NULL) > > Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) > [0x7ffc7d8e578a] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) > [0x7ffc7d8e57d6] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) > [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] > -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> > dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> > dovecot/dict(main+0x169) [0x4059f9] -> > /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() > [0x404b59] > Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 > killed with signal 6 (core dumps disabled) > > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota > calculation error > Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > > maybe i have missconfigured the dovecot system, but i don't find the > mistake. can anybody give me a hint ? It seem's, that these errors occcures, if acl support ist activated. i deactivated acl support last night for a while, and no such errors occured. I can't make long term test, because that is a produktion system and i switched back to version 2.0.9, which runs with acl support but without that errors . bw Christoph > > ----- doveconf -n > # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 > auth_mechanisms = plain login digest-md5 cram-md5 apop > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_translation = %@ > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /var/run/dovecot/ > dict { > acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > } > disable_plaintext_auth = no > first_valid_gid = 5000 > first_valid_uid = 5000 > hostname = mx.warenform.de > last_valid_gid = 5000 > last_valid_uid = 5000 > listen = 178.63.63.151 2a01:4f8:121:c5::2 > mail_gid = vmail > mail_location = maildir:/var/vmail/%d/%n/Maildir > mail_plugins = autocreate quota expire acl > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > namespace { > list = children > location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Spam { > special_use = \Junk > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > plugin { > acl = vfile > acl_shared_dict = proxy::acl > autocreate = Spam > autocreate2 = Sent > autocreate3 = Trash > autocreate4 = Drafts > autosubscribe = Spam > autosubscribe2 = Sent > autosubscribe3 = Trash > autosubscribe4 = Drafts > expire = Trash > expire2 = Trash.* > expire3 = Spam > expire_dict = proxy::expire > quota = dict:User quota::proxy::quota > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+200M > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > recipient_delimiter = > sieve = ~/.dovecot.sieve > sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve > sieve_dir = ~/sieve > sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ > } > postmaster_address = admin at warenform.de > protocols = imap pop3 sieve lmtp > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0600 > user = vmail > } > } > service dict { > unix_listener dict { > mode = 0600 > user = vmail > } > } > service imap-login { > inet_listener imap { > address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener imaps { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > process_min_avail = 16 > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > address = 127.0.0.1 > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener pop3s { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = vmail > } > user = dovecot > } > shutdown_clients = no > ssl_cert = ssl_key = syslog_facility = local1 > userdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = autocreate quota expire acl sieve > } > protocol lda { > mail_plugins = autocreate quota expire acl sieve > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 24 > mail_plugins = autocreate quota expire acl imap_quota imap_acl > ssl_cert = ssl_key = } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > ssl_cert = ssl_key = } > > > ----- sql-dict.conf.ext: > > connect = host=/var/run/postgresql user=db_user password=db_passwd > dbname=db_name > > # quota > map { > pattern = priv/quota/storage > table = quota2 > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota2 > username_field = username > value_field = messages > } > > # expires > map { > pattern = shared/expire/$user/$mailbox > table = expires > value_field = expire_stamp > > fields { > username = $user > mailbox = $mailbox > } > } > > # acl > map { > pattern = shared/shared-boxes/user/$to/$from > table = user_shares > value_field = dummy > > fields { > from_user = $from > to_user = $to > } > } > > map { > pattern = shared/shared-boxes/anyone/$from > table = anyone_shares > value_field = dummy > > fields { > from_user = $from > } > } -- e: ckubu at so36.net From tss at iki.fi Wed Jun 27 17:24:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:24:51 +0300 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <4FE9DB4C.20309@Media-Brokers.com> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> <4FE9DB4C.20309@Media-Brokers.com> Message-ID: <603EF78F-44FB-4BAE-BBA1-A8D21E89043D@iki.fi> On 26.6.2012, at 18.54, Charles Marcus wrote: > My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? > > Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. There would be two possibilities: 1) Have aliases where the alias is visible with LIST and all other commands. Most clients will then show that mailbox duplicated with two names, probably causing user confusion. 2) Have aliases where the alias isn't visible with LIST, but it would be possible to APPEND/COPY messages there, or CREATE, SELECT, etc. I have no idea how different clients would behave with this behavior. Might work with some, or might not.. You can kind of emulate 2) behavior and see what happens by setting up namespaces like: namespace { prefix = separator = / inbox = yes list = no hidden = no } namespace { prefix = RealMails/ separator = / list = no hidden = yes } # I think there needs to be one list=yes namespace: namespace { prefix = something/ separator = / list = yes hidden = yes location = mbox:/var/lib/dovecot/empty } Anyway you could see if clients show the Drafts/Sent etc. mailboxes that they create and allows actually accessing them. From tss at iki.fi Wed Jun 27 17:30:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:30:26 +0300 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. > The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? It's mentioned in examples :) Yeah, could be more clearly mentioned in the wiki page too. Of course it's already in the example-config/conf.d/10-mail.conf file. The part in namespace { } should also be in the wiki page, although that's not namespace-specific thing at all, but works everywhere in dovecot.conf. It simply gives a (human-readable) name for the namespace within the configuration, it doesn't actually do anything. From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 19:10:17 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 17:10:17 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Hi, I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From wgrcunha at gmail.com Wed Jun 27 19:27:36 2012 From: wgrcunha at gmail.com (Francisco Wagner C. Freire) Date: Wed, 27 Jun 2012 13:27:36 -0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: I dont known about Angel, but for me is useful because sometimes i need to deactivate smtp/imap/pop access from accounts, or change their home after storage migration, and removing a specific record i can use a long time cache. On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > > > We have dovecot configured with auth cache. Is there any way to > remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > > From brad at pixilla.com Wed Jun 27 21:27:55 2012 From: brad at pixilla.com (Bradley Giesbrecht) Date: Wed, 27 Jun 2012 11:27:55 -0700 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Message-ID: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > Hi, > > I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) > > Am I missing something, or does everyone really build from source? I was not aware of this plugin. Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? http://wiki2.dovecot.org/Plugins/deleted-to-trash Regards, Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2724 bytes Desc: not available URL: From role.Dovecot-Readers at jlassocs.com Wed Jun 27 21:34:20 2012 From: role.Dovecot-Readers at jlassocs.com (J E Lyon) Date: Wed, 27 Jun 2012 19:34:20 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> Message-ID: On 27 Jun 2012, at 19:27, Bradley Giesbrecht wrote: > On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > >> Hi, >> >> I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) >> >> Am I missing something, or does everyone really build from source? > > I was not aware of this plugin. > > Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? > http://wiki2.dovecot.org/Plugins/deleted-to-trash Hi Brad, Well, it could be a configurable folder name, or not, but it doesn't matter _too_ much . . Looking at various IMAP clients, they already use a variety of folder names, so if I access my IMAP account using my MacBook and my Android and an installation of MS-Outlook, then I might end up with a Deleted folder *and* a Trash folder. It doesn't much matter, I can undelete within an application where I've accidentally hit "delete" and if I'm looking further back for something deleted last week, I can search both folders if I can't remember where it was deleted. It all works out adequately in the end -- from an end user's point of view -- even if it's not very pretty from a software design point of view. J. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 21:47:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 27 Jun 2012 20:47:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: <20120627184736.GA7546@daniel.localdomain> Rolf wrote: > LMTP would be new to me and I fear just other hard-to-understand > configuration topics. LMTP (Lightweight Message Transfer Protocol) is really simple, similar to SMTP, but immediately returns a status code which tells whether the delivery has been successful or not. I encourage you to read this HOWTO: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Dovecot listens and accepts mails on the LMTP service port, postfix delivers mails directly into this LMTP service port. Since it is an additional service, you should be able to try it first, without interfering with your deliver functionality. Here you can read, how the LMTP communication looks like: http://de.wikipedia.org/wiki/LMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From ef at math.uni-bonn.de Wed Jun 27 23:18:45 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Wed, 27 Jun 2012 22:18:45 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? Message-ID: <20120627201844.GX57210@trav.math.uni-bonn.de> With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? E.g. something that would extend user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? From jonrysh at pacbell.net Thu Jun 28 02:34:15 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Wed, 27 Jun 2012 16:34:15 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> Message-ID: <1340840055.2391.26.camel@amito> On Wed, 2012-06-27 at 17:30 +0300, Timo Sirainen wrote: > On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: > > >> If you are working with 2.0 or later dovecot, you should be at > >> http://wiki2.dovecot.org/Namespaces > > > > I am using 2.1.7 . I surmise from this Namespace page that the form: > > namespace { > > where is one of "public", "private", or "shared" creates an > > unnamed namespace of type while the form: > > namespace { > > where is none of "public", "private", or "shared", creates a > > namespace with the name and the default type (unspecified on this > > page, but probably private). > > I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. Quite right; this comes from a reading of pages in both wiki1 and wiki2. I now surmise that this isn't a good idea since wiki1 describes v1.x and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is all this correct? > > The namespace can be given the type > > desired by an (undocumented) namespace setting: > > namespace inbox ( > > type = > > Is this correct? > > It's mentioned in examples :) Yeah, could be more clearly mentioned in > the wiki page too. Of course it's already in the > example-config/conf.d/10-mail.conf file. The part in namespace > { } should also be in the wiki page, although that's not > namespace-specific thing at all, but works everywhere in dovecot.conf. > It simply gives a (human-readable) name for the namespace within the > configuration, it doesn't actually do anything. It looks like it does *something*, since 15-mailboxes.conf contains the lines: # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { I am continuing to attempt to set up dovecot to keep its mail store in maildir form while receiving it from an mbox, but without success. Dovecot reports the error that it can't create the file ~/mail/.imap/INBOX (and also that it can't chown it to user mail, not surprising since it doesn't exist). This seems reasonable, since jonrysh (that is me) is not a member of the group mail. What should be done next? Should I join the group mail? It seems that this should not be necessary in general. The mail store is in ~/maildir, so what is the function of the mbox ~/mail? Dovecot must be misconfigured, but it's not clear to a newbie like myself what's wrong. Any advice would be appreciated. I have attached an extract from maillog showing the errors (dovecot.log) dovecot reports (dovecot.log), and the output of dovecot -n (dovecot-n). Thanks for your help - jon -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot.log Type: text/x-log Size: 2636 bytes Desc: not available URL: -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace data { location = maildir:~/Dovecot prefix = separator = . } namespace inbox { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = "#mbox." separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: Message-ID: Francisco Wagner C. Freire writes: > On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > >> On 27.6.2012, at 14.10, Angel L. Mateo wrote: >> >>> We have dovecot configured with auth cache. Is there any way to >> remove a specific entry (not all) from this cache? >> >> Nope. What do you need it for? > > I dont known about Angel, but for me is useful because sometimes i need to > deactivate smtp/imap/pop access from accounts, or change their home after > storage migration, and removing a specific record i can use a long time > cache. I'm not sure that the auth cache holds that information, but I think you can at least invalidate a particular auth cache entry by 1) Changing the user password (and save the previous hash) 2) Authenticate using the new credentials (and invalidate the auth cache entry). For example, you can just do a manual connection on your dovecot server x login someuser newpassword This will replace the cache entry with a new one. 3) When you are ready to put the account back online, change the password back to the original. A password mismatch forces a resync to your authentication system which will restore the auth cache. Joseph Tam From dlie76 at yahoo.com.au Thu Jun 28 07:53:39 2012 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 27 Jun 2012 21:53:39 -0700 (PDT) Subject: [Dovecot] (no subject) Message-ID: <1340859219.73690.YahooMailNeo@web113410.mail.gq1.yahoo.com> http://ccomplaint.com/Vocational-Schools/googlesave.html?otv=vby.mig&himoj=yug.jyg&fob=ihol From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 08:54:01 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 07:54:01 +0200 (CEST) Subject: [Dovecot] indexer-worker Message-ID: why this process (which most probably do squat index/update) runs as root, not - like imap process - as user? 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker From tss at iki.fi Thu Jun 28 09:39:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:39:45 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120627201844.GX57210@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> Message-ID: <1340865585.25551.61.camel@innu> On Wed, 2012-06-27 at 22:18 +0200, Edgar Fu? wrote: > With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? > E.g. something that would extend > user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d > to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? The "mail" field defaults to mail_location setting. Other fields you can put to plugin {} section. From tss at iki.fi Thu Jun 28 09:43:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:43:49 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: References: Message-ID: <1340865829.25551.64.camel@innu> On Wed, 2012-06-27 at 19:08 -0700, Joseph Tam wrote: > > I dont known about Angel, but for me is useful because sometimes i need to > > deactivate smtp/imap/pop access from accounts, or change their home after > > storage migration, and removing a specific record i can use a long time > > cache. > > I'm not sure that the auth cache holds that information, userdb lookups are also cached. > but I think you > can at least invalidate a particular auth cache entry by > > 1) Changing the user password (and save the previous hash) > 2) Authenticate using the new credentials (and invalidate > the auth cache entry). For example, you can just > do a manual connection on your dovecot server > > x login someuser newpassword > > This will replace the cache entry with a new one. > > 3) When you are ready to put the account back online, change the > password back to the original. A password mismatch forces > a resync to your authentication system which will restore > the auth cache. This works for passdb cache, but not for userdb cache. It would be possible to add a doveadm command for this.. I think the main reason why I already didn't do it last time I was asked this was because I wanted to use "doveadm auth cache flush" or something similar as the command, but there already exists "doveadm auth" command and "cache flush" would be treated as username=cache password=flush :( Anyone have thoughts on a better doveadm command name? Or should I just break it and have v2.2 use "doveadm auth check" or something for the old "doveadm auth" command? From tss at iki.fi Thu Jun 28 09:46:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:46:27 +0300 Subject: [Dovecot] indexer-worker In-Reply-To: References: Message-ID: <1340865987.25551.67.camel@innu> On Thu, 2012-06-28 at 07:54 +0200, Wojciech Puchar wrote: > why this process (which most probably do squat index/update) runs as root, > not - like imap process - as user? > > 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker It runs as root while not really doing anything, but when it starts accessing users' files it temporarily drops privileges. This is necessary if users have multiple different UIDs. If you have only one UID e.g. vmail, you could set: service indexer-worker { user = vmail } There are a couple of ways to do this automatically whenever it's possible.. I guess I'll add those to v2.2. From tss at iki.fi Thu Jun 28 09:49:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:49:10 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FEAFDCA.3060902@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> <4FEAFDCA.3060902@Media-Brokers.com> Message-ID: <1340866150.25551.70.camel@innu> On Wed, 2012-06-27 at 08:34 -0400, Charles Marcus wrote: > On 2012-06-27 8:29 AM, Timo Sirainen wrote: > > On 23.6.2012, at 13.34, Charles Marcus wrote: > >> It would be nice if there were a wiki page specifically describing > >> how permissions should be set for all of the services/directories > >> that dovecot uses. > >> > >> Even better would be a dovecot/doveconf command that would test the > >> permissions and, if possible, even fix them (like the postfix > >> 'set-permissions' command)... > > > The problem with those is that it depends on the installation. Each > > user may need different permissions. Many installations don't have a > > way to list users to even do a userdb lookup. I guess it would be > > possible to write such a tool for specific installations where it > > could work, but it wouldn't work everywhere. > > Hmmm... I wonder how postfix does it then... maybe it doesn't have as > many potential variations I guess? Postfix internally doesn't really use anything except root and postfix users. Dovecot can be configured in many different ways to handle mail users and that configuration affects quite a many settings. > Is there maybe just a basic/standard set of permissions that can work > for many installations, then have a way to detect non-standard installs > and just provide a link to a wiki page describing things in more detail? I guess there could be two common settings described: Virtual users with one UID, and system users with multiple UIDs. > Is there a wiki page for this already? I didn't find one... Maybe something could be written under http://wiki2.dovecot.org/UserIds From tss at iki.fi Thu Jun 28 09:53:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:53:29 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FEB0645.6000302@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> Message-ID: <1340866409.25551.72.camel@innu> On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: > Hi, > > if i delete the home directory and all content below an existing account > user at example.org. Then run: > > /usr/bin/doveadm quota recalc -u user at example.org Are you sure quota recalc makes a difference here? What if you simply run doveadm twice? > and afterwards: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: > > dsync(user at example.org): Error: Mailbox INBOX changed its GUID > (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) > dsync(user at example.org): Error: msg iteration failed: Couldn't open > mailbox c92f64f79f0d1ed01e6d5b314f04886c Bug/"feature" .. you could try if running with "imapc:/tmp/imapc-username" instead of "imapc:" helps. From tss at iki.fi Thu Jun 28 09:58:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:58:06 +0300 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <000601cd5439$f613bc50$e23b34f0$@web.de> References: <000601cd5439$f613bc50$e23b34f0$@web.de> Message-ID: <1340866686.25551.75.camel@innu> On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and create a > folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From r.vicinus at metaways.de Thu Jun 28 10:03:52 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 28 Jun 2012 09:03:52 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <1340866409.25551.72.camel@innu> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> Message-ID: <4FEC01D8.6010405@metaways.de> On 28/06/12 08:53, Timo Sirainen wrote: > On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: >> Hi, >> >> if i delete the home directory and all content below an existing account >> user at example.org. Then run: >> >> /usr/bin/doveadm quota recalc -u user at example.org > Are you sure quota recalc makes a difference here? What if you simply > run doveadm twice? Running doveadm twice without quota recalc prior works without problems. >> and afterwards: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw >> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >> >> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >> dsync(user at example.org): Error: msg iteration failed: Couldn't open >> mailbox c92f64f79f0d1ed01e6d5b314f04886c > Bug/"feature" .. you could try if running with > "imapc:/tmp/imapc-username" instead of "imapc:" helps. This works also without problems. So thanks for your help because this solves my problem. Let me know if i should test something more. From amateo at um.es Thu Jun 28 10:04:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 28 Jun 2012 09:04:46 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: <4FEC020E.9020802@um.es> El 27/06/12 14:24, Timo Sirainen escribi?: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >> We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. For example, when I made the question, home directory's of one user changed and all mails to him was been discarted because of this and I had to flush all cache to solve this. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From zimmys76 at web.de Thu Jun 28 10:41:15 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 28 Jun 2012 09:41:15 +0200 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <1340866686.25551.75.camel@innu> References: <000601cd5439$f613bc50$e23b34f0$@web.de> <1340866686.25551.75.camel@innu> Message-ID: <001001cd5501$66201800$32604800$@web.de> Hello Timo, Thanks for your reply. I have the dovewiki a little bit misunderstod. "Public mailboxes are typically mailboxes that are visible to all users or to large user groups. They are created by defining a public namespace, under which all the shared mailboxes are" Daniel -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Timo Sirainen Gesendet: Donnerstag, 28. Juni 2012 08:58 An: Daniel Fischer Cc: dovecot at dovecot.org Betreff: Re: [Dovecot] last hope... public namespace and directory structure On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and > create a folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From role.Dovecot-Readers at JLAssocs.com Thu Jun 28 10:48:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Thu, 28 Jun 2012 08:48:43 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> References: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> Message-ID: <4665F4E5-F6F8-43FE-AF57-4F793590DAB7@JLAssocs.com> Timo & List, Just by way of a follow-up, running tests on a 1.0 installation of Dovecot confirms it. Sure enough, I was still configuring my mail stores based on my outdated understanding and hadn't fully appreciated changes to what dovecot-shared files affect in recent versions. Thanks all, J. On 27 Jun 2012, at 11:01, J E Lyon wrote: > On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > >> So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions > > > Timo, > > Thanks for pointing me in the right direction . . > > I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. > > So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. > > So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . > > At least I know exactly where the problems are now, thanks! > > ~ James. From ef at math.uni-bonn.de Thu Jun 28 12:19:33 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Thu, 28 Jun 2012 11:19:33 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <1340865585.25551.61.camel@innu> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> Message-ID: <20120628091933.GB58060@trav.math.uni-bonn.de> > The "mail" field defaults to mail_location setting. Ah, yes, thanks. So simple I didn't think of it. Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? From tss at iki.fi Thu Jun 28 13:31:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 13:31:33 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120628091933.GB58060@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> <20120628091933.GB58060@trav.math.uni-bonn.de> Message-ID: <73D0D0C9-01EC-4B6E-A22C-C7A1F74A0B63@iki.fi> On 28.6.2012, at 12.19, Edgar Fu? wrote: >> The "mail" field defaults to mail_location setting. > Ah, yes, thanks. So simple I didn't think of it. > Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? The default settings are in dovecot.conf. LDAP attributes that are returned by the LDAP server override those settings. From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 13:38:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 12:38:18 +0200 (CEST) Subject: [Dovecot] indexer-worker In-Reply-To: <1340865987.25551.67.camel@innu> References: <1340865987.25551.67.camel@innu> Message-ID: >> 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker > > It runs as root while not really doing anything, but when it starts > accessing users' files it temporarily drops privileges. This is > necessary if users have multiple different UIDs. to showed it with root privilege and 60% CPU load+disk I/O when doing text search over not yet indexed folder. > If you have only one UID e.g. vmail, you could set: > i'm not sure what you exactly mean. I have simplest possible config - mail accounts are unix accounts and mail is at Maildir my config below # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> <4FEC01D8.6010405@metaways.de> Message-ID: <4FEC3915.9010304@metaways.de> On 28/06/12 09:03, Reinhard Vicinus wrote: >>> and afterwards: >>> >>> /usr/bin/doveadm -o imapc_user=user at example.org -o >>> imapc_password=imappw >>> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >>> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >>> >>> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >>> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >>> dsync(user at example.org): Error: msg iteration failed: Couldn't open >>> mailbox c92f64f79f0d1ed01e6d5b314f04886c >> Bug/"feature" .. you could try if running with >> "imapc:/tmp/imapc-username" instead of "imapc:" helps. > This works also without problems. So thanks for your help because this > solves my problem. Let me know if i should test something more. > Sorry, I either made a mistake in my test setup or i can't reproduce it, but adding imapc:/tmp/imapc-username instead of imapc: doesn't help. I have circumvented my problem by changing the quota values directly in the database in my migration process. But there is the following difference between using imapc:/tmp/imapc-username and plain imapc: if i backup a single, on both servers empty mailbox with different guids from the non dovecot imap server to the dovecot imap server, then plain imapc: throws some errors but works, imapc:/tmp/imapc-username throws more errors and only deletes the mailbox on the destination. Test setup is as follow: Both accounts don't contain a mailbox Test1: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 /usr/bin/doveadm mailbox status -u user at example.org all Test1 Create Mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test1 Create Mailbox Test1 on the dovecot server: doveadm mailbox create -u user at example.org Test1 List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test1 Test1 messages=0 recent=0 uidnext=1 uidvalidity=1340879819 unseen=0 highestmodseq=1 vsize=0 guid=a8076214cb33ec4f396700004f99b03d Start Backup with imapc:/tmp/user: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test1 imapc:/tmp/user dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 0f6e69ad71659995677b43f8a8312025 dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org all Test1 result: the mailbox Test1 on the dovecot server got deleted. with plain imapc: copying works but there are also still error messages: Create Mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test2 Create Mailbox Test2 on the dovecot server: doveadm mailbox create -u user at example.org Test2 List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=1340879820 unseen=0 highestmodseq=1 vsize=0 guid=a19eee292435ec4f676a00004f99b03d Start Backup with imapc: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test2 imapc: dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=87993 unseen=0 highestmodseq=1 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e If instead of a normal Mailbox the special mailbox INBOX is used there are still more errors and both ways don't work. I think because backup isn't able to delete the mailbox INBOX on the destination site. So i'll make sure that when i migrate an account the mail destination is really empty. From a.kostyrev at serverc.ru Thu Jun 28 15:01:54 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:01:54 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Hello! somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. Does anybody in here actually use this setup? I've decided to give it a try, but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. thanks! From lists at wildgooses.com Thu Jun 28 15:15:09 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:15:09 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Message-ID: <4FEC4ACD.20104@wildgooses.com> On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:22:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:22:41 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: > Note that you wouldn't get anything back from a similar fail of a RAID10 > array either (unless we are talking temporary removal and re-insertion?) use multiple RAID1 arrays, 2 drives each, one filesystem each. From a.kostyrev at serverc.ru Thu Jun 28 15:32:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:32:47 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> >Note that you wouldn't get anything back from a similar fail of a RAID10 array either I wasn't aware of it, that's interesting. >(unless we are talking temporary removal and re-insertion?) nope, I'm talking about complete pair's crash when two disks die. I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but when we have 12 or 24 disks in storage... -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Ed W Sent: Thursday, June 28, 2012 11:15 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:46:36 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:46:36 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: >> (unless we are talking temporary removal and re-insertion?) > nope, I'm talking about complete pair's crash when two disks die. > I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but > when we have 12 or 24 disks in storage... then may 6-12 filesystems. overall probability of double disk failure is same, but you will loose 1/6-1/12 of data. > From lists at wildgooses.com Thu Jun 28 15:56:46 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:56:46 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: <4FEC548E.4030405@wildgooses.com> On 28/06/2012 13:46, Wojciech Puchar wrote: >>> (unless we are talking temporary removal and re-insertion?) >> nope, I'm talking about complete pair's crash when two disks die. >> I do understand that's the possibility of such outcome (when two >> disks in the same pair crash) is not high, but >> when we have 12 or 24 disks in storage... > > then may 6-12 filesystems. overall probability of double disk failure > is same, but you will loose 1/6-1/12 of data. But the compromise is that you gain the complexity of maintaining more filesystems and needing to figure out how to split your data across multiple filesystems The options today however seem to be only: - RAID6 (suffers slow write speeds, especially for smaller files) - RAID1 pairs with striping (raid0) over the top. (doesn't achieve max speeds for small files. 2 disk failures a problem. No protection against "silent corruption" of 1 disk) - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg md-linear+XFS / BTRFS. With the filesystem aware of the underlying arrangement it can theoretically optimise file placement and dramatically increase write speeds for small files in the same manner that RAID-0 theoretically achieves. (However, still no protection against "silent" single drive corruption unless btrfs perhaps adds this in the future?) So given the statistics show us that 2 disk failures are much more common than we expect, and that "silent corruption" is likely occurring within (larger) real world file stores, there really aren't many battle tested options that can protect against this - really only RAID6 right now and that has significant limitations... RAID1+XFS sounds very interesting. Curious to hear some failure testing on this now. Also I'm watching btrfs with a 12 month+ view Cheers Ed W From a.kostyrev at serverc.ru Thu Jun 28 16:06:07 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 29 Jun 2012 00:06:07 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> >- RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >md-linear+XFS / BTRFS. With the filesystem aware of the underlying >arrangement it can theoretically optimise file placement and >dramatically increase write speeds for small files in the same manner >that RAID-0 theoretically achieves. (However, still no protection >against "silent" single drive corruption unless btrfs perhaps adds this >in the future?) not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. From mailinglist at august.de Thu Jun 28 17:36:46 2012 From: mailinglist at august.de (mailinglist) Date: Thu, 28 Jun 2012 16:36:46 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120627184736.GA7546@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: Am 2012-06-27 20:47, schrieb Daniel Parthey: > Rolf wrote: >> LMTP would be new to me and I fear just other hard-to-understand >> configuration topics. > > LMTP (Lightweight Message Transfer Protocol) is really simple, > similar to SMTP, but immediately returns a status code which > tells whether the delivery has been successful or not. > > I encourage you to read this HOWTO: > http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > Dovecot listens and accepts mails on the LMTP service port, > postfix delivers mails directly into this LMTP service port. > > Since it is an additional service, you should be able to try > it first, without interfering with your deliver functionality. > > Here you can read, how the LMTP communication looks like: > http://de.wikipedia.org/wiki/LMTP > > Regards > Daniel Yes, Daniel, thank you. I had found this pieces from your privious mail. I understand that LMTP is an alternative to SMTP when it comes to mail communication inside a server or a local network. I understand that LMTP is newer. But if you look at incoming mail via SMTP on socket 25 and than look at the mail via roundcoube (communicating with dovecot) what is the difference and why should I care? That is - if I introduce LMTP - postfix will talk to dovecot by a different protocol. Correct? Will dovecot change its behavior? As I am not an SMTP insider (never did SMTP using telnet) I hardly understand what this change could do to my problem. Wouldn't dovecot LDA "deliver" still try to change the INBOX and will have access problems that I do not understand? Do you have a link for me, explaining what "deliver" does with a mail that is not subject to any of the "fileinto" of a sieve filter? What user accounts are involved in that function? Why does it not work with the Debian default that a user is not a member of the group "mail" that is assigned to their INBOX? (If this is part of the problem what I do not know for sure, yet.) From garyamort at gmail.com Thu Jun 28 17:43:29 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 10:43:29 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services Message-ID: I did some searching in the mail archives and didn't see any discussion of integration with AWS, so I wanted to through out my thoughts/plans and see if it has been done before. I am setting up my own personal website on EC2 along with an email server, and I really don't like the idea of using the disk drive as permanent mail storage. EBS is too small instance storage is ephermeral. Looking over the docs, the dbox format seems most easily copied for my needs. http://wiki2.dovecot.org/MailboxFormat/dbox To make life easy, I'll stick with just single-dbox as a start, however multi-dbox would be doable. With dbox, the only thing that I need to change is the alternate storage model: "An upshot of the way alternate storage works is that any given storage file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can only appear *either* in the primary storage area *or* the alternate storage area but not both ? if the corresponding file appears in both areas then there is an inconsistency." First I want to add AWS S3 as a storage option for alternate storage. Then instead of the above model, the new model would be that email is always stored in alternate storage, and may be in primary storage. So, when mail comes in, I'd have Dovecot save the email to the alternate storage S3 bucket and update the indexs and other information[ideally, for convenience purposes, a few bits of relevant indexing information can be stored as metadata in the S3 object - sufficient so that instead of retrieving the entire S3 object, just the meta data can be pulled to build indexes. When a client attempts to retrieve an email message, Dovecot would check primary storage as it does now, if the message is not found than it will retrieve it from the alternate storage system AND store a copy in the primary storage. Primary storage can be periodically purged, have quota's to keep it from growing too large, etc. In this way, primary storage can be viewed as a message cache, just keeping the messages that are currently of interest, while S3 is the real data. [Ideally, this can be expanded so that when a message comes in, in addition to storing a copy in S3, an AWS SNS notification can be issued so if multiple IMAP servers are running, they can all subscribe to the same SNS channel and update themselves as needed]. This give me unlimited disk storage at S3 prices, I would even like to be able to set a few options based on the folder, so I can enable versioning on important message folders, use the even cheaper reduced redundancy storage for archives, and set expiration dates on email in the trash and spam folders so S3 will automatically purge the messages after a month. Secondly, I'd like to replace the Mysql database usage with a simpleDB database. While simpleDB lacks much of MySQL's sophistication, it doesn't seem that Dovecot is really using any of that, so simpleDB can be functionally equivalent. The primary purpose of using simpleDB is that this way the entire Dovecot system can be ephermeral. When a properly configured dovecot AMI is launched, it will start up, pull it's config data from an S3 bucket, subscribe to the SNS channel for new updates, and then start the Dovecot server. It won't care if it is the only Dovecot server, or if there are 500 other servers running. They all share the same simpleDB database. Whenever any change is made that is relevant to server configuration, a notice is generated to SNS, and all the email is stored in S3. As a starting point, I'm thinking the best place for me to start coding is the single-s3-dbox message store as it has the least moving parts[mainly just fix up the save function to run the way I need it to, and the retrieve function to make a local copy of any incoming email...additional metadata functionality can be added later]. Has anyone else been working on something similar? -Gary From lists at wildgooses.com Thu Jun 28 19:20:26 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 17:20:26 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> Message-ID: <4FEC844A.9090302@wildgooses.com> On 28/06/2012 14:06, ???????? ????????? ?????????? wrote: >> - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >> md-linear+XFS / BTRFS. With the filesystem aware of the underlying >> arrangement it can theoretically optimise file placement and >> dramatically increase write speeds for small files in the same manner >> that RAID-0 theoretically achieves. (However, still no protection >> against "silent" single drive corruption unless btrfs perhaps adds this >> in the future?) > not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. > Bad things are going to happen if you loose a complete chunk of your filesystem. I think the current state of the world is that you should assume that realistically you will be looking to your backups if you loose the wrong 2 disks in a raid1 or raid10 array. However, the thing which worries me more with multidisk arrays is accidental disconnection of multiple disks, eg backplane fails, or a multi-lane connector is accidently unplugged. Linux MD raid often seems to have the ability to reconstruct arrays after such accidents. I don't have more recent experience with hardware controller arrays, but I have (sadly) found that such a situation is terminal on some older hardware controllers... Interested to hear other failure modes (and successful rescues) from RAID1+linear+XFS setups? Cheers Ed W From CMarcus at Media-Brokers.com Thu Jun 28 19:54:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 12:54:38 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC844A.9090302@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> Message-ID: <4FEC8C4E.1020209@Media-Brokers.com> On 2012-06-28 12:20 PM, Ed W wrote: > Bad things are going to happen if you loose a complete chunk of your > filesystem. I think the current state of the world is that you should > assume that realistically you will be looking to your backups if you > loose the wrong 2 disks in a raid1 or raid10 array. Which is a very good reason to have at least one hot spare in any RAID setup, if not 2. RAID10 also statistically has a much better chance of surviving a multi drive failure than RAID5 or 6, because it will only die if two drives in the same pair fail, and only then if the second one fails before the hot spare is rebuilt. -- Best regards, Charles From tss at iki.fi Thu Jun 28 20:14:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:14:29 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 17.43, Gary Mort wrote: > http://wiki2.dovecot.org/MailboxFormat/dbox > > To make life easy, I'll stick with just single-dbox as a start, however > multi-dbox would be doable. > > With dbox, the only thing that I need to change is the alternate storage > model: > "An upshot of the way alternate storage works is that any given storage > file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can > only appear *either* in the primary storage area *or* the alternate storage > area but not both ? if the corresponding file appears in both areas then > there is an inconsistency." Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > First I want to add AWS S3 as a storage option for alternate storage. > > Then instead of the above model, the new model would be that email is > always stored in alternate storage, and may be in primary storage. So, > when mail comes in, I'd have Dovecot save the email to the alternate > storage S3 bucket and update the indexs and other information[ideally, for > convenience purposes, a few bits of relevant indexing information can be > stored as metadata in the S3 object - sufficient so that instead of > retrieving the entire S3 object, just the meta data can be pulled to build > indexes. The indexes have to be in primary storage. > When a client attempts to retrieve an email message, Dovecot would check > primary storage as it does now, if the message is not found than it will > retrieve it from the alternate storage system AND store a copy in the > primary storage. I think the storing wouldn't be very useful. Most clients download the message once. There's no reason to cache it if it doesn't get downloaded again. The way it should work that new mails are immediately delivered to both primary and alt storage. > Secondly, I'd like to replace the Mysql database usage with a simpleDB > database. While simpleDB lacks much of MySQL's sophistication, it doesn't > seem that Dovecot is really using any of that, so simpleDB can be > functionally equivalent. Dovecot will probably get Redis and/or memcache backend for passdb+userdb. If simpledb is similar key-value database I guess the same code could be used partially. From tss at iki.fi Thu Jun 28 20:21:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:21:31 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> On 28.6.2012, at 20.14, Timo Sirainen wrote: >> "An upshot of the way alternate storage works is that any given storage >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >> only appear *either* in the primary storage area *or* the alternate storage >> area but not both ? if the corresponding file appears in both areas then >> there is an inconsistency." > > Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. Hmm. Although looking at the mdbox index rebuilding code: /* duplicate file. either readdir() returned it twice (unlikely) or it exists in both alt and primary storage. to make sure we don't lose any mails from either of the files, give this file a new ID and rename it. */ It probably shouldn't be doing that. sdbox isn't doing that: /* we were supposed to open the file in alt storage, but it exists in primary storage as well. skip it to avoid adding it twice. */ From tss at iki.fi Thu Jun 28 20:38:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:38:17 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 20.21, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > >>> "An upshot of the way alternate storage works is that any given storage >>> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >>> only appear *either* in the primary storage area *or* the alternate storage >>> area but not both ? if the corresponding file appears in both areas then >>> there is an inconsistency." >> >> Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. Hmm. I already implemented this by having it ignore the problem if the files have the same sizes, but then started wondering if there's really any point in doing that. m.* files can be appended to later, and altmoving always creates files with new numbers, and even if it does renaming there's duplicate suppression, so .. I guess there wasn't any point in doing that after all. From garyamort at gmail.com Thu Jun 28 20:55:50 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 13:55:50 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On Thu, Jun 28, 2012 at 1:14 PM, Timo Sirainen wrote: > On 28.6.2012, at 17.43, Gary Mort wrote: > > First I want to add AWS S3 as a storage option for alternate storage. > > > > Then instead of the above model, the new model would be that email is > > always stored in alternate storage, and may be in primary storage. So, > > when mail comes in, I'd have Dovecot save the email to the alternate > > storage S3 bucket and update the indexs and other information[ideally, > for > > convenience purposes, a few bits of relevant indexing information can be > > stored as metadata in the S3 object - sufficient so that instead of > > retrieving the entire S3 object, just the meta data can be pulled to > build > > indexes. > > The indexes have to be in primary storage. > > True, but the data they are based on I'm assuming does not include the full email message, just a few key pieces: uniqueid, subject, from, to, etc. For an always running server, the indexes are always up to date in primary. For a server starting up with no index data, it will need to rebuild the index information[or for a second server running when new email has been delivered]. As such, rather then download every single email message just for a few bits of key info, I can run a re-index process to pull just the meta information and grab the data from there. > > When a client attempts to retrieve an email message, Dovecot would check > > primary storage as it does now, if the message is not found than it will > > retrieve it from the alternate storage system AND store a copy in the > > primary storage. > > I think the storing wouldn't be very useful. Most clients download the > message once. There's no reason to cache it if it doesn't get downloaded > again. The way it should work that new mails are immediately delivered to > both primary and alt storage. > > I've got tons of space - so I don't mind having 750MB or so for primary email message storage. If I can track how many times a message was actually read, over time I can get an idea of how I use it and setup the primary storage purge rules accordingly. > > Secondly, I'd like to replace the Mysql database usage with a simpleDB > > database. While simpleDB lacks much of MySQL's sophistication, it > doesn't > > seem that Dovecot is really using any of that, so simpleDB can be > > functionally equivalent. > > Dovecot will probably get Redis and/or memcache backend for passdb+userdb. > If simpledb is similar key-value database I guess the same code could be > used partially. > > simpleDB is more like SQLLITE: "Amazon SimpleDB is a highly available and flexible non-relational data store that offloads the work of database administration. Developers simply store and query data items via web services requests and Amazon SimpleDB does the rest." http://aws.amazon.com/simpledb/ Data model: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/DataModel.html Domain == Table Item == row ItemName == primary key Attributes == column Value == data in column[multi value, so there can be multiple values for an attribute of an item] There is no built in key relationship between data, it's just one big flat table. Columns/Attributes only have 2 types, string or integer You query the data like an SQL table: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html Because there are no dates, it's best to store dates as UTC timestamps which are integers and can then be compared against numerically. The datastore is spread over multiple Amazon data servers and can take up to a second to sync, so there are two methods of querying the data. Default: eventually consistent read: get the data quickly Optional: consistent read: check /all/ datastores and get the latest data Since the data in simpleDB may not be updated frequently, a simple hack using the notification system could be: Before updating simpleDB send SNS notice that the data is being updated and where[domain, user, config] Update Data After updating simpleDB send SNS notice that the update is complete Other servers running can record data updating notices in memory and expire them in about 15 seconds. For any queries they want to make for that type of data in the next 15 seconds, they will use consistent read. The nice thing about using S3 and simpleDB is that I can completely skip a lot of steps in replication/distributed services as it is all handled already. And one can always take one set of api calls and substitute another for a different notification system, distributed database, and cloud file storage. From tss at iki.fi Thu Jun 28 21:04:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:04:55 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 20.55, Gary Mort wrote: >> The indexes have to be in primary storage. >> > True, but the data they are based on I'm assuming does not include the full > email message, just a few key pieces: > uniqueid, subject, from, to, etc. > > For an always running server, the indexes are always up to date in primary. > > For a server starting up with no index data, it will need to rebuild the > index information[or for a second server running when new email has been > delivered]. > As such, rather then download every single email message just for a few > bits of key info, I can run a re-index process to pull just the meta > information and grab the data from there. With sdbox you can't lose index files without also losing all message flags. And in general sdbox assumes that indexes are always up to date. >>> When a client attempts to retrieve an email message, Dovecot would check >>> primary storage as it does now, if the message is not found than it will >>> retrieve it from the alternate storage system AND store a copy in the >>> primary storage. >> >> I think the storing wouldn't be very useful. Most clients download the >> message once. There's no reason to cache it if it doesn't get downloaded >> again. The way it should work that new mails are immediately delivered to >> both primary and alt storage. >> >> > I've got tons of space - so I don't mind having 750MB or so for primary > email message storage. If I can track how many times a message was > actually read, over time I can get an idea of how I use it and setup the > primary storage purge rules accordingly. I'd be interested in knowing what those statistics will end up looking like. My guess is that it's not worth coding such feature, but of course some real world data would be better than my guesses :) >>> Secondly, I'd like to replace the Mysql database usage with a simpleDB >>> database. While simpleDB lacks much of MySQL's sophistication, it >> doesn't >>> seem that Dovecot is really using any of that, so simpleDB can be >>> functionally equivalent. >> >> Dovecot will probably get Redis and/or memcache backend for passdb+userdb. >> If simpledb is similar key-value database I guess the same code could be >> used partially. >> >> > simpleDB is more like SQLLITE: .. > You query the data like an SQL table: > http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html OK, so that would mean implementing lib-sql driver for SimpleDB and use sql passdb/userdb. From garyamort at gmail.com Thu Jun 28 21:04:51 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 14:04:51 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On Thu, Jun 28, 2012 at 1:21 PM, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > > >> "An upshot of the way alternate storage works is that any given storage > >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) > can > >> only appear *either* in the primary storage area *or* the alternate > storage > >> area but not both ? if the corresponding file appears in both areas then > >> there is an inconsistency." > > > > Whoever wrote that wasn't exactly correct (or clear). There's no problem > having the same file in both primary and alt storage. Only if the files are > different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. sdbox isn't doing that: > > /* we were supposed to open the file in alt storage, but it > exists in primary storage as well. skip it to avoid > adding > it twice. */ > > That's probably due to the different structures they use. sdbox can safely use either because each email message has a unique filename, and if it exists in both places it doesn't matter. mdbox though is different, multiple messages are stored in a single file. The index indicates in which file each message is located. When the data is moved to alt storage, the filename can change in which case the index is updated. IE: Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 along comes archiving and the new format is: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Since the archive rules can be based on a lot of different scenarios[and a message can even be archived from the command line], the filenames between Primary and Alternate are not the same - and in fact the same filename in each place could have different messages. For example: if messages are archived when a user sets an imap flag on them. So with the way it's written now, it's not possible to have a simple fallback by filename. It would be possible if the naming convention was strictly enforced, ie after archiving you have: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06282012 -- contains Msg008 Alt/Msg06272012 -- contains Msg005 Alt/Msg06262012 -- contains Msg001, Msg002 Now the index can simply say what file a message is in and doesn't have to specify primary or secondary, and the primary file with that name can be checked first, and then if it is not there check the alternate. From tss at iki.fi Thu Jun 28 21:12:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:12:30 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 21.04, Gary Mort wrote: > mdbox though is different, multiple messages are stored in a single file. > The index indicates in which file each message is located. When the data > is moved to alt storage, the filename can change in which case the index is > updated. > IE: > Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 > Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 > > along comes archiving and the new format is: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Yes, doveadm altmove works like this now. > Since the archive rules can be based on a lot of different scenarios[and a > message can even be archived from the command line], the filenames between > Primary and Alternate are not the same - and in fact the same filename in > each place could have different messages. For example: if messages are > archived when a user sets an imap flag on them. There shouldn't normally ever be a situation where the same filename is used in both storages, because every time a new file is created to either of the storages a new unique number is used. > So with the way it's written now, it's not possible to have a simple > fallback by filename. > > It would be possible if the naming convention was strictly enforced, ie > after archiving you have: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06282012 -- contains Msg008 > Alt/Msg06272012 -- contains Msg005 > Alt/Msg06262012 -- contains Msg001, Msg002 > > Now the index can simply say what file a message is in and doesn't have to > specify primary or secondary, and the primary file with that name can be > checked first, and then if it is not there check the alternate. This already works like that in the reading side. If you did altmoving by "mv m.123 /altstorage/..." instead of doveadm it would work. From jeep at rahul.net Thu Jun 28 21:15:20 2012 From: jeep at rahul.net (Jeff Lacki) Date: Thu, 28 Jun 2012 11:15:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340840055.2391.26.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> <1340840055.2391.26.camel@amito> Message-ID: <20120628181520.311C116D3CF@maya.rahul.net> Jonathan Ryshpan wrote: > Quite right; this comes from a reading of pages in both wiki1 and wiki2. > I now surmise that this isn't a good idea since wiki1 describes v1.x > and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is > all this correct? I too had a very hard time figuring out what was what in the new wiki for 2.1.7 and still havent figured it out and gave up since Ive had no time to get back into it. I had already spent 2-3 full days (in my spare time) trying to figure out the permissions nightmare in the logs. I was only able to get mbox working so I gave up and went on to my next issue, getting it to work with my iphone. My iphone 4 is not even connecting to dovecot imap/imaps on 993 when I tried to set that up. Nothing in the logs, such frustration across the board. Jeff /mf/home/jeep/shell/.signature From CMarcus at Media-Brokers.com Thu Jun 28 22:28:08 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 15:28:08 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: <4FECB048.9070205@Media-Brokers.com> On 2012-06-28 2:04 PM, Gary Mort wrote: > That's probably due to the different structures they use. sdbox > can safely use either because each email message has a unique > filename, and if it exists in both places it doesn't matter. Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT like maildir (one email = one file). > mdbox though is different, multiple messages are stored in a single > file. The diff between mdbox and sdbox is sdbox puts all messages for any given mailbox/folder in one sdbox file (just like mbox). Sdbox has a setting for the max filesize of the dbox file, and once an mdbox file exceeds that size, it creates a new mdbox file to start adding messages to. -- Best regards, Charles From acrow at integrafin.co.uk Thu Jun 28 23:22:09 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Thu, 28 Jun 2012 21:22:09 +0100 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECB048.9070205@Media-Brokers.com> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> Message-ID: <4FECBCF1.1050108@integrafin.co.uk> On 28/06/12 20:28, Charles Marcus wrote: > On 2012-06-28 2:04 PM, Gary Mort wrote: >> That's probably due to the different structures they use. sdbox >> can safely use either because each email message has a unique >> filename, and if it exists in both places it doesn't matter. > > Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT > like maildir (one email = one file). > Not according to the wiki: http://wiki2.dovecot.org/MailboxFormat/dbox dbox can be used in two ways: single-dbox (sdbox in mail location): One message per file, similar to Maildir. For backwards compatibility, dbox is an alias to sdbox in mail_location. multi-dbox (mdbox in mail location): Multiple messages per file, but unlike mbox multiple files per mailbox. So the parent appears to be right. Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at wildgooses.com Thu Jun 28 23:35:40 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 21:35:40 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC8C4E.1020209@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> Message-ID: <4FECC01C.90303@wildgooses.com> On 28/06/2012 17:54, Charles Marcus wrote: > On 2012-06-28 12:20 PM, Ed W wrote: >> Bad things are going to happen if you loose a complete chunk of your >> filesystem. I think the current state of the world is that you should >> assume that realistically you will be looking to your backups if you >> loose the wrong 2 disks in a raid1 or raid10 array. > > Which is a very good reason to have at least one hot spare in any RAID > setup, if not 2. > > RAID10 also statistically has a much better chance of surviving a > multi drive failure than RAID5 or 6, because it will only die if two > drives in the same pair fail, and only then if the second one fails > before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Search google for a recent very helpful expose on this. Basically RAID10 can sometimes tolerate multi-drive failure, but on average raid6 appears less likely to trash your data, plus under some circumstances it better survives recovering from a single failed disk in practice The executive summary is something like: when raid5 fails, because at that point you effectively do a raid "scrub" you tend to suddenly notice a bunch of other hidden problems which were lurking and your rebuild fails (this happened to me...). RAID1 has no better bad block detection than assuming the non bad disk is perfect (so won't spot latent unscrubbed errors), and again if you hit a bad block during the rebuild you loose the whole of your mirrored pair. So the vulnerability is not the first failed disk, but discovering subsequent problems during the rebuild. This certainly correlates with my (admittedly limited) experiences. Disk array scrubbing on a regular basis seems like a mandatory requirement (but how many people do..?) to have any chance of actually repairing a failing raid1/5 array Digressing, but it occurs there would be a potentially large performance improvement if spinning disks could do a read/rewrite cycle with the disk only moving a minimal distance (my understanding is this can't happen at present without a full revolution of the disk). Then you could rewrite parity blocks extremely quickly without re-reading a full stripe... Anyway, challenging problem and basically the observation is that large disk arrays are going to have a moderate tail risk of failure whether you use raid10 or raid5 (raid6 giving a decent practical improvement in real reliability, but at a cost in write performance). Cheers Ed W From CMarcus at Media-Brokers.com Fri Jun 29 00:06:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 17:06:37 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECBCF1.1050108@integrafin.co.uk> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> <4FECBCF1.1050108@integrafin.co.uk> Message-ID: <4FECC75D.4000209@Media-Brokers.com> On 2012-06-28 4:22 PM, Alex Crow wrote: > On 28/06/12 20:28, Charles Marcus wrote: >> On 2012-06-28 2:04 PM, Gary Mort wrote: >>> That's probably due to the different structures they use. sdbox >>> can safely use either because each email message has a unique >>> filename, and if it exists in both places it doesn't matter. >> Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT >> like maildir (one email = one file). > Not according to the wiki: > > http://wiki2.dovecot.org/MailboxFormat/dbox > > dbox can be used in two ways: > > single-dbox (sdbox in mail location): One message per file, > similar to Maildir. For backwards compatibility, dbox is an alias to > sdbox in mail_location. Now how the heck did I remember that so wrong?? Oh well, thanks for the correction... Sorry, OP... -- Best regards, Charles From kgc at corp.sonic.net Fri Jun 29 01:45:23 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 28 Jun 2012 15:45:23 -0700 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <4FECDE83.4090007@corp.sonic.net> On 06/28/12 05:56, Ed W wrote: > So given the statistics show us that 2 disk failures are much more > common than we expect, and that "silent corruption" is likely occurring > within (larger) real world file stores, there really aren't many battle > tested options that can protect against this - really only RAID6 right > now and that has significant limitations... Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for spools? Sorry if I've missed it and this has already come up. We're using Netapp/NFS, and are likely to continue to do so but still curious. -K From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 04:39:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 03:39:38 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEC020E.9020802@um.es> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> <4FEC020E.9020802@um.es> Message-ID: <20120629013938.GA8957@daniel.localdomain> Angel L. Mateo wrote: > El 27/06/12 14:24, Timo Sirainen escribi?: > >On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >>We have dovecot configured with auth cache. > >> Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. We for example, define the per-user quota via mysql userdb and it needs to be updated in a timely manner, after it has been changed in the database via a web interface. Since we are using a pre-fetch userdb from mysql (which uses the same mysql database as the passdb), we were required to reduce the auth cache ttl to one minute in order to ensure timely quota updates. It would be good if there was some mechanism to detect or force such changes without having to reduce caching time to one minute. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 05:01:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 05:01:53 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <1340865829.25551.64.camel@innu> References: <1340865829.25551.64.camel@innu> Message-ID: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> On 28.6.2012, at 9.43, Timo Sirainen wrote: > It would be possible to add a doveadm command for this.. I think the > main reason why I already didn't do it last time I was asked this was > because I wanted to use "doveadm auth cache flush" or something similar > as the command, but there already exists "doveadm auth" command and > "cache flush" would be treated as username=cache password=flush :( > > Anyone have thoughts on a better doveadm command name? Or should I just > break it and have v2.2 use "doveadm auth check" or something for the old > "doveadm auth" command? Perhaps for v2.2: doveadm auth test [] doveadm auth cache flush [] doveadm auth cache stats and for v2.1 a bit kludgy way: doveadm auth [] doveadm auth cache flush [] so you couldn't test authentication against "cache" user, but that's probably not a problem. From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 05:18:26 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 04:18:26 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> Message-ID: <20120629021826.GA10148@daniel.localdomain> Timo Sirainen wrote: > On 28.6.2012, at 9.43, Timo Sirainen wrote: > Perhaps for v2.2: > > doveadm auth test [] > doveadm auth cache flush [] > doveadm auth cache stats > > and for v2.1 a bit kludgy way: > > doveadm auth [] > doveadm auth cache flush [] > > so you couldn't test authentication against "cache" user, but that's probably not a problem. Hi there, wouldn't it be better to use a syntax similar to other doveadm commands, with labels for all arguments? doveadm auth test -u -p [] doveadm auth cache flush -u [] doveadm auth cache stats This will allow you to syntactically distinguish "commands" from "arguments". Otherwise you might run into the same "kludgy" syntax problem again, as soon as the number of subcommands changes. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 08:32:41 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 08:32:41 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <20120629021826.GA10148@daniel.localdomain> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> Message-ID: <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> On 29.6.2012, at 5.18, Daniel Parthey wrote: > wouldn't it be better to use a syntax similar to other doveadm commands, > with labels for all arguments? > > doveadm auth test -u -p [] > doveadm auth cache flush -u [] > doveadm auth cache stats > > This will allow you to syntactically distinguish "commands" from "arguments". > Otherwise you might run into the same "kludgy" syntax problem again, as soon > as the number of subcommands changes. The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:18:53 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:18:53 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: > The executive summary is something like: when raid5 fails, because at that > point you effectively do a raid "scrub" you tend to suddenly notice a bunch > of other hidden problems which were lurking and your rebuild fails (this and no raid will protect you from every failure. You have to do backups. EOT From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:19:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:19:23 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECDE83.4090007@corp.sonic.net> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for yes. long time ago. ZFS isn't useful for anything more than a toy. I/O performance is just bad. From lists at svrinformatica.it Fri Jun 29 09:35:12 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 08:35:12 +0200 Subject: [Dovecot] auth service: out of memory Message-ID: <4FED4CA0.4010303@svrinformatica.it> Hi, I have some out of memory errors in my logs (file errors.txt attached) I'm using dovecot 2.0.19, I can see some memory leaks fix in hg after the 2.0.19 release but they seem related to imap-login service, I attached my config too, is something wrong there? Should I really increase the limit based on my settings? Can these commits fix the reported leak? http://hg.dovecot.org/dovecot-2.0/rev/6299dfb73732 http://hg.dovecot.org/dovecot-2.0/rev/67f1cef07427 Please note that the auth service is restarted when it reach the limit so no real issues, please advice thanks Nicola -------------- next part -------------- cat /var/log/mail.log | grep "Out of memory" Jun 28 11:48:24 server1 dovecot: master: Error: service(auth): child 31301 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:50:18 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:50:18 server1 dovecot: master: Error: service(auth): child 10782 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:52:43 server1 dovecot: master: Error: service(auth): child 16854 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:54:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:54:01 server1 dovecot: master: Error: service(auth): child 23378 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:55:09 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:55:09 server1 dovecot: master: Error: service(auth): child 28203 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:56:07 server1 dovecot: master: Error: service(auth): child 32570 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:57:01 server1 dovecot: master: Error: service(auth): child 5136 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:57 server1 dovecot: master: Error: service(auth): child 9245 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:58:52 server1 dovecot: master: Error: service(auth): child 13779 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:59:49 server1 dovecot: master: Error: service(auth): child 18260 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:01:03 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 12:01:03 server1 dovecot: master: Error: service(auth): child 22181 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:03:24 server1 dovecot: auth: Fatal: pool_system_malloc(3144): Out of memory Jun 28 12:03:24 server1 dovecot: master: Error: service(auth): child 27253 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 default_vsz_limit = 128 M disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.example.com last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at example.com protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> Message-ID: <4FED55B6.1020902@um.es> El 29/06/12 07:32, Timo Sirainen escribi?: > On 29.6.2012, at 5.18, Daniel Parthey wrote: > >> wouldn't it be better to use a syntax similar to other doveadm commands, >> with labels for all arguments? >> >> doveadm auth test -u -p [] >> doveadm auth cache flush -u [] >> doveadm auth cache stats >> >> This will allow you to syntactically distinguish "commands" from "arguments". >> Otherwise you might run into the same "kludgy" syntax problem again, as soon >> as the number of subcommands changes. > > The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. > > Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Jun 29 10:19:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:19:59 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED4CA0.4010303@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> Message-ID: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> On 29.6.2012, at 9.35, Mailing List SVR wrote: > I have some out of memory errors in my logs (file errors.txt attached) How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. From tss at iki.fi Fri Jun 29 10:20:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:20:58 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FED55B6.1020902@um.es> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> <4FED55B6.1020902@um.es> Message-ID: On 29.6.2012, at 10.13, Angel L. Mateo wrote: > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. There's already doveadm director move command. From lists at svrinformatica.it Fri Jun 29 10:39:25 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:39:25 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> Message-ID: <4FED5BAD.9060605@svrinformatica.it> Il 29/06/2012 09:19, Timo Sirainen ha scritto: > On 29.6.2012, at 9.35, Mailing List SVR wrote: > >> I have some out of memory errors in my logs (file errors.txt attached) > How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. > > ps aux report this: dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth thanks Nicola From tss at iki.fi Fri Jun 29 10:45:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:45:00 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED5BAD.9060605@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: On 29.6.2012, at 10.39, Mailing List SVR wrote: > Il 29/06/2012 09:19, Timo Sirainen ha scritto: >> On 29.6.2012, at 9.35, Mailing List SVR wrote: >> >>> I have some out of memory errors in my logs (file errors.txt attached) >> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >> >> > ps aux report this: > > dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth > > before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux > > dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. If you want to, you could also test with valgrind if there's a leak: service auth { executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth } You'd then need to restart the auth process to make valgrind output the leaks. From lists at svrinformatica.it Fri Jun 29 10:51:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:51:42 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: <4FED5E8E.8070301@svrinformatica.it> Il 29/06/2012 09:45, Timo Sirainen ha scritto: > On 29.6.2012, at 10.39, Mailing List SVR wrote: > >> Il 29/06/2012 09:19, Timo Sirainen ha scritto: >>> On 29.6.2012, at 9.35, Mailing List SVR wrote: >>> >>>> I have some out of memory errors in my logs (file errors.txt attached) >>> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >>> >>> >> ps aux report this: >> >> dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth >> >> before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux >> >> dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth > So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. I increased the limit to 192MB or should I set the limit to 256MB or more? I'll wait some days to see if still crash > > If you want to, you could also test with valgrind if there's a leak: > > service auth { > executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth > } > > You'd then need to restart the auth process to make valgrind output the leaks. for now I prefer to avoid valgrind on a production server if the crash persist with the new limit I'll setup a test environment and I'll run valgrind there, thanks Nicola From ef at math.uni-bonn.de Fri Jun 29 12:43:31 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Fri, 29 Jun 2012 11:43:31 +0200 Subject: [Dovecot] Preferred LDAP Attribute for home/mail location Message-ID: <20120629094330.GJ58060@trav.math.uni-bonn.de> Is there, among the dovocot community, any preferred LDAP schema and attribute to use for setting the home/mail storage location? Some people seem to use the qmail schema, some a Jamm schema (whatever that is), and Markus Effinger has even created a dovecot schema (https://www.effinger.org/blog/2009/01/11/eigenes-ldap-schema-erstellen/). There may be more. I could even create my own given we have been assigned an official OID a decade ago anyway. However, sometimes I prefer to use what most other people do. I would effectively only need to store the name of the relevant NFS server. From amateo at um.es Fri Jun 29 14:02:26 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 29 Jun 2012 13:02:26 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) Message-ID: <4FED8B42.5010701@um.es> Hello, I have discovered a strange behaviour with director proxying... I have a user, its assigned server is 155.54.211.164. The problem is that I don't know why director sent him yesterday to a different server, because my server was up all the time. Moreover, I'm using poolmon in director servers to check availability of final servers and it didn't report any problem with the server. I have two load balanced director servers. Logs at these servers are: * logs directing him to the correct backend server Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master in: PASS#0111#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=52255 Jun 28 08:38:18 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master out: PASS#0111#011user=#011proxy#011proxy_timeout=150 Jun 28 08:38:18 myotis42 dovecot: lmtp(15889): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master in: PASS#01118#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.166#011rport=40008 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: static(,155.54.212.166): lookup Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master out: PASS#01118#011user=#011proxy#011proxy_timeout=150 Jun 28 08:39:59 myotis42 dovecot: lmtp(15361): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 * now, the other director server sends him to an incorrect backend server Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01134556#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01152763#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password * Now, the first director sends him to the incorrect one too Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master in: PASS#01132#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=46830 Jun 28 09:33:50 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master out: PASS#01132#011user=#011proxy#011proxy_timeout=150 Jun 28 09:33:50 myotis42 dovecot: lmtp(17284): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.162 proxy_refresh=450 I haven't found any error log for the correct backend server between the correct redirection and the incorrect one. In fact, I have lot of logs of other users directed to it, and logs of the same director directing connections to the correct server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 29 14:15:04 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:04 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: <4FED8E38.1020105@Media-Brokers.com> On 2012-06-28 4:35 PM, Ed W wrote: > On 28/06/2012 17:54, Charles Marcus wrote: >> RAID10 also statistically has a much better chance of surviving a >> multi drive failure than RAID5 or 6, because it will only die if two >> drives in the same pair fail, and only then if the second one fails >> before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Depends on what you mean exactly by 'incorrect'... I'm fairly sure that you do not mean that my comment that 'having a hot spare is good' is incorrect, so that leaves my last comment above... I'm far from expert (Stan? Where are you? Am looking forward to your comments here), but... > Search google for a recent very helpful expose on this. Basically RAID10 > can sometimes tolerate multi-drive failure, but on average raid6 appears > less likely to trash your data, plus under some circumstances it better > survives recovering from a single failed disk in practice 'Sometimes'... '...under some circumstances...' - hey, it's all a crapshoot anyway, all you can do is try to make sure the dice aren't loaded against you. > The executive summary is something like: when raid5 fails, because at > that point you effectively do a raid "scrub" you tend to suddenly notice > a bunch of other hidden problems which were lurking and your rebuild > fails (this happened to me...). RAID1 has no better bad block detection > than assuming the non bad disk is perfect (so won't spot latent > unscrubbed errors), and again if you hit a bad block during the rebuild > you loose the whole of your mirrored pair. Not true (at least not for real hardware based RAID controllers that I have ever worked with)... yes, it may revert to degraded mode, but you don't just 'lose' the RAID if the rebuild fails. You can then run filesystem check tools on the system, hopefully find/fix the bad sectors, then rebuild the array - I have had to do/done this before myself, so I know that this is possible. Also, modern enterprise SAS drives and RAID controllers do have hardware based algorithms to protect data integrity (much better than consumer grade drives at least). > So the vulnerability is not the first failed disk, but discovering > subsequent problems during the rebuild. True, but this applies to every RAID mode (RAID6 included). Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes can take many hours, or even days depending on drive sizes) - it is the stress of the rebuild that often causes a second drive failure, thereby killing your RAID, and RAID10 rebuilds happen *much* faster that RAID5/6 rebuilds (and are less stressful), so there is much less chance of losing another disk during a rebuild. > This certainly correlates with my (admittedly limited) experiences. > Disk array scrubbing on a regular basis seems like a mandatory > requirement (but how many people do..?) to have any chance of > actually repairing a failing raid1/5 array Regular scrubbing is something I will give some thought to, but again, your remarks are not 100% accurate... RAID is not quite so fragile as you make it out to be. -- Best regards, Charles From CMarcus at Media-Brokers.com Fri Jun 29 14:15:10 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:10 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: <4FED8E3E.5050905@Media-Brokers.com> On 2012-06-29 2:19 AM, Wojciech Puchar wrote: >> Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for > yes. long time ago. ZFS isn't useful for anything more than a toy. I/O > performance is just bad. Please stop with the FUD... 'long time ago'? No elaboration on what implementation/platform you 'played with'? With a proper implementation, ZFS is an excellent, mature, reliable option for storage... maybe not quite the fastest/highest performing screaming speed demon, but enterprises are concerned with more than just raw performance - in fact, data integrity tops the list. http://www.nexenta.com/corp/nexentastor http://www.freenas.org/ Yes, the LINUX version has a long way to go (due to stupid licensing restrictions it must be rewritten from scratch to get into the kernel), but personally I'm chomping at the bit for BTRFS, which looks like it is coming closer to usability for production systems (just got a basic fsck tool which now just needs to be perfected). -- Best regards, Charles From joe at tao.org.uk Fri Jun 29 08:02:16 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Fri, 29 Jun 2012 06:02:16 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: Kelsey Cummings wrote: > On 06/28/12 05:56, Ed W wrote: >> So given the statistics show us that 2 disk failures are much more >> common than we expect, and that "silent corruption" is likely occurring >> within (larger) real world file stores, there really aren't many battle >> tested options that can protect against this - really only RAID6 right >> now and that has significant limitations... > > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store > for spools? Sorry if I've missed it and this has already come up. > We're using Netapp/NFS, and are likely to continue to do so but still > curious. Hi Kelsey, We're running ZFS here, and have just started using dovecot on it. No stats yet to report, but you might be interested in this edge case. One of our server started behaving badly... the database would randomly crash and not restart due to corrupted indexed. It turns out that the memory had gone bad, and that it had been bad for a while. Disk blocks were getting corrupted on read, and some on write! Luckly because we were on ZFS, which checksums all data, we were able to detect and repair most of the data (some 80mb of bad blocks distributed evenly thoughout the entire file system!) automatically, and also know exactly which files were unrecoverable (in the end just two or three files!). Also, we have hourly snapshots of all the file systems, so we were able to recover older versions of those files with minimal loss. I will never rely on a non-checksumming file system for production use again, for data that is existed to persist over time. Joe From CMarcus at Media-Brokers.com Fri Jun 29 15:11:47 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 08:11:47 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: Message-ID: <4FED9B83.7070905@Media-Brokers.com> On 2012-06-29 1:02 AM, Dr Josef Karthauser wrote: > I will never rely on a non-checksumming file system for production > use again, for data that is existed to persist over time. Nice! I'm seriously considering buying a Nexenta Storage device if/when our storage needs require it... this just makes me want it more. :) Out of curiosity, were you using proper ECC memory? Ie, why did the bad memory go undetected for so long? -- Best regards, Charles From lists at wildgooses.com Fri Jun 29 19:07:56 2012 From: lists at wildgooses.com (Ed W) Date: Fri, 29 Jun 2012 17:07:56 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FED8E38.1020105@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> <4FED8E38.1020105@Media-Brokers.com> Message-ID: <4FEDD2DC.7080404@wildgooses.com> On 29/06/2012 12:15, Charles Marcus wrote: > On 2012-06-28 4:35 PM, Ed W wrote: >> On 28/06/2012 17:54, Charles Marcus wrote: >>> RAID10 also statistically has a much better chance of surviving a >>> multi drive failure than RAID5 or 6, because it will only die if two >>> drives in the same pair fail, and only then if the second one fails >>> before the hot spare is rebuilt. > >> Actually this turns out to be incorrect... Curious, but there you go! > > Depends on what you mean exactly by 'incorrect'... I'm sorry, this wasn't meant to be an attack on you, I thought I was pointing out what is now fairly obvious stuff, but it's only recently that the maths has been popularised by the common blogs on the interwebs. Whilst I guess not everyone read the flurry of blog articles about this last year, I think it's due to be repeated in increasing frequency as we go forward: The most recent article which prompted all of the above is I think this one: http://queue.acm.org/detail.cfm?id=1670144 More here (BARF = Battle Against Raid 5/4) http://www.miracleas.com/BAARF/ There are some badly phrased ZDnet articles also if you google "raid 5 stops working in 2009" Intel have a whitepaper which says: Intelligent RAID 6 Theory Overview And Implementation RAID 5 systems are commonly deployed for data protection in most business environments. However, RAID 5 systems only tolerate a single drive failure, and the probability of encountering latent defects [i.e. UREs, among other problems] of drives approaches 100 percent as disk capacity and array width increase. The upshot is that: - Drives often fail slowly rather than bang/dead - You will only scrub the array on a frequency F, which means that faults can develop since the last scrub (good on you if you actually remembered to set an automatic regular scrub...) - Once you decide to pull a disk for some reason to replace it, then with RAID1/5 (raid1 is a kind of degenerate form of raid5) you are exposed in that if a *second* error is detected during the rebuild then you are inconsistent and have no way to correctly rebuild your entire array - My experience is that linux-raid will stop the rebuild if a second error is detected during rebuild, but with some understanding it's possible to proceed (obviously understanding that data loss has therefore occurred). However, some hardware controllers will kick out the whole array if a rebuild error is discovered- some will not, but given the probability of a second error being discovered during rebuild is significantly non zero, it's worth worrying over this and figuring out what you do if it happens... > I'm fairly sure that you do not mean that my comment that 'having a > hot spare is good' is incorrect, Well, hotspare seems like a good idea, but the point is that the situation will be that you have lost parity protection. At that point you effectively run a disk scrub to rebuild the array. The probability of discovering a second error somewhere on your remaining array is non zero and hence your array has lost data. So it's not about how quickly you get the spare in, so much as the significant probability that you have two drives with errors, but only one drive of protection Raid6 increases this protection *quite substantially*, because if a second error is found on a stripe, then you still haven't lost data. However, a *third* error on a single stripe will lose data. The bad news: Estimates suggest that drive sizes will become large enough that RAID6 is insufficient to give a reasonable probability of successful repair of a single failed disk in around 7+ years time. So at that point there becomes a significant probability that the single failed disk cannot be successfully replaced in a RAID6 array because of the high probability of *two* additional defects becoming discovered on the same stripe of the remaining array. Therefore many folks are requesting 3 disk parity to be implemented (RAID7?) > 'Sometimes'... '...under some circumstances...' - hey, it's all a > crapshoot anyway, all you can do is try to make sure the dice aren't > loaded against you. And to be clear - RAID5/RAID1 has a very significant probability that once your first disk has failed, in the process of replacing that disk you will discover an unrecoverable error on your remaining drive and hence you have lost some data... > Also, modern enterprise SAS drives and RAID controllers do have > hardware based algorithms to protect data integrity (much better than > consumer grade drives at least). I can't categorically disagree, but I should check carefully your claims? My understanding is that there is minimal additional protection from "enterprise" stuff, and by that I'm thinking of quality gear that I can buy from the likes of newegg/ebuyer, not the custom SAN products from certain big name providers. It seems possible that the big name SAN providers implement additional protection, but at that point we are talking custom hardware and it's hard to analyse (or even get the full details) My limited understanding is that "enterprise" quality buys you only: - almost identical drives, but with a longer warranty and tighter quality control. We might hope for internal changes that improve longevity, but there is only minimal evidence of this - drives have certain firmware features which can be advantage, eg TLER type features - drives have (more) bad block reallocation sectors available, hence you won't get bad block warnings as quickly (which could be good or bad...) - controllers might have ECC ram in the cache ram However, whilst we might desire features which reduce the probability of failed block reads/writes, in practice I'm not aware that the common LSI controllers (et al) offer this and so in practice I don't think you get any useful additional protection from "enterprise" stuff? For example remember a few years back the google survey of drives from their data centers (and several others) where they observed that enterprise drives showed no real difference in failure characteristics from non enterprise drives. Also that SMART was a fairly poor predictor of failing drives... >> So the vulnerability is not the first failed disk, but discovering >> subsequent problems during the rebuild. > > True, but this applies to every RAID mode (RAID6 included). No, see RAID6 has a dramatically lower chance of this happening than RAID1/5. See this is the real insight and I think it's important that this fairly (obvious in retrospect) idea becomes widely known and understood to those who manage arrays. RAID6 needs a failed drive and *two* subsequent errors *per stripe* to lose data. RAID5/1 simply need one subsequent error *per array* to lose data. Quite a large difference! > Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes > can take many hours, or even days depending on drive sizes) - it is > the stress of the rebuild that often causes a second drive failure, > thereby killing your RAID, and RAID10 rebuilds happen *much* faster > that RAID5/6 rebuilds (and are less stressful), so there is much less > chance of losing another disk during a rebuild. Hmm, at least theoretically both need a full linear read of the other disks. The time for an idle array should be similar in both cases. Agree though that for an active array the raid5/6 generally causes more drives to read/write, hence yes, the impact is probably greater. However, don't miss the big picture, your risk is a second error occurring anywhere on the array with raid1/5, but with raid 6 your risk is *two* errors per stripe, ie you can fail a whole second drive and still continue rebuilding with raid6 >> This certainly correlates with my (admittedly limited) experiences. >> Disk array scrubbing on a regular basis seems like a mandatory >> requirement (but how many people do..?) to have any chance of >> actually repairing a failing raid1/5 array > > Regular scrubbing is something I will give some thought to, but again, > your remarks are not 100% accurate... RAID is not quite so fragile as > you make it out to be. We humans are all far too shaped by our own limited experiences. I'm the same. I personally feel that raid arrays *are* very fragile. Backups are often the option when you get multi-drive failures (even if theoretically the array is repairable). However, it's about the best option we have right now, so all we can do is be aware of the limitations... Additionally I have very much suffered this situation of a failing RAID5 which was somehow hanging together with just the odd uncorrectable read error reported here and there (once a month say). I copied off all the data and then as an experiment replaced one disk in this otherwise working array, which then triggered a cascade of discovered errors all over the disk and rebuilding was basically impossible. I was expecting it to fail of course and had proactively copied off the data, but my point was at that point all I had were hints of failure and the odd UCE report. Presumably my data was being quietly corrupted in the background though, and the recovered data (low value) is likely peppered with read errors... Scary if it had been high value data... Remember, remember: Raid5/6/1 does NOT do parity checking on read... Only fancy filesystems like ZFS and perhaps btrfs do an end to end check which can spot a read error... If your write fails or a disk error corrupts a sector, then you will NOT find out about it until you scrub your array... Reading the corrupted sector will read the error and when you rewrite you will correct the parity and the original error will then be undetectable... Same effect actually if you just rewrite any block in the stripe containing a corrupted block, the parity gets updated to imply the corrupted block isn't corrupted anymore, now it's undetectable to a scrub... Roll on btrfs I say... Cheers Ed W From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 19:21:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 18:21:27 +0200 Subject: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users Message-ID: <20120629182127.653130ctu3bfqxaf@mail.tu-chemnitz.de> Hi, we have configured userdb and passdb in the director and try to iterate all users and pass the "purge" command via doveadm proxy to port 19000 on the correct director backend host. A single purge -u username at example.org via doveadm-proxy works correctly, but iterating over some users with -A fails. Note: users/domains have been anonymized in output: ------------------------------------------------------------------------ mail04:~# /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A 2>&1 doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user01 at domain1.example.org): Debug: auth input: user=user01 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain1.example.org): Debug: auth input: user=user02 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user03 at domain1.example.org): Debug: auth input: user=user03 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user04 at domain1.example.org): Debug: auth input: user=user04 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user05 at domain1.example.org): Debug: auth input: user=user05 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user06 at domain1.example.org): Debug: auth input: user=user06 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user07 at domain1.example.org): Debug: auth input: user=user07 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user08 at domain1.example.org): Debug: auth input: user=user08 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain2.example.org): Debug: auth input: user=user01 at domain2.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user09 at domain1.example.org): Debug: auth input: user=user09 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 10 / 94doveadm(user10 at domain1.example.org): Debug: auth input: user=user10 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user11 at domain1.example.org): Debug: auth input: user=user11 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user12 at domain1.example.org): Debug: auth input: user=user12 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user13 at domain1.example.org): Debug: auth input: user=user13 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user14 at domain1.example.org): Debug: auth input: user=user14 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user15 at domain1.example.org): Debug: auth input: user=user15 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user16 at domain1.example.org): Debug: auth input: user=user16 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user17 at domain1.example.org): Debug: auth input: user=user17 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user18 at domain1.example.org): Debug: auth input: user=user18 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user19 at domain1.example.org): Debug: auth input: user=user19 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 20 / 94doveadm(user20 at domain1.example.org): Debug: auth input: user=user20 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user21 at domain1.example.org): Debug: auth input: user=user21 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user22 at domain1.example.org): Debug: auth input: user=user22 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain2.example.org): Debug: auth input: user=user02 at domain2.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user23 at domain1.example.org): Debug: auth input: user=user23 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user24 at domain1.example.org): Debug: auth input: user=user24 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain3.example.org): Debug: auth input: user=user01 at domain3.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user25 at domain1.example.org): Debug: auth input: user=user25 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user26 at domain1.example.org): Debug: auth input: user=user26 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user27 at domain1.example.org): Debug: auth input: user=user27 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 30 / 94doveadm(user28 at domain1.example.org): Debug: auth input: user=user28 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user29 at domain1.example.org): Debug: auth input: user=user29 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user30 at domain1.example.org): Debug: auth input: user=user30 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Debug: auth input: user=user31 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Error: doveadm server failure doveadm: Error: Failed to iterate through some users ------------------------------------------------------------------------ The user "user31 at domain1.example.org" is proxied to the correct backend host according to director status, but the dovecot.log on the doveadm service backend host shows the following error: Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: user user31 at domain1.example.org: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: purge: User lookup failed: Internal error occurred. Refer to server log for more information. The wiki http://wiki2.dovecot.org/Services#doveadm states that the privileges are (temporarily) dropped to the mail user's privileges after userdb lookup. It seems that from the second purge on which is passed over a single doveadm connection, the user lookup fails. It also seems a bit strange, that the "-A" parameter can be observed in the doveadm tcp stream to the backend, since iteration should be already done in the director and the backend should purge only a single user: D username at example.org purge -A Is there a bug or have I misconfigured/overlooked something? Configs of mailbox backend and director are attached. Kind regards Daniel -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { hidden = yes list = no location = pop3c: prefix = POP3-MIGRATION-NS/ } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } protocol doveadm { mail_plugins = quota pop3_migration } -------------- next part -------------- # 2.1.7: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_doveadm_port = 20000 director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_user_expire = 2 days disable_plaintext_auth = no doveadm_password = xxx doveadm_proxy_port = 19000 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = /etc/dovecot-director/conf.d/dovecot-sql.conf.ext driver = sql } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 20000 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = References: <20120629094330.GJ58060@trav.math.uni-bonn.de> Message-ID: <20120629184635.GB19203@state-of-mind.de> * Edgar Fu? : > Is there, among the dovocot community, any preferred LDAP schema and > attribute to use for setting the home/mail storage location? There are many. Here's another one: -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 23:33:34 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 22:33:34 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120629203334.GA7718@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > What isn't in v2.0 is the larger rewrite of the LMTP proxying > code in v2.1, which I hope fixes also this timeout problem. Same problem persists after update to 2.1.7, especially for distribution lists which contain several target email addresses which are then pipelined by postfix through a single lmtp proxy connection: Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Please tell me If I can do something to find out the cause of the problem. Kind regards Daniel -- https://plus.google.com/103021802792276734820 From zac.israel at gmail.com Sat Jun 30 00:41:02 2012 From: zac.israel at gmail.com (Zac Israel) Date: Fri, 29 Jun 2012 16:41:02 -0500 Subject: [Dovecot] Proxy config help please Message-ID: Hello, I am new to dovecot and I am initially trying to setup a basic imap proxy with password forwarding, I can start the dovecot service, connect and give it my password, and that is where I hang. My config is: root at imap-test:/etc/dovecot# doveconf -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_debug = yes auth_verbose = yes debug_log_path = syslog first_valid_uid = 100 imap_capability = CAPABILITY IMAP4rev1 ACL BINARY CATENATE CHILDREN CONDSTORE ENABLE ESEARCH ESORT I18NLEVEL=1 ID IDLE LIST-EXTENDED LIST-STATUS LITERAL+ LOGIN-REFERRALS MULTIAPPEND NAMESPACE QRESYNC QUOTA RIGHTS=ektx SASL-IR SEARCHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST last_valid_uid = 200 mail_debug = yes mail_gid = 107 mail_uid = 107 passdb { args = proxy=proxy_always nopassword=y host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert driver = static } protocols = imap service imap-login { inet_listener imap { address = * port = 143 } } ssl = required ssl_cert = Message-ID: Jonathan Ryshpan schrieb: > It appears from the wiki that the word following the namespace > declarator (if this is the right word) should be either "public", > "shared", or "private", and describes a property of the namespace being > declared. AFAIS the word following the keyword "namespace" is the name (of the namespace). The type ("public", "shared" or "private") is declared by using a type definition. > So what does: > namespace inbox {... > mean? That is a definition of a namespace named "inbox". -thh From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 04:51:50 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 03:51:50 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) In-Reply-To: <4FED8B42.5010701@um.es> References: <4FED8B42.5010701@um.es> Message-ID: <20120630015150.GA12291@daniel.localdomain> Hi Angel, Angel L. Mateo wrote: > I have a user, its assigned server is 155.54.211.164. The problem > is that I don't know why director sent him yesterday to a different > server, because my server was up all the time. Moreover, I'm using > poolmon in director servers to check availability of final servers > and it didn't report any problem with the server. Which version of dovecot are you using? "doveconf -n" of director and mailbox instance? You should monitor the output of doveadm director status username at example.org doveadm director ring status on each of the directors over time with a timestamp. This might shed some light on where the user is directed and why, and ring status will tell which directors can see each other. doveadm director move can also influence where a user is sent, but this will be reflected by "Current:" entry of director status, there you can also find the time when the entry in hashtable will expire. Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Sat Jun 30 08:23:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 30 Jun 2012 00:23:58 -0500 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <4FEE8D6E.3030703@hardwarefreak.com> On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From CMarcus at Media-Brokers.com Sat Jun 30 12:52:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 30 Jun 2012 05:52:09 -0400 Subject: [Dovecot] Proxy config help please In-Reply-To: References: Message-ID: <4FEECC49.8000601@Media-Brokers.com> On 2012-06-29 5:41 PM, Zac Israel wrote: > The system at 172.16.0.13 is a zimbra proxy. I can see in the logs > that it initially complains about my ssl cert, and if I remove > ssl=any-cert it fails because my cert is self signed, so I know it is > talking to the proxy and doing starttls which is a requirement of > zimbra. Unfortunately I have not found a way to see the full exchange > between dovecot and my zimbra proxy other than tcp dump, which just > shows a small packet exchange. And unfortunately you failed to provide critical evidence - in this case the actual logs (and the tcpdump since you already have it) of a failed session, rather than your interpretation of it. But at least you provided your config (Timo is so good that often that is enough by itself, but even his crystal ball sometimes has problems). I have found over the years that if you are having a problem to the point that you need to ask for help, it is time to step back and take a fresh look at *everything* - including having other eyes looking at *all* of the evidence. -- Best regards, Charles From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Jun 30 14:17:09 2012 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 30 Jun 2012 22:17:09 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEE8D6E.3030703@hardwarefreak.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com> <4FEE8D6E.3030703@hardwarefreak.com> Message-ID: <213B51F00051AE48A9F0E11288017717B84022@Delta.sc.local> So, you say that one should use this configuration in production with hope that such failure would never happen? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Stan Hoeppner Sent: Saturday, June 30, 2012 4:24 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From oooo1 at front.ru Sat Jun 30 14:19:53 2012 From: oooo1 at front.ru (Oooo1) Date: Sat, 30 Jun 2012 15:19:53 +0400 Subject: [Dovecot] Adding IMAP SORT and THREAD Extensions but THREAD=ORDEREDSUBJECT functionality to Dovecot 2.x.y ! Message-ID: <000001cd56b2$472ecfb0$d58c6f10$@front.ru> Hi. Can somebody add IMAP SORT and THREAD Extensions THREAD=ORDEREDSUBJECT function to the just next version of Dovecot ? It is necessary to GroupWare server. At the moment I have made it workable together, but there is one unstable point, as I have understood SOGo needs THREAD=ORDEREDSUBJECT sorting functions and if it not to get it, GroupWare server makes unworkable some of its component. If it needs additional info, you are welcome. From zac.israel at gmail.com Sat Jun 30 17:58:11 2012 From: zac.israel at gmail.com (Zac Israel) Date: Sat, 30 Jun 2012 09:58:11 -0500 Subject: [Dovecot] Proxy config help please In-Reply-To: <4FEECC49.8000601@Media-Brokers.com> References: <4FEECC49.8000601@Media-Brokers.com> Message-ID: On Sat, Jun 30, 2012 at 4:52 AM, Charles Marcus wrote: > On 2012-06-29 5:41 PM, Zac Israel wrote: >> >> The system at 172.16.0.13 is a zimbra proxy. ?I can see in the logs >> that it initially complains about my ssl cert, and if I remove >> ssl=any-cert it fails because my cert is self signed, so I know it is >> talking to the proxy and doing starttls which is a requirement of >> zimbra. ?Unfortunately I have not found a way to see the full exchange >> between dovecot and my zimbra proxy other than tcp dump, which just >> shows a small packet exchange. > > > And unfortunately you failed to provide critical evidence - in this case the > actual logs (and the tcpdump since you already have it) of a failed session, > rather than your interpretation of it. But at least you provided your config > (Timo is so good that often that is enough by itself, but even his crystal > ball sometimes has problems). > > I have found over the years that if you are having a problem to the point > that you need to ask for help, it is time to step back and take a fresh look > at *everything* - including having other eyes looking at *all* of the > evidence. > > -- > > Best regards, > > Charles Very sorry for the omission, please find the dovecot logs and tcpdump session attached. Please let me know if I can provide any other information and thank you again for your time. Zac -------------- next part -------------- Jun 29 17:00:57 imap-test dovecot: master: Dovecot v2.0.19 starting up (core dumps disabled) Jun 29 17:00:58 imap-test dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Jun 29 17:00:58 imap-test dovecot: auth: Debug: auth client connected (pid=31182) Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=49940 resp= Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): lookup Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): Allowing any password Jun 29 17:01:10 imap-test dovecot: auth: Debug: client out: OK 1 user=zac.israel at domain.com proxy host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert pass= Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server hello A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: self signed certificate in certificate chain: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unsupported certificate purpose: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server certificate A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server done A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write client key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:44 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] Jun 29 17:03:58 imap-test dovecot: imap-login: Disconnected: Inactivity (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS: Disconnected Jun 29 17:03:58 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] -------------- next part -------------- root at imap-test:~# tcpdump -n -i eth0 host 172.16.0.13 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 09:36:00.886811 ARP, Request who-has 172.16.0.13 tell 172.16.0.66, length 28 09:36:00.888071 ARP, Reply 172.16.0.13 is-at 00:50:56:b5:81:76, length 46 09:36:00.888088 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [S], seq 2509538212, win 14600, options [mss 1460,sackOK,TS val 41913867 ecr 0,nop,wscale 2], length 0 09:36:00.888456 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [S.], seq 703703456, ack 2509538213, win 14480, options [mss 1460,sackOK,TS val 3304080992 ecr 41913867,nop,wscale 7], length 0 09:36:00.888493 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 1, win 3650, options [nop,nop,TS val 41913867 ecr 3304080992], length 0 09:36:00.889084 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 1:19, ack 1, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 18 09:36:00.889107 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 0 09:36:00.889372 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 1:13, ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 12 09:36:00.889716 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [.], ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 0 09:36:00.889805 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 19:35, ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 16 09:36:00.890583 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 13:239, ack 35, win 3650, options [nop,nop,TS val 41913868 ecr 3304080993], length 226 09:36:00.896904 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 35:2546, ack 239, win 122, options [nop,nop,TS val 3304081000 ecr 41913868], length 2511 09:36:00.896929 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 2546, win 4374, options [nop,nop,TS val 41913869 ecr 3304081000], length 0 09:36:00.902988 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 239:437, ack 2546, win 4374, options [nop,nop,TS val 41913871 ecr 3304081000], length 198 09:36:00.907031 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2546:2780, ack 437, win 130, options [nop,nop,TS val 3304081011 ecr 41913871], length 234 09:36:00.908024 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 437:554, ack 2780, win 5098, options [nop,nop,TS val 41913872 ecr 3304081011], length 117 09:36:00.908429 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2780:3089, ack 554, win 130, options [nop,nop,TS val 3304081012 ecr 41913872], length 309 09:36:00.946464 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 3089, win 5822, options [nop,nop,TS val 41913882 ecr 3304081012], length 0 09:38:45.491173 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 554:591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 37 09:38:45.491251 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [F.], seq 591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 0 09:38:45.494136 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 3089:3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 85 09:38:45.494169 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:45.494176 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [F.], seq 3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 0 09:38:45.494221 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:50.493026 ARP, Request who-has 172.16.0.66 tell 172.16.0.13, length 46 09:38:50.493057 ARP, Reply 172.16.0.66 is-at 00:50:56:b5:81:b0, length 28 From toml at engr.orst.edu Sat Jun 30 19:07:58 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Sat, 30 Jun 2012 09:07:58 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: <4FEF245E.30105@engr.orst.edu> On 6/13/12 10:07 AM, Timo Sirainen wrote: > On 13.6.2012, at 19.58, Tom Lieuallen wrote: > >>> type=public and same for the other shared namespace. The type=shared >>> namespaces are for mailboxes shared between users. >> >> Unfortunately, it still isn't working. > .. >> It seems to me like the logic for deciding which namespaces to follow is something like this: >> >> * If mail prefix = "", inspect and potentially use all namespaces >> >> * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. >> >> In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. > > No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? Yes, 2.1.7 in solaris 10, compiled with gcc. I tried this on a linux box and got the same behavior. I tried compiling it with the Sun compilers; no change. I'm at a loss of what else to check or try. thank you Tom Lieuallen From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 21:03:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 20:03:09 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: <20120630180308.GA7417@daniel.localdomain> Rolf wrote: > Am 2012-06-27 20:47, schrieb Daniel Parthey: > >I encourage you to read this HOWTO: > >http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > I understand that LMTP is an alternative to SMTP when it comes to > mail communication inside a server or a local network. > I understand that LMTP is newer. But if you look at incoming mail > via SMTP on socket 25 and than look at the mail via roundcoube > (communicating with dovecot) what is the difference and why should I > care? Delivery via lda: SMTP -> postfix:25 -> EXEC -> lda executed by postfix -> filesystem -> dovecot imap Delivery via lmtp: SMTP -> postfix:25 -> TCP -> dovecot:24 -> filesystem -> dovecot imap The difference is that postfix communicates to dovecot lmtp port 24 and the actual delivery to the filesystem will be done by dovecot itself. Therefore you only need to ensure read/write access for dovecot to the mail filesystem. > That is - if I introduce LMTP - postfix will talk to dovecot by a > different protocol. Correct? Yes, postfix will talk LMTP dovecot, either via a UNIX socket in the filesystem, or via local TCP network communication to a TCP Socket in dovecot. > Will dovecot change its behavior? No. The imap/pop3 service of dovecot will work as usual. The delivery is a bit different, before being delivered to the filesystem, the message will pass the LMTP service with quota enforcement, sieve filtering, depending on which mail modules you have enabled in dovecot. > As I am not an SMTP insider (never did SMTP using telnet) I hardly > understand what this change could do to my problem. By using LMTP via TCP, you will avoid permission problems where postfix cannot access sockets/files/mails from dovecot, since postfix will communicate via network with dovecot and dovecot will handle the delivery itself. > Wouldn't dovecot LDA "deliver" still try to change the INBOX and > will have access problems that I do not understand? Delivery will be done by the dovecot lmtp service http://wiki2.dovecot.org/Services#lmtp it will not be executed by postfix. > Do you have a link for me, explaining what "deliver" does with a > mail that is not subject to any of the "fileinto" of a sieve filter? I assume it writes the message to INBOX (e.g. /var/mail/rolf), which is often at a different location and possibly has other permissions than your mailboxes in your home directory where SIEVE sorts your mail into. > What user accounts are involved in that function? Currently, dovecot lda/deliver is executed by postfix, which I see as a possible reason for the permission problems. After switching to LMTP via TCP, only dovecot should be involved with delivery, and drop privileges to the mailbox owner after userdb lookup according to http://wiki2.dovecot.org/Services#lmtp Regards, Daniel -- https://plus.google.com/103021802792276734820 From spamvoll at googlemail.com Sat Jun 30 23:19:49 2012 From: spamvoll at googlemail.com (spamvoll at googlemail.com) Date: Sat, 30 Jun 2012 22:19:49 +0200 Subject: [Dovecot] moving from BSD to Ubuntu Message-ID: hi.. im planning to move my Mailserver from an FreeBSD Box to an Ubuntu 12.04 LTS Box. Both Boxes run Dovecot 2.0 Does anyone did this before and experienced any problems ? Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and copy all Mailbox files to the Uuntu system and start dovecot. Regards Hans From lists at svrinformatica.it Sat Jun 30 23:33:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 30 Jun 2012 22:33:42 +0200 Subject: [Dovecot] moving from BSD to Ubuntu In-Reply-To: References: Message-ID: <4FEF62A6.1040305@svrinformatica.it> Il 30/06/2012 22:19, spamvoll at googlemail.com ha scritto: > hi.. > > im planning to move my Mailserver from an FreeBSD Box to an Ubuntu > 12.04 LTS Box. Hi, I recently migrated to ubuntu 12.04 (not from freebsd) the only problem was this: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1016905 solved patching openssl ubuntu package, Nicola > Both Boxes run Dovecot 2.0 > > Does anyone did this before and experienced any problems ? > Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and > copy all Mailbox files to the Uuntu system and start dovecot. > > Regards > Hans > From tss at iki.fi Fri Jun 1 13:26:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 1 Jun 2012 13:26:44 +0300 Subject: [Dovecot] inet_listener imaps { port = 0 } question In-Reply-To: <5748fd83f78445be8a644585a877b682@rootservers.in> References: <5748fd83f78445be8a644585a877b682@rootservers.in> Message-ID: <23CB1C0E-C328-45C9-980A-ABD79A0EB965@iki.fi> On 31.5.2012, at 16.58, henrixd wrote: > Why commenting out "inet_listener imaps {}" won't stop dovecot to listen port 993? I think this would be expected behavior. Just curious, finally got it working with port = 0. :) When you comment out something, Dovecot uses the default settings for it. By default Dovecot listens on port 993. From joe.beaubien at gmail.com Fri Jun 1 18:36:02 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Fri, 1 Jun 2012 11:36:02 -0400 Subject: [Dovecot] Inconsistent search results and crash on force-resync Message-ID: Hi, I am seeing inconsistencies in search results (finding 2 emails when only 1 exists, finding the email when it has been moved to another folder, etc). I figured I should run force-resync to fix any issues. I ran the following: doveadm -v force-resync -u and I got some worrysome logs. - I should mention that I have been seeing some crashes of fts-lucene in my logs. I sent a traceback of this on the mailing list 1-2 days ago under the subject "[Dovecot] fts_lucene crashing". - I should also mention that all the problems I am having are only in 1 email account. This email account contains folders of over 100k emails. Do I need to tweak dovecot somehow for this? Up until now all I did was change vsz_limit to 1024 MB for "service imap". Here are the logs: Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox INBOX2 Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox contrat Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_Immigation soi-m&AOo-me/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:01 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Templates/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox rep_eval_positive Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/rep_eval_positive/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox Sent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Sent/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_positif Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/contrat/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:02 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_positif/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:03 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/Archives/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: Recent flags state corrupted for mailbox form_indetermine Jun 1 11:15:15 XXXXX dovecot: imap(form): Error: /data/emails/form/mailboxes/form_indetermine/dbox-Mails/dovecot.index reset, view is now inconsistent Jun 1 11:15:25 XXXXX dovecot: indexer-worker: Error: indexer-worker: /home/jd/work/clucene-core-2.3.3.4/src/core/CLucene/index/DocumentsWriter.cpp:210: std::string lucene::index::DocumentsWriter::closeDocStore(): Assertion `numDocsInStore*8 == directory->fileLength( (docStoreSegment + "." + IndexFileNames::FIELDS_INDEX_EXTENSION).c_str() )' failed. Jun 1 11:15:25 XXXXX dovecot: indexer: Error: Indexer worker disconnected, discarding 28 requests for form Jun 1 11:15:25 XXXXX dovecot: indexer-worker(form): Fatal: master: service(indexer-worker): child 9909 killed with signal 6 (core not dumped) I have 3 questions: 1) When the log says "/mailboxes/INBOX2/dbox-Mails/dovecot.index reset, view is now inconsistent" should I be worried, or this will fix itself? 2) Should I expect to see "Error: Recent flags state corrupted for mailbox Sent"??? I ran the force-resync 3 times and I still see this message. 3) Any idea why clucene is crashing? Regards, -Joe From matthijs at stdin.nl Fri Jun 1 21:27:33 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Fri, 1 Jun 2012 20:27:33 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve Message-ID: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Hi folks, I'm setting up a dovecot server with managesieve support. I'd like to offer spamfiltering through a Sieve script to my users by default, but still allow them to modify the filtering rules through Managesieve. I found the sieve_global_path configuration option, which seems perfect for what I want. I can configure a default script there, which will work for all users until they set upload their own sieve script using managesieve. However, when configured like this, the user experience isn't quite perfect. When users open the managesieve interface on their client, there is no trace of the default filters, so users might think the spamfiltering is done in some other manner. Now, when they create a filtering rule (e.g., to sort out mail to mailing lists), that rule will overwrite the default spamfiltering rule causing all the spam to spill into the user's mailbox. I'm afraid that most users won't realize they have to manually recreate the spamfiltering rule to fix this. Also, they might not know how to write the rule, even if they do... I've considered a few existing ways to fix this: - Use sieve_before / sieve_after to make sure that the default script is always executed, in addition to any user-supplied scripts. This removes the surprise, but removes the option for users to tweak the spamfiltering rules. - Don't use sieve_global_path, but instead distribute the default script to each user's homedir on user creation. This prevents making changes to the default script for existing users and in my setup, user creation and (mail)homedir creation are nicely separated through an LDAP directory, I'd rather not go this route. - When using the Roundcube webmail application as the IMAP client, I can point Roundcube at the default sieve script. Now, when Roundcube sees there are no scripts through ManageSieve, it shows a (fake) "default" script with the correct contents. As soon as the user changes this script or creates a new script, it is actually uploaded to Dovecot, causing the edited script to be used instead of the global script. This option has the user experience I'm looking for, but having this out-of-band connection from Roundcube to the default script configured with dovecot is ugly (and tricky, since these run on different hosts in my setup). The biggest problem is of course that this only works for Roundcube, not for any other IMAP client my users might use. So, I was wondering: Wouldn't it make sense for the managesieve plugin to do something similar to roundcube: When the user has no sieve script configured, let it fake a single "default" script, showing the contents of the global script? Since the ManageSieve protocol doesn't seem to support any way to flag this situation, it would be fooling the clients a bit, but I'm not sure if that's really a problem. While the user has not script named "default" in his sieve_dir: - include a script called "default" in the LISTSCRIPTS output. - return the contents of the sieve_global_path in the GETSCRIPT "default" command. - remove any sieve symlink after a SETACTIVE "default" command (as if SETACTIVE "" was given). This causes dovecot to fall back to the sieve_global_path script. - the DELETESCRIPT "default" command should fail. This might confuse clients and users, since it is listed in LISTSCRIPTS but cannot be deleted, but I think most users will understand they can't delete the default script. - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path script into the user's sieve_dir. This will effectively copy the script instead of renaming it (since it will still be magically listed in LISTSCRIPTS), so that might be confusing. All other commands work just like they do now (in particular, PUTSCRIPT "default" uploads a script called "default" into the user's sieve_dir, preventing all of the above from applying. As noted above, this change might cause some confusion, but I think that is manageable. On additional thing is that running SETACTIVE "" will not completely disable sieve processing (as would be expected), but will (again) cause the sieve_global_path script to be run. This is already the case currently, though, and should probably be considered a separate problem (whose root cause is the lack of a difference between "no script script configured yet" and "active script disabled", both remove the sieve symlink). Also, this problem might be a feature in some setups, so fixing it might not be so easy... So, any thoughts on this? Any fundamental problems I'm missing? (Not-so) obvious alternatives? Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From p at state-of-mind.de Fri Jun 1 23:58:39 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Fri, 1 Jun 2012 22:58:39 +0200 Subject: [Dovecot] dovecot stats: useful data to gather Message-ID: <20120601205839.GG2176@state-of-mind.de> Timo, following our discussion on dovecot stats at the LinuxTag 2012 my team and I sat down and put together a list of stat items we think to be useful in daily dovecot usage. Besides pulling together all the data we also think it would be useful to have an SNMP interface to access the stats. Our offer to create and contribute a standalone web interface for dovecot stats stands. Here are the stats we believe to be useful: Login/Logout - total number login success/time - total number login failure/time - total number per authentication mechanism - total number plain sessions - total number STARTTLS sessions - total number of currently connected users (pop3/pop3s/imap/imaps/managesieve) - login names of connected users (not really stats, but great for actions regarding those uses e.g. force logout) - total number logout commands/time - total number BYE responses (autologout) Mailbox state - Inflow rate (number incoming messages/time) - Deleted rate (number \Deleted flagged messages/time) - Expunge rate (number Expunge operations/time) - total number current messages mailboxes normal storage - total number current messages mailboxes alt storage - total number read messages mailboxes normal storage - total number read messages mailboxes alt storage - per user number current messages mailboxes normal storage - per user number current messages mailboxes alt storage - per user number read messages mailboxes normal storage - per user number read messages mailboxes alt storage Mailbox Quota - total number persons under soft-quota per quota - total number persons above or equal soft-quota per quota - total number persons above or equal hard-quota per quota Performance - minimum time to write a message - maximum time to write a message - average time to write a message - minimum time to modify a message - maximum time to modify a message - average time to modify a message - minimum time to delete a message - maximum time to delete a message - average time to delete a message - minimum time search operations - maximum time search operations - average time search operations Regards, p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From ghe at slsware.com Fri Jun 1 23:26:30 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 14:26:30 -0600 Subject: [Dovecot] auth trouble Message-ID: Debian Lenny, Dovecot v 1.0.15. I'm getting a lot of what I think is a local socket asking dovecot:auth to verify username/passwords: > May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= Note the empty 'rhost='. That's why I think it's on the server. I see others that look like bots: > May 30 23:08:43 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost=200.119.139.22 And I know how to promote the latter to a firewall. But with no rhost, I'm stumped... I've read books, googled, read docs, and asked for help on other mailing lists, and I've learned a lot. And I no longer think it really has much to do with Dovecot, other than the login attempt going through it to get to PAM. But has anyone here seen this before? Is my current theory correct? What did you do to make it go away? (I suspect that upgrading to Debian Squeeze might get rid of it, but I'm afraid that if I don't figure out what's going on, it might just come back.) -- Glenn English hand-wrapped from my Apple Mail From tss at iki.fi Sat Jun 2 01:15:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 2 Jun 2012 01:15:44 +0300 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. I had thought about SNMP before also, but for the current kind of stats that are exported I couldn't think of any reasonable way to export them. > Here are the stats we believe to be useful: > > Login/Logout > - total number login success/time > - total number login failure/time .. I'll look at these later in more detail, but some important questions / design decisions: Currently stats process only remembers things after Dovecot was started. I don't think getting these kind of numbers would really work like that. Perhaps all of the statistics should be permanently dumped to disk every ~minute or so + at shutdown and loaded at startup, so the numbers would at least normally always just increase since the first time Dovecot was started? > Mailbox state > - Inflow rate (number incoming messages/time) > - Deleted rate (number \Deleted flagged messages/time) These operations/time type of things I had hoped to be able to externalize :) If stats process simply gives the raw stats, the reader could do this kind of summing up. Otherwise .. well, I guess it could maybe keep track of the current ops/ and the reader would then have to read the value about once a minute or half or something. It wouldn't give exact results though. > Performance > - minimum time to write a message > - maximum time to write a message > - average time to write a message Within last .. day? hour? minute? .. From ghe at slsware.com Sat Jun 2 01:23:16 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 1 Jun 2012 16:23:16 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <41E18AC0-6F33-49C8-838B-F5F2B4132449@slsware.com> I forgot to include this config info: > # 1.0.15: /etc/dovecot/dovecot.conf > log_timestamp: %Y-%m-%d %H:%M:%S > protocols: imap pop3 > ssl_listen: * > ssl_disable: yes > disable_plaintext_auth: no > login_dir: /var/run/dovecot/login > login_executable(default): /usr/lib/dovecot/imap-login > login_executable(imap): /usr/lib/dovecot/imap-login > login_executable(pop3): /usr/lib/dovecot/pop3-login > login_max_processes_count: 12 > mail_privileged_group: mail > mail_executable(default): /usr/lib/dovecot/imap > mail_executable(imap): /usr/lib/dovecot/imap > mail_executable(pop3): /usr/lib/dovecot/pop3 > mail_plugin_dir(default): /usr/lib/dovecot/modules/imap > mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap > mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 > pop3_uidl_format(default): > pop3_uidl_format(imap): > pop3_uidl_format(pop3): %08Xu%08Xv > auth default: > mechanisms: plain login > verbose: yes > passdb: > driver: pam > userdb: > driver: passwd > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 432 > user: postfix > group: postfix -- Glenn English hand-wrapped from my Apple Mail From p at state-of-mind.de Sat Jun 2 07:57:32 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 2 Jun 2012 06:57:32 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120602045732.GB16571@state-of-mind.de> * Timo Sirainen : > On 1.6.2012, at 23.58, Patrick Ben Koetter wrote: > > > Besides pulling together all the data we also think it would be useful to have > > an SNMP interface to access the stats. > > I had thought about SNMP before also, but for the current kind of stats that > are exported I couldn't think of any reasonable way to export them. I am not an expert on SNMP, others in my office are, but as I understand it there's no need for Dovecot to export the data. AFAIK Dovecot would have to offer a subagent, which could be queried by a SNMP server. If we need more knowledge on SNMP I can ask my folks on the team to give some guidance. For the moment I found this: > > Here are the stats we believe to be useful: > > > > Login/Logout > > - total number login success/time > > - total number login failure/time > .. > > I'll look at these later in more detail, but some important questions / design decisions: > > Currently stats process only remembers things after Dovecot was started. I > don't think getting these kind of numbers would really work like that. > Perhaps all of the statistics should be permanently dumped to disk every > ~minute or so + at shutdown and loaded at startup, so the numbers would at > least normally always just increase since the first time Dovecot was > started? ACK. My understanding is: Statistical data are moments in time. The application provides these snapshots. It is up to other protocols (e.g. SNMP) and software (e.g. RRD) to gather and create time series and also to relate data to each other in order to come up with ratios, timelines etc. This might be a good opportunity to check out Howard's MDB database (in order to get around potential future law suits concerning BDB usage ...). > > Mailbox state > > - Inflow rate (number incoming messages/time) > > - Deleted rate (number \Deleted flagged messages/time) > > These operations/time type of things I had hoped to be able to externalize > :) If stats process simply gives the raw stats, the reader could do this > kind of summing up. Otherwise .. well, I guess it could maybe keep track of > the current ops/ and the reader would then have to read the > value about once a minute or half or something. It wouldn't give exact > results though. ACK. I'd externalize them too. So dump the /time aspect and only give raw data at moment of query. > > Performance > > - minimum time to write a message > > - maximum time to write a message > > - average time to write a message > > Within last .. day? hour? minute? .. Concerning "message write time": the time the last message had to be written. In general the stats update interval should be configurable in order to adapt it to the overall system performance. Makes no sense to bring down the server by gathering stats every nano second unless one likes self-induced DOS. ;) It would probably be a useful strategy to update internal data on every event and answer SNMP queries from memory but write the data to disc every once in a while to have them when the server restarts. Besides that I don't see a use case for sharing such data between processes such as exporting them to memcache or anything alike. Do you? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From lists at wildgooses.com Sat Jun 2 12:20:14 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:20:14 +0100 Subject: [Dovecot] interesting stats pattern In-Reply-To: <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> References: <3B402F75-31CE-47C1-8107-9F7C33D58A77@xs4all.nl> <0EA5B4DB-56B5-4BD1-9CD9-A40544BAEF2F@iki.fi> Message-ID: <4FC9DACE.3010909@wildgooses.com> On 29/05/2012 19:13, Timo Sirainen wrote: > On 29.5.2012, at 21.03, Cor Bosman wrote: > >> es, I am getting a list of sessions/users every 5 minutes through cron. Im already using "doveadm stats dump session/user connected" > Actually that's not really correct behavior either, since it ignores all the connections that happened during the 5 minutes if they don't exist at the time when you're asking for them. I'm not sure what the most correct way to do this kind of a graph would be :) I muttered about some ideas for enhanced login/logout tracking some months back. Perhaps this would be another example of a motivation to use it for something? Could either the login scripting or a plugin be used to build this type of login tracking? (My goal is to eventually do per user "are you logged in" tracking) Just a thought Ed W From lists at wildgooses.com Sat Jun 2 12:23:50 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:23:50 +0100 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC649FC.2010703@mssl.ucl.ac.uk> References: <4FC649FC.2010703@mssl.ucl.ac.uk> Message-ID: <4FC9DBA6.80601@wildgooses.com> On 30/05/2012 17:25, Alan Brown wrote: >> Is any problem with epoll on 3.2.x kernels? > > Yes - and it's been discussed here. > > Some "bright spark" rewrote the kernel epoll code to prevent DoS > attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? Can't find it immediately in the list? Cheers Ed W From lists at wildgooses.com Sat Jun 2 12:53:36 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 02 Jun 2012 10:53:36 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <1337013487.4384.58.camel@innu> References: <1337013487.4384.58.camel@innu> Message-ID: <4FC9E2A0.9070905@wildgooses.com> On 14/05/2012 17:38, Timo Sirainen wrote: > On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> I have seen some emails servers that if I send a email to other >> person I can see if that person have read our emails and with a option >> to delete the email if the person hasn't read our email. >> >> Does dovecot have some like this feature? > This doesn't really work with IMAP/POP3 protocols. It requires Exchange > or something else. > > What would be possible is to check if a user has _downloaded_ your > message, but many clients download messages immediately when they arrive > so it might not be very useful. And in any case Dovecot has no such > feature. Just to register interest, but at some point I will need to consider writing a plugin or similar to achieve exactly this. Situation is that several of our competitors offer such a feature, ie known pool of users on dialup or intermittently connected systems, provide an alert back to the sender when your email has been "accessed/downloaded" by the remote user. Personally I don't think it's a great feature and my competitor's implementations often cause mail loops and other nasties. However, bottom line is that you can't win the bid if you can't offer the feature... Feels like a plugin rather than core functionality, but would be cool if someone wanted to produce something... Cheers Ed W From h.reindl at thelounge.net Sat Jun 2 13:02:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 02 Jun 2012 12:02:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FC9E4CF.9070108@thelounge.net> Am 02.06.2012 11:53, schrieb Ed W: > On 14/05/2012 17:38, Timo Sirainen wrote: >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: >> >>> I have seen some emails servers that if I send a email to other >>> person I can see if that person have read our emails and with a option >>> to delete the email if the person hasn't read our email. >>> >>> Does dovecot have some like this feature? >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange >> or something else. >> >> What would be possible is to check if a user has _downloaded_ your >> message, but many clients download messages immediately when they arrive >> so it might not be very useful. And in any case Dovecot has no such >> feature. > > Situation is that several of our competitors offer such a feature others doing something stupid is not a good argument > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. you realize that this is only possible if the RCPT is on your own server and not remote mails? > Personally I don't think it's a great feature and my competitor's implementations > often cause mail loops and other nasties which should be enough for argumentation why such things are making more damage as they solve problems and they are only working for non-relay mails > However, bottom line is that you can't win the bid if you can't offer the feature... surely YOU can win, you must learn to sell quality and explain why you are not doing anything someone wishes if you are sure that it is a bd idea why would i want a customer which enforces me to impelement a solution where i am sure that it is stupid - if he does not understand my argumentation he better is not my customer -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Sat Jun 2 13:32:28 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 02 Jun 2012 06:32:28 -0400 Subject: [Dovecot] Strange Dovecot 2.0.20 auth chokes and cores In-Reply-To: <4FC9DBA6.80601@wildgooses.com> References: <4FC649FC.2010703@mssl.ucl.ac.uk> <4FC9DBA6.80601@wildgooses.com> Message-ID: <4FC9EBBC.4060207@Media-Brokers.com> On 2012-06-02 5:23 AM, Ed W wrote: > On 30/05/2012 17:25, Alan Brown wrote: >>> Is any problem with epoll on 3.2.x kernels? >> >> Yes - and it's been discussed here. >> >> Some "bright spark" rewrote the kernel epoll code to prevent DoS >> attacks caused by "excessive forking". > Do you have a link to the previous discussions? This is new to me? > Can't find it immediately in the list? http://dovecot.org/list/dovecot/2012-February/064004.html -- Best regards, Charles From anmeyer at anup.de Sat Jun 2 14:43:45 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 13:43:45 +0200 Subject: [Dovecot] sieve with dovecot v1.x Message-ID: <20120602134345.022f4473@itx.bitcorner.intern> Hello! Is there a chance to have sieve working with dovecot version 1.0.5? /usr/lib/dovecot looks like this: -rwxr-xr-x 1 root root 43932 22. Sep 2007 checkpassword-reply -rwxr-xr-x 1 root root 538996 22. Sep 2007 deliver -rwxr-xr-x 1 root root 127728 22. Sep 2007 dict -rwxr-xr-x 1 root root 270248 22. Sep 2007 dovecot-auth -rwxr-xr-x 1 root root 43952 22. Sep 2007 gdbhelper -rwxr-xr-x 1 root root 48080 22. Sep 2007 idxview -rwxr-xr-x 1 root root 596364 22. Sep 2007 imap -rwxr-xr-x 1 root root 135912 22. Sep 2007 imap-login -rwxr-xr-x 1 root root 43952 22. Sep 2007 logview drwxr-xr-x 5 root root 4096 23. Dez 2008 modules -rwxr-xr-x 1 root root 529512 22. Sep 2007 pop3 -rwxr-xr-x 1 root root 127660 22. Sep 2007 pop3-login -rwxr-xr-x 1 root root 69056 22. Sep 2007 rawlog -rwxr-xr-x 1 root root 134748 22. Sep 2007 sievec -rwxr-xr-x 1 root root 68748 22. Sep 2007 sieved -rwxr-xr-x 1 root root 44116 22. Sep 2007 ssl-build-param so there is a sievec and a sieved, but in the dovecot.conf there is no mention about sieve. I would compile the latest version of dovecot if I knew, how the running 1.0.5 was built. I need it for an openSUSE 10.3 Kind regards Andreas From stephan at rename-it.nl Sat Jun 2 14:51:50 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 13:51:50 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602134345.022f4473@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> Message-ID: <4FC9FE56.10701@rename-it.nl> On 6/2/2012 1:43 PM, Andreas Meyer wrote: > Hello! > > Is there a chance to have sieve working with dovecot version 1.0.5? Yes, the old CMUSieve plugin should work for that. By the looks of it, it is already installed, so you'll only need to configure it: http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Regards, Stephan. From anmeyer at anup.de Sat Jun 2 15:22:55 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 14:22:55 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FC9FE56.10701@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> Message-ID: <20120602142255.2486c724@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > On 6/2/2012 1:43 PM, Andreas Meyer wrote: > > Hello! > > > > Is there a chance to have sieve working with dovecot version 1.0.5? > > Yes, the old CMUSieve plugin should work for that. By the looks of it, > it is already installed, so you'll only need to configure it: > > http://wiki1.dovecot.org/LDA/Sieve/CMU#Configuring Ok, I have done that. How can I know, if sieve now works with dovecot? When I login with roundcube, in the settings I have a "Filter-Tab" but when I click on it it says "not possible to connect to server" or somesuch. > Regards, > > Stephan. Andreas From stephan at rename-it.nl Sat Jun 2 15:33:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:33:05 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120601182659.GA19340@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> Message-ID: <4FCA0801.9040409@rename-it.nl> Hi Matthijs, On 6/1/2012 8:27 PM, Matthijs Kooijman wrote: > I'm setting up a dovecot server with managesieve support. I'd like to > offer spamfiltering through a Sieve script to my users by default, > but still allow them to modify the filtering rules through Managesieve. > > I found the sieve_global_path configuration option, which seems perfect > for what I want. I can configure a default script there, which will work > for all users until they set upload their own sieve script using > managesieve. > > However, when configured like this, the user experience isn't quite > perfect. When users open the managesieve interface on their client, > there is no trace of the default filters, so users might think the > spamfiltering is done in some other manner. Now, when they create a > filtering rule (e.g., to sort out mail to mailing lists), that rule will > overwrite the default spamfiltering rule causing all the spam to spill > into the user's mailbox. I'm afraid that most users won't realize they > have to manually recreate the spamfiltering rule to fix this. Also, they > might not know how to write the rule, even if they do... You asked this one on IRC a while back right? > I've considered a few existing ways to fix this: > - Use sieve_before / sieve_after to make sure that the default script > is always executed, in addition to any user-supplied scripts. This > removes the surprise, but removes the option for users to tweak the > spamfiltering rules. Right. > - Don't use sieve_global_path, but instead distribute the default > script to each user's homedir on user creation. This prevents making > changes to the default script for existing users and in my setup, > user creation and (mail)homedir creation are nicely separated through > an LDAP directory, I'd rather not go this route. Well, we could achieve something that looks very similar from the outside: we could do some sort of copy-on-write scheme in which users see the default script as the active one, until they first modify their Sieve configuration through ManageSieve. Once they modify their default script, they'll get their own copy. If they activate a script different from the default and then later decide to deactivate it, their default will not return as the (implicit) active one. This would be very different from the current global default script behavior. It is more like an initial placeholder and template, than something that is always active when the user has no active script of its own. > - When using the Roundcube webmail application as the IMAP client, I > can point Roundcube at the default sieve script. Now, when Roundcube > sees there are no scripts through ManageSieve, it shows a (fake) > "default" script with the correct contents. As soon as the user > changes this script or creates a new script, it is actually uploaded > to Dovecot, causing the edited script to be used instead of the > global script > > This option has the user experience I'm looking for, but having this > out-of-band connection from Roundcube to the default script > configured with dovecot is ugly (and tricky, since these run on > different hosts in my setup). The biggest problem is of course that > this only works for Roundcube, not for any other IMAP client my users > might use. Agreed, this is ugly since it uses a side-channel. Client dependence is also very bad. > So, I was wondering: Wouldn't it make sense for the managesieve plugin > to do something similar to roundcube: When the user has no sieve script > configured, let it fake a single "default" script, showing the contents > of the global script? > > Since the ManageSieve protocol doesn't seem to support any way to flag > this situation, it would be fooling the clients a bit, but I'm not sure > if that's really a problem. > > While the user has not script named "default" in his sieve_dir: > - include a script called "default" in the LISTSCRIPTS output. > - return the contents of the sieve_global_path in the GETSCRIPT > "default" command. > - remove any sieve symlink after a SETACTIVE "default" command (as if > SETACTIVE "" was given). This causes dovecot to fall back to the > sieve_global_path script. > - the DELETESCRIPT "default" command should fail. This might confuse > clients and users, since it is listed in LISTSCRIPTS but cannot be > deleted, but I think most users will understand they can't delete the > default script. > - RENAMESCRIPT "default" "some_name" should copy the sieve_global_path > script into the user's sieve_dir. This will effectively copy the > script instead of renaming it (since it will still be magically > listed in LISTSCRIPTS), so that might be confusing. > > All other commands work just like they do now (in particular, > PUTSCRIPT "default" uploads a script called "default" into the user's > sieve_dir, preventing all of the above from applying. This looks sensible. The only thing that may be an issue is the DELETESCRIPT "default" situation you describe above, but I'm confident most - if not all clients - will handle that gracefully. > As noted above, this change might cause some confusion, but I think that > is manageable. On additional thing is that running SETACTIVE "" will not > completely disable sieve processing (as would be expected), but will > (again) cause the sieve_global_path script to be run. This is already > the case currently, though, and should probably be considered a separate > problem (whose root cause is the lack of a difference between "no script > script configured yet" and "active script disabled", both remove the > sieve symlink). Also, this problem might be a feature in some setups, so > fixing it might not be so easy... The copy-on-write scheme I describe above may solve this, as it remembers (somehow) the status of the account: either an untouched/unconfigured account or an account with no active scripts. This behavior could be combined with the solution you describe above. > Any fundamental problems I'm missing? (Not-so) obvious alternatives? None that I see right now. In my last release of Pigeonhole I added support for putting scripts inside a dict database (or any other storage facility once implemented). Support for ManageSieve accessing such alternative data stores is lacking still, but, once I implement that, I also intend to address the issue you describe here. I'm probably going to structure it very similar to Dovecot's own mail storage library, meaning that plugins can override certain aspects of the storage's behavior. This should allow for all kinds of magic in the script storage, including what you describe above. As always, such big changes will take some time... Regards, Stephan. From stephan at rename-it.nl Sat Jun 2 15:40:18 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 02 Jun 2012 14:40:18 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602142255.2486c724@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> Message-ID: <4FCA09B2.9070900@rename-it.nl> On 6/2/2012 2:22 PM, Andreas Meyer wrote: > Ok, I have done that. How can I know, if sieve now works with dovecot? > When I login with roundcube, in the settings I have a "Filter-Tab" but > when I click on it it says "not possible to connect to server" or > somesuch. Oh, you didn't mention using RoundCube earlier. That implies the need of ManageSieve. You'll need to configure the following as well: http://wiki1.dovecot.org/ManageSieve Your earlier directory listing indicates that it is not installed on your system; the managesieve and managesieve-login binaries would be located there if it were. Check whether that version of opensuse has a package for dovecot-managesieve or compile it yourself if it is missing. If that is difficult, the following could be an alternative: http://www.gitorious.net/pysieved/pages/Home Regards, Stephan. From anmeyer at anup.de Sat Jun 2 16:50:22 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 2 Jun 2012 15:50:22 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <4FCA09B2.9070900@rename-it.nl> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> Message-ID: <20120602155022.46d523f8@itx.bitcorner.intern> Hello! Stephan Bosch wrote: > Oh, you didn't mention using RoundCube earlier. That implies the need of > ManageSieve. You'll need to configure the following as well: > > http://wiki1.dovecot.org/ManageSieve > > Your earlier directory listing indicates that it is not installed on > your system; the managesieve and managesieve-login binaries would be > located there if it were. Check whether that version of opensuse has a > package for dovecot-managesieve or compile it yourself if it is missing. > If that is difficult, the following could be an alternative: > > http://www.gitorious.net/pysieved/pages/Home I think pysieved is the only chance I have. I have installed it and activated by xinetd. But now I have the problem that the dovecot.conf says: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } and the install howto of pysieved says: auth default { socket listen { client { path = /var/run/dovecot/auth-client mode = 0666 } } } pysieved.ini : [Dovecot] mux = /var/run/dovecot/auth-client what can I do now? > > Regards, > > Stephan. Andreas From el07694 at mail.ntua.gr Sat Jun 2 17:52:05 2012 From: el07694 at mail.ntua.gr (el07694) Date: Sat, 02 Jun 2012 17:52:05 +0300 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp Message-ID: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Hi to all, I have tryed a few days to configure postfix/dovecot to run into a VPS machine (CentOs) -->The machine has 2 domains (but more in the future) -->i want info at mail.domain1.com and info at mail.domain2.com to be seperated mailboxes -->i want to use lmtp protocol to connect dovecot with postfix -->It will be perfect if i can use the system users for authentication I /etc/postfix/main.cf file looks like this smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 masquerade_domains = mail.going-on.com mail.commundi.de masquerade_exceptions = root, papinhio relocated_maps = hash:/etc/postfix/relocated smtpd_client_restrictions = check_client_access hash:/etc/postfix/access virtual_mailbox_domains = mail.going-on.com mail.commundi.de virtual_mailbox_base = /var/spool/virtual_hosts virtual_mailbox_maps = hash:/etc/postfix/virtual virtual_uid_maps = static:0 virtual_gid_maps = static:0 mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" dovecot_destination_recipient_limit = 1 mailbox_transport = lmtp:unix:private/dovecot-lmtp /etc/postfix/relocated file has only comments the same for /etc/postfix/access file i have made /var/spool/virtual_hosts folder with chmod 777 inside this folder i have made mail.going-on.com folder and mail.commundi.de folder cat /etc/postfix/virtual produce this: papinhio at mail.going-on.com mail.going-on.com/papinhio papinhio is a system_user!! uid,gid = 0 (the root user) master.cf file # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sender_login_maps=hash:/etc/postfix/virtual pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient dovecot unix - n n - - pipe flags=DRhu user=root:root argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} Ok, the /etc/dovecot/dovecot.conf file looks like this: !include conf.d/*.conf !include_try local.conf protocols = imap lmtp service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } protocol lmtp { mail_plugins = quota sieve } mail_location = mbox:/var/spool/virtual_hosts/%d/%n Both of the services can start this no errors/warnings I can send mail from bash with this command : /bin/mail -s "Hello" "el07694 at mail.ntua.gr" < /etc/dovecot/dovecot.conf Can anyone help me, plz? I don't know what i do wrong Thanks in advance, Chris Pappas From christian.rohmann at frittentheke.de Sat Jun 2 17:57:50 2012 From: christian.rohmann at frittentheke.de (Christian Rohmann) Date: Sat, 02 Jun 2012 16:57:50 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <4FCA29EE.80206@frittentheke.de> On 01.06.2012 22:58, Patrick Ben Koetter wrote: > [...] I sat down and put together a list of stat items we think to be useful in daily > dovecot usage. Quite a list. But I believe most of those values are quite useful and I would also love to see such a rich set of measurements being available. > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. Yes, I second that. Otherwise quite a few installation will just hook the dovecot commands to netsnmp handlers, which is not a pretty solution. Maybe dovecot could also do the SNMP for statistics that plugins provide? I'm thinking managesieve access, sieve processing or expire here. Regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4076 bytes Desc: S/MIME Cryptographic Signature URL: From arne at drlinux.no Sat Jun 2 18:33:32 2012 From: arne at drlinux.no (Arne K. Haaje) Date: Sat, 02 Jun 2012 17:33:32 +0200 Subject: [Dovecot] sieve with dovecot v1.x In-Reply-To: <20120602155022.46d523f8@itx.bitcorner.intern> References: <20120602134345.022f4473@itx.bitcorner.intern> <4FC9FE56.10701@rename-it.nl> <20120602142255.2486c724@itx.bitcorner.intern> <4FCA09B2.9070900@rename-it.nl> <20120602155022.46d523f8@itx.bitcorner.intern> Message-ID: <4FCA324C.4070201@drlinux.no> Den 02.06.2012 15:50, skrev Andreas Meyer: [snip] > > what can I do now? > >> >> Regards, >> >> Stephan. > > Andreas You also need to tell roundcube which port to connect to managesieve with. Depending on which plugin you use for roundcube, find it's config-file and loook for an option like this; $rcmail_config['managesieve_port'] = 4190; With such an old verion, it may be that your port is 2000. Regards, Arne -- Arne K. Haaje - Dr Linux http://www.drlinux.no/ ::: arne at drlinux.no LinkedIn: http://no.linkedin.com/pub/arne-haaje/27/189/bb From me at junc.org Sun Jun 3 01:12:40 2012 From: me at junc.org (Benny Pedersen) Date: Sun, 03 Jun 2012 00:12:40 +0200 Subject: [Dovecot] postfix+dovecat: virtual domains with imap+lmtp In-Reply-To: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> References: <736cef15e590276154fedb52401aa83b@mail.ntua.gr> Message-ID: Den 2012-06-02 16:52, el07694 skrev: > virtual_uid_maps = static:0 > virtual_gid_maps = static:0 dont do this > uid,gid = 0 (the root user) root user cant read email > dovecot unix - n n - - pipe > flags=DRhu user=root:root > argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d > ${recipient} dont use root:root http://wiki2.dovecot.org/LDA/Postfix show postfix/dovecot logs for more help From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 02:53:12 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 01:53:12 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120602235311.GA10756@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > [...] what isn't in v2.0 is the larger rewrite of the LMTP > proxying code in v2.1, which I hope fixes also this timeout problem. This Friday I did about 50 "sendmail -bv" commands in a loop to check some postfix aliases, which resulted in a lot of mails to the postmaster alias (which is distributed to about 10 people). The result was about 11 bounces of the following type: ##################################################################### Return-Path: <> Received: from mail01.example.org ([10.129.3.233]) by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA ; Fri, 01 Jun 2012 14:15:49 +0200 Return-Path: <> Received: from mx01.example.org ([127.0.0.1]) by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA ; Fri, 01 Jun 2012 14:15:49 +0200 RSET RSET ##################################################################### At the same time, the dovecot lmtp timeout errors occurred and not all "sendmail -bv" mails got delivered. Seems like a serious error and I will need to consider upgrading to 2.1 if the bug cannot get fixed in 2.0. Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:10:49 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:10:49 +0200 Subject: [Dovecot] dovecot stats: useful data to gather In-Reply-To: <20120601205839.GG2176@state-of-mind.de> References: <20120601205839.GG2176@state-of-mind.de> Message-ID: <20120603001049.GA10970@daniel.localdomain> Patrick Ben Koetter wrote: > following our discussion on dovecot stats at the LinuxTag 2012 my team and I > sat down and put together a list of stat items we think to be useful in daily > dovecot usage. > > Besides pulling together all the data we also think it would be useful to have > an SNMP interface to access the stats. Our offer to create and contribute a > standalone web interface for dovecot stats stands. This should be done via SNMP subagent, but how could you differentiate different dovecot instances on the same machine, different snmp ports for the subagent, or different snmp trees? > Here are the stats we believe to be useful: > [...] Here are the stats which I also consider to be useful: Login/Logout: - Hits/Misses for Logins via userdb cache System resources: - detailed memory usage of dovecot services (imap, worker, userdb cache) - dovecot connections to mysql database - dovecot connections to ldap - director connections vs. backend connections Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:18:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:18:18 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603001817.GB10970@daniel.localdomain> Here are some additional errors from the logs: # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 10:43:37 10.129.3.233 dovecot: lmtp(16941): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fa0d849c7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fa0d849c816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fa0d8475e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7fa0d84a8224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7fa0d84a8e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7fa0d84a7e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fa0d8495d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7fa0d7cf1c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:09 10.129.3.200 dovecot: lmtp(32350): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f18ec25b7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f18ec25b816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f18ec234e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f18ec267224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f18ec267e3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f18ec266e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f18ec254d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f18ebab0c4d] -> dovecot/lmtp() [0x404339] Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Panic: file lmtp-proxy.c: line 376 (lmtp_proxy_output_timeout): assertion failed: (proxy->data_input->eof) Jun 1 11:27:37 10.129.3.200 dovecot: lmtp(32408): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7f97f07fe7ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7f97f07fe816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7f97f07d7e4a] -> dovecot/lmtp() [0x407477] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0xd4) [0x7f97f080a224] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x5b) [0x7f97f080ae3b] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f97f0809e88] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f97f07f7d13] -> dovecot/lmtp(main+0x171) [0x404591] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f97f0053c4d] -> dovecot/lmtp() [0x404339] Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 3 03:37:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Jun 2012 02:37:09 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120602235311.GA10756@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> <20120602235311.GA10756@daniel.localdomain> Message-ID: <20120603003709.GA11672@daniel.localdomain> Daniel Parthey wrote: > This Friday I did about 50 "sendmail -bv" commands in a loop to > check some postfix aliases, which resulted in a lot of mails to > the postmaster alias (which is distributed to about 10 people). > > The result was about 11 bounces > > ##################################################################### > Return-Path: <> > Received: from mail01.example.org ([10.129.3.233]) > by mail04.example.org (Dovecot) with LMTP id gl2gG3WyyE+faQAAUavrWA > ; Fri, 01 Jun 2012 14:15:49 +0200 > Return-Path: <> > Received: from mx01.example.org ([127.0.0.1]) > by mail01.example.org (Dovecot) with LMTP id zAL8MXCyyE8nLwAA3l+BKA > ; Fri, 01 Jun 2012 14:15:49 +0200 > RSET > RSET > ##################################################################### > > At the same time, the dovecot lmtp timeout errors occurred and > not all "sendmail -bv" mails got delivered. Here's the backtrace which might be related to the bounces/timeout errors: Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Transaction log /mail/dovecot/example.de/username/mail/mailboxes/INBOX/postmaster/dbox-Mails/dovecot.index.log: duplicate transaction log sequence (31) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Panic: file mail-transaction-log-file.c: line 187 (mail_transaction_log_file_add_to_list): assertion failed: ((*p)->hdr.file_seq < file->hdr.file_seq) Jun 1 14:16:16 10.129.3.233 dovecot: lmtp(12093, username at example.de): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x3a7ca) [0x7fbf514427ca] -> /usr/lib/dovecot/libdovecot.so.0(+0x3a816) [0x7fbf51442816] -> /usr/lib/dovecot/libdovecot.so.0(+0x13e4a) [0x7fbf5141be4a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9e0aa) [0x7fbf5192e0aa] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x1f8) [0x7fbf5192e328] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9b363) [0x7fbf5192b363] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_find_file+0x3f) [0x7fbf5192b81f] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_view_set+0xcb) [0x7fbf5192fe3b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0xbe) [0x7fbf5192713e] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_map+0x86) [0x7fbf51918976] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_refresh+0xe) [0x7fbf5191322e] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x80a65) [0x7fbf51910a65] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_cache_field_want_add+0x20) [0x7fbf51910c00] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_parse_header_init+0x198) [0x7fbf518d0d18] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_cache_parse_init+0x68) [0x7fbf518d11d8] -> /usr/lib/dovecot/libdovecot-storage.so.0(dbox_save_begin+0x68) [0x7fbf518eaf38] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_save_begin+0x85) [0x7fbf518e4b45] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb827) [0x7fbf5064a827] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_save_begin+0x46) [0x7fbf518ba0d6] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_storage_copy+0xa8) [0x7fbf518b45e8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_copy+0x44) [0x7fbf518e4694] -> /usr/lib/dovecot/modules/lib10_quota_plugin.so(+0xb630) [0x7fbf5064a630] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5a) [0x7fbf518ba03a] -> /usr/lib/dovecot/libdovecot-sieve.so.0(+0x33293) [0x7fbf501f Jun 1 14:16:16 10.129.3.233 dovecot: master: Error: service(lmtp): child 12093 killed with signal 6 (core dumps disabled) Regards Daniel From brett.maxfield at gmail.com Sun Jun 3 05:15:59 2012 From: brett.maxfield at gmail.com (Brett @Google) Date: Sun, 3 Jun 2012 12:15:59 +1000 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E4CF.9070108@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FC9E4CF.9070108@thelounge.net> Message-ID: On Sat, Jun 2, 2012 at 8:02 PM, Reindl Harald wrote: > > Am 02.06.2012 11:53, schrieb Ed W: > > On 14/05/2012 17:38, Timo Sirainen wrote: > >> On Mon, 2012-05-14 at 08:56 -0700, Beto Moreno wrote: > >> > >>> I have seen some emails servers that if I send a email to other > >>> person I can see if that person have read our emails and with a option > >>> to delete the email if the person hasn't read our email. > >>> > >>> Does dovecot have some like this feature? > >> This doesn't really work with IMAP/POP3 protocols. It requires Exchange > >> or something else. > >> > >> What would be possible is to check if a user has _downloaded_ your > >> message, but many clients download messages immediately when they arrive > >> so it might not be very useful. And in any case Dovecot has no such > >> feature. > As general thoughts.. This sounds more like a workgroup collaboration functionality. It assumes that users in said workgroup all use the same outlook server (or they are in an equivalent security domain or trust). Outlook only lets you retract an email if the user is on the same outlook server, and it has not been read/downloaded?. If the user is a different email server or the mail has been read/downloaded?, the retract will always fail. So it would be no different in for dovecot. If the mail to be retracted was on the local mailer spool then in theory it could be removed.. but it is basically allowing a third party to delete things out of some other user's mail spool, with the precondition that they sent the original email AND the mail has not been read (downloaded) from the dovecot server. This would mean that dovecot would need to somehow securely tag when an email is authorized and delivered by dovecot, say from a the postfix lda, such that it could later match up a subsequent request to retract said email, to the user that sent it. Outlook is more like IMAP than POP, in that mail stays on the server but is locally cached / downloaded. Outlook can do this as it is both a mail sending agent and a mail receiving agent, it unambiguously knows when a mail comes from an authenticated user, and that it is a locally destined mail. Dovecot may or may not be responsible for putting a mail from a user into the mail spool (in some configurations postfix/sendmail can do this) so it cannot absolutely relate who sent the email, to who wants to retract it. So for this even to be possible, retractable messages would need be present, and dovecot to unambiguously be able to relate an email received by dovecot with it's original sender, which seems unlikely. Even then there is a question of how you would provide the request for deletion for dovecot to perform. This implies that there would be a new command to POP/IMAP to trigger and authorize such a retraction also. Then this new command would need to be standards-track so mail user agents would know a server has such a feature to call it. Sounds very difficult. I think outlook sends a specially crafted email, i doubt it is standards track as it is all happening within the same application in the case out outlook. Cheers Brett -- *The only thing that interferes with my learning is my education.* * Albert Einstein* From dovecot at tlinx.org Sun Jun 3 11:06:18 2012 From: dovecot at tlinx.org (Linda Walsh) Date: Sun, 03 Jun 2012 01:06:18 -0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FC9E2A0.9070905@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> Message-ID: <4FCB1AFA.3040200@tlinx.org> Ed W wrote: > > Just to register interest, but at some point I will need to consider > writing a plugin or similar to achieve exactly this. > > Situation is that several of our competitors offer such a feature, ie > known pool of users on dialup or intermittently connected systems, > provide an alert back to the sender when your email has been > "accessed/downloaded" by the remote user. --- My dentist used a service that claimed to provide a read-notification. It was just an embedded web-bug in the email that I could choose to display or not ... if the client doesn't want to cooperate, you can't tell when the person read it. All you could do is tell when a client downloaded it from dovecot...which doesn't say much for clients that are left on 24/7... From lists at wildgooses.com Sun Jun 3 11:43:43 2012 From: lists at wildgooses.com (Ed W) Date: Sun, 03 Jun 2012 09:43:43 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB1AFA.3040200@tlinx.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> Message-ID: <4FCB23BF.20300@wildgooses.com> On 03/06/2012 09:06, Linda Walsh wrote: > Ed W wrote: >> >> Just to register interest, but at some point I will need to consider >> writing a plugin or similar to achieve exactly this. >> >> Situation is that several of our competitors offer such a feature, ie >> known pool of users on dialup or intermittently connected systems, >> provide an alert back to the sender when your email has been >> "accessed/downloaded" by the remote user. > --- > My dentist used a service that claimed to provide a read-notification. > > It was just an embedded web-bug in the email that I could choose to > display or not ... if the client doesn't want to cooperate, you can't > tell when the person read it. All you could do is tell when a client > downloaded it from dovecot...which doesn't say much for clients that > are left on 24/7... > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for providing them service then I have to give it to them if I want the business. The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly can't trigger web bugs to trigger read receipts. Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the customer demands it, and at present that prevents me bidding for certain types of business... Basically the customer just wants to repro what they got with Exchange Cheers for ideas though! Ed W From h.reindl at thelounge.net Sun Jun 3 12:49:08 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 11:49:08 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3314.8030008@thelounge.net> Am 03.06.2012 10:43, schrieb Ed W: > Please folks - don't argue with me - I'm the wrong person! The recipient who is receiving these emails, ie the > person being "bugged" is demanding that they are "buggable". If they demand it and it's a requirement for > providing them service then I have to give it to them if I want the business. > > The users are on satellite dialup and barely have enough bandwidth to download a few KB of emails, they certainly > can't trigger web bugs to trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is mail loops, but the point is that the > customer demands it, and at present that prevents me bidding for certain types of business... Basically the > customer just wants to repro what they got with Exchange kiss him goodbye with exchange what do you expect? only some idiots are using such "features" even if you find a opensource solution yiu can imagine how well tested it would be and how many troubles you will have after the setup "if I want the business" -> do you need this business to survive? if no -> kiss him goodbye, if yes -> i doubt you will not survive -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 12:50:48 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 11:50:48 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB3378.3060402@schetterer.org> Am 03.06.2012 10:43, schrieb Ed W: > On 03/06/2012 09:06, Linda Walsh wrote: >> Ed W wrote: >>> >>> Just to register interest, but at some point I will need to consider >>> writing a plugin or similar to achieve exactly this. >>> >>> Situation is that several of our competitors offer such a feature, ie >>> known pool of users on dialup or intermittently connected systems, >>> provide an alert back to the sender when your email has been >>> "accessed/downloaded" by the remote user. >> --- >> My dentist used a service that claimed to provide a read-notification. >> >> It was just an embedded web-bug in the email that I could choose to >> display or not ... if the client doesn't want to cooperate, you can't >> tell when the person read it. All you could do is tell when a client >> downloaded it from dovecot...which doesn't say much for clients that >> are left on 24/7... >> > > Please folks - don't argue with me - I'm the wrong person! The > recipient who is receiving these emails, ie the person being "bugged" is > demanding that they are "buggable". If they demand it and it's a > requirement for providing them service then I have to give it to them if > I want the business. > > The users are on satellite dialup and barely have enough bandwidth to > download a few KB of emails, they certainly can't trigger web bugs to > trigger read receipts. > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange > > Cheers for ideas though! > > Ed W Hi Ed, you can have dsn http://www.postfix.org/DSN_README.html you can have mdn http://en.wikipedia.org/wiki/Return_receipt so this is internet (smtp ) standards and has nearly nothing to do with imap/dovecot also whatever solution you use there is no way to find out if a user has read a mail unless you asked him in person ( and then you might find out if the recipient has understood what he had read *g) the maximum you may reach is get notice if a mail has tec side reached the recipient, the user must not accept your wish to notice you if he opens the mail ( which also would not mean he has read the mail ) this is with internet mail, by intranet mail systems ( which means the recipient is on the same mail system and storage) typical for company mail sites with exchange and/or notes etc you have a dediacted client i.e outlook for exchange , so here its possible to implement inside actions whatever tec of this system is able to do. But as soon as you mail to internet, this features may get useless , cause you never know what tec is used on the recipient side so nobody may invest time in create useless internet standards however youre free to code or pay someone to code for you what you want specially for your wanted feature. But i see no real relate to dovecot, cause mail is recent sent via smtp Dont compare mail systems this way, they are totally different however they do imap/pop3/smtp specially with echange some stuff will only work with outlook and active directory -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From CMarcus at Media-Brokers.com Sun Jun 3 16:46:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 03 Jun 2012 09:46:15 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB6AA7.4050200@Media-Brokers.com> On 2012-06-03 4:43 AM, Ed W wrote: > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, and if it does, it requires the explicit cooperation of the other systems admin). Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as you are beginning to see... -- Best regards, Charles From michael at orlitzky.com Sun Jun 3 17:24:53 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 10:24:53 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB23BF.20300@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> Message-ID: <4FCB73B5.9020807@orlitzky.com> On 06/03/12 04:43, Ed W wrote: > > Look, I can argue against the idea easily, personally my objection is > mail loops, but the point is that the customer demands it, and at > present that prevents me bidding for certain types of business... > Basically the customer just wants to repro what they got with Exchange I for one think the plugin is a good idea. I think read receipts are dumb, of course. But if the customer won't be persuaded, I would rather have them give their money to you than to the guy who thinks they're a great solution. Plus, it will make Dovecot a little bit better as a side effect. From robert at schetterer.org Sun Jun 3 19:06:45 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 18:06:45 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB73B5.9020807@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> Message-ID: <4FCB8B95.3000301@schetterer.org> Am 03.06.2012 16:24, schrieb Michael Orlitzky: > On 06/03/12 04:43, Ed W wrote: >> >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > > I for one think the plugin is a good idea. what the hell , should the plugin do and how ? there is smtp dsn, nothing more makes sense looking to the thread subject , you need to have new internet standard called "braindump over tcp" this doesnt exist on exchange too mail is smtp, dovecot is no smtp server > > I think read receipts are dumb, of course. But if the customer won't be > persuaded, I would rather have them give their money to you than to the > guy who thinks they're a great solution. > > Plus, it will make Dovecot a little bit better as a side effect. -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From michael at orlitzky.com Sun Jun 3 20:21:56 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 13:21:56 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB8B95.3000301@schetterer.org> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> Message-ID: <4FCB9D34.7060902@orlitzky.com> On 06/03/12 12:06, Robert Schetterer wrote: > Am 03.06.2012 16:24, schrieb Michael Orlitzky: >> >> I for one think the plugin is a good idea. > > what the hell , should the plugin do and how ? > there is smtp dsn, nothing more makes sense > > looking to the thread subject , you need to have new internet standard > called > > "braindump over tcp" > > this doesnt exist on exchange too > > mail is smtp, dovecot is no smtp server > You could trigger on the 'seen' flag, and Dovecot is more than capable of generating messages, especially to mailboxes under its control (see: sieve). But... who cares? The worst possible thing that can happen is that he writes it and makes his customers happy and you pretend it doesn't exist. From h.reindl at thelounge.net Sun Jun 3 20:26:55 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 19:26:55 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9D34.7060902@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> Message-ID: <4FCB9E5F.9010709@thelounge.net> Am 03.06.2012 19:21, schrieb Michael Orlitzky: > On 06/03/12 12:06, Robert Schetterer wrote: >> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>> >>> I for one think the plugin is a good idea. >> >> what the hell , should the plugin do and how ? >> there is smtp dsn, nothing more makes sense >> >> looking to the thread subject , you need to have new internet standard >> called >> >> "braindump over tcp" >> >> this doesnt exist on exchange too >> >> mail is smtp, dovecot is no smtp server >> > > You could trigger on the 'seen' flag, and Dovecot is more than capable > of generating messages, especially to mailboxes under its control (see: > sieve) and now tell us how you "connect" YOUR sent message over SMTP to any seen fleeg of another user? > But... who cares? people which cares about reality? > The worst possible thing that can happen is that he > writes it and makes his customers happy if it is his business make people happy with lies, ok my business is make people happy by telling them the truth -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From michael at orlitzky.com Sun Jun 3 21:11:55 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Sun, 03 Jun 2012 14:11:55 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBA8EB.8020203@orlitzky.com> On 06/03/12 13:26, Reindl Harald wrote: > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > Dovecot could write directly to their mailbox. Otherwise, it could do whatever the sieve vacation plugin does. >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth I don't think he plans to lie. I think he explained the limitations and they don't care. People have different tastes. I wouldn't personally use ~100% of the things that I fix for other people. From h.reindl at thelounge.net Sun Jun 3 21:19:20 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 20:19:20 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBA8EB.8020203@orlitzky.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> Message-ID: <4FCBAAA8.2020107@thelounge.net> Am 03.06.2012 20:11, schrieb Michael Orlitzky: > On 06/03/12 13:26, Reindl Harald wrote: >> >> and now tell us how you "connect" YOUR sent message over SMTP >> to any seen fleeg of another user? >> > Dovecot could write directly to their mailbox. Otherwise, it could do > whatever the sieve vacation plugin does. oh yeah, explain this the customers MUA when he clicks on "sent mail" it is naive to believe some weird solution which only works as long the sune shines is useable >>> The worst possible thing that can happen is that he >>> writes it and makes his customers happy >> >> if it is his business make people happy with lies, ok >> my business is make people happy by telling them the truth > > I don't think he plans to lie. I think he explained the limitations and > they don't care. if they don't care i would refuse them as customer i saw way too often people saying "i do not care" but later "oh but you did not explain THIS result exactly" > People have different tastes. I wouldn't personally use ~100% of the > things that I fix for other people people are mostly to stupid to realize what they are trying to accomplish and why it it a bad idea this is why we professionals exist and if people refuse what you are explaining them kiss them goodbye - irt will be better for you over the long -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From jerry at seibercom.net Sun Jun 3 21:54:32 2012 From: jerry at seibercom.net (Jerry) Date: Sun, 3 Jun 2012 14:54:32 -0400 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCBAAA8.2020107@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> Message-ID: <20120603145432.4229f957@scorpio> On Sun, 03 Jun 2012 20:19:20 +0200 Reindl Harald articulated: >people are mostly to stupid to realize what they >are trying to accomplish and why it it a bad idea > >this is why we professionals exist and if people >refuse what you are explaining them kiss them >goodbye - irt will be better for you over the long No offense, but considering your business attitude and disdain for potential clients and your opinion of them, it would be a far better thing if they steered clear of you all together. There are many considerate, intelligent, compassionate professionals out there who would be willing to take on the difficult client. Any "asshole" can service the routine, run of the mill, client. It takes a true professional to work with and service a difficult one. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From h.reindl at thelounge.net Sun Jun 3 22:07:47 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 03 Jun 2012 21:07:47 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <20120603145432.4229f957@scorpio> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> <4FCBA8EB.8020203@orlitzky.com> <4FCBAAA8.2020107@thelounge.net> <20120603145432.4229f957@scorpio> Message-ID: <4FCBB603.5090106@thelounge.net> Am 03.06.2012 20:54, schrieb Jerry: > On Sun, 03 Jun 2012 20:19:20 +0200 > Reindl Harald articulated: > >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far better > thing if they steered clear of you all together. by business attidue is perfectly OK i do not offer things where i know they will not work i the real world > There are many considerate, intelligent, compassionate professionals > out there who would be willing to take on the difficult client. it is not intelligent to discuss about "can we know when a user read our email?" - tis question has only one answer: no, forget it if a customer thinks he must have any half baken solution to make him happy i am fine he is the custoerm of someone which is not interested in quality at all because both are matching togehter > Any "asshole" can service the routine, run of the mill, client. > It takes a true professional to work with and service a difficult > one you need not to tell me about routine, really not i have written admin-backends for nearly all types of services including mail-backends (partly for options most people even do not know that they exist) in the last years and after that i know what is NOT possible in a acceptable service quality often it is much more important to know and realize what you CAN NOT implement in acceptable quality as what you can -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From robert at schetterer.org Sun Jun 3 22:13:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 03 Jun 2012 21:13:21 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCBB751.9070301@schetterer.org> Am 03.06.2012 19:26, schrieb Reindl Harald: > > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> >>>> I for one think the plugin is a good idea. >>> >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > >> But... who cares? > > people which cares about reality? > >> The worst possible thing that can happen is that he >> writes it and makes his customers happy > > if it is his business make people happy with lies, ok > my business is make people happy by telling them the truth > the maximun with multi clients which "may" be goaled is a notice , if a mail was/has seen-flagged-opened/downloaded ( pop3), as long as sender and recipient are on the same server/storage/system but seen-opened-flagged a mail is not "read the mail by the adressed human recipient" and human read a mail means not understand the content of the mail nobody grant ever that is was the adressed recipient human in person that opened the mail and did set the seen flag "seen-flagged" means opened for display as/from a tec process !!! by the way this differnce seems not to care by customers who want this feature or may think its included elsewhere i would recommand Mind melds over the wire like http://en.wikipedia.org/wiki/Vulcan_%28Star_Trek%29#Mind_melds as an ultimate solution for this problem *g -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From matthijs at stdin.nl Sun Jun 3 23:57:30 2012 From: matthijs at stdin.nl (Matthijs Kooijman) Date: Sun, 3 Jun 2012 22:57:30 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <4FCA0801.9040409@rename-it.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> Message-ID: <20120603205730.GY4023@login.drsnuggles.stderr.nl> Hi Stephan, > You asked this one on IRC a while back right? Yup, that was me. > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. Yeah, the copy-on-write approach is probably a good idea. A downside of the copy-on-write approach is that if you change the global script later on, it doesn't affect users that made any changes to their sieve configuration (as opposed to my proposal, where only changes to the actual "default" script would prevent this). However, I mentioning this just for completeness, since I don't really think this is much of a problem. Also, the "no sieve configured" case could be detected by the existence of a sieve_directory, perhaps? > In my last release of Pigeonhole I added support for putting scripts > inside a dict database (or any other storage facility once implemented). > Support for ManageSieve accessing such alternative data stores is > lacking still, but, once I implement that, I also intend to address the > issue you describe here. I'm probably going to structure it very similar > to Dovecot's own mail storage library, meaning that plugins can override > certain aspects of the storage's behavior. This should allow for all > kinds of magic in the script storage, including what you describe above. Would it make sense to implement such magin inside the script storage, or on top of it? The latter means the magic will work for every storage implemented, which would be an advantage? In any case, if there is some lookout onto this feature, I might configure the Roundcube plugin thing now and upgrade to a real solution at some later point. Gr. Matthijs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: From stephan at rename-it.nl Mon Jun 4 01:16:54 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 00:16:54 +0200 Subject: [Dovecot] Exposing global (default) sieve script through Managesieve In-Reply-To: <20120603205730.GY4023@login.drsnuggles.stderr.nl> References: <20120601182659.GA19340@login.drsnuggles.stderr.nl> <4FCA0801.9040409@rename-it.nl> <20120603205730.GY4023@login.drsnuggles.stderr.nl> Message-ID: <4FCBE256.6040903@rename-it.nl> On 6/3/2012 10:57 PM, Matthijs Kooijman wrote: > > The copy-on-write scheme I describe above may solve this, as it > remembers (somehow) the status of the account: either an > untouched/unconfigured account or an account with no active scripts. > This behavior could be combined with the solution you describe above. > Yeah, the copy-on-write approach is probably a good idea. > > A downside of the copy-on-write approach is that if you change the > global script later on, it doesn't affect users that made any changes to > their sieve configuration (as opposed to my proposal, where only changes > to the actual "default" script would prevent this). However, I > mentioning this just for completeness, since I don't really think this > is much of a problem. > > Also, the "no sieve configured" case could be detected by the existence > of a sieve_directory, perhaps? Something like that, yes. >> In my last release of Pigeonhole I added support for putting scripts >> inside a dict database (or any other storage facility once implemented). >> Support for ManageSieve accessing such alternative data stores is >> lacking still, but, once I implement that, I also intend to address the >> issue you describe here. I'm probably going to structure it very similar >> to Dovecot's own mail storage library, meaning that plugins can override >> certain aspects of the storage's behavior. This should allow for all >> kinds of magic in the script storage, including what you describe above. > Would it make sense to implement such magic inside the script storage, > or on top of it? The latter means the magic will work for every storage > implemented, which would be an advantage? Definitely on top. Regards, Stephan. From inbound-dovecot at listmail.innovate.net Mon Jun 4 01:20:10 2012 From: inbound-dovecot at listmail.innovate.net (Richard) Date: Sun, 03 Jun 2012 22:20:10 +0000 Subject: [Dovecot] Can we know when a user read our email? Message-ID: <708007F287205FE8EB554EB9@ritz.innovate.net> > Date: Sunday, June 03, 2012 02:54:32 PM -0400 > From: Jerry > >> On Sun, 03 Jun 2012 20:19:20 +0200 >> Reindl Harald articulated: >> >> people are mostly to stupid to realize what they >> are trying to accomplish and why it it a bad idea >> >> this is why we professionals exist and if people >> refuse what you are explaining them kiss them >> goodbye - irt will be better for you over the long > > No offense, but considering your business attitude and disdain for > potential clients and your opinion of them, it would be a far > better thing if they steered clear of you all together. There are > many considerate, intelligent, compassionate professionals out > there who would be willing to take on the difficult client. Any > "asshole" can service the routine, run of the mill, client. It > takes a true professional to work with and service a difficult > one. Something that seems to be missing from this discussion are considerations of privacy and (personal) security. There are fairly serious implications of a sender being able to tell that/when someone has downloaded/opened a message -- including discovery of daily patterns and potentially where the recipient is, or isn't. I think it is our responsibility to understand these issues and explain them to managers/clients in order to bring them along if we refuse (as I would) to provide a capability such as this. [I always set the sendmail "noreceipts" PrivacyOptions so it doesn't respond to these disposition requests.] One approach is to point out to managers/clients that if their system is configured to return read receipts, anyone sending mail to them on that system will be able to get these same types of receipts. When they think about that they may not like the implications and may reconsider their request. Just because it is technically possible to do something (and even if other vendors provide the capability) does not mean that it is the ethically or legally responsible thing to do. - Richard From dovecot-list at mohtex.net Mon Jun 4 04:17:20 2012 From: dovecot-list at mohtex.net (Tamsy) Date: Mon, 04 Jun 2012 08:17:20 +0700 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <708007F287205FE8EB554EB9@ritz.innovate.net> References: <708007F287205FE8EB554EB9@ritz.innovate.net> Message-ID: <4FCC0CA0.6000003@mohtex.net> Richard wrote the following on 04.06.2012 05:20: > >> Date: Sunday, June 03, 2012 02:54:32 PM -0400 >> From: Jerry >> >>> On Sun, 03 Jun 2012 20:19:20 +0200 >>> Reindl Harald articulated: >>> >>> people are mostly to stupid to realize what they >>> are trying to accomplish and why it it a bad idea >>> >>> this is why we professionals exist and if people >>> refuse what you are explaining them kiss them >>> goodbye - irt will be better for you over the long >> No offense, but considering your business attitude and disdain for >> potential clients and your opinion of them, it would be a far >> better thing if they steered clear of you all together. There are >> many considerate, intelligent, compassionate professionals out >> there who would be willing to take on the difficult client. Any >> "asshole" can service the routine, run of the mill, client. It >> takes a true professional to work with and service a difficult >> one. > Something that seems to be missing from this discussion are > considerations of privacy and (personal) security. There are fairly > serious implications of a sender being able to tell that/when > someone has downloaded/opened a message -- including discovery of > daily patterns and potentially where the recipient is, or isn't. > > I think it is our responsibility to understand these issues and > explain them to managers/clients in order to bring them along if we > refuse (as I would) to provide a capability such as this. [I always > set the sendmail "noreceipts" PrivacyOptions so it doesn't respond > to these disposition requests.] > > One approach is to point out to managers/clients that if their > system is configured to return read receipts, anyone sending mail to > them on that system will be able to get these same types of > receipts. When they think about that they may not like the > implications and may reconsider their request. > > Just because it is technically possible to do something (and even if > other vendors provide the capability) does not mean that it is the > ethically or legally responsible thing to do. > > > - Richard > > I totally agree with Richard's point of few. I would consider it as intrusive and even intimidating if the sender of an E-Mail can monitor whether and when I open/read his mail. Just imagine this would happen with the good old hard printed mail the postman put into the mailbox at our door: As soon as we open the envelope and unfold the letter a microchip sends a note to the sender that his letter has been opened and read. I can already see the public outcry if something like this would happen some day... If somebody sends me a mail, it is up to me whether I want to open and read its content or whether I just want to bin it without having opened it. This is my right since the moment that mail has reached my mailbox, no matter whether it is a hardcopy mail or an E-Mail, it belongs to me and I can do with it whatever I like without letting the sender know how it has finally ended. From jeetuindian at gmail.com Mon Jun 4 13:20:06 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 4 Jun 2012 15:50:06 +0530 Subject: [Dovecot] Frequently login problem Message-ID: Hi, I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few days I need to restart or reload dovecot service because at that time users are not able to login. Each time I am getting information from doveco.log is as : Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 of existing connection Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 of existing connection -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From joshua at hybrid.pl Mon Jun 4 14:44:11 2012 From: joshua at hybrid.pl (Jacek Osiecki) Date: Mon, 4 Jun 2012 13:44:11 +0200 (CEST) Subject: [Dovecot] Vacation stopped working Message-ID: Hi, I'm sure that it WAS working, but I can't guarantee... On a system with dovecot 2.0.16 and dovecot-pigeonhole-2.0_0.2.5. Today a user reported that vacation autoreponse did not work for him. As I have checked the dovecot logs, I see such a message: Jun 04 13:39:51 lmtp(9986, user at xxx.com): Info: ZumtCleezE8CJwAAA1GDYg: sieve: msgid=: discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers (recipient=, and additional `:addresses' are specified) Any idea what actually went wrong? I was browsing for this error message, but found only dovecot sources :( Greetings, -- Jacek Osiecki joshua at ceti.pl GG:3828944 I don't want something I need. I want something I want. From lists at wildgooses.com Mon Jun 4 16:36:35 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:36:35 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB6AA7.4050200@Media-Brokers.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> Message-ID: <4FCCB9E3.3060702@wildgooses.com> On 03/06/2012 14:46, Charles Marcus wrote: > On 2012-06-03 4:43 AM, Ed W wrote: >> Look, I can argue against the idea easily, personally my objection is >> mail loops, but the point is that the customer demands it, and at >> present that prevents me bidding for certain types of business... >> Basically the customer just wants to repro what they got with Exchange > > Then tell them their only option is to buy Exchange Server and Outlook > for everyone - but explain that this 'feature' *still* will not work > for recipients that are outside of your control (ie, it will only work > for local recipients - and I *think* it is possible to set up Trusts > with other external Exchange Servers, but not sure, and if it does, it > requires the explicit cooperation of the other systems admin). > > Bottom line: do NOT promise the impossible to a client just to win the > business. It is a losing proposition, as you are beginning to see... > You have the situation backwards. I think you know about the MailASail business. We run small ISP selling mail accounts to customers. *our customers* want to voluntarily tell senders when they have downloaded an email via POP. The basic requirement is when the message is accessed via POP, then the sender (presumably defined by the FROM address) is sent a notification. Please don't argue about the spam aspects, etc - we are all on the same page here. However, it's not an entirely foolish request - because the customer is on dialup MDN implemented by the mail client isnt really feasible, and DSN doesn't help us realise that the remote user has at least connected and accessed the mail. So they are kind of asking for a limited server side implementation of MDN. In fact this isn't that unreasonable, it's just problematic and unusual. Ed W From lists at wildgooses.com Mon Jun 4 16:49:08 2012 From: lists at wildgooses.com (Ed W) Date: Mon, 04 Jun 2012 14:49:08 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCB9E5F.9010709@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB73B5.9020807@orlitzky.com> <4FCB8B95.3000301@schetterer.org> <4FCB9D34.7060902@orlitzky.com> <4FCB9E5F.9010709@thelounge.net> Message-ID: <4FCCBCD4.8090503@wildgooses.com> On 03/06/2012 18:26, Reindl Harald wrote: > > Am 03.06.2012 19:21, schrieb Michael Orlitzky: >> On 06/03/12 12:06, Robert Schetterer wrote: >>> Am 03.06.2012 16:24, schrieb Michael Orlitzky: >>>> I for one think the plugin is a good idea. >>> what the hell , should the plugin do and how ? >>> there is smtp dsn, nothing more makes sense >>> >>> looking to the thread subject , you need to have new internet standard >>> called >>> >>> "braindump over tcp" >>> >>> this doesnt exist on exchange too >>> >>> mail is smtp, dovecot is no smtp server >>> >> You could trigger on the 'seen' flag, and Dovecot is more than capable >> of generating messages, especially to mailboxes under its control (see: >> sieve) > and now tell us how you "connect" YOUR sent message over SMTP > to any seen fleeg of another user? > I think we are talking cross purposes about the design here In my case I have a customer base on *dialup* who connect very infrequently. They kind of want MDN to work, however, at least my understanding is that this is typically implemented by first the MUA downloading all messages, then generating MDN responses which need to be sent out - however, in the case of dialup this may be very far after the fact. Therefore they request a kind of server side MDN. So when the message is downloaded from the POP server, the POP server generates some form of MDN-a-like response on their behalf. There are clearly limitations here, but equally the limitations are quite clearly explained - all we learn is that the message was downloaded, but in the case of very infrequent dialup users, this at least teaches us the earliest time that the user could have read the message. Many of these users are corporate and have defined processes, so they may require the user to actually read and action all the emails which have been downloaded, hence it might be inferred that usually the message will be read soon after we learn it's downloaded - I don't think the goal is to get 100% knowledge of read time though, just an estimate and that it did actually arrive at this remote user is helpful To put some meat on this type of user, we are talking about a group of users who might be mid-ocean or perhaps hanging around north/south pole or somewhere similarly remote. They would be using satellite dialup devices which have significant costs. So for example if we see the user dial in we learn: - They aren't dead... - With some confidence that the message has crossed the most uncertain part of the link and is at least now close enough to the user we just need to hope they actually read it - This type of user is typically only receiving a small handful of messages. At 2.4Kbit you are struggling to receive emails, it's not assume that this type of user is getting the kind of volumes that you or I get This is a niche user, however, I think the basic feature is actually not entirely stupid. My competitors implement this feature quite crudely with just a generic message mailed out to the sender the first time the recipient (ie on our server) accesses and downloads and accesses the email. I don't see anyone trying to send MDN compatible receipts, they literally just send a "Your message was downloaded by the recipient" message Cheers Ed W From h.reindl at thelounge.net Mon Jun 4 17:14:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 04 Jun 2012 16:14:49 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCC2D9.3010209@thelounge.net> Am 04.06.2012 15:36, schrieb Ed W: >> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >> and if it does, it requires the explicit cooperation of the other systems admin). >> >> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >> you are beginning to see... >> > > We run small ISP selling mail accounts to customers. *our customers* want to > voluntarily tell senders when they have downloaded an email via POP. and the sender for sure wants this too for every single message? i doubt not > The basic requirement is when the message is accessed via POP, then the > sender (presumably defined by the FROM address) is sent a notification. have fun if ONE user has enabled "leave messages on server" and his machine crashs - the next time he will setup his account again he would self-DOS the mail-system > Please don't argue about the spam aspects, etc - we are all on the same page here wait until one of the company get fired and leave you a little "present" with a lot of forged senders > However, it's not an entirely foolish request it IS a entirely foolish request each mail client in this world supports "acknowledgment of receipt" the sender has only to configure his account correctly and the rcpt can decide if his client should send confirmations * always * per confirm on each message * alaways for specific senders * or even not send this bullshit at all such things has CLEARLY not to be implemented on the server side if the users are too stupid to user their mail-client and the admins missing any knowledge to do this for the users solve this problem by educate them in e-mail baiscs -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From devurandom at gmx.net Mon Jun 4 17:32:04 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Mon, 04 Jun 2012 16:32:04 +0200 Subject: [Dovecot] dovecot-metadata-9 released Message-ID: <2115082.gk9Y8Dam5O@ernie> Hello everyone! I just released dovecot-metadata-8, which is an implementation of RFC 5464 (IMAP METADATA), allowing to add comments/annotations/metadata to folders of an email account. 2012-06-04: Version 9 * Added Dovecot 2.1 compatibility * Fixed compliance with RFC 5464 Section 3.2 * Separated backend code into library * Synced code of imap-annotatemore with imap-metadata * Improved error messages * Several bugfixes (incl. segfaults) * Minor cleanups Please get the code from [1] and send me an email for any problem you find. For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 +0200 titled "dovecot-metadata-8 released". Kind regards, Dennis [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: From stephan at rename-it.nl Mon Jun 4 18:08:19 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Mon, 04 Jun 2012 17:08:19 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <2115082.gk9Y8Dam5O@ernie> References: <2115082.gk9Y8Dam5O@ernie> Message-ID: <4FCCCF63.3040703@rename-it.nl> Op 6/4/2012 4:32 PM, Dennis Schridde schreef: > For more information please refer to my email from Sun, 12 Jun 2011 15:55:57 > +0200 titled "dovecot-metadata-8 released". http://www.dovecot.org/list/dovecot/2011-June/059630.html Regards, Stephan. From malloc4k at gmail.com Mon Jun 4 19:44:01 2012 From: malloc4k at gmail.com (Malloc Kilobyte) Date: Mon, 4 Jun 2012 18:44:01 +0200 Subject: [Dovecot] Customization of "Rejected" message. Message-ID: Helo, I'm using Dovecot 2.1.1 with Postfix 2.3.3. I've enabled the quota plugin, so that Dovecot LDA reject e-mails, when user's mailbox is out of space. By default, when mailbox is near quota, and someone tries to send huge message, a reply is automatically send to the sender. It's being send from postmaster named as Mail Delivery Subsystem. And here is my question: Is there some way to customize that auto-reply, so that it is not only being send to the sender but also to recipient gets some notice about failed attempt ? I've also noticed, that this reply has attachment, which is rejected message, but it appears to be empty. Can I configure Dovecot to send back whole rejected message ? Regards malloc4k From robert at schetterer.org Mon Jun 4 20:23:27 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 04 Jun 2012 19:23:27 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCB9E3.3060702@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> Message-ID: <4FCCEF0F.3050708@schetterer.org> Am 04.06.2012 15:36, schrieb Ed W: > I think you know about the MailASail business. We run small ISP selling > mail accounts to customers. *our customers* want to voluntarily tell > senders when they have downloaded an email via POP. The basic > requirement is when the message is accessed via POP, then the sender > (presumably defined by the FROM address) is sent a notification. this isnt what you asked in the subject "Can we know when a user read our email?" the best and true answer: "never" ---snip as long all senders and users are on the same mailsystem/storage you might wrote i.e some watch daemon on your smtp mailsystem with if mail in storage with "Disposition-Notification-To" from "your sender" grepped by sasl header "Authenticated sender:" has gone from new to cur in "your recipients" storage maildir and subfolders you may also try use complex smtp transport header_checks combis with i.e /(^Disposition-Notification-To:.*)/ REPLACE X-$1 to mark mail etc and/or policy servers , milters etc perhaps with writings in dbs and comparing verbose dovecot logs etc cause there are uni ways to setup smtp and dovecot servers you must find your way fitting your setup as i said , i see only small relates to dovecot cause the only header which is standard in mail clients is Message Disposition Notification, so the sender has to use it anyway and you have to filter this mails by it additional only for "your senders" and "your recipients" then you have to find a way checking status of this mails in "your storage" if you allready have amavis included, you might code it there somehow or look at http://mailfud.org/postpals/ policy server for ideas who you might goal another way..... perhaps you might include a sieve global filter rule with filtering Disposition-Notification-To only from "your sender domains" and doing a simple mail notify action about it was delivered, or using some no official sieve plugins for actions with external binaries ( procmail etc ) -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From jeep at rahul.net Tue Jun 5 05:33:19 2012 From: jeep at rahul.net (Jeff Lacki) Date: Mon, 04 Jun 2012 19:33:19 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail Message-ID: <20120605023319.7664B1298B0@aqua.rahul.net> Im trying to figure out how to get dovecot to deliver to my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) AND work with squirrelmail. Ive worked on this for hours reading the docs etc with no luck so far. I get dovecot-lda to deliver to: /opt/imapdata/j/jeff/INBOX/inbox but when I use squirrelmail, I see the following in the log: dovecot: imap(jeff): Debug: Effective uid=1006, gid=999, home=/opt/imapdata/j/jeff/INBOX/inbox dovecot: imap(jeff): Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory dovecot: imap(jeff): Debug: Namespace : type=private, prefix=INBOX/, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/opt/imapdata/j/jeff:INBOX=/opt/imapdata/j/jeff/INBOX:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes It complains that 'inbox' isnt a directory, but I want it to use: /opt/imapdata/j/jeff/INBOX What parameter do I need to tweak to get this to work? Ive tried the 'folder options' in squirrelmail but that doesnt appear to have any effect here (or at least at this point in my testing). It seems that the only parameter to tweak is 'mail_location' which Im having no luck getting to work correctly. Also namespace may play a part but every combination Ive tried does not result in getting it work thus far. On a sidenote when I send more than 1 email, it doesnt seem to honor 'maildir', it seems its doing 'mbox' instead? I get one flat file. Im lost and confused. my variables: mail_location = maildir:/opt/imapdata/%1n/%n:INBOX=/opt/imapdata/%1n/%n:LAYOUT=fs:DIRNAME=mmDIR:INDEX=~/indexes namespace { type = private separator = / prefix = INBOX/ inbox = yes } Your help is appreciated! Thanks, Jeff /mf/home/jeep/shell/.signature From jtam.home at gmail.com Tue Jun 5 05:45:59 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 4 Jun 2012 19:45:59 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English writes: > I'm getting a lot of what I think is a local socket asking > dovecot:auth to verify username/passwords: > >> May 31 09:00:54 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=admin rhost= If dovecot-auth is getting input from a local socket, then rhost information is irrelevant since the host doing the asking is the server itself (maybe from another daemon connected to a remote host). Maybe someone is brute forcing your server's Postfix authenticated SMTP service since Postfix can be configured to use Dovecot's SASL authentication framework. Joseph Tam From a.kostyrev at serverc.ru Tue Jun 5 06:14:44 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 14:14:44 +1100 Subject: [Dovecot] best practises for mail systems Message-ID: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> hello! Can someone point me to some best practices in building high-available scalable mail system or! share your own success stories. I've read article in LJ "Building a Scalable High-Availability E-Mail System with Active Directory and More" but it seemed to be outdated and there's a single point of failure (Master node). What I want to achieve: high-available, horizontaly scalable, with no single point of failure mail solution. Available hardware: intel mfsys25 modular server with 2 storage controllers, 2 switches, 4 power supply blocks with - 2 blade-servers in mfsys with: 2xIntel Xeon E5620 @ 2.40GHz with 8 cores each - promise vtrak e610s (2 storage controllers, 2 power supply blocks) - 6x 2TB SATA Hitachi HDS72302 We decided to go for KVM virtualization and glusterfs for live migration for vm image but that's not what this is all about :) We installed centos on host systems. for now while we could think of two ways to go: The first way (currently at testing stage): On each host system we created one VM and passed through 3x2TB disks into it. In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. so it looks like this: vm1??? replicate???? vm2 disk1 ------------> disk4 disk2 ------------> disk5 disk3 ------------> disk6 in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. also we use exim as smtp. So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that 'cause LVS points them to working smtp and imap4 servers and they get their mail 'cause of glusterfs. Pros: - high-available - horizontaly scalable - with no single point of failure Cons: - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. The second way: split up the users mail with: two back-end VMs each other on DIFFERENT host system with - fat mailstorage with raid1+linear mode (mdadm)+XFS - dovecot/exim-back-ends and two VMs for nginx-based proxy servers for imap4 and smtp - nginx can redirect user to right back-end through HTTP-php-based logic. Pros: - we split up not only load for exim/dovecot but users mail IOs too - no split-brains Cons: - If one of the host systems (hence one of back-end VMs with storage) goes down, half of our users is unhappy P.S. Sorry if this place is way wrong to ask for such things. From johannes at sipsolutions.net Tue Jun 5 11:09:27 2012 From: johannes at sipsolutions.net (Johannes Berg) Date: Tue, 05 Jun 2012 10:09:27 +0200 Subject: [Dovecot] Different but probably related issue In-Reply-To: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> Message-ID: <1338883767.4514.23.camel@jlt3.sipsolutions.net> Hi Marc, [+list since I'm unlikely to be able to solve this problem myself] > I am trying to setup a debian testing (wheeze) mail server using > postfix, dovecot and amavisd-new with spamassassin. I have everything > working fine, using mdbox mailboxes and system users. As a final touch > for this setup, I wanted to be able to train the (global) bayes > database directly through IMAP. > > Hence, I installed your plugin (directly from the official debian > repositories) and set it up to report mails to spamassassin. I am > using the "pipe" backend to call a wrapper script, that stores the > mail into a temporary file and launches sa-learn to learn it. My tests > indicate that this is working properly. Ok, nice. > However, when the dovecot-antispam plugin is enabled, I have a weird > problem sending emails. This is, whenever my MUA tries to save the > just sent message to the "Sent" folder, dovecot shows the following > error: Hmm, ok, let's see > > --------------------------------------------------- > > Dovecot's error log: > > --------------------------------------------------- > > Jun 4 22:35:14 aiur dovecot: imap(user): Error: mdbox /home/user/.mdbox/mailboxes/Sent/dbox-Mails: map uid lost for uid 0 > > Jun 4 22:36:06 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/Spam/dbox-Mails/dovecot.index reset, view is now inconsistent > > Jun 4 22:36:09 aiur dovecot: imap(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:09 aiur dovecot: lda(user): Error: Log synchronization error at seq=8,offset=27592 for /home/user/.mdbox/storage/dovecot.map.index: Append with UID 56056, but next_uid = 56057 > > Jun 4 22:36:10 aiur dovecot: imap(user): Error: /home/user/.mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent > > > As a result, the MUA hangs for a while (some minute and a half). After > that it closes the IMAP session properly, but I am left with two > copies of the sent email in the "Sent" folder: one that is marked as > unread and one that is not. Curious. I think the problem is likely the mdbox storage... There have always been some issues with it and the antispam plugin when combined. The first issue was that we couldn't access the raw text or something ... not sure what's up now. > > IMAP Conversation (as logged by roundcube webmail) > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: A0005 APPEND INBOX.Sent (\Seen) {519+} > > [04-Jun-2012 22:35:14 +0200]: [4A68] C: Received: from cpe-76-169-183-245.socal.res.rr.com ([76.169.183.245]) > > by server.domain.tld > > with HTTP (HTTP/1.1 POST); Mon, 04 Jun 2012 22:35:14 +0200 > > MIME-Version: 1.0 ... > > [04-Jun-2012 22:36:10 +0200]: [4A68] S: A0005 OK [APPENDUID > 1338488996 4274] Append completed. That looks ... pretty normal. > At this point, I do not know what else to try or how to fix this > problem. Thus, I have had to disable your plugin for now. Do you have > any ideas on how to proceed? I can give you access to this machine if > need be (it's a personal server). Unfortunately, I don't. I can only suggest, as a test, trying with some other storage format -- I only use Maildir -- to see if the problem is really in the interaction with mdbox. I'm fairly sure that's likely the problem, maybe the plugin doesn't pass something through append that is needed by mdbox, but I've never even attempted to understand mdbox. Maybe Timo can comment. Timo, you can find the latest code here: http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary johannes From tss at iki.fi Tue Jun 5 13:02:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 5 Jun 2012 13:02:10 +0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: On 5.6.2012, at 6.14, ???????? ????????? ?????????? wrote: > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up Last I've heard glusterfs causes corruption problems with Dovecot. You should try stress testing it with imaptest: http://imapwiki.org/ImapTest From me at junc.org Tue Jun 5 14:23:02 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 13:23:02 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605023319.7664B1298B0@aqua.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: Den 2012-06-05 04:33, jeep at rahul.net skrev: > Im trying to figure out how to get dovecot to deliver to > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > AND work with squirrelmail. Ive worked on this for hours > reading the docs etc with no luck so far. namespace is set to "" in squirrelmail, but it must be "INBOX." run conf.pl and fix it :=) From devurandom at gmx.net Tue Jun 5 14:35:18 2012 From: devurandom at gmx.net (Dennis Schridde) Date: Tue, 05 Jun 2012 13:35:18 +0200 Subject: [Dovecot] dovecot-metadata-9 released In-Reply-To: <4FCDD13B.5080204@bunbun.be> References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> Message-ID: <4102204.vJ4X8dIaYX@samson> Hello Nick! I am sorry - I forgot to mention that you need attached patch for dovecot. Kind regards, Dennis Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: > Hi Dennis, > > I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get > the following error: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF > .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o > .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator > before token "(" > mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: > error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) > mailbox-ext.c:32: error: (Each undeclared identifier is reported only > once mailbox-ext.c:32: error: for each function it appears in.) > mailbox-ext.c:33: warning: implicit declaration of function > 'mailbox_get_guid' > *** Error code 1 > Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error > code 1 > > Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes > that (I couldn't find anywhere where that macro was defined). > > Next I get another error, again caused by the DOVECOT_PREREQ: > > libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. > -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP > -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC > -DPIC -o .libs/imap-metadata-plugin.o > imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': > imap-metadata-plugin.c:162: warning: comparison is always false due to > limited range of data type > imap-metadata-plugin.c:513:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_getmetadata': > imap-metadata-plugin.c:516: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > imap-metadata-plugin.c: In function 'setmetadata_helper': > imap-metadata-plugin.c:596: warning: 'return' with a value, in function > returning void > imap-metadata-plugin.c:672:19: error: missing binary operator before > token "(" > imap-metadata-plugin.c: In function 'cmd_setmetadata': > imap-metadata-plugin.c:675: warning: passing argument 2 of > 'mail_namespace_find' from incompatible pointer type > *** Error code 1 > > Am I missing something on my system? > > Rgds, > N. > > Dennis Schridde wrote: > > Hello everyone! > > > > I just released dovecot-metadata-8, which is an implementation of RFC 5464 > > (IMAP METADATA), allowing to add comments/annotations/metadata to folders > > of an email account. > > > > 2012-06-04: Version 9 > > > > * Added Dovecot 2.1 compatibility > > * Fixed compliance with RFC 5464 Section 3.2 > > * Separated backend code into library > > * Synced code of imap-annotatemore with imap-metadata > > * Improved error messages > > * Several bugfixes (incl. segfaults) > > * Minor cleanups > > > > Please get the code from [1] and send me an email for any problem you > > find. > > > > For more information please refer to my email from Sun, 12 Jun 2011 > > 15:55:57 +0200 titled "dovecot-metadata-8 released". > > > > Kind regards, > > Dennis > > > > [1] http://hg.dovecot.org/dovecot-metadata-plugin -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-2.1-b144c7d3bb67+4ee2e23710fb-dovecot-prereq.patch Type: text/x-patch Size: 2036 bytes Desc: not available URL: From pw at wk-serv.de Tue Jun 5 15:03:14 2012 From: pw at wk-serv.de (Patrick Westenberg) Date: Tue, 05 Jun 2012 14:03:14 +0200 Subject: [Dovecot] dsync backup doubles quota Message-ID: <4FCDF582.5050004@wk-serv.de> Hi everyone, I recognized a very strange behavior when doing backups of my mdbox mailboxes. After the backup the quota for each mailbox is twice as much as before the backup and I have to recalculate the quota to get the former/correct information. root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - root at mb01:~# doveadm backup -u test at example.com mdbox:/home/example.com/test root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 10 10240 User quota MESSAGE 22 - root at mb01:~# doveadm quota get -u test at example.com root at mb01:~# doveadm quota get -u test at example.com User quota STORAGE 5 10240 User quota MESSAGE 11 - Is this a bug or normal behavior? Regards Patrick From ott at mirix.org Tue Jun 5 15:27:30 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 14:27:30 +0200 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> Message-ID: <4FCDFB32.2080302@mirix.org> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From a.kostyrev at serverc.ru Tue Jun 5 15:59:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 5 Jun 2012 23:59:47 +1100 Subject: [Dovecot] best practises for mail systems In-Reply-To: <4FCDFB32.2080302@mirix.org> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> Message-ID: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 servers: active master --> and standby slave. LVS supports real time replication of connections from master to slave, so if master dies slave knows which IP was connected to which dovecot server. I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Matthias-Christian Ott Sent: Tuesday, June 05, 2012 11:28 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] best practises for mail systems On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > On each host system we created one VM and passed through 3x2TB disks into it. > > > > In guests vms on top of this disks we made XFS and fired up glusterfs with distributed replicated volumes for our mailstorage. > > so it looks like this: > > > > vm1 replicate vm2 > > disk1 ------------> disk4 > > disk2 ------------> disk5 > > disk3 ------------> disk6 > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail creation (as ltmp) and imap4 user access. > > also we use exim as smtp. > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing for exim and dovecot. > > so wherenever one of host systems (hence one of mail vms) goes down, users don't notice that > > 'cause LVS points them to working smtp and imap4 servers > > and they get their mail 'cause of glusterfs. > [...] > Cons: > > - not quite sure if glusterfs is production ready solution 'cause I've experienced split-brains during setting it up > > - IO performance issue. Though we didn't yet run any io tests, but glusterfs uses fuse to mount on clients. And guys on #gluster told me writing to the glusterfs mount will not be strictly local io. I'm not familiar with LVS, but from the project description it seems that you need a "front server" that does the load balancing, so you either have to run at least two of these servers in parallel or add to your cons that you introduced a single point of failure. But you mentioned that you only have two servers, so you really can do this. I would rather ensure high availability by running the two servers as masters and using either IP address takeover or DNS failover (with dynamic DNS) and either use Dovecot's replication (I haven't tested it yet and I'm not sure what happens in case of IP address takeover) or a file system that can handle these kinds of errors (e.g. Coda). You could do load balancing via round-robin DNS. This only protects you against the failure of single machine and because IMAP sessions are not replicated between the servers, connections will get reset if one server fails, but it's cost-effective and uses software that already exists. Regards, Matthias-Christian From sf.rique at gmail.com Tue Jun 5 16:02:47 2012 From: sf.rique at gmail.com (Henrique Santos Fernandes) Date: Tue, 5 Jun 2012 10:02:47 -0300 Subject: [Dovecot] best practises for mail systems In-Reply-To: <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: We once try to use similar solution as your first. 3 servers for LVS -HA This master server redirect users for 2 or 3 dovecot backends.. The mail storage were maildir ontop of OCFS2 Our problem were that OCFS2 were too slow. We could not handle many users. So we took an step back and now use only user one server. But still thinking in go back to the first one. with LVS When using LVS try to sticky user to the same backend, LVs can do ths by source ip. Where i work we have problens on testign storage. If you have any advices for testing disk performance, i will be thankfull. I wil be glad to answer anything else. []'sf.rique On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < a.kostyrev at serverc.ru> wrote: > I think LVS is just fine and it is not a SPOF 'cause it is actually 2 > servers: > active master --> and standby slave. > LVS supports real time replication of connections from master to slave, > so if master dies slave knows which IP was connected to which dovecot > server. > > I'm more worried about right design of mailstorage.. should I use some > cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long > downtime if one of servers goes down. > > > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On > Behalf Of Matthias-Christian Ott > Sent: Tuesday, June 05, 2012 11:28 PM > To: dovecot at dovecot.org > Subject: Re: [Dovecot] best practises for mail systems > > On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: > > On each host system we created one VM and passed through 3x2TB disks > into it. > > > > > > > > In guests vms on top of this disks we made XFS and fired up glusterfs > with distributed replicated volumes for our mailstorage. > > > > so it looks like this: > > > > > > > > vm1 replicate vm2 > > > > disk1 ------------> disk4 > > > > disk2 ------------> disk5 > > > > disk3 ------------> disk6 > > > > > > > > in each vm we mounted glusterfs and pointed dovecot to that dir for mail > creation (as ltmp) and imap4 user access. > > > > also we use exim as smtp. > > > > > > > > So, with glusterfs as mailstorage we can go for LVS to load balancing > for exim and dovecot. > > > > so wherenever one of host systems (hence one of mail vms) goes down, > users don't notice that > > > > 'cause LVS points them to working smtp and imap4 servers > > > > and they get their mail 'cause of glusterfs. > > [...] > > Cons: > > > > - not quite sure if glusterfs is production ready solution 'cause I've > experienced split-brains during setting it up > > > > - IO performance issue. Though we didn't yet run any io tests, but > glusterfs uses fuse to mount on clients. And guys on #gluster told me > writing to the glusterfs mount will not be strictly local io. > > I'm not familiar with LVS, but from the project description it seems > that you need a "front server" that does the load balancing, so you > either have to run at least two of these servers in parallel or add to > your cons that you introduced a single point of failure. But you > mentioned that you only have two servers, so you really can do this. > > I would rather ensure high availability by running the two servers as > masters and using either IP address takeover or DNS failover (with > dynamic DNS) and either use Dovecot's replication (I haven't tested it > yet and I'm not sure what happens in case of IP address takeover) or a > file system that can handle these kinds of errors (e.g. Coda). You could > do load balancing via round-robin DNS. This only protects you against > the failure of single machine and because IMAP sessions are not > replicated between the servers, connections will get reset if one server > fails, but it's cost-effective and uses software that already exists. > > Regards, > Matthias-Christian > From jeep at rahul.net Tue Jun 5 16:41:54 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 06:41:54 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: References: <20120605023319.7664B1298B0@aqua.rahul.net> Message-ID: <20120605134154.2FBC616D400@maya.rahul.net> Benny Pedersen wrote: > Den 2012-06-05 04:33, jeep at rahul.net skrev: > > Im trying to figure out how to get dovecot to deliver to > > my mail_location (example: /opt/imapdata/j/jeff/INBOX/inbox) > > AND work with squirrelmail. Ive worked on this for hours > > reading the docs etc with no luck so far. > > namespace is set to "" in squirrelmail, but it must be "INBOX." > > run conf.pl and fix it :=) > > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, but if you meant Folder Defaults->Default Folder Prefix = INBOX. I just tried that and I still get: Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory Was that the setting you meant or was there another I missed? Thanks /mf/home/jeep/shell/.signature From jeep at rahul.net Tue Jun 5 18:03:22 2012 From: jeep at rahul.net (Jeff Lacki) Date: Tue, 05 Jun 2012 08:03:22 -0700 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <20120605150322.44ED616D414@maya.rahul.net> jeep at rahul.net (Jeff Lacki) wrote: > Thanks Benny. I didnt see 'namespace' in my configure for squirrelmail 1.4.22, > but if you meant Folder Defaults->Default Folder Prefix = INBOX. > > I just tried that and I still get: > > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a directory > > Was that the setting you meant or was there another I missed? > Thanks > Nevermind, I found the problem after your suggestion. Turns out my DB was returning a home directory of: /opt/imapdata/j/jeff/INBOX/inbox from when I was playing with something earlier, that got me past that issue, however I still dont know why its not giving me maildir instead of mbox. But thank you for helping me fix that issue! Jeff /mf/home/jeep/shell/.signature From me at junc.org Tue Jun 5 18:33:34 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:33:34 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605134154.2FBC616D400@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> Message-ID: <26bcc28cf6b7385e1326e2c8ec019448@junc.org> Den 2012-06-05 15:41, jeep at rahul.net skrev: > Error: chdir(/opt/imapdata/j/jeff/INBOX/inbox) failed: Not a > directory this error is not squirrelmail :=) # dovecot.conf namespace: type: private inbox: yes list: yes subscriptions: yes if you use sql auth in dovecot then the maildir must not end in / else it will be a mbox file mail_location: maildir:/home/vmail/%d/%u/.maildir ~ must be set to mail_location: maildir:/home/vmail/%d/%u/ and the .maildir comes from sql concat if i remember my own setup :=) squirrelmail will work without INBOX. but namespace in dovecot must math it From andrei.michescu at miau.ca Tue Jun 5 18:33:03 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 11:33:03 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] Message-ID: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Hello, If disk space and bandwidth are affordable (and from your setup it seems that they are affordable as you have everything locally) I would split the mail storage completely and use replication in between n-master servers (n=2 for your case). The replication is not yet fully tested, but Timo is actively working on this feature. The fear of lossing the imap session does not make sense (at least to me) as the client will reconnect automatically in the background. Like this you have no SPOF and no split-brain and you get the flexibility (if needed) to geographically distribute your servers in the the future. Keep each server with its own ip, connect to them via DNS (round robin etc etc). We are currently experimenting with a setup similar to this one, but with geographically distributed servers (trans-continental) (bandwidth limited and high cost). Best regards, Andrei > We once try to use similar solution as your first. > > 3 servers for LVS -HA > > This master server redirect users for 2 or 3 dovecot backends.. > > The mail storage were maildir ontop of OCFS2 > > Our problem were that OCFS2 were too slow. We could not handle many users. > > So we took an step back and now use only user one server. > > But still thinking in go back to the first one. with LVS > > When using LVS try to sticky user to the same backend, LVs can do ths by > source ip. > > Where i work we have problens on testign storage. If you have any advices > for testing disk performance, i will be thankfull. > > I wil be glad to answer anything else. > > []'sf.rique > > > On Tue, Jun 5, 2012 at 9:59 AM, ???????? ????????? ?????????? < > a.kostyrev at serverc.ru> wrote: > >> I think LVS is just fine and it is not a SPOF 'cause it is actually 2 >> servers: >> active master --> and standby slave. >> LVS supports real time replication of connections from master to slave, >> so if master dies slave knows which IP was connected to which dovecot >> server. >> >> I'm more worried about right design of mailstorage.. should I use some >> cluster fs with all mail of all users >> or should I split mailstorage across servers and somehow avoid long >> downtime if one of servers goes down. >> >> >> -----Original Message----- >> From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] >> On >> Behalf Of Matthias-Christian Ott >> Sent: Tuesday, June 05, 2012 11:28 PM >> To: dovecot at dovecot.org >> Subject: Re: [Dovecot] best practises for mail systems >> >> On 2012-06-05 05:14, ???????? ????????? ?????????? wrote: >> > On each host system we created one VM and passed through 3x2TB disks >> into it. >> > >> > >> > >> > In guests vms on top of this disks we made XFS and fired up glusterfs >> with distributed replicated volumes for our mailstorage. >> > >> > so it looks like this: >> > >> > >> > >> > vm1 replicate vm2 >> > >> > disk1 ------------> disk4 >> > >> > disk2 ------------> disk5 >> > >> > disk3 ------------> disk6 >> > >> > >> > >> > in each vm we mounted glusterfs and pointed dovecot to that dir for >> mail >> creation (as ltmp) and imap4 user access. >> > >> > also we use exim as smtp. >> > >> > >> > >> > So, with glusterfs as mailstorage we can go for LVS to load balancing >> for exim and dovecot. >> > >> > so wherenever one of host systems (hence one of mail vms) goes down, >> users don't notice that >> > >> > 'cause LVS points them to working smtp and imap4 servers >> > >> > and they get their mail 'cause of glusterfs. >> > [...] >> > Cons: >> > >> > - not quite sure if glusterfs is production ready solution 'cause I've >> experienced split-brains during setting it up >> > >> > - IO performance issue. Though we didn't yet run any io tests, but >> glusterfs uses fuse to mount on clients. And guys on #gluster told me >> writing to the glusterfs mount will not be strictly local io. >> >> I'm not familiar with LVS, but from the project description it seems >> that you need a "front server" that does the load balancing, so you >> either have to run at least two of these servers in parallel or add to >> your cons that you introduced a single point of failure. But you >> mentioned that you only have two servers, so you really can do this. >> >> I would rather ensure high availability by running the two servers as >> masters and using either IP address takeover or DNS failover (with >> dynamic DNS) and either use Dovecot's replication (I haven't tested it >> yet and I'm not sure what happens in case of IP address takeover) or a >> file system that can handle these kinds of errors (e.g. Coda). You could >> do load balancing via round-robin DNS. This only protects you against >> the failure of single machine and because IMAP sessions are not >> replicated between the servers, connections will get reset if one server >> fails, but it's cost-effective and uses software that already exists. >> >> Regards, >> Matthias-Christian >> > > > !DSPAM:4fce037e104291424646138! > From me at junc.org Tue Jun 5 18:36:14 2012 From: me at junc.org (Benny Pedersen) Date: Tue, 05 Jun 2012 17:36:14 +0200 Subject: [Dovecot] INBOX help needed, dovecot + squirrelmail In-Reply-To: <20120605150322.44ED616D414@maya.rahul.net> References: <20120605023319.7664B1298B0@aqua.rahul.net> <20120605134154.2FBC616D400@maya.rahul.net> <20120605150322.44ED616D414@maya.rahul.net> Message-ID: <685aa8d8214058f45df1457c67f0acc5@junc.org> Den 2012-06-05 17:03, jeep at rahul.net skrev: > from when I was playing with something earlier, that got me > past that issue, however I still dont know why its not > giving me maildir instead of mbox. remove last / in sql query auth path (concated here) dovecot have it well explained in wiki From ghe at slsware.com Tue Jun 5 18:38:49 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 09:38:49 -0600 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > If dovecot-auth is getting input from a local socket, then rhost > information is irrelevant since the host doing the asking is the server > itself (maybe from another daemon connected to a remote host). Thanks for the confirmation of my suspicions.... > Maybe someone is brute forcing your server's Postfix authenticated > SMTP service since Postfix can be configured to use Dovecot's SASL > authentication framework. and for the suggestion -- I do have Postfix using Dovecot-Auth checking for SASL. I think I'm going to re-install and run Tripwire... -- Glenn English hand-wrapped from my Apple Mail From ott at mirix.org Tue Jun 5 22:15:39 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Tue, 05 Jun 2012 21:15:39 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> Message-ID: <4FCE5ADB.8090208@mirix.org> On 2012-06-05 17:33, Michescu Andrei wrote: > The fear of lossing the imap session does not make sense (at least to me) > as the client will reconnect automatically in the background. I agree, in practice this is not an issue compared to the unavailability of the service, but on longer IMAP sessions (e.g. transferring a big file) the connection loss is noticeable. > Like this you have no SPOF and no split-brain and you get the flexibility > (if needed) to geographically distribute your servers in the the future. > > Keep each server with its own ip, connect to them via DNS (round robin etc > etc). This depends on the resolver, operating systems and clients you want to support, because I read that not all networks generate proper ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the packets, so that the clients first try to connect to the failed server until timeout and then connects to the second server. Since IMAP is a stateful protocol the latency of the initial connect to the failed server can be ignored, but if you want to eliminate this, you can use dynamic DNS to automatically remove the corresponding RRs (depending on your situation you need an external monitoring server for this to avoid problems in case of net splits). > We are currently experimenting with a setup similar to this one, but with > geographically distributed servers (trans-continental) (bandwidth limited > and high cost). I also have some plans for a similar setup in the near future. Can you share your results on the mailing list? I'm especially interested if failover via DNS works in practice (I did some searches, but I'm not fully convinced of it, but it seems quite simple compared to other solutions). Regards, Matthias-Christian From andrei.michescu at miau.ca Tue Jun 5 23:33:25 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Tue, 5 Jun 2012 16:33:25 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCE5ADB.8090208@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: Hello, > I agree, in practice this is not an issue compared to the unavailability > of the service, but on longer IMAP sessions (e.g. transferring a big > file) the connection loss is noticeable. It is noticeable for somebody that really waits for a large email. For the standard user there is nothing visible because the synchronization starts / fails and starts again... In corporate environment the servers are "close" and the network is generally configured to have proper Destination Unreachable. For road-warriors, the main concern is the uplink/downlink and generally not the couple of seconds lost due to time-out. For the DNS... use "fast-flux"-like configuration and any proper resolver will behave correctly (at least in my experience). For the road-warrior setup: DNS with geoip, and all locations with split-dns (internally HA setup with failover on external locations). Unfortunately the classical HA setup (with heart-beat monitor, update DNS etc etc) it is not designed to be "internet-proof" (internet like in WAN). The initial design of the internet was to be able to operate even when significant segments are unavailable. Picture the following scenario: master servers on each continent. Catastrophic failure of the trans-continental network => 5 big disconnected chunks of network fully functional. Any HA setup that I saw will fail miserably. The simplest design with fully replicated masters will continue to work. Obviously planning for the scenario above is an overkill for most of the companies out there. Once you trow in the advantage of have the emails close to you anywhere where you go, then it starts making sense. And you can top it up by segmenting you user base to replicate only the users that are on the go, or are important enough. As for the current status of the ideal implementation: waiting for Timo to finalize the refactoring of dsync. As a temporary solution: rsync replication with master-slave model (not master-master). This design makes sense to us, but I'm sure that it is under-optimal for most other uses. Andrei > >> Like this you have no SPOF and no split-brain and you get the >> flexibility >> (if needed) to geographically distribute your servers in the the future. >> >> Keep each server with its own ip, connect to them via DNS (round robin >> etc >> etc). > > This depends on the resolver, operating systems and clients you want to > support, because I read that not all networks generate proper > ICMP/ICMPv6 Destination Unreachable messages and instead simple drop the > packets, so that the clients first try to connect to the failed server > until timeout and then connects to the second server. Since IMAP is a > stateful protocol the latency of the initial connect to the failed > server can be ignored, but if you want to eliminate this, you can use > dynamic DNS to automatically remove the corresponding RRs (depending on > your situation you need an external monitoring server for this to avoid > problems in case of net splits). > >> We are currently experimenting with a setup similar to this one, but >> with >> geographically distributed servers (trans-continental) (bandwidth >> limited >> and high cost). > > I also have some plans for a similar setup in the near future. Can you > share your results on the mailing list? I'm especially interested if > failover via DNS works in practice (I did some searches, but I'm not > fully convinced of it, but it seems quite simple compared to other > solutions). > > Regards, > Matthias-Christian > > !DSPAM:4fce5ae0149132093961185! > > From tss at iki.fi Wed Jun 6 00:43:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 6 Jun 2012 00:43:38 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: On 5.6.2012, at 23.33, Michescu Andrei wrote: >> I agree, in practice this is not an issue compared to the unavailability >> of the service, but on longer IMAP sessions (e.g. transferring a big >> file) the connection loss is noticeable. > > It is noticeable for somebody that really waits for a large email. And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. From rob0 at gmx.co.uk Wed Jun 6 00:53:25 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Tue, 5 Jun 2012 16:53:25 -0500 Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: <20120605215325.GC3672@harrier.slackbuilds.org> On Tue, Jun 05, 2012 at 09:38:49AM -0600, Glenn English wrote: > On Jun 4, 2012, at 8:45 PM, Joseph Tam wrote: > > If dovecot-auth is getting input from a local socket, then rhost > > information is irrelevant since the host doing the asking is the > > server itself (maybe from another daemon connected to a remote > > host). > > Thanks for the confirmation of my suspicions.... What suspicions were confirmed? > > Maybe someone is brute forcing your server's Postfix > > authenticated SMTP service since Postfix can be configured to > > use Dovecot's SASL authentication framework. And these brute force attempts would be logged, each one. > and for the suggestion -- I do have Postfix using Dovecot-Auth > checking for SASL. > > I think I'm going to re-install and run Tripwire... I think you are overreacting. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From jtam.home at gmail.com Wed Jun 6 01:21:51 2012 From: jtam.home at gmail.com (Joseph Tam) Date: Tue, 5 Jun 2012 15:21:51 -0700 (PDT) Subject: [Dovecot] auth trouble In-Reply-To: References: Message-ID: Glenn English wrote: >> Maybe someone is brute forcing your server's Postfix authenticated >> SMTP service since Postfix can be configured to use Dovecot's SASL >> authentication framework. > > and for the suggestion -- I do have Postfix using Dovecot-Auth checking > for SASL. > > I think I'm going to re-install and run Tripwire... Tripwire? If the purpose of your query is to automate blocking of brute forcers, this software is not what you want (which detects tampering of critical system files). I suggest trying to find where Postfix failed login reports go, then use your fail2ban or what-have-you to detect and block hosts that repeatedly fail authentication. (First Google hit I did on this subject) http://scottlinux.com/2011/05/26/prevent-postfix-brute-force/ The log entries might look like {timestamp} {servername} postfix/smtpd[{pid}]: lost connection after AUTH from {remote-hostname}[{remote-ip}] Joseph Tam From ghe at slsware.com Wed Jun 6 02:08:07 2012 From: ghe at slsware.com (Glenn English) Date: Tue, 5 Jun 2012 17:08:07 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <20120605215325.GC3672@harrier.slackbuilds.org> References: <20120605215325.GC3672@harrier.slackbuilds.org> Message-ID: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> On Jun 5, 2012, at 3:53 PM, /dev/rob0 wrote: > What suspicions were confirmed? At first I thought that somebody was TCP'ing in and somehow turning off the remote IP in the log so I couldn't block it. Then an answer from another mailing list, and a little thinking, made it occur to me that maybe my server had been penetrated. > And these brute force attempts would be logged, each one. They are, with no rhost. And there are other brute force attempts that *do* have IPs. > I think you are overreacting. I really hope so. What's your thinking? Have you seen this before? And most important: what is it, how does it work, and how do I get rid of it and keep it from coming back? -- Glenn English hand-wrapped from my Apple Mail From achekalin at lazurit.com Wed Jun 6 08:40:43 2012 From: achekalin at lazurit.com (Alexander Chekalin) Date: Wed, 06 Jun 2012 08:40:43 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FCEED5B.90105@lazurit.com> 05.06.2012 23:33, Michescu Andrei ???????: > Picture the following scenario: master servers on each continent. > Catastrophic failure of the trans-continental network => 5 big > disconnected chunks of network fully functional. Any HA setup that I saw > will fail miserably. The simplest design with fully replicated masters > will continue to work. Dispute the original topic, I'd say this looks like a good service idea, as many company may pay for such a service if it can be set up specifically for their needs (routing, logs, backups, redirections). Gmail (and other big guys like them) won't be that fine-tunable (having point to service many customers with the same type of control), and companies sometime just won't deal with such a Big Brother to store their corporate mail due to internal regulations (read - 'corporate paranoia'). But the replication between "points of presence" (5 big datacenters, one per continent, won't be good topology) will be painful and we easily face split-brain situation, whichever replicaton scheme I can imagine. Yours, Alexander From joseba.torre at ehu.es Wed Jun 6 16:01:19 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Wed, 06 Jun 2012 15:01:19 +0200 Subject: [Dovecot] Director problems Message-ID: <4FCF549F.70404@ehu.es> Hi, I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: $ sudo doveadm director map user mail server ip expire time 158.227.4.186 2012-06-06 13:34:12 158.227.4.186 2012-06-06 13:34:27 158.227.4.186 2012-06-06 13:34:34 (I don't know if that is good or not) I've tried with 3 different users and ips to no change, users are always directed to the same host. Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Jun 6 14:52:27 director dovecot: director: Error: director: User test1 host lookup failed: Timeout - queued for 30 secs (Ring not synced for 73 secs) Jun 6 14:52:31 director dovecot: imap-login: Aborted login (auth failed, 1 attempts in 34 secs): user=<>, method=PLAIN, rip=158.227.4.186, lip=158.227.4.185, TLS, session= Any clue? This is the dovecot config -n output: # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) director_mail_servers = dovecot1.example dovecot2.example director_servers = director.example lmtp_proxy = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = proxy=y nopassword=y starttls=any-cert driver = static } service auth { unix_listener auth-userdb { group = mail mode = 0660 user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director service_count = 0 } service lmtp { client_limit = 1 inet_listener lmtp { port = 24 } unix_listener /var/lib/dovecot/lmtp-socket { group = root mode = 0600 user = root } } service pop3-login { executable = pop3-login director service_count = 0 } service pop3 { process_limit = 5000 } shutdown_clients = no ssl_cert = References: <2115082.gk9Y8Dam5O@ernie> <4FCDD13B.5080204@bunbun.be> <4102204.vJ4X8dIaYX@samson> Message-ID: <4FCF612E.4060303@bunbun.be> Hi Dennis, This fixed the problem. Thanks! Rgds, N. Dennis Schridde wrote: > Hello Nick! > > I am sorry - I forgot to mention that you need attached patch for dovecot. > > Kind regards, > Dennis > > Am Dienstag, 5. Juni 2012, 11:28:27 schrieb Nick Rosier: >> Hi Dennis, >> >> I'm trying to compile the plugin on FreeBSD 9 with Dovecot 2.1.7 and get >> the following error: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT mailbox-ext.lo -MD -MP -MF >> .deps/mailbox-ext.Tpo -c mailbox-ext.c -fPIC -DPIC -o >> .libs/mailbox-ext.o mailbox-ext.c:25:19: error: missing binary operator >> before token "(" >> mailbox-ext.c: In function 'mailbox_get_guid_string': mailbox-ext.c:32: >> error: 'MAIL_GUID_128_SIZE' undeclared (first use in this function) >> mailbox-ext.c:32: error: (Each undeclared identifier is reported only >> once mailbox-ext.c:32: error: for each function it appears in.) >> mailbox-ext.c:33: warning: implicit declaration of function >> 'mailbox_get_guid' >> *** Error code 1 >> Stop in /root/work/dovecot-metadata-plugin-6fe39779d758/src. *** Error >> code 1 >> >> Removing DOVECOT_PREREQ and "forcing" to use the 2.1 definition fixes >> that (I couldn't find anywhere where that macro was defined). >> >> Next I get another error, again caused by the DOVECOT_PREREQ: >> >> libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. >> -I/usr/local/include/dovecot -g -O2 -MT imap-metadata-plugin.lo -MD -MP >> -MF .deps/imap-metadata-plugin.Tpo -c imap-metadata-plugin.c -fPIC >> -DPIC -o .libs/imap-metadata-plugin.o >> imap-metadata-plugin.c: In function 'is_valid_rfc5464_entry_name': >> imap-metadata-plugin.c:162: warning: comparison is always false due to >> limited range of data type >> imap-metadata-plugin.c:513:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_getmetadata': >> imap-metadata-plugin.c:516: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> imap-metadata-plugin.c: In function 'setmetadata_helper': >> imap-metadata-plugin.c:596: warning: 'return' with a value, in function >> returning void >> imap-metadata-plugin.c:672:19: error: missing binary operator before >> token "(" >> imap-metadata-plugin.c: In function 'cmd_setmetadata': >> imap-metadata-plugin.c:675: warning: passing argument 2 of >> 'mail_namespace_find' from incompatible pointer type >> *** Error code 1 >> >> Am I missing something on my system? >> >> Rgds, >> N. >> >> Dennis Schridde wrote: >>> Hello everyone! >>> >>> I just released dovecot-metadata-8, which is an implementation of RFC 5464 >>> (IMAP METADATA), allowing to add comments/annotations/metadata to folders >>> of an email account. >>> >>> 2012-06-04: Version 9 >>> >>> * Added Dovecot 2.1 compatibility >>> * Fixed compliance with RFC 5464 Section 3.2 >>> * Separated backend code into library >>> * Synced code of imap-annotatemore with imap-metadata >>> * Improved error messages >>> * Several bugfixes (incl. segfaults) >>> * Minor cleanups >>> >>> Please get the code from [1] and send me an email for any problem you >>> find. >>> >>> For more information please refer to my email from Sun, 12 Jun 2011 >>> 15:55:57 +0200 titled "dovecot-metadata-8 released". >>> >>> Kind regards, >>> Dennis >>> >>> [1] http://hg.dovecot.org/dovecot-metadata-plugin From mm at msfree.org Wed Jun 6 17:47:59 2012 From: mm at msfree.org (Marco) Date: Wed, 6 Jun 2012 07:47:59 -0700 (PDT) Subject: [Dovecot] No ports listening Message-ID: <20120606144801.C218C1AE876B@dovecot.org> Please forgive my newbie post but this has me stumped. I've been a happy Dovecot 0.X and 1.X admin for years but something in my first 2.X configuration is oddly broken. It loads fine, logs no errors, but doesn't listen to any network ports! Thanks in advance for any help. Marco # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 2.6.35.14 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login first_valid_gid = 111 first_valid_uid = 111 login_greeting = example.com pop/imap ready mail_location = mbox:/var/mail/%u.imap:INBOX=/var/mail/%u passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0666 } } service imap-login { inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 } process_limit = 50 } service pop3-login { inet_listener pop3 { address = * port = 110 } inet_listener pop3s { address = * port = 995 } process_limit = 50 } ssl_cert = References: <213B51F00051AE48A9F0E112880177178F79D6@Delta.sc.local> <4FCDFB32.2080302@mirix.org> <213B51F00051AE48A9F0E112880177178F79DB@Delta.sc.local> Message-ID: <20120606150516.GA27555@dibs.tanso.net> On Tue, Jun 05, 2012 at 11:59:47PM +1100, ???????? ????????? ?????????? wrote: > > I'm more worried about right design of mailstorage.. should I use some cluster fs with all mail of all users > or should I split mailstorage across servers and somehow avoid long downtime if one of servers goes down. A clusterfs gives you active/active high availability and balanced distribution of users over your servers, at the cost of somewhat degraded I/O performance all the time. If a single node will be able to serve your load, I think it's much more sensible to create a passive/standby availability solution based on a local filesystem (XFS). If you need to split your mailstorage across servers, you can do active/standby server pairs -- but then it gets difficult to balance your users over your servers, and you *might* want to cheat and use a clusterfs instead.. -jf From andrei.michescu at miau.ca Wed Jun 6 18:22:05 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:22:05 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FCEED5B.90105@lazurit.com> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FCEED5B.90105@lazurit.com> Message-ID: <6ce224c850798d4551d678fdd4b13b78.squirrel@web.miau.ca> Hello Alexander, > > But the replication between "points of presence" (5 big datacenters, one > per continent, won't be good topology) will be painful and we easily > face split-brain situation, whichever replication scheme I can imagine. The split-brain is indeed the biggest problem of common replication schema. But IMAP was designed to work in disconnected mode most of the time and have only quick synchronizations. So by design IMAP standard works in master-master models. Getting back to the above picture (catastrophic failure of all the transcontinental links): one synchronizes his laptop in Europe (EU), crosses the ocean to North America (NA) and synchronizes again his laptop. In this moment all the changes on the EU hub up to the point of last synchronization are merged into the NA hub. This is the beauty of IMAP. The biggest challenge on the the above scenario is the post-catastrophic synchronization which would move huge amounts of data across the links. Best wishes, Andrei > Yours, > Alexander > > > !DSPAM:4fceed61217344232183410! > > From andrei.michescu at miau.ca Wed Jun 6 18:27:29 2012 From: andrei.michescu at miau.ca (Michescu Andrei) Date: Wed, 6 Jun 2012 11:27:29 -0400 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <97ebe4043a16aa82e668e24202d3892d.squirrel@web.miau.ca> Hello Timo, > > And there is actually some (any!) way this could be avoided?... One server > dies, another continues sending the mail? > > I have had some thoughts about transferring idling Dovecot connections > between processes / servers so that clients wouldn't notice it, but I > haven't even thought about moving active (long-running) connections. > Here it is to be researched if this is specified in the IMAP standard (if there any RFC that mentions this?), or if we propose a new RFC with such an extension. Until there is an RFC, even if you implement such a feature, there will be no clients out there that will support it. A good start, if there is no RFC, is the http protocol, that has implemented the resume option. Like this you could even support parallel download from couple of imap servers that are synchronized, getting from each a small chunk (BitTorrent like with the seeds list being set to only the servers). Best regards, Andrei From jaldeguer at safnow.org Wed Jun 6 19:19:41 2012 From: jaldeguer at safnow.org (Joe V Aldeguer) Date: Wed, 6 Jun 2012 12:19:41 -0400 Subject: [Dovecot] Email auto purging applied to all mail folders Message-ID: Hello, Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. The dovecot version I have installed is version 2.0.19. Thanks in advance. - Joe From lists at wildgooses.com Thu Jun 7 00:59:57 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 06 Jun 2012 22:59:57 +0100 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCCC2D9.3010209@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> Message-ID: <4FCFD2DD.7030109@wildgooses.com> On 04/06/2012 15:14, Reindl Harald wrote: > > Am 04.06.2012 15:36, schrieb Ed W: >>> Then tell them their only option is to buy Exchange Server and Outlook for everyone - but explain that this >>> 'feature' *still* will not work for recipients that are outside of your control (ie, it will only work for local >>> recipients - and I *think* it is possible to set up Trusts with other external Exchange Servers, but not sure, >>> and if it does, it requires the explicit cooperation of the other systems admin). >>> >>> Bottom line: do NOT promise the impossible to a client just to win the business. It is a losing proposition, as >>> you are beginning to see... >>> >> We run small ISP selling mail accounts to customers. *our customers* want to >> voluntarily tell senders when they have downloaded an email via POP. > and the sender for sure wants this too for every single message? > i doubt not > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification which says that there must be a notification sent back to the sender whenever they download their emails. I cannot currently bid for their business. A spec is a spec - either you can meet the spec or you can't bid for the business... Ed W From fxmulder at gmail.com Thu Jun 7 01:07:36 2012 From: fxmulder at gmail.com (James Devine) Date: Wed, 6 Jun 2012 16:07:36 -0600 Subject: [Dovecot] Dovecot over NFS Message-ID: I'm playing with running dovecot over NFS and I am running into some issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my setup includes 1 nfs server and 1 client running postfix/dovecot. In testing I am running postal via the command: postal -t 10 -c 10 localhost users399 The test file has a list of 399 users to deliver to. I've provided a sample of the errors I'm receiving and my configuration below, I am running dovecot 2.0.19. Any idea what I might be doing wrong and what I might do to resolve it? My ultimate goal is to setup multiple clients with director so each user is still handled on a single machine, however with a single machine I still seem to be having issues. Here is a sample of some of the errors I'm seeing: Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:14 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:18 test-gluster-client1 dovecot: lmtp(12133, testuser138): Error: Log synchronization error at seq=2,offset=556 for /mnt/testuser138/mdbox/storage/dovecot.map.index: Append with UID 2, but next_uid = 3 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:19 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: mdbox /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(12072, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:23 test-gluster-client1 dovecot: lmtp(11928, testuser130): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019655 -> 1339019656 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(11954, testuser192): Error: mdbox /mnt/testuser192/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:24 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12076, testuser217): Error: mdbox /mnt/testuser217/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12211, testuser60): Error: mdbox /mnt/testuser60/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12112, testuser190): Error: mdbox /mnt/testuser190/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(12047, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:27 test-gluster-client1 dovecot: lmtp(11937, testuser41): Error: Log synchronization error at seq=2,offset=204 for /mnt/testuser41/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index: uid_validity updated unexpectedly: 1339019658 -> 1339019659 Jun 6 15:55:28 test-gluster-client1 dovecot: lmtp(11985, testuser166): Error: mdbox /mnt/testuser166/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 Jun 6 15:55:30 test-gluster-client1 dovecot: lmtp(12130, testuser128): Error: mdbox /mnt/testuser128/mdbox/mailboxes/INBOX/dbox-Mails: Invalid dbox header size: 0 My dovecot config is: auth_debug = yes auth_debug_passwords = yes auth_username_format = %Ln auth_verbose = yes base_dir = /var/run/dovecot-service/ disable_plaintext_auth = no instance_name = dovecot-service mail_debug = yes mail_fsync = always mail_location = mdbox:~/mdbox mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = quota mdbox_rotate_size = 16 M mmap_disable = yes passdb { driver = pam } plugin { quota = dict:User quota::file:%h/mdbox/dovecot-quota } protocols = " imap lmtp pop3" service auth { unix_listener auth-userdb { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 10143 } } service lmtp { inet_listener lmtp { port = 10024 } } service pop3-login { inet_listener pop3 { port = 10110 } } ssl = no ssl_cert = Dovecot 2.x on Ubuntu Message-ID: We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users mboxes we will be migrating. My question is regarding the index files. Should we remove those after the migration, but before we open it up to users so Dovecot can create new ones? I did a test migration of a single user, and Dovecot detects the architecture change and put out some panic errors, corrupt files and backtrace messages in syslog on Ubuntu. The messages are shown below. If every user is going to generate these types of errors, I'm thinking maybe it makes sense to remove all the .imap directories and let Dovecot create new clean ones. I realize that may slow things down for awhile while Dovecot is rebuilding new files. Thanks for any info. Jackie Hunt Acad Computing & Networking Srvcs Colorado State University Jun 6 13:43:02 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19593, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19597, TLS Jun 6 13:43:21 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19600, TLS Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=107/441 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=1676/2724868 Jun 6 13:44:11 newlamar dovecot: imap(cacti): Disconnected: Logged out bytes=129/759 Jun 6 13:51:49 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19657, TLS Jun 6 13:51:49 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/INBOX/dovecot.index: CPU architecture changed Jun 6 13:51:58 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19662, TLS Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Corrupted transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log seq 16777216: log file shrank (1428 < 6144) (sync_offset=6144) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Panic: file buffer.c: line 295 (buffer_set_used_size): assertion failed: (used_size <= buf->alloc) Jun 6 13:51:58 newlamar dovecot: imap(cacti): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x374fa) [0x7f3ada59c4fa] -> /usr/lib/dovecot/libdovecot.so.0(+0x3753e) [0x7f3ada59c53e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f3ada576837] -> /usr/lib/dovecot/libdovecot.so.0(+0x35319) [0x7f3ada59a319] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_file_open+0x21e) [0x7f3ada87acee] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_transaction_log_open+0xb8) [0x7f3ada877a68] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_open+0xe5) [0x7f3ada860e75] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0xbc) [0x7f3ada826eac] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x5f7fb) [0x7f3ada8417fb] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x28c4c) [0x7f3ada80ac4c] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_enable+0x24) [0x7f3ada827584] -> dovecot/imap(imap_status_get+0xfd) [0x7f3adacead8d] -> doveco t/imap(cmd_status+0x182) [0x7f3adace1f92] -> dovecot/imap(+0x1105d) [0x7f3adace405d] -> dovecot/imap(+0x11135) [0x7f3adace4135] -> dovecot/imap(client_handle_input+0x125) [0x7f3adace4385] -> dovecot/imap(client_input+0x65) [0x7f3adace4c35] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x48) [0x7f3ada5a8048] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f3ada5a90c7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f3ada5a7fd8] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f3ada5962c3] -> dovecot/imap(main+0x2f4) [0x7f3adacdc544] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f3ada1e530d] -> dovecot/imap(+0x95d5) [0x7f3adacdc5d5] Jun 6 13:51:59 newlamar dovecot: imap-login: Login: user=, method=PLAIN, rip=129.82.100.64, lip=129.82.100.124, mpid=19664, TLS Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Transaction log file /adhome/cacti/.imap/Trash/dovecot.index.log: marked corrupted Jun 6 13:51:59 newlamar dovecot: imap(cacti): Error: Rebuilding index file /adhome/cacti/.imap/Trash/dovecot.index: CPU architecture changed From trever.adams at gmail.com Thu Jun 7 09:05:25 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Thu, 07 Jun 2012 00:05:25 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 Message-ID: <4FD044A5.2000000@gmail.com> Hello Everyone, I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH The cronjob is: 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. Any help would be greatly appreciated. Thank you, Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tlx at leuxner.net Thu Jun 7 11:15:57 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Thu, 7 Jun 2012 10:15:57 +0200 Subject: [Dovecot] dsync backup doubles quota In-Reply-To: <4FCDF582.5050004@wk-serv.de> References: <4FCDF582.5050004@wk-serv.de> Message-ID: Am 05.06.2012 um 14:03 schrieb Patrick Westenberg: > Is this a bug or normal behavior? There's an older thread regarding this: http://www.dovecot.org/list/dovecot/2012-February/063585.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From fumiyas at osstech.jp Thu Jun 7 06:06:03 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Thu, 07 Jun 2012 12:06:03 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <1338305505.8270.10.camel@hurina> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> Message-ID: <87txynzuqs.wl%fumiyas@osstech.jp> At Tue, 29 May 2012 18:31:45 +0300, Timo Sirainen wrote: > > > If Dovecot passdb is configured with LDAP (no TLS/SSL), > > > it is no problem. But if Dovecot passdb is configured with > > > LDAPS (or LDAP+TLS), Dovecot auth process has a problem > > > that Dovecot auth delays exiting about between 20 and > > > 60 seconds when Dovecot dovecot (master) process is already > > > terminated by an administrator. > > > > I can reproduce this problem with LDAP (no TLS/SSL) passdb. > > And I suppose you can reproduce it even when not using LDAP? Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) with PAM passdb. This PAM environment is configured for local UNIX passwd file only (no LDAP). > All of the Dovecot processes are supposed to close all listeners > immediately when the master process dies. If this doesn't happen then > something strange is going on. My dovecot config (PAM version) is below: # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid namespace inbox { inbox = yes location = prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap pop3" service auth { unix_listener /var/spool/postfix/private/dovecot-auth { mode = 0666 } } ssl_cert = References: Message-ID: <4FD06F3A.6030903@ehu.es> El 06/06/12 18:19, Joe V Aldeguer escribi?: > Hello, > > Is it possible to have this done not only for spam and trash folder but lets say like the user inbox and any user created mail folders too? My ultimate goal is to have a way to automate the email deletion process of emails stored in the user inbox or mail folders when it reaches a specified date. My boss wants to force users to keep emails only a month old anything beyond that will be deleted. Has anyone done this using dovecot and are there any guides available? I am also open to suggestions for commercial solutions but so far searching online for solutions only comes up with email archiving. > Something like doveadm expunge -A mailbox '*' savedbefore 1m should do that, depending on your userdb. But check with doveadm search before expunging anything! HTH From amateo at um.es Thu Jun 7 14:52:51 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 07 Jun 2012 13:52:51 +0200 Subject: [Dovecot] director and IPs shown at the backends Message-ID: <4FD09613.6000405@um.es> Hello, I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead of the director IP? From bind at enas.net Thu Jun 7 15:12:32 2012 From: bind at enas.net (Urban Loesch) Date: Thu, 07 Jun 2012 14:12:32 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09613.6000405@um.es> References: <4FD09613.6000405@um.es> Message-ID: <4FD09AB0.6020500@enas.net> Hi, try it with "login_trusted_networks" option on the backends: # Space separated list of trusted network ranges. Connections from these # IPs are allowed to override their IP addresses and ports (for logging and # for authentication checks). disable_plaintext_auth is also ignored for # these networks. Typically you'd specify your IMAP proxy servers here. login_trusted_networks = But for POP this will only working with version 2.1.x regards Urban On 07.06.2012 13:52, Angel L. Mateo wrote: > Hello, > > I am configuring a dovecot imap/pop servers with a dovecot director in front of them. Because I am using director proxy, connections in the backends > are show as coming from director IPs. Is there any way to configure director (or backends) so the backends know (and report) the original IP instead > of the director IP? > From h.reindl at thelounge.net Thu Jun 7 15:36:58 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 07 Jun 2012 14:36:58 +0200 Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FCFD2DD.7030109@wildgooses.com> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> Message-ID: <4FD0A06A.50008@thelounge.net> Am 06.06.2012 23:59, schrieb Ed W: > I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification > which says that there must be a notification sent back to the sender whenever they download their emails. I cannot > currently bid for their business. > > A spec is a spec - either you can meet the spec or you can't bid for the business... i'm not sure why it is so hard to believe that nobody should bid for such idiotic specs - techs should act professional and not like whores while try impossible and stupid things which can sovle each mail-client since > 10 years and is not the job of a mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From phil25lsbin at gmail.com Thu Jun 7 16:33:34 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 15:33:34 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user Message-ID: Hi, I run a mail server on debian squeeze system , i installed the following software postfix dovecot spamassassin postgrey I configured a virtual domain and virtual mailbox but postfix don't pipe mail in dovecot. In log, it's appear that the relay mode is local and the delivery message is delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: client=localhost.localdomain[127.0.0.1] Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< E1Sccg1-00029S-9I at ns231581.ovh.net> Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed My dovecot.conf: protocols = imap imaps pop3 pop3s log_timestamp = "%Y-%m-%d %H:%M:%S " log_path = /var/log/dovecot/dovecot.log info_log_path = /var/log/dovecot/dovecot-info.log mail_privileged_group = mail disable_plaintext_auth = no mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes protocol imap { } protocol pop3 { } protocol managesieve { } protocol lda { postmaster_address = admlb at XXX.FR mail_plugin_dir = /usr/lib/dovecot/modules/lda auth_socket_path = /var/run/dovecot/auth-master } auth default { userdb sql { args = /etc/dovecot/dovecot-mysql.conf } passdb sql { args = /etc/dovecot/dovecot-mysql.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = smtp } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } dict { } plugin { } My main.cf myhostname = smtp.XXX.FR alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = XXX.FR mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost relayhost = mynetworks = 172.16.0.0/12 127.0.0.0/8 mailbox_size_limit = 0 inet_interfaces = all virtual_uid_maps = static:3000 virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_transport = dovecot virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings inet_protocols = ipv4 The end of master.cf file dovecot unix - n n - - pipe flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 Thanks From CMarcus at Media-Brokers.com Thu Jun 7 17:02:53 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 07 Jun 2012 10:02:53 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <4FD0B48D.9090200@Media-Brokers.com> Please do not provide copy/paste from conf files... Always ONLY provide UNEDITED output of: doveconf -n postconf -n On 2012-06-07 9:33 AM, phil25lsbin wrote: > Hi, > > I run a mail server on debian squeeze system , i installed the following > software > > postfix > dovecot > spamassassin > postgrey > > I configured a virtual domain and virtual mailbox but postfix don't pipe > mail in dovecot. > > In log, it's appear that the relay mode is local and the delivery message > is delivered to mailbox) > > Jun 7 15:23:01 ns230370 postfix/smtpd[27501]: 66BBA4D40F0: > client=localhost.localdomain[127.0.0.1] > Jun 7 15:23:01 ns230370 postfix/cleanup[8017]: 66BBA4D40F0: message-id=< > E1Sccg1-00029S-9I at ns231581.ovh.net> > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: from=< > admlb at lebest.fr>, size=1807, nrcpt=1 (queue active) > Jun 7 15:23:01 ns230370 postfix/local[7907]: 66BBA4D40F0: to=< > admlb at lebest.fr>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, > status=sent (delivered to mailbox) > Jun 7 15:23:01 ns230370 postfix/qmgr[27490]: 66BBA4D40F0: removed > > > My dovecot.conf: > > protocols = imap imaps pop3 pop3s > log_timestamp = "%Y-%m-%d %H:%M:%S " > log_path = /var/log/dovecot/dovecot.log > info_log_path = /var/log/dovecot/dovecot-info.log > mail_privileged_group = mail > disable_plaintext_auth = no > mail_location = maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes > protocol imap { > } > > protocol pop3 { > } > protocol managesieve { > } > protocol lda { > postmaster_address = admlb at XXX.FR > mail_plugin_dir = /usr/lib/dovecot/modules/lda > auth_socket_path = /var/run/dovecot/auth-master > } > auth default { > userdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > passdb sql { > args = /etc/dovecot/dovecot-mysql.conf > } > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0600 > user = smtp > } > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > dict { > } > plugin { > } > > > My main.cf > > myhostname = smtp.XXX.FR > alias_maps = hash:/etc/aliases > alias_database = hash:/etc/aliases > myorigin = XXX.FR > mydestination = XXX.FR, smtp.XXX.FR, localhost.XXX.FRr, localhost > relayhost = > mynetworks = 172.16.0.0/12 127.0.0.0/8 > mailbox_size_limit = 0 > inet_interfaces = all > virtual_uid_maps = static:3000 > virtual_gid_maps = static:3000 > virtual_mailbox_base = /home/smtp > virtual_transport = dovecot > virtual_mailbox_domains = mysql:/etc/postfix/ > mysql_virtual_mailbox_domains.cf > virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf > virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf > relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf > > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unauth_destination, > reject_unauth_pipelining, > check_policy_service inet:127.0.0.1:10023, > reject_invalid_hostname > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > content_filter = amavis:[127.0.0.1]:10024 > receive_override_options = no_address_mappings > inet_protocols = ipv4 > > The end of master.cf file > > dovecot unix - n n - - pipe > flags=DRhu user=smtp:smtp argv=/usr/lib/dovecot/deliver -f ${sender} -d > ${user}@${nexthop} > amavis unix - - - - 2 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > > 127.0.0.1:10025 inet n - - - - smtpd > -o content_filter= > -o local_recipient_maps= > -o relay_recipient_maps= > -o smtpd_restriction_classes= > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o mynetworks=127.0.0.0/8 > -o strict_rfc821_envelopes=yes > -o > receive_override_options=no_unknown_recipient_checks,no_header_body_checks > -o smtpd_bind_address=127.0.0.1 > > Thanks From at_hacker at mail.ru Thu Jun 7 17:28:02 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Thu, 07 Jun 2012 18:28:02 +0400 Subject: [Dovecot] =?utf-8?q?Problem_with_Dovecot_and_AD_LDAP_auth?= Message-ID: <1339079282.133745848@f31.mail.ru> Hi. Seems it's a bug in dovecot auth. I have??FreeBSD 8.1-RELEASE-p1 and I tried 1.2.17 and 2.1.7 versions of Dovecot, and still no luck. The problem: when I set in dovecot-ldap.conf:?base = CN=Users,DC=domain,DC=local everything works fine. But if I set:?base = DC=domain,DC=local mail client can't authorize. /var/log/dovecot.log says: ===============================================? Jun 07 18:07:17 auth: Debug: auth client connected (pid=14611) Jun 07 18:08:11 auth: Debug: client in: AUTH 1 PLAIN service=imap session=G1//aeLB6wAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55787 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:08:11 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:18 imap-login: Info: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 127 secs): user=<>, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= Jun 07 18:10:18 auth: Debug: client in: CANCEL 1 Jun 07 18:10:18 auth: Debug: auth client connected (pid=14706) Jun 07 18:10:26 auth: Debug: client in: AUTH 1 PLAIN service=imap session=n6IBcuLB7AAKAABu lip=10.0.0.3 rip=10.0.0.110 lport=143 rport=55788 resp=AGdhdGV3YXkAVU82eUpuUXQ= Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): bind search: base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway)) Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Connection appears to be hanging, reconnecting Jun 07 18:10:26 auth: Debug: ldap(gateway,10.0.0.110,): result: uid missing Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): Request lost Jun 07 18:10:26 auth: Error: ldap(gateway,10.0.0.110,): ldap_search(base=DC=domain,DC=local filter=(&(objectClass=person)(sAMAccountName=gateway))) failed: Operations error Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:26 auth: Error: LDAP: Reply with unknown msgid 2 Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:10:28 auth: Debug: client out: FAIL 1 user=gateway temp Jun 07 18:13:18 imap-login: Info: Disconnected: Inactivity (auth failed, 1 attempts in 172 secs): user=, method=PLAIN, rip=10.0.0.110, lip=10.0.0.3, session= ============================================ My dovecot-ldap.conf: =============================== ldap_version = 3 hosts = ad.domain.local base = DC=hrom,DC=local scope = subtree dn = CN=mailserver,CN=Users,DC=domain,DC=local dnpass = here_is_pass auth_bind = yes pass_attrs = uid=user pass_filter = "(&(objectClass=person)(sAMAccountName=%u))" user_attrs = name=mail=maildir:/var/mail/virtual/hrom.local/%n user_filter = "(&(objectClass=person)(sAMAccountName=%u))" ===================================================? ? ?I need base = DC=domain,DC=local for searching for user's accounts in different OU of my AD. If I set base = CN=Users,DC=domain,DC=local, Dovecot can't authorize user accounts from OU. P.S.: Postfix with base = DC=domain,DC=local works perfectly, so the problem is not with our domain controller (LDAP server as well) . From jerry at seibercom.net Thu Jun 7 17:41:48 2012 From: jerry at seibercom.net (Jerry) Date: Thu, 7 Jun 2012 10:41:48 -0400 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: References: Message-ID: <20120607104148.6254a7e8@scorpio> On Thu, 7 Jun 2012 15:33:34 +0200 phil25lsbin articulated: >I run a mail server on debian squeeze system , i installed the >following software > >postfix >dovecot >spamassassin >postgrey > >I configured a virtual domain and virtual mailbox but postfix don't >pipe mail in dovecot. {SNIP} 1) Do not paste & copy your config files. Use: dovecot -n postconf -n Paste the output of those commands in you post. If Postfix is not relaying the mail you would probably be better served on the Postfix forum. Its not that no one here could help you, I am sure they will; however, it is really not a dovecot problem. For Postfix, you might want to investigate the page, specifically: Check out the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. Also, be sure to state the versions of the software that you are using and you OS system version as well. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From karl.oulmi at ibl.fr Thu Jun 7 18:26:59 2012 From: karl.oulmi at ibl.fr (Karl Oulmi) Date: Thu, 07 Jun 2012 17:26:59 +0200 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace Message-ID: <4FD0C843.4070503@ibl.fr> Hi, I've the following setup : - FreeBSD 9.0 / Dovecot 2.1.7 - Maildir storage over iSCSI (Dell MD3200i) - Virtual users over LDAP to render the storage snapshots available through dovecot (to allow my users to browse their mail history). Here is my conf : namespace { type = private inbox = yes list = yes prefix = INBOX. location = maildir:/home/%u/Maildir:CONTROL=/home/dovecot/control/%u:INDEX=/home/dovecot/indexes/%u } namespace snap { prefix = INBOX.snapshot.h0. hidden = no inbox = no list = yes location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u type = private } The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! Inbox cur|new are is /da1/%u/Maildir/ If anyone have a tip, It would be nice... Regards, Karl. -- _______________________________________________________________ Karl OULMI Centre de Ressources Informatiques Institut de Biologie de Lille - CNRS GDS3366 _______________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2879 bytes Desc: S/MIME Cryptographic Signature URL: From weber at zackbummfertig.de Thu Jun 7 18:53:00 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Thu, 07 Jun 2012 17:53:00 +0200 Subject: [Dovecot] auth-worker problem here. Message-ID: <1e9f63c2b3bdacfe8f03c89eca19d6a4@zackbummfertig.de> hello, in howto for gentoo i found this: To tell Postfix about the maps that you've just set up, add the following (substituting mysql for pgsql if you're on PostgreSQL) to the bottom of /etc/postfix/main.cf: virtual_alias_maps = mysql:/etc/postfix/sql_virtual_alias_maps.cf virtual_mailbox_domains = mysql:/etc/postfix/sql_virtual_domain_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/sql_virtual_mailbox_maps.cf Tip: Because this is using the Dovecot's LDA, all results from virtual_mailbox_maps are ignored beyond checking if they exist. I added in the mysql db an alias postmaster at domainn.tld that should be forwarded to name at domainn.tld. The tip above tells me when using dovecot lda the virtual_alias_maps is ignored by dovecot. now when i send a mail to postmaster at domainn.tld the mail is not transported to name at domainn.tld. in logfile i see this: dovecot: auth-worker: sql(postmaster at zbfmail.de): Unknown user how can i tell dovecot to also use the virtual_alias_maps? thank you marko From phil25lsbin at gmail.com Thu Jun 7 19:05:25 2012 From: phil25lsbin at gmail.com (phil25lsbin) Date: Thu, 7 Jun 2012 18:05:25 +0200 Subject: [Dovecot] Postfix don't relay to dovecot virtual user In-Reply-To: <20120607104148.6254a7e8@scorpio> References: <20120607104148.6254a7e8@scorpio> Message-ID: Sorry, dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6- 64 x86_64 Debian 6.0.5 ext3 log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: maildir:/home/smtp/%d/%n:INDEX=/home/smtp/%d/%n/indexes mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 lda: postmaster_address: admlb at XXX.fr mail_plugin_dir: /usr/lib/dovecot/modules/lda auth_socket_path: /var/run/dovecot/auth-master auth default: passdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf userdb: driver: sql args: /etc/dovecot/dovecot-mysql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: smtp postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 mydestination = XXX.fr, smtp.XXX.fr, localhost.XXX.fr, localhost myhostname = smtp.XXX.fr mynetworks = 172.16.0.0/12 127.0.0.0/8 myorigin = XXX.fr receive_override_options = no_address_mappings relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf relayhost = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, check_policy_service inet:127.0.0.1:10023, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:3000 virtual_mailbox_base = /home/smtp virtual_mailbox_domains = mysql:/etc/postfix/ mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:3000 Thanks for help 2012/6/7 Jerry > On Thu, 7 Jun 2012 15:33:34 +0200 > phil25lsbin articulated: > > >I run a mail server on debian squeeze system , i installed the > >following software > > > >postfix > >dovecot > >spamassassin > >postgrey > > > >I configured a virtual domain and virtual mailbox but postfix don't > >pipe mail in dovecot. > > {SNIP} > > 1) Do not paste & copy your config files. Use: > dovecot -n > postconf -n > > Paste the output of those commands in you post. > > If Postfix is not relaying the mail you would probably be better served > on the Postfix forum. Its not that no one here could help you, I am > sure they will; however, it is really not a dovecot problem. For > Postfix, you might want to investigate the > page, specifically: > Check out the > postfinger tool. This can be found at > http://ftp.wl0.org/SOURCES/postfinger. > > Also, be sure to state the versions of the software that you are using > and you OS system version as well. > > -- > Jerry ? > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the Reply-To header. > __________________________________________________________________ > > From rago at lal.in2p3.fr Thu Jun 7 20:56:19 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Thu, 07 Jun 2012 19:56:19 +0200 Subject: [Dovecot] Authentication issue Message-ID: <4FD0EB43.8070104@lal.in2p3.fr> Hi, I need to set up a weird dovecot configuration: 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme 2) inside a ssl tunnel I'd like to authenticate only with plain auth The first is easily satisfied with auth_mechanisms = plain cram-md5 disable_plaintext_auth = yes but I don't know how to satisfy the second condition, if it's possible. Thanks for help, Emiliano Rago From toml at engr.orst.edu Fri Jun 8 03:34:29 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Thu, 07 Jun 2012 17:34:29 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix Message-ID: <4FD14895.8040707@engr.orst.edu> We're using dovecot 2.1.3 and I've been doing some testing with 2.1.7. We have shared mail (maildir) folders working along with our default mbox mailboxes. Our problem is trying to get this to work in a reasonable fashion with our iPhone or iPad mail.app clients. It's well known that they don't honor the subscription list; they show all available mail folders and do not collapse trees of folders. I have 381 folders in directories under mail. Normal clients are fine, but this is unmanageable in IOS. What we have been doing is changing the mail prefix for the iPhone to a subfolder, then using soft links to point to the most commonly used folders we use. This works, but when one changes the mail prefix, any shared folders are not presented. I'm suspicious that this is a design decision. If there is some way to make it work, I'd be very grateful. Note the two 'sharedimap' folders listed in the first 'list'. Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). But, it does show that somewhere in the code it's checking the mail prefix against namespaces and not displaying shared folders in non-default prefixes. I wish this were a configurable option. thank you Tom Lieuallen Oregon State University . list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" . OK List completed. . list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" . OK List completed. =============== # 2.1.7: /private/dovecot/etc/dovecot/dovecot.conf # OS: SunOS 5.10 sun4v auth_debug = yes auth_verbose = yes default_client_limit = 10245 default_process_limit = 5120 first_valid_uid = 100 mail_location = mbox:~/mail:INBOX=/var/mail/%u:INDEX=/a2/imap-index/%u mail_nfs_storage = yes mail_plugins = quota acl namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = shared } passdb { driver = pam } passdb { args = scheme=CRYPT username_format=%u /private/dovecot/etc/passwd driver = passwd-file } plugin { acl = vfile quota = fs:INBOX:mount=/a1 quota2 = fs:Home quota:mount=%h } protocols = imap lmtp service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 16 service_count = 1 } service imap { process_limit = 2048 } ssl_ca = Hello! I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, I'm aware of poolmon by Brad Davidson but I think it's kind of must-have feature out of box. thanks From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 8 06:16:22 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 8 Jun 2012 05:16:22 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user is logged in via IMAP Message-ID: <20120608031622.GA13898@daniel.localdomain> Hi, we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: Error: Recent flags state corrupted for mailbox Error: Corrupted dbox file Error: Corrupted transaction log file It looks like a LMTP director problem. The user has IMAP IDLE connections open and lmtp delivers to another host. This leads to nfs corruption problems. The user is logged into mail04 and has some IMAP IDLE mailbox connections open: mail04:~# ps -ef|grep someuser vmail 5217 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.190 IDLE] vmail 8623 23918 0 Jun07 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.233 IDLE] vmail 20279 23918 0 00:37 ? 00:00:00 dovecot/imap [someuser at example.de 10.129.3.213 IDLE] If postfix on mail01/dcmailbox01 receives an incoming mail now, the director on mail01 does NOT direct LMTP to the responsible host mail04/dcmailbox04 (10.129.3.190), but delivers it locally to mail01 (10.129.3.193), which leads to file corruption. mail01:~# doveadm -c /etc/dovecot-director/dovecot-director.conf director status someuser at example.de Current: not assigned Hashed: 10.129.3.193 Initial config: 10.129.3.193 mail01:~# host 10.129.3.193 193.3.129.10.in-addr.arpa domain name pointer dcmailbox01.example.net. mail01 runs the lmtp proxy and lmtp delivery, even though the user is logged in via IMAP IDLE on mail04: mail01:~# grep "^Jun 8 03:36:.*someuser at example.de" /var/log/server/dovecot.log Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): Debug: jOv8JgJX0U/0aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23404): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27124, someuser at example.de): jOv8JgJX0U/0aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1Rc024891 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' Jun 8 03:36:02 10.129.3.213 dovecot: lmtp(23406): Debug: auth input: user=someuser at example.de proxy port=19024 host=10.129.3.193 proxy_refresh=450 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125): Debug: auth input: someuser at example.de home=/mail/dovecot/example.de/someuser uid=501 gid=123 quota_rule=*:bytes=5000M:messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.de/someuser Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota root: name=User quota backend=dict args=:proxy::quota Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=* bytes=5242880000 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4980736000 (95%) messages=0 reverse=no command=quota-warning 95 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Quota warning: bytes=4194304000 (80%) messages=0 reverse=no command=quota-warning 80 someuser at example.de Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: dict quota: user=someuser at example.de, uri=proxy::quota, noenforcing=0 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: fs: root=/mail/dovecot/example.de/someuser/mail, index=, control=, inbox=, alt= Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: Namespace : Using permissions from /mail/dovecot/example.de/someuser/mail: mode=0700 gid=-1 Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: using sieve path for user's script: /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: opening script /mail/dovecot/example.de/someuser/.dovecot.sieve Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: script binary /mail/dovecot/example.de/someuser/.dovecot.svbin successfully loaded Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: binary save: not saving binary /mail/dovecot/example.de/someuser/.dovecot.svbin, because it is already stored Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): Debug: gWijMAJX0U/1aQAA3l+BKA: sieve: executing script from /mail/dovecot/example.de/someuser/.dovecot.svbin Jun 8 03:36:02 10.129.3.233 dovecot: lmtp(27125, someuser at example.de): gWijMAJX0U/1aQAA3l+BKA: sieve: mailbox: deliver: msgid=<201206080136.q581a1t0024890 at iolite.ham.srv.mcs.de> from=service at cityline.net: stored mail into mailbox 'INBOX' The "user logged on via IMAP on mail04" and "lmtp delivery on mail01" seems to lead to corruption of mdbox indexes: Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 offset=32856 Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 -> 83 Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: marked corrupted How to enable the LMTP director to deliver to the correct mailbox host? Configuration of mailbox and director of mail01 is attached. Regards, Daniel -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 19143 } } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } -------------- next part -------------- # 2.0.20: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_debug = yes auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = proxy=y nopassword=y user=%n at dovecotmail.%d driver = static } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From a.kostyrev at serverc.ru Fri Jun 8 07:39:13 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 8 Jun 2012 15:39:13 +1100 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> *sorry, accidently send to soon. continue: but with imap it's ok I've read thread "Dovecot Proxy and environment variables" and as I understood there was no solution. yes, I use v.2.1.1 on both director and backends and yes, I've added login_trusted_networks = 192.168.5.0/24 on all of them but it didn't help. any workarounds? thanks -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Friday, June 08, 2012 3:33 PM To: dovecot at dovecot.org Subject: [Dovecot] Director pop3 real ips v2.1.1 good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26426, secured -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 From amateo at um.es Fri Jun 8 12:34:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:34:19 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD09AB0.6020500@enas.net> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> Message-ID: <4FD1C71B.4040109@um.es> El 07/06/12 14:12, Urban Loesch escribi?: > > Hi, > > try it with "login_trusted_networks" option on the backends: > > # Space separated list of trusted network ranges. Connections from these > # IPs are allowed to override their IP addresses and ports (for logging and > # for authentication checks). disable_plaintext_auth is also ignored for > # these networks. Typically you'd specify your IMAP proxy servers here. > login_trusted_networks = > > But for POP this will only working with version 2.1.x > I didn't find that option in any example config file, but it's working. Maybe it must be documented in somewhere. Thank you. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Fri Jun 8 12:41:52 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 11:41:52 +0200 Subject: [Dovecot] director and doveadm server Message-ID: <4FD1C8E0.4010807@um.es> Hi, I've been reading doc at http://wiki2.dovecot.org/Director to configure my servers. My question is regarding configuration of doveadm server. I have configured both, director and backend servers, as described in that doc, but I don't know how to run doveadm commands in director servers. doveadm is working, because I can run commands, but they are executed in local (director) server. For example: root at myotis40:/etc/dovecot/conf.d# doveadm director status mail server ip vhosts users 155.54.211.169 100 1 but doveadm who seems to be executed just in local: (backend server) root at myotis30:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) angel.luis 2 imap (11931 11936) (155.54.67.5) (director server) root at myotis40:/etc/dovecot/conf.d# doveadm who username # proto (pids) (ips) And another question about this... what is the local config option? I haven't found it documented anywhere. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 8 13:05:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 08 Jun 2012 06:05:09 -0400 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <4FD1CE55.4050701@Media-Brokers.com> On 2012-06-08 12:39 AM, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends The first/obvious answer is, did you try 2.1.7? 2.1 introduced a lot of changes, so you should *expect* to be sure and test the latest version before assuming it is/may be a bug... From amateo at um.es Fri Jun 8 13:24:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 12:24:37 +0200 Subject: [Dovecot] difference between client_limit and process_limit Message-ID: <4FD1D2E5.3020901@um.es> Hi, What is the real difference between client and process limit? According to documentation (http://wiki2.dovecot.org/Services#Service_limits): client_limit: Maximum number of simultaneous client connections. If set to 0, default_client_limit is used instead. process_limit: Maximum number of processes that can exist for this service. If set to 0, default_process_limit is used instead. But what does "client connection" exactly means? Is a user (login)? Is a user opens a few TCP connections (as many clients do) are they count as different connections? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From anmeyer at anup.de Fri Jun 8 14:05:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 13:05:11 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 Message-ID: <20120608130511.1d55d814@itx.bitcorner.intern> Hello! I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 Now I get the following executing doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } The section at line 217 looks like this: auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/passwd } How do I change it to fullfill the new needs? And how do I handle line 217? add auth_ prefix to all settings inside auth {} and remove the auth {} section completely ? Thanks for help! Andreas From amateo at um.es Fri Jun 8 14:12:25 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 08 Jun 2012 13:12:25 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1D2E5.3020901@um.es> References: <4FD1D2E5.3020901@um.es> Message-ID: <4FD1DE19.4050903@um.es> El 08/06/12 12:24, Angel L. Mateo escribi?: > Hi, > > What is the real difference between client and process limit? According > to documentation (http://wiki2.dovecot.org/Services#Service_limits): > > client_limit: Maximum number of simultaneous client connections. If set > to 0, default_client_limit is used instead. > process_limit: Maximum number of processes that can exist for this > service. If set to 0, default_process_limit is used instead. > > But what does "client connection" exactly means? Is a user (login)? Is a > user opens a few TCP connections (as many clients do) are they count as > different connections? > Sorry, it's friday, my mind is on the weekend :-( I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From acrow at integrafin.co.uk Fri Jun 8 14:13:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 12:13:57 +0100 Subject: [Dovecot] 2.1.7 altmove not working Message-ID: <4FD1DE75.5000606@integrafin.co.uk> Hi list, I've just set up a 2.1.7 server, and have migrated a couple of accounts across from a 2.0.15 server, keeping the old configs. I have a strange problem on the new box in that altmove just doesn't work. I have my main storage under /home/email, indexes under /home/indexes and ALT under /home/email_archive. When I run the altmove command, the following broken symlink is created in /home/email/integrafin.co.uk/acrow: lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes But nothing is created in the archive other than the empty directory: /home/email_archive/integrafin.co.uk/a/acrow. My mail_location is: mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n This worked perfectly on the older server. I have attached my doveconf -a output. Any help much appreciated. Regards Alex -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.el6.x86_64 x86_64 CentOS release 6.2 (Final) ext4 auth_anonymous_username = anonymous auth_cache_negative_ttl = 1 hours auth_cache_size = 0 auth_cache_ttl = 1 hours auth_debug = yes auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@' auth_username_format = %Lu auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = no dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} first_valid_gid = 1 first_valid_uid = 500 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = * lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = syslog log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> login_trusted_networks = mail_access_groups = mail_attachment_dir = /home/email_archive/attachments mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = yes mail_fsync = never mail_full_filesystem_access = no mail_gid = email mail_home = mail_location = mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib64/dovecot mail_plugins = mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_shared_explicit_inbox = yes mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = email mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = yes mdbox_rotate_interval = 1 days mdbox_rotate_size = 2 M mmap_disable = no namespace { hidden = no ignore_on_failure = no inbox = yes list = yes location = prefix = INBOX/ separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = children location = mdbox:/home/email/%%d/%%n:ALT=/home/email_archive/%%d/%%1n/%%n:INDEX=/home/indexes/%d/%1n/%n/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = deny = no driver = ldap master = no override_fields = pass = no } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/mail/dovecot/shared-mailboxes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 12 hours replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 8524 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = email mode = 0600 user = email } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service managesieve { chroot = client_limit = 1 drop_priv_before_exec = no executable = managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = sieve service_count = 1 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 256 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 16 process_min_avail = 8 protocol = pop3 service_count = 0 type = login user = $default_login_user vsz_limit = 128 M } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 4096 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <4FD1E24C.1030906@thelounge.net> Am 08.06.2012 13:05, schrieb Andreas Meyer: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > The section at line 217 looks like this: > > auth default { > mechanisms = plain > passdb passwd-file { > args = /etc/dovecot/passwd > } > userdb passwd-file { > args = /etc/dovecot/passwd > } > > How do I change it to fullfill the new needs? > > And how do I handle line 217? > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely what exactly are you not understanding here? this is a very clear message below a partly output from a working 2.1.7 auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz auth_debug = no auth_debug_passwords = no auth_verbose = no -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From voytek at sbt.net.au Fri Jun 8 14:34:39 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 08 Jun 2012 21:34:39 +1000 Subject: [Dovecot] Restoring older messages to new server? Message-ID: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> I had Dovcot 1.x setup, all was working well (till...) Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. I have recovered data from Maildirs messages from the old server, As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) Thanks for pointers, Voytek -- Swyped on my Motrix with K-9 Mail. Please excuse my brevity. From h.reindl at thelounge.net Fri Jun 8 14:37:12 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 13:37:12 +0200 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> Message-ID: <4FD1E3E8.8020103@thelounge.net> Am 08.06.2012 13:34, schrieb Voytek Eymont: > I had Dovcot 1.x setup, all was working well (till...) > > Server got stuffed up and same Dovecot 1.x was rebuilt, put back in service, all's working well. > > I have recovered data from Maildirs messages from the old server, > As some of the inboxes now have new messages, what is correct way to copy older messages from old server to new server ? (There are no duplicates, simply old messages from past server, data is physically on new server) imapsync is your friend -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From trever.adams at gmail.com Fri Jun 8 16:11:50 2012 From: trever.adams at gmail.com (Trever L. Adams) Date: Fri, 08 Jun 2012 07:11:50 -0600 Subject: [Dovecot] Problems since upgrading to 2.1.6 from 2.0.20 In-Reply-To: <4FD044A5.2000000@gmail.com> References: <4FD044A5.2000000@gmail.com> Message-ID: <4FD1FA16.7090004@gmail.com> On 06/07/2012 12:05 AM, Trever L. Adams wrote: > Hello Everyone, > > I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. > > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH > > The cronjob is: > > 1 4 * * * doveadm expunge -A mailbox TRASH SAVEDBEFORE 30D > > > What is the problem? I have tried to find documentation and do searches for others having the same problem. I do not know if I am just missing something or what. > > Any help would be greatly appreciated. > > Thank you, > Trever > > Sorry everyone. Trash was the right name. This used to work. The other boxes I am seeing the problem on are created when used. I am sorry to have sounded an alarm. Trever -- "Advise your legislators, when they make laws for larceny, burglary, or any felony, to make the penalty applicable to work upon roads, public works, or any place where the culprit can be taught more wisdom and more virtue, and become more enlightened. Rigor and seclusion will never do as much to reform the propensities of men as reason and friendship." -- Joseph Smith, Jr. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From mcbdovecot at robuust.nl Fri Jun 8 16:12:41 2012 From: mcbdovecot at robuust.nl (Maarten Bezemer) Date: Fri, 8 Jun 2012 15:12:41 +0200 (CEST) Subject: [Dovecot] Can we know when a user read our email? In-Reply-To: <4FD0A06A.50008@thelounge.net> References: <1337013487.4384.58.camel@innu> <4FC9E2A0.9070905@wildgooses.com> <4FCB1AFA.3040200@tlinx.org> <4FCB23BF.20300@wildgooses.com> <4FCB6AA7.4050200@Media-Brokers.com> <4FCCB9E3.3060702@wildgooses.com> <4FCCC2D9.3010209@thelounge.net> <4FCFD2DD.7030109@wildgooses.com> <4FD0A06A.50008@thelounge.net> Message-ID: On Thu, 7 Jun 2012, Reindl Harald wrote: > Am 06.06.2012 23:59, schrieb Ed W: >> I'm not sure why this is so hard to believe. There is literally a class of customers that have a specification >> which says that there must be a notification sent back to the sender whenever they download their emails. I cannot >> currently bid for their business. >> >> A spec is a spec - either you can meet the spec or you can't bid for the business... > > i'm not sure why it is so hard to believe that nobody should > bid for such idiotic specs - techs should act professional > and not like whores while try impossible and stupid things > which can sovle each mail-client since > 10 years and is not > the job of a mailserver Does the spec say how to conform to it? I mean: does "the system" have to support the transmission of receipts? Most bidding rounds I've been part of only had very rough descriptions of what should be possible. Not exactly how. (Too detailed specs, pointing heavily in the direction of one type of solution provider, can be easily challenged!) So, even without Dovecot supporting DSN-stuff, it would be possible to bid for these types of clients. The system as a whole does support DSN's, when MUA is conforming to relevant specs. Most MUA's support some form of DSN of read notification. What's more: whatever choice you make, server side or client side, handling of these status messages (and ways to request them) heavily depend on the remote party's technology as well. So, claiming you conform to the read-notification spec can be as easy as saying "yes, as long as you use a proper MUA". -- Maarten From anmeyer at anup.de Fri Jun 8 16:33:07 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 15:33:07 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD1E24C.1030906@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> Message-ID: <20120608153307.751e3865@itx.bitcorner.intern> Reindl Harald wrote: > > > Am 08.06.2012 13:05, schrieb Andreas Meyer: > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > > > > The section at line 217 looks like this: > > > > auth default { > > mechanisms = plain > > passdb passwd-file { > > args = /etc/dovecot/passwd > > } > > userdb passwd-file { > > args = /etc/dovecot/passwd > > } > > > > How do I change it to fullfill the new needs? > > > > And how do I handle line 217? > > add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > what exactly are you not understanding here? > this is a very clear message I find the message very confusing. It says to do all settings inside auth {} and then to remove the auth {} section. With v1.0.5 I do have an auth default {} section and a section ## Authentication processes. > below a partly output from a working 2.1.7 > > auth_mechanisms = CRAM-MD5 DIGEST-MD5 APOP LOGIN PLAIN > auth_worker_max_count = 100 > auth_cache_size = 32768 > auth_cache_ttl = 1800 > auth_cache_negative_ttl = 1800 > auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% > auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz > auth_debug = no > auth_debug_passwords = no > auth_verbose = no > Thank you! I found section ## Authentication processes but when I add auth_passdb { args = /etc/dovecot/passwd driver = passwd-file } auth_userdb { args = /etc/dovecot/passwd driver = passwd-file } I get an error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 709: Unknown setting: auth_passdb Where do I put the passdb and userdb sections? Andreas From weber at zackbummfertig.de Fri Jun 8 16:56:34 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 15:56:34 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= Message-ID: hello list, i need help. dovecot dont look into my virtual_alias_maps . i set via postzfixadmin an alias postmaster at domain.tld to newmail at domainother.tld. when i send mails to postmaster at domain.tld mails are rejected. dovecot authworker tells me in log: user unknown. but i can request the data via postmap -v -q postmaster at domain.tld mysql:/etc/postfix/mysql_virtual_alias.cf and get result "newmail at domainother.tld". any ideas, hwo to get dovecot to look into my alias maps? marko From steeeeeveee at gmx.net Fri Jun 8 17:12:01 2012 From: steeeeeveee at gmx.net (Steve) Date: Fri, 08 Jun 2012 16:12:01 +0200 Subject: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda In-Reply-To: References: Message-ID: <20120608141201.318640@gmx.net> -------- Original-Nachricht -------- > Datum: Fri, 08 Jun 2012 15:56:34 +0200 > Von: Marko Weber > An: Dovecot > Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps when using dovecot lda > > hello list, > i need help. dovecot dont look into my virtual_alias_maps . > i set via postzfixadmin an alias postmaster at domain.tld to > newmail at domainother.tld. > when i send mails to postmaster at domain.tld mails are rejected. dovecot > authworker tells > me in log: user unknown. > but i can request the data via postmap -v -q postmaster at domain.tld > mysql:/etc/postfix/mysql_virtual_alias.cf > and get result "newmail at domainother.tld". > This is postfix related. You need to look into your /etc/dovecot/conf.d/10-auth.conf and there you have referenced (probably with an !include) a auth-sql.conf.ext file. The content of that file is important to us. Probably there you have a userdb {} entry with an driver = sql and an args entry. The file you reference there in the args entry is important to us too. Can you post the content of those files? > any ideas, hwo to get dovecot to look into my alias maps? > > marko > // Steve -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From h.reindl at thelounge.net Fri Jun 8 17:35:49 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:35:49 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608153307.751e3865@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> Message-ID: <4FD20DC5.7000500@thelounge.net> Am 08.06.2012 15:33, schrieb Andreas Meyer: > Reindl Harald wrote: > >> >> >> Am 08.06.2012 13:05, schrieb Andreas Meyer: >>> I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 >>> Now I get the following executing >>> doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf >>> >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } >>> doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } >>> >>> The section at line 217 looks like this: >>> >>> auth default { >>> mechanisms = plain >>> passdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> userdb passwd-file { >>> args = /etc/dovecot/passwd >>> } >>> >>> How do I change it to fullfill the new needs? >>> >>> And how do I handle line 217? >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >> >> what exactly are you not understanding here? >> this is a very clear message > > I find the message very confusing. It says to do all settings inside auth {} and > then to remove the auth {} section. no, it says you should MOVE all settings OUT from auth {} in the main part and add a prefix auth_ to them you quoted your auth{} section in a pure 2.x setup this would not exist -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 17:50:51 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 16:50:51 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD20DC5.7000500@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> Message-ID: <20120608165051.6001b856@itx.bitcorner.intern> Reindl Harald wrote: > >>> The section at line 217 looks like this: > >>> > >>> auth default { > >>> mechanisms = plain > >>> passdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> userdb passwd-file { > >>> args = /etc/dovecot/passwd > >>> } > >>> > >>> How do I change it to fullfill the new needs? > >>> > >>> And how do I handle line 217? > >>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > >> > >> what exactly are you not understanding here? > >> this is a very clear message > > > > I find the message very confusing. It says to do all settings inside auth {} and > > then to remove the auth {} section. > > no, it says you should MOVE all settings OUT from auth {} > in the main part and add a prefix auth_ to them > > you quoted your auth{} section > > in a pure 2.x setup this would not exist > I get this output when I move the passwd settings to the main section: # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb Also if I use !include /etc/dovecot/auth-passwdfile.conf in the main section, the auth-passwdfile.conf weems to be ignored. It has the following content: passdb { driver = passwd-file #args = scheme=CRYPT username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd } userdb { driver = passwd-file #args = username_format=%u /etc/dovecot/passwd args = /etc/dovecot/passwd # Default fields that can be overridden by passwd-file #default_fields = quota_rule=*:storage=1G # Override fields from passwd-file #override_fields = home=/home/virtual/%u } I don't know where to put the passwd section. Andreas From h.reindl at thelounge.net Fri Jun 8 17:58:53 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 16:58:53 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608165051.6001b856@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> Message-ID: <4FD2132D.1090302@thelounge.net> Am 08.06.2012 16:50, schrieb Andreas Meyer: > Reindl Harald wrote: > >>>>> The section at line 217 looks like this: >>>>> >>>>> auth default { >>>>> mechanisms = plain >>>>> passdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> userdb passwd-file { >>>>> args = /etc/dovecot/passwd >>>>> } >>>>> >>>>> How do I change it to fullfill the new needs? >>>>> >>>>> And how do I handle line 217? >>>>> add auth_ prefix to all settings inside auth {} and remove the auth {} section completely >>>> >>>> what exactly are you not understanding here? >>>> this is a very clear message >>> >>> I find the message very confusing. It says to do all settings inside auth {} and >>> then to remove the auth {} section. >> >> no, it says you should MOVE all settings OUT from auth {} >> in the main part and add a prefix auth_ to them >> >> you quoted your auth{} section >> >> in a pure 2.x setup this would not exist >> > > I get this output when I move the passwd settings to the main section: > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb because this does not belong here consider take a look at dovecot2 manuals http://wiki2.dovecot.org/AuthDatabase/ http://wiki2.dovecot.org/AuthDatabase/PasswdFile below the auth/passdb config of a 2.1.7 dovecot.conf which was dovecot 1.x until upgraded to 2.x a very long time ago within a few minutes by reading error-messages and docs in this case it is a proxy-only setup accessing dbmail's user-database for authentication ___________________________ # authentication process auth_worker_max_count = 100 auth_cache_size = 32768 auth_cache_ttl = 1800 auth_cache_negative_ttl = 1800 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz # debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no # configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf } # we are not using local users userdb { driver = static args = static uid=5000 gid=5000 home=/dev/null } # configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 18:36:41 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 17:36:41 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2132D.1090302@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> Message-ID: <20120608173641.329d4c79@itx.bitcorner.intern> Reindl Harald wrote: > Am 08.06.2012 16:50, schrieb Andreas Meyer: > > Reindl Harald wrote: > >> you quoted your auth{} section > >> > >> in a pure 2.x setup this would not exist > >> > > > > I get this output when I move the passwd settings to the main section: > > > > # doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 710: Unknown setting: auth_passdb > > because this does not belong here > consider take a look at dovecot2 manuals > > http://wiki2.dovecot.org/AuthDatabase/ > http://wiki2.dovecot.org/AuthDatabase/PasswdFile thanks again! I think I got this one right now. I risked to restat dovecot with the new version and got this in the logfile now: Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: undefined symbol: mail_storage_module_id Jun 08 17:20:19 imap: Fatal: Couldn't load required plugins Jun 08 17:20:19 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [84.179.59.203] The /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so is a symlink to /usr/lib/dovecot/modules/lib10_quota_plugin.so What can I do? Wouldn't it be great to get the new dovecot working with my users and the old passwd file? Andreas From weber at zackbummfertig.de Fri Jun 8 18:44:32 2012 From: weber at zackbummfertig.de (Marko Weber) Date: Fri, 08 Jun 2012 17:44:32 +0200 Subject: [Dovecot] =?utf-8?q?dovecot_ignores_entries_in_virtual=5Falias=5F?= =?utf-8?q?maps_when_using_dovecot_lda?= In-Reply-To: <20120608141201.318640@gmx.net> References: <20120608141201.318640@gmx.net> Message-ID: <6b4775adce81aa5a7b9a8e7ccfe4a372@zackbummfertig.de> Am 08.06.2012 16:12, schrieb Steve: > -------- Original-Nachricht -------- >> Datum: Fri, 08 Jun 2012 15:56:34 +0200 >> Von: Marko Weber >> An: Dovecot >> Betreff: [Dovecot] dovecot ignores entries in virtual_alias_maps >> when using dovecot lda > >> >> hello list, >> i need help. dovecot dont look into my virtual_alias_maps . >> i set via postzfixadmin an alias postmaster at domain.tld to >> newmail at domainother.tld. >> when i send mails to postmaster at domain.tld mails are rejected. >> dovecot >> authworker tells >> me in log: user unknown. >> but i can request the data via postmap -v -q postmaster at domain.tld >> mysql:/etc/postfix/mysql_virtual_alias.cf >> and get result "newmail at domainother.tld". >> > This is postfix related. You need to look into your > /etc/dovecot/conf.d/10-auth.conf and there you have referenced > (probably with an !include) a auth-sql.conf.ext file. The content of > that file is important to us. Probably there you have a userdb {} > entry with an driver = sql and an args entry. The file you reference > there in the args entry is important to us too. Can you post the > content of those files? 10-auth.conf: auth_mechanisms = plain login digest-md5 cram-md5 !include auth-system.conf.ext !include auth-sql.conf.ext (thats all in the 10-auth.conf file) auth-sql.conf.ext: passdb { driver = sql # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } /etc/dovecot/dovecot-sql.conf.ext: connect = \ host=/var/run/mysqld/mysqld.sock \ dbname=postfixadmin \ user=wurst \ password=irgendetwaspasswort default_pass_scheme = MD5 user_query = \ SELECT \ CONCAT('/home/vmail/',maildir) AS home, \ CONCAT('maildir:/home/vmail/',maildir) AS mail, \ maildir, 5000 AS uid, 5000 AS gid, \ CONCAT('*:bytes=', CAST(quota AS CHAR)) AS quota_rule \ FROM mailbox \ WHERE username = '%u' AND active = '1' LIMIT 1 password_query = \ SELECT \ username AS user, \ password, \ CONCAT('/home/vmail',maildir) AS userdb_home, \ CONCAT('maildir:/home/vmail/',maildir) AS userdb_mail, \ 5000 AS userdb_uid, \ 5000 AS userdb_gid \ FROM mailbox \ WHERE username='%u' AND active='1' LIMIT 1 thats all. do you need more information , lemme know. marko > > >> any ideas, hwo to get dovecot to look into my alias maps? >> >> marko >> > // Steve From tss at iki.fi Fri Jun 8 19:12:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:12:44 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608130511.1d55d814@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> Message-ID: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> On 8.6.2012, at 14.05, Andreas Meyer wrote: > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > Now I get the following executing > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } .. > How do I change it to fullfill the new needs? doveconf should have done all of those changes for you and placed them to dovecot-2.conf From tss at iki.fi Fri Jun 8 19:15:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:15:24 +0300 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608173641.329d4c79@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: On 8.6.2012, at 18.36, Andreas Meyer wrote: > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > What can I do? Wouldn't it be great to get the new dovecot working with > my users and the old passwd file? The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. From tss at iki.fi Fri Jun 8 19:17:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:17:48 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD1DE19.4050903@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: On 8.6.2012, at 14.12, Angel L. Mateo wrote: >> What is the real difference between client and process limit? According >> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >> > Sorry, it's friday, my mind is on the weekend :-( > > I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. From tss at iki.fi Fri Jun 8 19:20:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:20:09 +0300 Subject: [Dovecot] Director pop3 real ips v2.1.1 In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E3@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79E4@Delta.sc.local> Message-ID: <1415FF99-54F4-4D17-BC8A-7ACC9E0FE6F4@iki.fi> On 8.6.2012, at 7.39, ???????? ????????? ?????????? wrote: > yes, I use v.2.1.1 on both director and backends > and yes, I've added > login_trusted_networks = 192.168.5.0/24 on all of them > but it didn't help. Missing feature: v2.1.2 2012-03-15 Timo Sirainen + Proxying: POP3 now supports sending remote IP+port from proxy to backend server via Dovecot-specific XCLIENT extension. From tss at iki.fi Fri Jun 8 19:25:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:25:50 +0300 Subject: [Dovecot] auth trouble In-Reply-To: <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> Message-ID: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> On 6.6.2012, at 2.08, Glenn English wrote: >> And these brute force attempts would be logged, each one. > > They are, with no rhost. And there are other brute force attempts > that *do* have IPs. I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. From rnalrd at gmail.com Fri Jun 8 17:53:21 2012 From: rnalrd at gmail.com (Leonardo) Date: Fri, 08 Jun 2012 16:53:21 +0200 Subject: [Dovecot] ntlm_auth in Dovecot Message-ID: <1339167201.4285.90.camel@df1844j> Hi, I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. I'm getting the following error: Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not authenticated: NT_STATUS_UNSUCCESSFUL "wbinfo -u" reports all the users of the domain and "ntlm_auth --username=%name% --domain="%domain%" gets authenticated successfully. Debugging winbind I can see the following error: [2012/06/08 14:18:11.129611, 10] winbindd/winbindd.c:651(process_request) process_request: unknown request fn number 14 [2012/06/08 14:18:11.129671, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[2822:unknown request]: delivered response to client My dovecot.conf is the following: auth_mechanisms = plain ntlm login auth_username_format = %n auth_verbose = yes auth_winbind_helper_path = /usr/bin/ntlm_auth auth_use_winbind = yes auth_debug = yes disable_plaintext_auth = no info_log_path = /var/log/dovecot-info.log log_path = /var/log/dovecot.log mail_location = maildir:/var/mail/domains/%d/%n plugin { autocreate = Trash autocreate2 = Spam autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Spam autosubscribe3 = Sent } protocols = imap ssl = no userdb { driver = static args = uid=100 gid=101 home=/var/mail/domains/%d/%n first_valid_uid=100 } passdb ldap { driver = ldap args = /etc/dovecot/dovecot-ldap.conf } protocol imap { mail_plugins = autocreate } Sounds like there is an issue when Dovecot runs "ntlm_auth". It doesn't appear to be a permission issue (perms are 755). Any help is appreciated. Thank you in advance. -- leonardo. From at_hacker at mail.ru Fri Jun 8 19:32:54 2012 From: at_hacker at mail.ru (=?UTF-8?B?0JDQu9C10LrRgdC10Lkg0J/QtdGA0LXQutC70LDQtA==?=) Date: Fri, 08 Jun 2012 20:32:54 +0400 Subject: [Dovecot] =?utf-8?q?Fwd=3A__ntlm=5Fauth_in_Dovecot?= Message-ID: <1339173174.822111746@f215.mail.ru> Try to delete your server from domain and add it again by "net ads join..." > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL From h.reindl at thelounge.net Fri Jun 8 19:33:26 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 18:33:26 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> Message-ID: <4FD22956.20904@thelounge.net> Am 08.06.2012 18:17, schrieb Timo Sirainen: > On 8.6.2012, at 14.12, Angel L. Mateo wrote: > >>> What is the real difference between client and process limit? According >>> to documentation (http://wiki2.dovecot.org/Services#Service_limits): >>> >> Sorry, it's friday, my mind is on the weekend :-( >> >> I understand that client_limit is how many connections (imap connections, for example) could be handle by one dovecot process, so if I have client_limit=2 and process_limit=1024, then I could 2048 concurrent connections, right? > > Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. depends on the usecase / workload having dovecot as proxy for other imap-backends and 1 process per connection will heavily raise up process-count and memory-overhead while memory may be needed for the imap-backend (like dbmail) and datanases process_limit = 15 client_limit = 300 this way you can have 4500 proxy-connections and use most time not more than 4-5 processes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Fri Jun 8 19:43:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 8 Jun 2012 19:43:16 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD22956.20904@thelounge.net> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> Message-ID: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> On 8.6.2012, at 19.33, Reindl Harald wrote: >> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. > > depends on the usecase / workload > > having dovecot as proxy for other imap-backends and 1 process per connection > will heavily raise up process-count and memory-overhead while memory > may be needed for the imap-backend (like dbmail) and datanases > > process_limit = 15 > client_limit = 300 > > this way you can have 4500 proxy-connections and use most time > not more than 4-5 processes Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. From anmeyer at anup.de Fri Jun 8 19:57:21 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 18:57:21 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> References: <20120608130511.1d55d814@itx.bitcorner.intern> <809542A3-5306-49C5-AB70-3F195A85BD84@iki.fi> Message-ID: <20120608185721.46b98e9f@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 14.05, Andreas Meyer wrote: > > > I want to upgrade the docevot-installation from v 1.0.5 to 2.1..7 > > > > Now I get the following executing > > doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf > > Didn't this command produce a working dovecot-2.conf file? If not, it's probably a bug. Yes, it did. I was wondering, it just containes a few lines. ;) Took it and placed it in /usr/etc as dovecot.conf. But then I got this error with the quota_plugin, see they other thread. > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:217: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:219: passdb passwd-file {} has been replaced by passdb { driver=passwd-file } > > doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:222: userdb passwd-file {} has been replaced by userdb { driver=passwd-file } > .. > > How do I change it to fullfill the new needs? > > doveconf should have done all of those changes for you and placed them to dovecot-2.conf > Yes, it did. Andreas From l.messner at physik.tu-berlin.de Fri Jun 8 19:59:02 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Fri, 8 Jun 2012 18:59:02 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? Message-ID: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Hi list, i noticed that when doing imap gssapi authentication with kerberos, dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf and doveconf -n also show this setting. If i combine the keytabs in krb5.keytab it works. Is there another location where i should put my configuration regarding gssapi/kerberos ? Thanks, Leon logs: 18:48_root at mail3:/root# cat /var/log/dovecot.log | tail -n 8 Jun 08 18:48:16 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=gexTxPjBZACClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=31076 Jun 08 18:48:16 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 08 18:48:16 auth: Debug: client out: CONT 1 Jun 08 18:48:16 auth: Debug: client in: CONT Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 08 18:48:16 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 08 18:48:18 auth: Debug: client out: FAIL 1 Jun 08 18:48:23 imap-login: Info: Aborted login (auth failed, 1 attempts in 7 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE-p3 amd64 auth_debug = yes auth_gssapi_hostname = mail3.physik-pool.tu-berlin.de auth_krb5_keytab = /etc/mail3.krb5.keytab auth_mechanisms = gssapi plain login auth_verbose = yes auth_worker_max_count = 120 first_valid_gid = 300 first_valid_uid = 200 lda_mailbox_autocreate = yes listen = mail3.physik.tu-berlin.de log_path = /var/log/dovecot.log mail_fsync = always mail_location = maildir:~/maildir mail_nfs_index = yes mail_nfs_storage = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = mbox:~/mail prefix = mail/ separator = / type = private } passdb { args = session=yes failure_show_msg=yes max_requests=100 dovecot driver = pam } plugin { quota = fs sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0660 } unix_listener auth-master { mode = 0600 } user = root } service imap-login { inet_listener imap { port = 0 } process_limit = 256 process_min_avail = 6 } service managesieve-login { process_limit = 256 process_min_avail = 6 } service pop3-login { inet_listener pop3 { port = 0 } process_limit = 256 process_min_avail = 6 } ssl_cert = References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> Message-ID: <20120608190243.1ccf5aa8@itx.bitcorner.intern> Timo Sirainen wrote: > On 8.6.2012, at 18.36, Andreas Meyer wrote: > > > Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: > > > > What can I do? Wouldn't it be great to get the new dovecot working with > > my users and the old passwd file? > > The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. > I wonder ./configure, make and make install went through, but for some reason the /usr/lib/dovecot/modules directory was not updated. Could it be because there was the old version 1.0.5 still running while installing the new one? I'll try to do a make install again while the dovecot is stopped and then start the new version and see what happens. Andreas From h.reindl at thelounge.net Fri Jun 8 20:10:35 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:10:35 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608190243.1ccf5aa8@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> Message-ID: <4FD2320B.6070107@thelounge.net> Am 08.06.2012 19:02, schrieb Andreas Meyer: > Timo Sirainen wrote: > >> On 8.6.2012, at 18.36, Andreas Meyer wrote: >> >>> Jun 08 17:20:19 imap: Error: dlopen(/usr/lib/dovecot/modules/imap/lib10_quota_plugin.so) failed: /usr/lib/dovecot/modules/imap/lib10_quota_plugin.so: >>> >>> What can I do? Wouldn't it be great to get the new dovecot working with >>> my users and the old passwd file? >> >> The quota plugin isn't against the same version of Dovecot.. So you have two Dovecot versions now somehow all mixed up. One solution would be to delete all files related to Dovecot and install 2.1.7 again. >> > > I wonder ./configure, make and make install went through, but for some > reason the /usr/lib/dovecot/modules directory was not updated. Could > it be because there was the old version 1.0.5 still running while > installing the new one? ouch - why are you doing such rough installs instead taking some time to learn how to build packages for your OS? the benefit of package-systems like rpm/deb is that obsolete files are removed on updates and you have clean installs over many years and major upgrades of any software as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a recent src.rpm and replace rebuild new versions for older releases the additional benefit is that you can do this on a dedicated virtual machine with devel-packages, GCC and so on which is all not needed on the production systems AND you can easily use this packages on testing machines followed by a crontrolled rollout even for software with a handful of scripts -> on my servers and workstations NEVER get any software installed without a package and there are only two exceptions: VMware Workstation and ZendStudio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From anmeyer at anup.de Fri Jun 8 20:31:02 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 19:31:02 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD2320B.6070107@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> Message-ID: <20120608193102.37d4662d@itx.bitcorner.intern> Reindl Harald wrote: > > I wonder ./configure, make and make install went through, but for some > > reason the /usr/lib/dovecot/modules directory was not updated. Could > > it be because there was the old version 1.0.5 still running while > > installing the new one? > > ouch - why are you doing such rough installs instead taking some time > to learn how to build packages for your OS? > > the benefit of package-systems like rpm/deb is that obsolete files > are removed on updates and you have clean installs over many years > and major upgrades of any software > > as example for Fedora&RHEL it is quite easy to setup rpmbuild, install a > recent src.rpm and replace rebuild new versions for older releases > > the additional benefit is that you can do this on a dedicated virtual > machine with devel-packages, GCC and so on which is all not needed on > the production systems AND you can easily use this packages on > testing machines followed by a crontrolled rollout > > even for software with a handful of scripts -> on my servers and > workstations NEVER get any software installed without a package > and there are only two exceptions: VMware Workstation and ZendStudio ;-) I never ever built a rpm using sources since years. I always build and install from the sources. So ok, made a fresh make install and found out that the directory /usr/lib/dovecot/modules and its contents were not created after deleting manually the old /usr/lib/dovecot directory. Got this snipped from the make install output: make[4]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' make[3]: Leaving directory `/home/mail1/dovecot-2.1.7/src/plugins/imap-stats' Making install in trash make[3]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: Entering directory `/home/mail1/dovecot-2.1.7/src/plugins/trash' make[4]: F?r das Ziel ?install-exec-am? ist nichts zu tun. test -z "/usr/lib/dovecot" || /bin/mkdir -p "/usr/lib/dovecot" /bin/sh ../../../libtool --mode=install /usr/bin/install -c lib11_trash_plugin.la '/usr/lib/dovecot' libtool: install: warning: relinking `lib11_trash_plugin.la' libtool: install: (cd /home/mail1/dovecot-2.1.7/src/plugins/trash; /bin/sh /home/mail1/dovecot-2.1.7/libtool --tag CC --mode=relink gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -module -avoid-version -o lib11_trash_plugin.la -rpath /usr/lib/dovecot trash-plugin.lo ../quota/lib10_quota_plugin.la -lrt ) *** Warning: Linking the shared library lib11_trash_plugin.la against the loadable module *** lib10_quota_plugin.so is not portable! libtool: relink: gcc -shared -fPIC -DPIC .libs/trash-plugin.o -Wl,-rpath -Wl,/usr/lib/dovecot -L/usr/lib/dovecot -l10_quota_plugin -lrt -O2 -Wl,-soname -Wl,lib11_trash_plugin.so -o .libs/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.soT /usr/lib/dovecot/lib11_trash_plugin.so libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.lai /usr/lib/dovecot/lib11_trash_plugin.la libtool: install: /usr/bin/install -c .libs/lib11_trash_plugin.a /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: chmod 644 /usr/lib/dovecot/lib11_trash_plugin.a libtool: install: ranlib /usr/lib/dovecot/lib11_trash_plugin.a libtool: finish: PATH="/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin:/sbin" ldconfig -n /usr/lib/dovecot Andreas From h.reindl at thelounge.net Fri Jun 8 20:36:18 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 08 Jun 2012 19:36:18 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <20120608193102.37d4662d@itx.bitcorner.intern> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> Message-ID: <4FD23812.4070204@thelounge.net> Am 08.06.2012 19:31, schrieb Andreas Meyer: > Reindl Harald wrote: >> even for software with a handful of scripts -> on my servers and >> workstations NEVER get any software installed without a package >> and there are only two exceptions: VMware Workstation and ZendStudio > > ;-) I never ever built a rpm using sources since years. I always > build and install from the sources a good time to start again :-) i missed to tell another benefit: you have to specify every installed file in the %files section, so you are aware of changes in any folder-structure, as long it builds wtihout complaining with a new source-version you can be pretty sure all is sane this time virtualization is a real improvement * build packages outside production environment * provide local repos in the own LAN * setup testing machins with real data * test upgrades with real data in this life i will never ever setup a server on bare metal without having VMware ESXi as backend (clone, snapshots..) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From acrow at integrafin.co.uk Fri Jun 8 20:58:24 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 18:58:24 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD1DE75.5000606@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> Message-ID: <4FD23D40.2050001@integrafin.co.uk> On 08/06/12 12:13, Alex Crow wrote: > Hi list, > > I've just set up a 2.1.7 server, and have migrated a couple of > accounts across from a 2.0.15 server, keeping the old configs. I have > a strange problem on the new box in that altmove just doesn't work. I > have my main storage under /home/email, indexes under /home/indexes > and ALT under /home/email_archive. > > When I run the altmove command, the following broken symlink is > created in /home/email/integrafin.co.uk/acrow: > > lrwxrwxrwx. 1 email email 54 Jun 8 10:46 dbox-alt-root -> > /home/email_archive/integrafin.co.uk/a/acrow/mailboxes > > But nothing is created in the archive other than the empty directory: > /home/email_archive/integrafin.co.uk/a/acrow. > > My mail_location is: > > mail_location = > mdbox:/home/email/%d/%n:INDEX=/home/indexes/%d/%1n/%n:ALT=/home/email_archive/%d/%1n/%n > > This worked perfectly on the older server. I have attached my doveconf > -a output. > > Any help much appreciated. > > Regards > > Alex > BTW I need to add that even with -v -D there were no complaints from dovecot altmove, and nothing untoward in /var/log/maillog. I also forgot to specify that I'm running on Centos6.2, all updates applied, package was built with a combo of the spec file from ATRPMs and the latest source tarball. I previously had the ATRPMS 2.1.1 package installed, same issue. Please feel free to tell me if I'm doing something wrong (ie something has changed between 2.0 and 2.1 re ALT: storage. Cheers Alex From anmeyer at anup.de Fri Jun 8 21:49:26 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 20:49:26 +0200 Subject: [Dovecot] upgrade from 1.0.5 to 2.1.7 In-Reply-To: <4FD23812.4070204@thelounge.net> References: <20120608130511.1d55d814@itx.bitcorner.intern> <4FD1E24C.1030906@thelounge.net> <20120608153307.751e3865@itx.bitcorner.intern> <4FD20DC5.7000500@thelounge.net> <20120608165051.6001b856@itx.bitcorner.intern> <4FD2132D.1090302@thelounge.net> <20120608173641.329d4c79@itx.bitcorner.intern> <20120608190243.1ccf5aa8@itx.bitcorner.intern> <4FD2320B.6070107@thelounge.net> <20120608193102.37d4662d@itx.bitcorner.intern> <4FD23812.4070204@thelounge.net> Message-ID: <20120608204926.3fbf6344@itx.bitcorner.intern> Reindl Harald wrote: > > ;-) I never ever built a rpm using sources since years. I always > > build and install from the sources > > a good time to start again :-) > > i missed to tell another benefit: you have to specify every > installed file in the %files section, so you are aware of > changes in any folder-structure, as long it builds wtihout > complaining with a new source-version you can be pretty sure > all is sane > > this time virtualization is a real improvement > > * build packages outside production environment > * provide local repos in the own LAN > * setup testing machins with real data > * test upgrades with real data > > in this life i will never ever setup a server on bare metal > without having VMware ESXi as backend (clone, snapshots..) > I have that beast running. There was an entry in the docecot.conf like this, created by doveconf -n -c /etc/dovecot/dovecot.conf > /home/mail1/dovecot-2.conf protocol imap { mail_plugin_dir = /usr/lib/dovecot/modules/imap mail_plugins = quota imap_quota } protocol pop3 { mail_plugin_dir = /usr/lib/dovecot/modules/pop3 mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } I commented it out and I can retrieved mail furthermore. :-) Now I want to install dovecot-2.1-pigeonhole-0.3.1 to get sieve running. Thank you everybody for the help and that great piece of software! Andreas From ghe at slsware.com Fri Jun 8 22:27:43 2012 From: ghe at slsware.com (Glenn English) Date: Fri, 8 Jun 2012 13:27:43 -0600 Subject: [Dovecot] auth trouble In-Reply-To: <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> References: <20120605215325.GC3672@harrier.slackbuilds.org> <4087ECCF-8C69-4888-8CD9-44566A256F92@slsware.com> <9816DBD9-ED12-4834-9D13-EB70140054CE@iki.fi> Message-ID: On Jun 8, 2012, at 10:25 AM, Timo Sirainen wrote: > I think the answer to this is simply that Dovecot v1.0 didn't tell PAM the rhost. Upgrade. Will do. What you say fits with what I see in the logs and is a lot simpler than many other suggestions. And you do have some credibility in this area :-) Thanks. -- Glenn English hand-wrapped from my Apple Mail From anmeyer at anup.de Fri Jun 8 23:34:32 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Fri, 8 Jun 2012 22:34:32 +0200 Subject: [Dovecot] per user quota Message-ID: <20120608223432.390c71d0@itx.bitcorner.intern> Hello! I activated quota plugin { quota = maildir:User quota quota_rule = *:storage=1GB # 10% of 1GB = 100MB quota_rule2 = Trash:storage=+10%% } But when I want to do per user quota in the passwd-file ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G I get this in the logfile and can't login: Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. Same with 'storage' in the passwd-file. What's wrong? Andreas From acrow at integrafin.co.uk Sat Jun 9 00:25:39 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Fri, 08 Jun 2012 22:25:39 +0100 Subject: [Dovecot] 2.1.7 altmove not working In-Reply-To: <4FD23D40.2050001@integrafin.co.uk> References: <4FD1DE75.5000606@integrafin.co.uk> <4FD23D40.2050001@integrafin.co.uk> Message-ID: <4FD26DD3.10109@integrafin.co.uk> > > BTW I need to add that even with -v -D there were no complaints from > dovecot altmove, and nothing untoward in /var/log/maillog. I also > forgot to specify that I'm running on Centos6.2, all updates applied, > package was built with a combo of the spec file from ATRPMs and the > latest source tarball. > > I previously had the ATRPMS 2.1.1 package installed, same issue. > > Please feel free to tell me if I'm doing something wrong (ie something > has changed between 2.0 and 2.1 re ALT: storage. > > Cheers > > Alex > I don't know how I did it (I didn't change *any* config directive) but now it magically seems to work after a reboot and umount/remount of the ALT storage area. However I still have that dangling symlink: lrwxrwxrwx 1 email email 54 Jun 8 22:05 dbox-alt-root -> /home/email_archive/integrafin.co.uk/a/acrow/mailboxes Where the target doesn't exist... Cheers Alex From agt at ucsd.edu Sat Jun 9 00:53:02 2012 From: agt at ucsd.edu (Adam G Tilghman) Date: Fri, 8 Jun 2012 14:53:02 -0700 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x Message-ID: <20120608215302.GA29690@acsmail.ucsd.edu> We're planning to upgrade our site from 1.2.17 to 2.1.x within the next few months, but we must ensure our ability to revert to 1.2.17 if problems arise. I don't expect our maildir storage would present a problem, but am less certain about 2.1.x index/control files remaining readable under 1.2.17. Should I have any reason to worry? -- Adam Tilghman Systems Support / Academic Computing & Media Services agt at ucsd.edu 858-822-0711 University of California, San Diego From freebsd at grem.de Sat Jun 9 03:58:15 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 02:58:15 +0200 Subject: [Dovecot] Maildir filename has wrong S value In-Reply-To: <20120515102352.GA24117@uil.winnipeg.nl> References: <20120515102352.GA24117@uil.winnipeg.nl> Message-ID: <4FD29FA7.8040300@grem.de> On 15.5.12 12:23, Wouter de Geus wrote: > Hello folks, > > This morning I tried to open an old archive mail folder using Mutt. > However, while fetching headers it aborted. > Checking the dovecot log gave me this: > > @400000004fb21996267d37d4 imap(benv): Error: Cached message size smaller than expected (9115 < 9420) > @400000004fb21996267e8bac imap(benv): Error: Maildir filename has wrong S value, renamed the file from /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S to /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9420:2,S > @400000004fb21996267e937c imap(benv): Error: Corrupted index cache file /home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/dovecot.index.cache: Broken physical size for mail UID 294 > @400000004fb21996267eaaec imap(benv): Error: read(/home/vpopmail/domains/benv.junerules.com/benv/Maildir/.Old.2009/cur/1260395566.28175.black,S=9115:2,S) failed: Input/output error (uid=294) > @400000004fb219962680683c imap(benv): Info: Disconnected: Internal error occurred. Refer to server log for more information. [2012-05-15 10:53:32] in=6503 out=192718 > > I've retried opening this folder several times, but each time Dovecot only fixes 1 file and then aborts. > (the folder apparently has a lot more files with incorrect sizes). > My question here is: Why does dovecot abort? Isn't the issue fixed after the rename? > > Also: The files are not corrupted or unreadable, reading them through the commandline works fine. > I've looked through my backups and saw that at least half a year ago this mismatch in size was already present. > > I've been running dovecot for quite a while, so the cause of this size mismatch might very well be a issue in an older version of dovecot / my configuration. > Right now I'm running dovecot 2.1.6, but I've been running the v1.2 version for quite a while before that. > > Is this something that can be improved in dovecot so it doesn't abort after 1 rename? > (of course I could script a rename operation, but that seems like a workaround to me) > > Thanks for reading. > > Wouter. > > > > > My current configuration: > ========================= > # 2.1.6: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32.32-g3d14ce7 x86_64 Slackware 11.0.0 > base_dir = /var/run/dovecot2/ > disable_plaintext_auth = no > first_valid_uid = 89 > info_log_path = /dev/stderr > last_valid_uid = 89 > log_path = /dev/stderr > log_timestamp = > mail_debug = yes > mail_location = maildir:~/Maildir > mail_max_userip_connections = 50 > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify e > nvironment mailbox date > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > type = private > } > passdb { > driver = vpopmail > } > plugin { > autocreate = INBOX.Spam > quota = maildir > sieve = ~/.sieve/dovecot.sieve > sieve_dir = ~/.sieve > sieve_global_dir = /etc/dovecot/sieve/ > sieve_subaddress_sep = -+ > } > protocols = imap pop3 sieve > service auth { > unix_listener auth-master { > group = vchkpw > mode = 0660 > } > unix_listener auth-userdb { > group = vchkpw > mode = 0660 > } > } > service imap-login { > inet_listener imap { > address = [::] * > port = 143 > } > inet_listener imaps { > address = [::] * > port = 993 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service managesieve-login { > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > service pop3-login { > inet_listener pop3 { > address = [::] * > port = 110 > } > inet_listener pop3s { > address = [::] * > port = 995 > } > process_limit = 256 > process_min_avail = 3 > service_count = 1 > user = dovecot > } > ssl_cert = ssl_cipher_list = ALL:!LOW > ssl_key = userdb { > driver = vpopmail > } > verbose_proctitle = yes > protocol lda { > hostname = mail.benv.junerules.com > info_log_path = /var/log/dovecot/dovecot2-deliver.log > log_path = /var/log/dovecot/dovecot2-deliver-errors.log > mail_plugins = sieve > postmaster_address = postmaster at benv.junerules.com > sendmail_path = /var/qmail/bin/sendmail > } > protocol imap { > imap_max_line_length = 64 k > mail_plugins = quota imap_quota autocreate > } > protocol pop3 { > mail_plugins = quota autocreate > pop3_no_flag_updates = no > pop3_uidl_format = %v-%u > } > ================================= > I've been facing the same issue today in a similar setup (qmail + vpopmail + dovecot) and figured, that the qmail maildir++ patch I'm using miscalculates the size of mail, since it ignores Delivered-To and Return-Path in the size calculation. Fixing this and reinstalling qmail-local ( plus fixing existing mail using doveadm fetch -u username text all > /dev/null ) solved the problem for me. The problematic line in qmail-local.c is: s += fmt_ulong(s,st.st_size); *s++ = 0; which should be: s += fmt_ulong(s,st.st_size+rpline.len+dtline.len); *s++ = 0; (for FreeBSD users: I submitted a patch to the qmail port, fixing this) http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/168870 Fixing this also fixed fts_squat for me (dovecot 2.1.7) -- Michael From freebsd at grem.de Sat Jun 9 04:07:56 2012 From: freebsd at grem.de (Michael Gmelin) Date: Sat, 09 Jun 2012 03:07:56 +0200 Subject: [Dovecot] squat not working in 2.1 In-Reply-To: <4F4DF7F7.8020405@in.tum.de> References: <4F3FA5D3.8050101@jkart.de> <761E2C44-272D-4F6A-8A33-7FAFB1F011E1@leuxner.net> <4F428323.8050404@fastmail.fm> <6A93411B-4058-4A7D-9F94-452403AE83ED@iki.fi> <4F4DF7F7.8020405@in.tum.de> Message-ID: <4FD2A1EC.4000304@grem.de> On 29.2.12 11:03, Christoph Bu?enius wrote: > On 21.02.2012 01:18, Timo Sirainen wrote: >> On 20.2.2012, at 19.30, Metro Domain Admin wrote: >> >>> Squat is apparently deprecated: >>> http://dovecot.org/list/dovecot/2011-December/062630.html >> >> Yes, but it should still work.. > > As far as I can tell from my tests, squat has stopped working in 2.1. > > Let's take a user who does not have any mails yet, and deliver a first > mail to him: > > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now create an IMAP session, select INBOX, and do a search: > > * 1 EXISTS > * 1 RECENT > * OK [UNSEEN 1] First unseen. > * OK [UIDVALIDITY 1330509552] UIDs valid > * OK [UIDNEXT 2] Predicted next UID > * OK [HIGHESTMODSEQ 1] Highest > . OK [READ-WRITE] Select completed. > >>> . search text test > * SEARCH > . OK Search completed (0.006 secs). > > (Should have returned 1 message.) > > Deliver the same message again: > echo -e 'From: \nSubject: test\n\ntest\ntest' | > /usr/local/dovecot/libexec/dovecot/dovecot-lda -d testuser > > Now in the existing session, run the search command three more times: > > >>> . search text test > * SEARCH > * 2 EXISTS > * 2 RECENT > . OK Search completed (0.000 secs). > >>> . search text test > * SEARCH 2 > . OK Search completed (0.002 secs). > >>> . search text test > * SEARCH > . OK Search completed (0.000 secs). > > It found the message once, but the next time it didn't. So the squat > search does not actually seem to work any more. I know it's > deprecated, I just wanted to note this. > > Cheers, > Christoph > I had the same symptoms (dovecot 2.1.7), but in my case the reason were corrupted Maildir filenames (S=xxxx and the actual file size differed, which among other things also caused trouble in fts_squat). Those files were a result of a bug in the qmail-maildir++ patch. For details see http://www.dovecot.org/list/dovecot/2012-June/066281.html -- Michael From ott at mirix.org Sat Jun 9 04:55:12 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 03:55:12 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> Message-ID: <4FD2AD00.2050805@mirix.org> On 2012-06-05 23:43, Timo Sirainen wrote: > On 5.6.2012, at 23.33, Michescu Andrei wrote: > >>> I agree, in practice this is not an issue compared to the unavailability >>> of the service, but on longer IMAP sessions (e.g. transferring a big >>> file) the connection loss is noticeable. >> >> It is noticeable for somebody that really waits for a large email. > > And there is actually some (any!) way this could be avoided?... One server dies, another continues sending the mail? Yes, there is. You have to replicate the entire state of the IMAP session (protocol states, buffers, TLS state etc.) and the TCP state of the connection. The state of the IMAP session is (in theory) easily replicable (although you probably have to rely on internals of the TLS implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via i2d_SSL_SESSION, though this is meant to resume session via TLS) and for TCP there is RTCP [1]. RTCP intercepts the TCP session is able to recover the TCP state. It works without any modification of the operating system (at the moment limited to Linux). If this would be implemented in Dovecot it would really set it apart from other IMAP servers and software that I've seen so far. Being able to transparently handle failover of a TCP connection is unique. > I have had some thoughts about transferring idling Dovecot connections between processes / servers so that clients wouldn't notice it, but I haven't even thought about moving active (long-running) connections. Load rebalancing would probably be another feature that separates Dovecot from other IMAP servers. Regards, Matthias-Christian [1] http://rtcp.sourceforge.net/ From rnalrd at gmail.com Sat Jun 9 16:04:13 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 15:04:13 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339247053.4285.92.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL BTW I forgot to say that I've already disjoined and rejoined the server to the domain. I saw someone suggested that on the list (I wasn't subscribe until now). -- leonardo From tss at iki.fi Sat Jun 9 17:11:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 9 Jun 2012 17:11:07 +0300 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <4FD2AD00.2050805@mirix.org> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> Message-ID: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > Yes, there is. You have to replicate the entire state of the IMAP > session (protocol states, buffers, TLS state etc.) and the TCP state of > the connection. The state of the IMAP session is (in theory) easily > replicable (although you probably have to rely on internals of the TLS > implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via > i2d_SSL_SESSION, though this is meant to resume session via TLS) Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? > and for > TCP there is RTCP [1]. RTCP intercepts the TCP session is able to > recover the TCP state. It works without any modification of the > operating system (at the moment limited to Linux). Thanks for this too. > If this would be implemented in Dovecot it would really set it apart > from other IMAP servers and software that I've seen so far. Being able > to transparently handle failover of a TCP connection is unique. Yes. From ott at mirix.org Sat Jun 9 17:35:42 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sat, 09 Jun 2012 16:35:42 +0200 Subject: [Dovecot] [ Re: best practises for mail systems] In-Reply-To: <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> References: <5f604e43b6b66676fc1e23b1c7c57afb.squirrel@web.miau.ca> <4FCE5ADB.8090208@mirix.org> <4FD2AD00.2050805@mirix.org> <7A128C1A-E861-42D2-A7AF-07353FFEE027@iki.fi> Message-ID: <4FD35F3E.8040901@mirix.org> On 2012-06-09 16:11, Timo Sirainen wrote: > On 9.6.2012, at 4.55, Matthias-Christian Ott wrote: > >> Yes, there is. You have to replicate the entire state of the IMAP >> session (protocol states, buffers, TLS state etc.) and the TCP state of >> the connection. The state of the IMAP session is (in theory) easily >> replicable (although you probably have to rely on internals of the TLS >> implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via >> i2d_SSL_SESSION, though this is meant to resume session via TLS) > > Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at? The Apache httpd module mod_ssl uses it. GnuTLS has similar functions with gnutls_db_*, although it's also only intended to be used to resume a session. Have look at the Apache httpd module mod_gnutls. Regards, Matthias-Christian From rnalrd at gmail.com Sat Jun 9 18:49:41 2012 From: rnalrd at gmail.com (Leonardo) Date: Sat, 09 Jun 2012 17:49:41 +0200 Subject: [Dovecot] ntlm_auth in Dovecot In-Reply-To: <1339167201.4285.90.camel@df1844j> References: <1339167201.4285.90.camel@df1844j> Message-ID: <1339256981.4285.99.camel@df1844j> On Fri, 2012-06-08 at 16:53 +0200, Leonardo wrote: > Hi, > > I'm trying getting NTLM auth working against AD in my Dovecot 2.0.15. > > I'm getting the following error: > > > Jun 08 14:18:11 auth: Info: winbind(?,10.44.3.151): user not > authenticated: NT_STATUS_UNSUCCESSFUL > > > "wbinfo -u" reports all the users of the domain and "ntlm_auth > --username=%name% --domain="%domain%" gets authenticated successfully. > > > Debugging winbind I can see the following error: > > > [2012/06/08 14:18:11.129611, 10] > winbindd/winbindd.c:651(process_request) > process_request: unknown request fn number 14 > [2012/06/08 14:18:11.129671, 10] > winbindd/winbindd.c:738(winbind_client_response_written) > winbind_client_response_written[2822:unknown request]: delivered > response to client Upgrading to Dovecot 2.1.5 did not help. -- leo From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 19:51:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 18:51:27 +0200 Subject: [Dovecot] Corrupted mdbox on LMTP director delivery while user [solved] is logged in via IMAP In-Reply-To: <20120608031622.GA13898@daniel.localdomain> References: <20120608031622.GA13898@daniel.localdomain> Message-ID: <20120609165127.GA9833@daniel.localdomain> Daniel Parthey wrote: > we get errors about corrupted indexes and we are losing flags with mdbox on NFSv4: > > Error: Recent flags state corrupted for mailbox > Error: Corrupted dbox file > Error: Corrupted transaction log file > > It looks like a LMTP director problem. The user has IMAP IDLE connections > open and lmtp delivers to another host. This leads to nfs corruption problems. > > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Corrupted transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox- > Mails/dovecot.index.log seq 82: Invalid transaction log size (32856 vs 32824): /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log (sync_offset=32856) > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Index /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: Lost log for seq=82 > offset=32856 > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Warning: fscking index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index > Jun 8 03:36:03 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Fixed index file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index: log_file_seq 82 > -> 83 > Jun 8 03:36:38 10.129.3.200 dovecot: mailbox: mail: imap(someuser at example.de): Error: Transaction log file /mail/dovecot/example.de/someuser/mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log.2: > marked corrupted > > How to enable the LMTP director to deliver to the correct mailbox host? The reason were different usernames for different protocols (lmtp and imap) of the same user, which resulted in different target hosts in the director: LMTP director was using username at example.org -> Host mail01 IMAP director was using username at dovecotmail.example.org -> Host mail04 > # 2.0.20: /etc/dovecot-director/dovecot-director.conf > passdb { > args = proxy=y nopassword=y user=%n at dovecotmail.%d > driver = static > } Removing the user mapping in the static imap passdb solved the problem: passdb { args = proxy=y nopassword=y driver = static } Now the user is directed to the same host for all protocols again. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 20:09:30 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 19:09:30 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120608223432.390c71d0@itx.bitcorner.intern> References: <20120608223432.390c71d0@itx.bitcorner.intern> Message-ID: <20120609170930.GA10032@daniel.localdomain> Hello Andreas, Andreas Meyer wrote: > I activated quota > > plugin { > quota = maildir:User quota > quota_rule = *:storage=1GB > # 10% of 1GB = 100MB > quota_rule2 = Trash:storage=+10%% > } > > But when I want to do per user quota in the passwd-file > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G It looks like you are at least missing a space between userdb_mail=maildir:~/ and userdb_quota_rule. > I get this in the logfile and can't login: > > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: user anmeyer at anup.de: Initialization failed: Initializing mail storage from mail_location setting failed: Unknown setting: bytes > Jun 08 22:25:52 imap(anmeyer at anup.de): Error: Invalid user settings. Refer to server log for more information. > > Same with 'storage' in the passwd-file. What's wrong? You forgot to attach your "doveconf -n" output. Regards, Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:20:47 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:20:47 +0200 Subject: [Dovecot] director and IPs shown at the backends In-Reply-To: <4FD1C71B.4040109@um.es> References: <4FD09613.6000405@um.es> <4FD09AB0.6020500@enas.net> <4FD1C71B.4040109@um.es> Message-ID: <20120609182047.GA10833@daniel.localdomain> Angel L. Mateo wrote: > El 07/06/12 14:12, Urban Loesch escribi?: > ># Space separated list of trusted network ranges. Connections from these > ># IPs are allowed to override their IP addresses and ports (for logging and > ># for authentication checks). disable_plaintext_auth is also ignored for > ># these networks. Typically you'd specify your IMAP proxy servers here. > >login_trusted_networks = > > > I didn't find that option in any example config file, but it's > working. Maybe it must be documented in somewhere. This command lists all available options of your release: doveconf Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:40:18 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:40:18 +0200 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <20120609184018.GA10990@daniel.localdomain> James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. Have a look at http://wiki2.dovecot.org/Director > Here is a sample of some of the errors I'm seeing: > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > Error: Log synchronization error at seq=2,offset=556 for > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > next_uid = 3 mdbox format requires a correct index and you will lose flags, if you lose the index file. The index will be automatically tried to restore from mails in the storage. You should avoid accessing the same user directory from different NFS clients, since this often leads to corruptions or invalid files. You need a director which ensures that one directory is only accessed from one host at the same time. This applies to IMAP, POP3, LMTP etc, which are all writing to the mailbox. Then you should access all mailboxes only via the director listener ports. > My dovecot config is: You posted only the configuration of your mailbox instance and might have a look your director configuration too: doveconf -c /etc/dovecot-director/dovecot-director.conf -n (or wherever your director configuration is located) Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 21:48:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 20:48:53 +0200 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <20120609184853.GA11176@daniel.localdomain> root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and > backtrace messages in syslog on Ubuntu. The messages are shown below. If > every user is going to generate these types of errors, I'm thinking maybe > it makes sense to remove all the .imap directories and let Dovecot create > new clean ones. I realize that may slow things down for awhile while > Dovecot is rebuilding new files. Which mail storage format (mbox,maildir,sdbox,mdbox) are you using and is it stored on NFS? Would you provide your "doveconf -n" output for dovecot 2.0.13, please? You might also have a look at imapsync[1] for clean mass migration from one architecture to another. Regards Daniel [1] http://imapsync.lamiral.info/ From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:11:04 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:11:04 +0200 Subject: [Dovecot] Deliver quota-warning via director Message-ID: <20120609191104.GA11812@daniel.localdomain> Hi there, I'm using NFS with Dovecot 2.0.20 and would like to deliver a quota warning to the user using the LMTP director. I have configured quota warnings according to http://wiki2.dovecot.org/Quota/Configuration But it seems that lda delivers the mail directly to the local filesystem and is not using our lmtp director, which prevents NFS mailboxes from getting corrupted. Is there a way to tell lda to use LMTP or the director and ignore the quota while delivering the notification? Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 22:19:58 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 21:19:58 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <4FD0EB43.8070104@lal.in2p3.fr> References: <4FD0EB43.8070104@lal.in2p3.fr> Message-ID: <20120609191958.GA12009@daniel.localdomain> Hi Emiliano, Emiliano Rago wrote: > I need to set up a weird dovecot configuration: > > 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme > 2) inside a ssl tunnel I'd like to authenticate only with plain auth You might try to set up two instances of dovecot, one for plain, one for ssl: http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Regards Daniel From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 9 23:04:53 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 9 Jun 2012 22:04:53 +0200 Subject: [Dovecot] director and doveadm server In-Reply-To: <4FD1C8E0.4010807@um.es> References: <4FD1C8E0.4010807@um.es> Message-ID: <20120609200453.GA12401@daniel.localdomain> Hello Angel, Angel L. Mateo wrote: > I've been reading doc at http://wiki2.dovecot.org/Director to > configure my servers. My question is regarding configuration of > doveadm server. > > I have configured both, director and backend servers, as described > in that doc, but I don't know how to run doveadm commands in > director servers. > > doveadm is working, because I can run commands, but they are > executed in local (director) server. See http://wiki2.dovecot.org/Tools/Doveadm/Mailbox doveadm help doveadm help who A few doveadm commands allow the -S socket_path argument where socket_path can be a hostname:port combination of your director doveadm service: altmove [-u |-A] [-S ] [-r] expunge [-u |-A] [-S ] fetch [-u |-A] [-S ] force-resync [-u |-A] [-S ] import [-u |-A] [-S ] index [-u |-A] [-S ] move [-u |-A] [-S ] purge [-u |-A] [-S ] search [-u |-A] [-S ] The http://wiki2.dovecot.org/Director article explains how to set up a "Doveadm server" on a specific port. After you have set up your doveadm server correctly, an example command might look like this: doveadm search -A -S director:24245 mailbox "*" all > but doveadm who seems to be executed just in local: For "doveadm who" however, you need a local anvil socket, which provides the necessary information: doveadm who -a /var/run/dovecot/anvil Remember there is also the proxy list command, since the director is just a proxy with a hash table which always proxies the same username to the same backend: doveadm proxy list > And another question about this... what is the local config option? > I haven't found it documented anywhere. I assume the local { } section is to restrict the inside options to client IPs located in a specific subnet. Regards Daniel From anmeyer at anup.de Sat Jun 9 23:22:11 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Sat, 9 Jun 2012 22:22:11 +0200 Subject: [Dovecot] per user quota In-Reply-To: <20120609170930.GA10032@daniel.localdomain> References: <20120608223432.390c71d0@itx.bitcorner.intern> <20120609170930.GA10032@daniel.localdomain> Message-ID: <20120609222211.375f54d3@itx.bitcorner.intern> Daniel Parthey wrote: > Hello Andreas, > > Andreas Meyer wrote: > > I activated quota > > > > plugin { > > quota = maildir:User quota > > quota_rule = *:storage=1GB > > # 10% of 1GB = 100MB > > quota_rule2 = Trash:storage=+10%% > > } > > > > But when I want to do per user quota in the passwd-file > > ...vhosts/anup.de/anmeyer::userdb_mail=maildir:~/userdb_quota_rule=*:bytes=10G > > It looks like you are at least missing a space between userdb_mail=maildir:~/ > and userdb_quota_rule. Wow, great! The space was missing and now it works. > You forgot to attach your "doveconf -n" output. ok, next time. > Regards, > Daniel Andreas From tss at iki.fi Sun Jun 10 00:00:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:00:52 +0300 Subject: [Dovecot] Dovecot 1.x on AIX -> Dovecot 2.x on Ubuntu In-Reply-To: References: Message-ID: <073BC709-698B-4C65-B06E-05ED5D0E7343@iki.fi> On 6.6.2012, at 23.27, root at yuma.acns.colostate.edu wrote: > We are working on migrating Dovecot 1.2.17 running on AIX 5.3 (believe it > or not!) to Dovecot 2.0.13 running on Ubuntu. We have hundreds of users > mboxes we will be migrating. My question is regarding the index files. > Should we remove those after the migration, but before we open it up to > users so Dovecot can create new ones? > > I did a test migration of a single user, and Dovecot detects the > architecture change and put out some panic errors, corrupt files and Yeah, there's still some problem with properly handling index file recreation when CPU architecture (endianess) change is detected. Better just delete your index files, since they have to be regenerated anyway. From tss at iki.fi Sun Jun 10 00:10:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:10:23 +0300 Subject: [Dovecot] Deliver quota-warning via director In-Reply-To: <20120609191104.GA11812@daniel.localdomain> References: <20120609191104.GA11812@daniel.localdomain> Message-ID: <80D54D29-C13A-405C-9528-2591F2296108@iki.fi> On 9.6.2012, at 22.11, Daniel Parthey wrote: > But it seems that lda delivers the mail directly to > the local filesystem and is not using our lmtp director, > which prevents NFS mailboxes from getting corrupted. > > Is there a way to tell lda to use LMTP or the director > and ignore the quota while delivering the notification? That's a bit tricky problem. Even if LDA used LMTP, it couldn't ignore quota since LMTP server is the one enforcing it. Perhaps you need to create two LMTP ports, one with a "quota ignored" configuration. Then you need to somehow get the mail delivered there (maybe send it to your MTA and route it from there). Or write a script that sends the mail directly to the LMTP port on director. From tss at iki.fi Sun Jun 10 00:12:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:12:57 +0300 Subject: [Dovecot] Upgrading 1.2.17 -> 2.1.x In-Reply-To: <20120608215302.GA29690@acsmail.ucsd.edu> References: <20120608215302.GA29690@acsmail.ucsd.edu> Message-ID: On 9.6.2012, at 0.53, Adam G Tilghman wrote: > > We're planning to upgrade our site from 1.2.17 to 2.1.x within the > next few months, but we must ensure our ability to revert to 1.2.17 > if problems arise. > > I don't expect our maildir storage would present a problem, > but am less certain about 2.1.x index/control files remaining > readable under 1.2.17. > > Should I have any reason to worry? 1.2.17 can read v2.0 indexes without problems (it has some forwards compatibility code). I don't think I added any incompatible changes to v2.1 either, at least nothing major.. From tss at iki.fi Sun Jun 10 00:17:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:17:14 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FCF549F.70404@ehu.es> References: <4FCF549F.70404@ehu.es> Message-ID: On 6.6.2012, at 16.01, Joseba Torre wrote: > I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. > > First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: > > $ sudo doveadm director map > user mail server ip expire time > 158.227.4.186 2012-06-06 13:34:12 > 158.227.4.186 2012-06-06 13:34:27 > 158.227.4.186 2012-06-06 13:34:34 > > (I don't know if that is good or not) > > I've tried with 3 different users and ips to no change, users are always directed to the same host. Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status " to see where they should go. > Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: > > Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced Looks like there's a bug when only one director is used. I'll try and fix it later.. From tss at iki.fi Sun Jun 10 00:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 10 Jun 2012 00:19:15 +0300 Subject: [Dovecot] director: backend health monitoring In-Reply-To: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79E0@Delta.sc.local> Message-ID: <289A7537-83E1-4EBF-BCF8-C06C67403839@iki.fi> On 8.6.2012, at 4.25, ???????? ????????? ?????????? wrote: > I am wonder if there are plans to include backend health monitoring feature to Dovecot Director ? Yes, but it's not a very high priority right now. From petr at bravenec.eu Sat Jun 9 23:23:05 2012 From: petr at bravenec.eu (Petr Bravenec) Date: Sat, 09 Jun 2012 22:23:05 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message Message-ID: <1543861.4fk9cArhjB@hrabos> It is few months ago I requested help with combination dovecot - dovecot- antispam plugin and dspam. Now I got into troubles with a lot of spam delivering to users inbox. Problem described bellow is now better hidden but stil remains: When moving a message from INBOX to Junk, dspam got an empty message. I made a wrapper about dspamc and there is no input on stdio. The dspam was not trained (got an empty message). Looking to source code of dspam and antispam plugin I suspect the dovecot not to sending any content to plugin when moving from inbox to junk. Petr Bravenec Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > On 25-01-12 08:05, Petr Bravenec wrote: > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > my Junk folder. In the maillog I have found this message: > > > > dspam[25060]: empty message (no data received) > > Gentoo has included the antispam plugin from Johannes historically, but > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > really made clear by the gentoo ebuild is that the forked plugin needs a > slightly different config. > > I use the config below with dovecot 2.0.17 and a git checkout for > dovecot-antispam: > > ===8<======== > plugin { > antispam_signature = X-DSPAM-Signature > antispam_signature_missing = move > antispam_spam_pattern_ignorecase = Junk;Junk.* > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > Messages > > # Backend specific > antispam_backend = dspam > antispam_dspam_binary = /usr/bin/dspamc > antispam_dspam_args = > --user;%u;--deliver=;--source=error;--signature=%%s > antispam_dspam_spam = --class=spam > antispam_dspam_notspam = --class=innocent > #antispam_dspam_result_header = X-DSPAM-Result > } > > > -- > Regards, > Tom From yggdrasil at gmx.co.uk Sun Jun 10 01:09:57 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Sat, 09 Jun 2012 23:09:57 +0100 Subject: [Dovecot] Dovecot setup fails w. multiple mail locations (gnus/dovecot/offlineimap) Message-ID: <87vcj087d6.fsf@gmx.co.uk> Hi, I am trying to setup a Gnus - Dovecot - Offlineimap - Webmail (Gmail / Fastmail) chain and cannot configure the correct behaviour. Any advice to get this working properly would be very appreciated! I have set up Offlineimap to synchronise two mail accounts into separate folders under ~/Maildir. After running Offlineimap, the folders look as below. Maildir/ |-- Gmail | |-- cur | |-- dovecot.index.log | |-- dovecot-uidlist | |-- dovecot-uidvalidity | |-- dovecot-uidvalidity.4fd3b80e | |-- [Gmail].All\ Mail | |-- [Gmail].Drafts | |-- [Gmail].Important | |-- [Gmail].Sent\ Mail | |-- [Gmail].Spam | |-- [Gmail].Starred | |-- [Gmail].Trash | |-- INBOX | |-- new | |-- Personal | |-- Receipts | |-- tmp | |-- Travel | `-- Work `-- Fastmail |-- cur |-- dovecot.index.log |-- dovecot.mailbox.log |-- dovecot-uidlist |-- dovecot-uidvalidity |-- dovecot-uidvalidity.4fd3b75e |-- INBOX |-- INBOX.Drafts |-- INBOX.Sent\ Items `-- INBOX.Trash The Dovecot config is below. (I have set up a blank "MailTest" directory as inbox, believing that this may preserve the two imap directories better for offlineimap synching (not sure if this is correct)). ,---- | mail_location = maildir:~/Maildir:LAYOUT=fs | | namespace inbox { | location = maildir:~/MailTest | inbox = yes | } | | namespace mygmail { | type = private | separator = . | prefix = "mygmail." | location = maildir:%h/Maildir/Gmail/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } | | namespace myfastmail { | type = private | separator = . | prefix = "myfastmail." | location = maildir:%h/Maildir/FASTMAIL/:LAYOUT=fs | inbox = no | hidden = no | list = yes | subscriptions = yes | } `---- Accessing dovecot through gnus with this setup only sees the files in the directories that are not prefixed (e.g. under Fastmail, INBOX is the only seen folder, all INBOX.subfolder are not there). Removing the prefix manually they can be seen again however (e.g. INBOX.subfolder -> subfolder). If I remove LAYOUT=fs in the dovecot config, nothing is seen at all, although the directories look like proper Maildirs! A second issue is that running Offlineimap a second time seems to work ok for gmail, but Fastmail complains that "cannot create directory '.'"? Thanks! -- Johnny Dovecot 2.1.6 Offlineimap 6.5.2.1 Ma Gnus v0.6 From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 10 02:56:03 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 10 Jun 2012 01:56:03 +0200 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication Message-ID: <20120609235603.GA17490@daniel.localdomain> Hi doveadm search -u user at example.org -S localhost:19000 all produces the following error in the logs: dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication What am I missing? * tcpdump of tcp communication on port 19000 is attached * dovecot.conf is attached Regards Daniel -------------- next part -------------- A non-text attachment was scrubbed... Name: dump Type: application/octet-stream Size: 1239 bytes Desc: tcpdump.dat URL: -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = bf79a088601795554d6d428ece2ea92a1c91ae11 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From voytek at sbt.net.au Sun Jun 10 05:41:33 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Sun, 10 Jun 2012 12:41:33 +1000 Subject: [Dovecot] Restoring older messages to new server? In-Reply-To: <4FD1E3E8.8020103@thelounge.net> References: <98f7622f-e52b-4b88-8c65-db05c11e71f6@email.android.com> <4FD1E3E8.8020103@thelounge.net> Message-ID: <057f0c34-b168-4d1d-885d-4de87f969f4c@email.android.com> Reindl >imapsync is your friend Thanks for suggestion. After a few false starts, with impasync saying source server dropped connection, it seemed to have worked. But, now, my K9 email client seems to download entire inbox... rather than last 25 messages... Also, in Squirrel, recent messages before sync seems preceded by old messages, then, messages since sync... any tips on this..? Voytek -- Sent from my Moom with K-9 Mail. Please excuse my brevity. From a.kostyrev at serverc.ru Sun Jun 10 13:48:36 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 21:48:36 +1100 Subject: [Dovecot] director userdb problem Message-ID: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:05:28 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:05:28 +1100 Subject: [Dovecot] director userdb problem In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From a.kostyrev at serverc.ru Sun Jun 10 14:30:49 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Sun, 10 Jun 2012 22:30:49 +1100 Subject: [Dovecot] director userdb problem [solved] In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EB@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79EC@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79EE@Delta.sc.local> Faxe on #dovecot helped me: iterate_query = select MBOX_NAME AS username from M_MAILBOX; with no where clause sorry for wasting your time. -- ? ?????????, ???????? ????????? ????????? ????????????? ??? "??????-?????" ???.: (423) 262-02-62 (???. 2037) ????: (423) 262-02-10 a.kostyrev at serverc.ru icq: 404-198-497 -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 10:05 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] director userdb problem It seemed I had to add something like that in dovecot-sql.conf iterate_query = select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '%n'; so I did but I'm still getting no usernames so I enabled general_log in mysql that what I get: select MBOX_NAME AS username from M_MAILBOX WHERE MBOX_NAME = '' It seems like direcotor don't expand variables, I've tried both - %n and %u - nothing any help ? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of ???????? ????????? ?????????? Sent: Sunday, June 10, 2012 9:49 PM To: dovecot at dovecot.org Subject: [Dovecot] director userdb problem hello ! I'm trying to get users from dovecot director server: doveadm director map doveadm(root): Error: User listing returned failure doveadm(root): Error: user listing failed user mail server ip expire time 192.168.5.101 2012-06-10 21:54:06 in logs I get: Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): mysql(172.5.14.1): Connected to database EXIM Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Warning: mysql: Query failed, retrying: Table 'EXIM.users' doesn't exist Jun 10 21:41:14 mail-lvsm dovecot: auth-worker(17510): Error: sql: Iterate query failed: Table 'EXIM.users' doesn't exist (using built-in default iterate_query: SELECT username, domain FROM users) in my dovecot.conf I have: userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = static args = proxy=y nopassword=y } and in /etc/dovecot/dovecot-sql.conf: user_query = select MBOX_NAME AS user from M_MAILBOX WHERE (MBOX_NAME = '%u'); Do I have to use special table named users ? is it hard-coded? From dovecot at bravenec.eu Sun Jun 10 14:41:51 2012 From: dovecot at bravenec.eu (Petr Bravenec) Date: Sun, 10 Jun 2012 13:41:51 +0200 Subject: [Dovecot] Dovecot antispam plugin bug: got an empty message In-Reply-To: <1543861.4fk9cArhjB@hrabos> References: <1543861.4fk9cArhjB@hrabos> Message-ID: <1664144.As4LCKexvr@hrabos> It looks that I have misconfigured the dovecot plugin: plugin { antispam_dspam_binary = /usr/bin/dspam # should be dspam # antispam_dspam_binary = /usr/bin/dspamc # does not work antispam_signature = X-DSPAM-Signature antispam_signature_missing = move antispam_spam_pattern_ignorecase = Junk;Junk.* antispam_trash_pattern_ignorecase = Trash;Deleted Items antispam_backend = dspam antispam_dspam_args = --user;%u;--deliver=;--source=error;-- signature=%%s antispam_dspam_spam = --class=spam antispam_dspam_notspam = --class=innocent } Petr Bravenec Dne So 9. ?ervna 2012 22:23:05 Petr Bravenec napsal(a): > It is few months ago I requested help with combination dovecot - dovecot- > antispam plugin and dspam. > > Now I got into troubles with a lot of spam delivering to users inbox. > Problem described bellow is now better hidden but stil remains: > > When moving a message from INBOX to Junk, dspam got an empty message. > I made a wrapper about dspamc and there is no input on stdio. The dspam was > not trained (got an empty message). > > Looking to source code of dspam and antispam plugin I suspect the dovecot > not to sending any content to plugin when moving from inbox to junk. > > Petr Bravenec > > Dne Wednesday 25 of January 2012 17:19:18 Tom Hendrikx napsal(a): > > On 25-01-12 08:05, Petr Bravenec wrote: > > > Few weeks ago I upgraded dovecot from 1.2 to 2.0.16 and antispam plugin > > > to 2.0_pre20101222. Since the upgrade I'm not able to move messages to > > > my Junk folder. In the maillog I have found this message: > > > > > > dspam[25060]: empty message (no data received) > > > > Gentoo has included the antispam plugin from Johannes historically, but > > added the fork by Eugene to support upgrades to dovecot 2.0. It is not > > really made clear by the gentoo ebuild is that the forked plugin needs a > > slightly different config. > > > > I use the config below with dovecot 2.0.17 and a git checkout for > > dovecot-antispam: > > > > ===8<======== > > plugin { > > > > antispam_signature = X-DSPAM-Signature > > antispam_signature_missing = move > > antispam_spam_pattern_ignorecase = Junk;Junk.* > > antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted > > > > Messages > > > > # Backend specific > > antispam_backend = dspam > > antispam_dspam_binary = /usr/bin/dspamc > > antispam_dspam_args = > > > > --user;%u;--deliver=;--source=error;--signature=%%s > > > > antispam_dspam_spam = --class=spam > > antispam_dspam_notspam = --class=innocent > > #antispam_dspam_result_header = X-DSPAM-Result > > > > } > > > > > > -- > > Regards, > > > > Tom From fxmulder at gmail.com Mon Jun 11 06:38:09 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:38:09 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: <20120609184018.GA10990@daniel.localdomain> References: <20120609184018.GA10990@daniel.localdomain> Message-ID: On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < daniel.parthey at informatik.tu-chemnitz.de> wrote: > James Devine wrote: > > I'm playing with running dovecot over NFS and I am running into some > > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and > my > > setup includes 1 nfs server and 1 client running postfix/dovecot. In > > testing I am running postal via the command: > > > > postal -t 10 -c 10 localhost users399 > > > > The test file has a list of 399 users to deliver to. I've provided a > > sample of the errors I'm receiving and my configuration below, I am > running > > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > > to resolve it? My ultimate goal is to setup multiple clients with > director > > so each user is still handled on a single machine, however with a single > > machine I still seem to be having issues. > > Have a look at > http://wiki2.dovecot.org/Director > > > Here is a sample of some of the errors I'm seeing: > > > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > > dbox header size: 0 > > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): > > Error: Log synchronization error at seq=2,offset=556 for > > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but > > next_uid = 3 > > mdbox format requires a correct index and you will lose flags, > if you lose the index file. The index will be automatically tried > to restore from mails in the storage. > > You should avoid accessing the same user directory from different > NFS clients, since this often leads to corruptions or invalid files. > > You need a director which ensures that one directory is only accessed > from one host at the same time. This applies to IMAP, POP3, LMTP etc, > which are all writing to the mailbox. > > Then you should access all mailboxes only via the director listener ports. > > > My dovecot config is: > > You posted only the configuration of your mailbox instance > and might have a look your director configuration too: > > doveconf -c /etc/dovecot-director/dovecot-director.conf -n > > (or wherever your director configuration is located) > > Regards > Daniel > Right now there is no director, I am only trying to get a single client running postfix/dovecot talking to a single nfs server without error and that's where I am having trouble From fxmulder at gmail.com Mon Jun 11 06:41:49 2012 From: fxmulder at gmail.com (James Devine) Date: Sun, 10 Jun 2012 21:41:49 -0600 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: <20120609184018.GA10990@daniel.localdomain> Message-ID: By client I meant NFS client running postfix/dovecot servers On Sun, Jun 10, 2012 at 9:38 PM, James Devine wrote: > > On Sat, Jun 9, 2012 at 12:40 PM, Daniel Parthey < > daniel.parthey at informatik.tu-chemnitz.de> wrote: > >> James Devine wrote: >> > I'm playing with running dovecot over NFS and I am running into some >> > issues. I have followed the guide at http://wiki2.dovecot.org/NFSand my >> > setup includes 1 nfs server and 1 client running postfix/dovecot. In >> > testing I am running postal via the command: >> > >> > postal -t 10 -c 10 localhost users399 >> > >> > The test file has a list of 399 users to deliver to. I've provided a >> > sample of the errors I'm receiving and my configuration below, I am >> running >> > dovecot 2.0.19. Any idea what I might be doing wrong and what I might >> do >> > to resolve it? My ultimate goal is to setup multiple clients with >> director >> > so each user is still handled on a single machine, however with a single >> > machine I still seem to be having issues. >> >> Have a look at >> http://wiki2.dovecot.org/Director >> >> > Here is a sample of some of the errors I'm seeing: >> > >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): >> > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid >> > dbox header size: 0 >> > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(11999, testuser99): >> > Error: Log synchronization error at seq=2,offset=556 for >> > /mnt/testuser99/mdbox/storage/dovecot.map.index: Append with UID 2, but >> > next_uid = 3 >> >> mdbox format requires a correct index and you will lose flags, >> if you lose the index file. The index will be automatically tried >> to restore from mails in the storage. >> >> You should avoid accessing the same user directory from different >> NFS clients, since this often leads to corruptions or invalid files. >> >> You need a director which ensures that one directory is only accessed >> from one host at the same time. This applies to IMAP, POP3, LMTP etc, >> which are all writing to the mailbox. >> >> Then you should access all mailboxes only via the director listener ports. >> >> > My dovecot config is: >> >> You posted only the configuration of your mailbox instance >> and might have a look your director configuration too: >> >> doveconf -c /etc/dovecot-director/dovecot-director.conf -n >> >> (or wherever your director configuration is located) >> >> Regards >> Daniel >> > > Right now there is no director, I am only trying to get a single client > running postfix/dovecot talking to a single nfs server without error and > that's where I am having trouble > From werb at hasos.com Mon Jun 11 08:20:47 2012 From: werb at hasos.com (Roland) Date: Mon, 11 Jun 2012 07:20:47 +0200 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix Message-ID: <201206110720.47881.werb@hasos.com> Hello everybody, I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: checking for pam_start in -lpam... no configure: error: Can't build with PAM support: libpam not found The same or a similar problem seems to have appeared 4 years ago: http://www.dovecot.org/list/dovecot/2008-February/028750.html Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Thanks in advance, Roland From jeetuindian at gmail.com Mon Jun 11 08:56:48 2012 From: jeetuindian at gmail.com (Jitendra Bhaskar) Date: Mon, 11 Jun 2012 11:26:48 +0530 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: Hi guys, Any updates on it. I observed that when no of connections increasing then its getting disconnected. Means when increasing no of users then its happening. On Mon, Jun 4, 2012 at 3:50 PM, Jitendra Bhaskar wrote: > Hi, > > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17566 > of existing connection > Jun 04 11:52:59 auth: Error: BUG: Authentication client gave a PID 17564 > of existing connection > > > > > -- > * Thanks & Regards * > *Jitendra Kumar Bhaskar* > Cell:- +91 7306311531 > +91 8102997821 > > -- * Thanks & Regards * *Jitendra Kumar Bhaskar* Cell:- +91 7306311531 +91 8102997821 From jesper at dahlnyerup.dk Mon Jun 11 11:09:07 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 10:09:07 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <4FB8FFD7.5040301@enas.net> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> Message-ID: <20120611080907.GA11882@jespernyerup.dk> On May 20 16:29, Urban Loesch wrote: > I checked my kernel and the patch mentioned in > https://bugzilla.redhat.com/show_bug.cgi?id=681578 > > (comment 31) is not applied. It comes in version 3.0.30 and 3.2.17. > > I will see what tomorrow happens under more load. > If I have the problem again, I give 3.2.17 a chance. We've seen similar behavior on a similar system with a similar workload. We've tried a 3.0.31 - after the epoll patch was applied upstream - without seeing a difference. Right now we're running a 3.3.7 with vs2.3.3.4, and this has reduced the problem quite a bit, but not eliminated it completely. Stracing the processes in D state from before they hang has just revealed something interesting, however, pointing to an issue with inotify rather than epoll. [snip] [...] 15414 23:27:36 inotify_init() = 12 <0.000024> [...] 15414 23:27:36 close(12 15414 23:28:51 <... close resumed> ) = 0 <74.593917> 15414 23:28:51 close(9 15414 23:28:51 <... close resumed> ) = 0 <0.000080> 15414 23:28:51 exit_group(0) = ? [/snip] In short, as far as we can tell, all the processes in D state appear to be waiting to close the file handle they got from their inotify_init(), and eventually all these close()s go through almost simultaneously. Right now we're trawling for locking issues related to inotify, with our focus mainly at the VServer patch set. I would very much appreciate updates on your - or anyone else's - findings and progress. Yours, Jesper Nyerup. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From a.kostyrev at serverc.ru Mon Jun 11 12:27:01 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 20:27:01 +1100 Subject: [Dovecot] director: non standart ports at backends Message-ID: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> hello, I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. For example, pop3 is at 1110 and pop3s at 1995 (on backend side). is it possible? how should I separate this ports in director's config? it's easy for one port: for example lmtp - you just use passdb in protocol lmtp {} From amateo at um.es Mon Jun 11 13:19:39 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 11 Jun 2012 12:19:39 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> Message-ID: <4FD5C63B.7040904@um.es> El 08/06/12 18:43, Timo Sirainen escribi?: > On 8.6.2012, at 19.33, Reindl Harald wrote: > >>> Yes, but like the wiki page also says, it's not a good idea increase client_limit for imap/pop3 processes. >> >> depends on the usecase / workload >> >> having dovecot as proxy for other imap-backends and 1 process per connection >> will heavily raise up process-count and memory-overhead while memory >> may be needed for the imap-backend (like dbmail) and datanases >> >> process_limit = 15 >> client_limit = 300 >> >> this way you can have 4500 proxy-connections and use most time >> not more than 4-5 processes > > Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? From joseba.torre at ehu.es Mon Jun 11 13:43:03 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 12:43:03 +0200 Subject: [Dovecot] Director problems In-Reply-To: References: <4FCF549F.70404@ehu.es> Message-ID: <4FD5CBB7.9010301@ehu.es> El 09/06/12 23:17, Timo Sirainen escribi?: > On 6.6.2012, at 16.01, Joseba Torre wrote: > >> I've just setup a testing enviroment for director, and it's not working as expected. I have just 1 director (called director) and 2 dovecot servers (dovecot1 and dovecot2); these are exact copies. >> >> First problem: when both dovecot servers are up, every imap connection is redirected to the same server as you can see here: >> >> $ sudo doveadm director map >> user mail server ip expire time >> 158.227.4.186 2012-06-06 13:34:12 >> 158.227.4.186 2012-06-06 13:34:27 >> 158.227.4.186 2012-06-06 13:34:34 >> >> (I don't know if that is good or not) >> >> I've tried with 3 different users and ips to no change, users are always directed to the same host. > > Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. > >> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >> >> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced > > Looks like there's a bug when only one director is used. I'll try and fix it later.. Thanks a lot for your support From trybowski at aeropolis.pl Mon Jun 11 14:23:23 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 13:23:23 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? Message-ID: Hello all, it is strange, but Dovecot 2.x still didn't make it into Debian (not even backports). It exists in testing, but that's still a long wait. OTOH there are official packages built every day (referenced from the download page). This puzzles me: why isn't there a build created from each stable, released version of Dovecot, so that users of Debian Stable could benefit from the new version, and run it on production environment? Could you (I mean ? the Dovecot team) provide such packages? This wouldn't require any major amount of work, since you already have daily builds produced. You would just have to run that building system once per each released version and keep it available for download. The reason for this is relatively simple: I'm about to implement a new mail server, and I'd like to keep to Debian Stable while using Dovecot 2.x. This will make future updates much easier, as I won't have to face 1.2 -> 2.0 migration on a production system. Regards, KT From tss at iki.fi Mon Jun 11 14:45:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:45:43 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD5C63B.7040904@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: On 11.6.2012, at 13.19, Angel L. Mateo wrote: >> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >> > What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? Yes. > Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. > > What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. From tss at iki.fi Mon Jun 11 14:48:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:48:33 +0300 Subject: [Dovecot] Frequently login problem In-Reply-To: References: Message-ID: <49EE70D0-58D7-462D-82A8-FB56B02986CA@iki.fi> On 4.6.2012, at 13.20, Jitendra Bhaskar wrote: > I am using dovecot 2.1.3 on centos 5.7. It was working fine but last few > days I need to restart or reload dovecot service because at that time users > are not able to login. > > Each time I am getting information from doveco.log is as : > Jun 04 11:52:54 auth: Error: BUG: Authentication client gave a PID 17564 of > existing connection This happens before restart, not during it? doveconf -n output? Are you using Dovecot auth for anything external, like Postfix/Exim? From tss at iki.fi Mon Jun 11 14:51:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:51:48 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611080907.GA11882@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > Stracing the processes in D state from before they hang has just > revealed something interesting, however, pointing to an issue with > inotify rather than epoll. > > [snip] > [...] > 15414 23:27:36 inotify_init() = 12 <0.000024> > [...] > 15414 23:27:36 close(12 > 15414 23:28:51 <... close resumed> ) = 0 <74.593917> > 15414 23:28:51 close(9 > 15414 23:28:51 <... close resumed> ) = 0 <0.000080> > 15414 23:28:51 exit_group(0) = ? > [/snip] > > In short, as far as we can tell, all the processes in D state appear to > be waiting to close the file handle they got from their inotify_init(), > and eventually all these close()s go through almost simultaneously. Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: echo 0 > /proc/sys/fs/inotify/max_user_watches echo 0 > /proc/sys/fs/inotify/max_user_instances From tss at iki.fi Mon Jun 11 14:55:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:55:32 +0300 Subject: [Dovecot] Dovecot over NFS In-Reply-To: References: Message-ID: <708F1898-C96C-4F01-88D6-61833EFBF531@iki.fi> On 7.6.2012, at 1.07, James Devine wrote: > I'm playing with running dovecot over NFS and I am running into some > issues. I have followed the guide at http://wiki2.dovecot.org/NFS and my > setup includes 1 nfs server and 1 client running postfix/dovecot. Which NFS server? Which NFS client (Linux)? > In > testing I am running postal via the command: > > postal -t 10 -c 10 localhost users399 > > The test file has a list of 399 users to deliver to. I've provided a > sample of the errors I'm receiving and my configuration below, I am running > dovecot 2.0.19. Any idea what I might be doing wrong and what I might do > to resolve it? My ultimate goal is to setup multiple clients with director > so each user is still handled on a single machine, however with a single > machine I still seem to be having issues. .. > Jun 6 15:55:12 test-gluster-client1 dovecot: lmtp(12072, testuser130): > Error: mdbox /mnt/testuser130/mdbox/mailboxes/INBOX/dbox-Mails: Invalid > dbox header size: 0 Yeah, something's broken. I'd try: 1. Try Dovecot v2.1.7. I don't think v2.0.19 had these problems anymore but wouldn't hurt to try. 2. Try if you can reproduce the same problem with local filesystem. 3. Try another NFS server or client.. From tss at iki.fi Mon Jun 11 14:59:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 14:59:06 +0300 Subject: [Dovecot] dovecot does not find libpam when compiling with customized prefix In-Reply-To: <201206110720.47881.werb@hasos.com> References: <201206110720.47881.werb@hasos.com> Message-ID: <191E7B2A-41D1-4595-A584-C13DC8076CFF@iki.fi> On 11.6.2012, at 8.20, Roland wrote: > I try to compile dovecot 2.1.7 with a customized --prefix setting and --with-pam . Although I installed libpam into the same --prefix, dovecot does not find it: > > checking for pam_start in -lpam... no > configure: error: Can't build with PAM support: libpam not found > > The same or a similar problem seems to have appeared 4 years ago: > http://www.dovecot.org/list/dovecot/2008-February/028750.html > > Which libpam file does dovecot expect in which directory? And possibly there is something wrong with the pam_start function? Dovecot doesn't expect anything. gcc/ld expects things. You'll need to use the generic options to tell where the PAM files are, something like: LDFLAGS=-L/where/is/pam/lib CPPFLAGS=-I/where/is/pam/include ./configure From tss at iki.fi Mon Jun 11 15:01:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:01:27 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:09:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:09:04 +0300 Subject: [Dovecot] Error: doveadm client attempted non-PLAIN authentication In-Reply-To: <20120609235603.GA17490@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> Message-ID: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> On 10.6.2012, at 2.56, Daniel Parthey wrote: > doveadm search -u user at example.org -S localhost:19000 all > produces the following error in the logs: > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > What am I missing? It's possible that this is just broken in v2.0. Try v2.1. From tss at iki.fi Mon Jun 11 15:16:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:16:16 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120608165902.GI89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> Message-ID: <1339416976.5967.29.camel@hurina> On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > Hi list, > > i noticed that when doing imap gssapi authentication with kerberos, > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > and doveconf -n also show this setting. If i combine the keytabs in > krb5.keytab it works. Is there another location where i should put my > configuration regarding gssapi/kerberos ? Try if this works: import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME Then start Dovecot with: KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME environment is being called too late. From tss at iki.fi Mon Jun 11 15:21:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:21:08 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD14895.8040707@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> Message-ID: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> On 8.6.2012, at 3.34, Tom Lieuallen wrote: > Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox & maildir). You should be able to use prefix=iphonemail/shared/ From oni-neko at gmx.net Mon Jun 11 15:28:37 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Mon, 11 Jun 2012 14:28:37 +0200 Subject: [Dovecot] question about changing certificate Message-ID: <20120611122837.317410@gmx.net> Good day! I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. next I get from managesieve-login, pop3-login and imap-login the following log entries: Fatal: Can't load private key file /etc/ssl/private/dovecot.pem: Key is for a different cert than /etc/ssl/certs/dovecot.pem some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? I'm pretty sure I'm just overlooking something completely obvious, but what? =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From tss at iki.fi Mon Jun 11 15:30:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:30:59 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87txynzuqs.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> Message-ID: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> On 7.6.2012, at 6.06, SATOH Fumiyasu wrote: >>>> Dovecot auth process has a problem >>>> that Dovecot auth delays exiting about between 20 and >>>> 60 seconds when Dovecot dovecot (master) process is already >>>> terminated by an administrator. > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > with PAM passdb. This PAM environment is configured for > local UNIX passwd file only (no LDAP). I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: /etc/init.d/dovecot start telnet localhost 143 x login foo bar x logout /etc/init.d/dovecot stop No dovecot processes left. From tss at iki.fi Mon Jun 11 15:33:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:33:32 +0300 Subject: [Dovecot] Accessing maildir snapshots through dovecot / namespace In-Reply-To: <4FD0C843.4070503@ibl.fr> References: <4FD0C843.4070503@ibl.fr> Message-ID: On 7.6.2012, at 18.26, Karl Oulmi wrote: > namespace snap { > prefix = INBOX.snapshot.h0. > hidden = no > inbox = no > list = yes > location = maildir:/da1/%u/Maildir:INDEX=/da1/dovecot/indexes/%u:CONTROL=/da1/dovecot/control/%u > type = private > } > > > The problem is that I don't see the content of the inbox folder contained in the snapshots whereas subfolders are perfectly viewed ! The INBOX should be accessible as the INBOX.snapshot.h0 itself. From a.kostyrev at serverc.ru Mon Jun 11 15:39:00 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Mon, 11 Jun 2012 23:39:00 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> thanks Timo, for you time but I still don't get it) should I return "port" with just "port_num1,port_num2" value or how? I've tried to google an example but with no success. -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:01 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > hello, > I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. > For example, pop3 is at 1110 and pop3s at 1995 (on backend side). > is it possible? > how should I separate this ports in director's config? > it's easy for one port: > for example lmtp - you just use passdb in protocol lmtp {} The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. From tss at iki.fi Mon Jun 11 15:43:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:43:52 +0300 Subject: [Dovecot] Different but probably related issue In-Reply-To: <1338883767.4514.23.camel@jlt3.sipsolutions.net> References: <442263FE-BEAE-47F5-A1FF-49DC0065DF17@canbasis.com> <1338883767.4514.23.camel@jlt3.sipsolutions.net> Message-ID: On 5.6.2012, at 11.09, Johannes Berg wrote: > Unfortunately, I don't. I can only suggest, as a test, trying with some > other storage format -- I only use Maildir -- to see if the problem is > really in the interaction with mdbox. I'm fairly sure that's likely the > problem, maybe the plugin doesn't pass something through append that is > needed by mdbox, but I've never even attempted to understand mdbox. > > Maybe Timo can comment. Timo, you can find the latest code here: > http://git.sipsolutions.net/?p=dovecot-antispam.git;a=summary I don't see anything obviously wrong in there.. Perhaps antispam_save_finish() returns failure for some reason and dbox doesn't handle that properly? From tss at iki.fi Mon Jun 11 15:47:50 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 15:47:50 +0300 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> Message-ID: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From tss at iki.fi Mon Jun 11 16:16:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:16:06 +0300 Subject: [Dovecot] fts_lucene crashing In-Reply-To: References: Message-ID: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> On 30.5.2012, at 22.13, Joe Beaubien wrote: >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file >>>>>> lucene-wrapper.cc: line 196: unreached > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed my > specific issue. I got you a gdb trace like you asked in a previous mail. I > hope that can help. If I didn't get the correct backtrace, or if you need > some other info from gdb let me know. Thanks. The problem was pretty far away from where I thought it was. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 From tss at iki.fi Mon Jun 11 16:25:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:25:37 +0300 Subject: [Dovecot] dsync migration with preserving pop3 uidl In-Reply-To: <4FBE0A9C.8090406@stable.cz> References: <4FBE0A9C.8090406@stable.cz> Message-ID: On 24.5.2012, at 13.17, Tom?? Herceg wrote: > I'm trying to migrate messages from icewarp (merak) mailserver to dovecot via > dsync, IMAP migration is looking fine, but I'm unable to migrate pop3 uidls from > originating server, probably is something wrong with configuration, but I don't > know what. The only documentation i found is on the wiki: > http://wiki2.dovecot.org/Migration/Dsync where is bad writen mail_plugins = > pop3-migration, i corrected it to mail_plugins = pop3_migration, but it still > didn't work, here is my configuration: .. > namespace { > hidden = yes > list = yes list=no would be better so clients don't accidentally access this. > location = pop3c: > prefix = POP3/ > } > I'm runnig dsync this way: > /usr/bin/time -f "%E" doveadm -vD -o imapc_user=test1 at irock.cz -o > imapc_password=***** backup -u test1 at irock.cz -f -R imapc:/tmp-ram/imapc-test1 You need to change pop3c_user and pop3c_password also in this command line. > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address > dsync(test1 at irock.cz): Error: stat((null)) failed: Bad address I wonder what these are. Also I wonder why the weren't any messages about missing/wrong user+pass for pop3c. From tss at iki.fi Mon Jun 11 16:32:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:32:11 +0300 Subject: [Dovecot] multi-instance doveadm user -m woes In-Reply-To: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> References: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> Message-ID: On 11.5.2012, at 18.06, David Warden wrote: > I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens: > > [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden > doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) Thanks, fixed: http://hg.dovecot.org/dovecot-2.1/rev/98f2c12eccdb From tss at iki.fi Mon Jun 11 16:56:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 16:56:31 +0300 Subject: [Dovecot] Director problems In-Reply-To: <4FD5CBB7.9010301@ehu.es> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> Message-ID: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> On 11.6.2012, at 13.43, Joseba Torre wrote: >>> I've tried with 3 different users and ips to no change, users are always directed to the same host. >> >> Perhaps you just managed to use such usernames that map to the same director.. You can try with "doveadm director status" to see where they should go. > > I was thinking that users where sent to one server or another in a more or less random way. As always, your guess was right, test[1-4] are all sent to the same server, but for example jorge is sent to the other one. The "randomness" is basically md5(username)%2. >>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>> >>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >> >> Looks like there's a bug when only one director is used. I'll try and fix it later.. > > Thanks a lot for your support Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 From tomislav.mihalicek at gmail.com Mon Jun 11 17:03:46 2012 From: tomislav.mihalicek at gmail.com (Tomislav Mihalicek) Date: Mon, 11 Jun 2012 07:03:46 -0700 (PDT) Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <33993325.post@talk.nabble.com> Here you go... cat /etc/apt/sources.list # latest dovecot # apt-get install debian-dovecot-auto-keyring deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Krzysztof Trybowski wrote: > > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. > > Regards, KT > > -- View this message in context: http://old.nabble.com/Dovecot-2.1-stable-packages-for-Debian--tp33992548p33993325.html Sent from the Dovecot mailing list archive at Nabble.com. From joseba.torre at ehu.es Mon Jun 11 17:15:36 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Mon, 11 Jun 2012 16:15:36 +0200 Subject: [Dovecot] Director problems In-Reply-To: <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> References: <4FCF549F.70404@ehu.es> <4FD5CBB7.9010301@ehu.es> <7D649FE2-6FB4-4892-8FF2-EDA8ED4F2057@iki.fi> Message-ID: <4FD5FD88.6000005@ehu.es> >>>> Second problem: if I try to add/remove/modify one of the dovecot servers, the output of doveadm director map/status seems to be ok, but any new user connection fails with this log: >>>> >>>> Jun 6 14:51:59 director dovecot: director: Warning: Delaying new user requests until ring is synced >>> >>> Looks like there's a bug when only one director is used. I'll try and fix it later.. >> >> Thanks a lot for your support > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/46d01b728647 > Works perfectly, thank you From trybowski at aeropolis.pl Mon Jun 11 17:31:10 2012 From: trybowski at aeropolis.pl (Krzysztof Trybowski) Date: Mon, 11 Jun 2012 16:31:10 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Hello Tomislav, it doesn't seem to be what I'm looking for. These repositories are referenced from the download site, but with an information that these are built hourly and thus include any newest changes to the source. Also a warning follows: ?Needless to say: do NOT use these repositories for systems that need to be STABLE.? What I'm looking for are packages of a released versions of 2.1, that can be used in a production environment. Regards, KT From gedalya at gedalya.net Mon Jun 11 17:36:31 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 10:36:31 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD6026F.4070704@gedalya.net> On 6/11/2012 10:31 AM, Krzysztof Trybowski wrote: > On Mon, Jun 11, 2012 at 4:03 PM, Tomislav Mihalicek > wrote: >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > Hello Tomislav, > it doesn't seem to be what I'm looking for. These repositories are > referenced from the download site, but with an information that these > are built hourly and thus include any newest changes to the source. > Also a warning follows: ?Needless to say: do NOT use these > repositories for systems that need to be STABLE.? > > What I'm looking for are packages of a released versions of 2.1, that > can be used in a production environment. > > Regards, KT http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592959 http://www.prato.linux.it/~mnencia/debian/dovecot-squeeze/ - I'm using this and can say it works http://people.debian.org/~morph/dovecot2-bpo60/ From nerijus.kislauskas at ktu.lt Mon Jun 11 17:38:51 2012 From: nerijus.kislauskas at ktu.lt (Nerijus Kislauskas) Date: Mon, 11 Jun 2012 17:38:51 +0300 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: <4FD602FB.1030406@ktu.lt> On 06/11/2012 05:03 PM, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main They are not official packages. As I understand, questioner asks for official ones. As a matter of fact - there are none for stable. You can try to use it from testing with apt pinning and package priorities. For example: /etc/apt/apt.conf or /etc/apt/apt.conf.d/99stable: APT::Default-Release "stable"; /etc/apt/preferences.d/dovecot Package: dovecot* Pin: release a=testing Pin-Priority: 999 and use "apt-policy show dovecot-" to check. Testing packages still receives a lot of changes, so it will be a little bit annoying for frequent updates. Let me know if you choose that way and if it works for you. -- Sincerely, Nerijus Kislauskas From l.messner at physik.tu-berlin.de Mon Jun 11 17:43:45 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 16:43:45 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <1339416976.5967.29.camel@hurina> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> Message-ID: <20120611144345.GK89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 03:16:16PM +0300, Timo Sirainen wrote: > On Fri, 2012-06-08 at 18:59 +0200, Leon Me?ner wrote: > > Hi list, > > > > i noticed that when doing imap gssapi authentication with kerberos, > > dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have > > auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf > > and doveconf -n also show this setting. If i combine the keytabs in > > krb5.keytab it works. Is there another location where i should put my > > configuration regarding gssapi/kerberos ? > > Try if this works: > > import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > Then start Dovecot with: > > KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > environment is being called too late. It's still looking inside the default krb5.keytab . /var/log/dovecot.log: Jun 11 16:26:55 master: Info: Dovecot v2.1.7 starting up Jun 11 16:26:55 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Jun 11 16:26:55 auth: Debug: auth client connected (pid=82646) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82648) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82647) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82649) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82651) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82653) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82655) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82652) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82656) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82657) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82650) Jun 11 16:26:55 auth: Debug: auth client connected (pid=82654) Jun 11 16:27:05 auth: Debug: auth client connected (pid=82669) Jun 11 16:27:06 auth: Debug: client in: AUTH 1 GSSAPI service=imap secured session=DLX+JDPCLwCClTqR lip=130.149.58.164 rip=130.149.58.145 lport=993 rport=29743 Jun 11 16:27:06 auth: Debug: gssapi(?,130.149.58.145,): Obtaining credentials for imap at mail3.physik-pool.tu-berlin.de Jun 11 16:27:06 auth: Debug: client out: CONT 1 Jun 11 16:27:06 auth: Debug: client in: CONT Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Miscellaneous failure (see text) Jun 11 16:27:06 auth: Info: gssapi(?,130.149.58.145,): While processing incoming data: Failed to find imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE(kvno 1) in keytab FILE:/etc/krb5.keytab (des3-cbc-sha1) Jun 11 16:27:08 auth: Debug: client out: FAIL 1 Jun 11 16:27:18 auth: Debug: auth client connected (pid=82673) Jun 11 16:27:18 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:22 imap-login: Info: Aborted login (auth failed, 1 attempts in 16 secs): user=<>, method=GSSAPI, rip=130.149.58.145, lip=130.149.58.164, TLS, session= Jun 11 16:27:38 auth: Debug: auth client connected (pid=82681) Jun 11 16:27:38 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=130.149.58.149, lip=130.149.58.164, TLS, session= Jun 11 16:27:45 master: Warning: Killed with signal 15 (by pid=82684 uid=0 code=kill) From michael at orlitzky.com Mon Jun 11 18:07:52 2012 From: michael at orlitzky.com (Michael Orlitzky) Date: Mon, 11 Jun 2012 11:07:52 -0400 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: Message-ID: <4FD609C8.9060809@orlitzky.com> On 06/11/12 07:23, Krzysztof Trybowski wrote: > Hello all, > it is strange, but Dovecot 2.x still didn't make it into Debian (not > even backports). It exists in testing, but that's still a long wait. > OTOH there are official packages built every day (referenced from the > download page). This puzzles me: why isn't there a build created from > each stable, released version of Dovecot, so that users of Debian > Stable could benefit from the new version, and run it on production > environment? Could you (I mean ? the Dovecot team) provide such > packages? This wouldn't require any major amount of work, since you > already have daily builds produced. You would just have to run that > building system once per each released version and keep it available > for download. > > The reason for this is relatively simple: I'm about to implement a new > mail server, and I'd like to keep to Debian Stable while using Dovecot > 2.x. This will make future updates much easier, as I won't have to > face 1.2 -> 2.0 migration on a production system. To wind up in Debian stable, a package has to go through a bunch of testing, and that takes a long time. So you're never going to have official packages for new software in Debian stable. That's kind of the point of stable =) From joe.beaubien at gmail.com Mon Jun 11 18:13:17 2012 From: joe.beaubien at gmail.com (Joe Beaubien) Date: Mon, 11 Jun 2012 11:13:17 -0400 Subject: [Dovecot] fts_lucene crashing In-Reply-To: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> References: <080D29B1-72BD-40DE-B9D6-7E7838B97DB9@iki.fi> Message-ID: Thank you sir for the fix. On Mon, Jun 11, 2012 at 9:16 AM, Timo Sirainen wrote: > On 30.5.2012, at 22.13, Joe Beaubien wrote: > > >>>>>> May 22 14:51:51 mba dovecot: imap(formulaire): Panic: file > >>>>>> lucene-wrapper.cc: line 196: unreached > > > > Thanks for the new release. Unfortunately, it doesn't seem to have fixed > my > > specific issue. I got you a gdb trace like you asked in a previous mail. > I > > hope that can help. If I didn't get the correct backtrace, or if you need > > some other info from gdb let me know. > > > Thanks. The problem was pretty far away from where I thought it was. > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/0fde692cb565 > > From fumiyas at osstech.jp Mon Jun 11 18:24:44 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 00:24:44 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> Message-ID: <87d3557txf.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 15:30:59 +0300, Timo Sirainen wrote: > >>>> Dovecot auth process has a problem > >>>> that Dovecot auth delays exiting about between 20 and > >>>> 60 seconds when Dovecot dovecot (master) process is already > >>>> terminated by an administrator. > > > > Yes. I can reproduce with dovecot 1:2.1.7-1 (Debian unstable package) > > with PAM passdb. This PAM environment is configured for > > local UNIX passwd file only (no LDAP). > > I can't reproduce this. I installed the 1:2.1.7-1 Debian unstable package. Put your dovecot.conf to /etc/dovecot/. Did: > > /etc/init.d/dovecot start > telnet localhost 143 > x login foo bar > x logout > /etc/init.d/dovecot stop > > No dovecot processes left. If an auth client remains a connection to dovecot/auth, dovecot/auth does NOT exit immediately when dovecot master exits. (1) Install Postfix and Dovecot. # apt-get install postfix dovecot (2) Configure Postfix /etc/postfix/main.cf with the following: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: service auth { unix_listener auth-userdb { } unix_listener /var/spool/postfix/private/auth { mode = 0666 } } (4) Start postfix and dovecot service. # /etc/init.d/dovecot start # /etc/init.d/postfix start (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. $ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 sugar.osstech.co.jp ESMTP Postfix AUTH PLAIN dummy 535 5.7.8 Error: authentication failed: QUIT 221 2.0.0 Bye Connection closed by foreign host. Or use netcat-openbsd to connect to dovecot/auth socket: # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & (6) Stop dovecot service. # /etc/init.d/dovecot stop -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ From tss at iki.fi Mon Jun 11 18:26:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:26:57 +0300 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611144345.GK89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: On 11.6.2012, at 17.43, Leon Me?ner wrote: >> Try if this works: >> >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME >> >> Then start Dovecot with: >> >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot >> >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME >> environment is being called too late. > > It's still looking inside the default krb5.keytab . Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. From tss at iki.fi Mon Jun 11 18:32:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 18:32:35 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87d3557txf.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: On 11.6.2012, at 18.24, SATOH Fumiyasu wrote: > If an auth client remains a connection to dovecot/auth, > dovecot/auth does NOT exit immediately when dovecot master exits. Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > (1) Install Postfix and Dovecot. > > # apt-get install postfix dovecot > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = > smtpd_sasl_type = dovecot > smtpd_sasl_path = private/auth > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > service auth { > unix_listener auth-userdb { > } > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > > (4) Start postfix and dovecot service. > > # /etc/init.d/dovecot start > # /etc/init.d/postfix start > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > $ telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 sugar.osstech.co.jp ESMTP Postfix > AUTH PLAIN dummy > 535 5.7.8 Error: authentication failed: > QUIT > 221 2.0.0 Bye > Connection closed by foreign host. > > Or use netcat-openbsd to connect to dovecot/auth socket: > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > (6) Stop dovecot service. > > # /etc/init.d/dovecot stop And (7) /etc/init.d/dovecot start fails? From l.messner at physik.tu-berlin.de Mon Jun 11 18:51:24 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 11 Jun 2012 17:51:24 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> Message-ID: <20120611155124.GM89928@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > >> Try if this works: > >> > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > >> > >> Then start Dovecot with: > >> > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > >> > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > >> environment is being called too late. > > > > It's still looking inside the default krb5.keytab . > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . I will update the machine to 8.3 (which is the latest release in 8.x), recompile and report my findings tomorrow. thanks, Leon From fumiyas at osstech.jp Mon Jun 11 19:39:47 2012 From: fumiyas at osstech.jp (SATOH Fumiyasu) Date: Tue, 12 Jun 2012 01:39:47 +0900 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> Message-ID: <87bokp7qgc.wl%fumiyas@osstech.jp> At Mon, 11 Jun 2012 18:32:35 +0300, Timo Sirainen wrote: > > If an auth client remains a connection to dovecot/auth, > > dovecot/auth does NOT exit immediately when dovecot master exits. > > Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: > > May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? Yes: AIX 6.1, 7.1 No: Debian GNU/Linux stable, testing, unstable / Solaris 10 -- -- Name: SATOH Fumiyasu (fumiyas @ osstech co jp) -- Business Home: http://www.OSSTech.co.jp/ -- GitHub Home: https://GitHub.com/fumiyas/ > > (1) Install Postfix and Dovecot. > > > > # apt-get install postfix dovecot > > > > (2) Configure Postfix /etc/postfix/main.cf with the following: > > > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_security_options = > > smtpd_sasl_type = dovecot > > smtpd_sasl_path = private/auth > > > > (3) Configre Dovecot /etc/dovecot/conf.d/10-master with the following: > > > > service auth { > > unix_listener auth-userdb { > > } > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > } > > > > (4) Start postfix and dovecot service. > > > > # /etc/init.d/dovecot start > > # /etc/init.d/postfix start > > > > (5) Invoke Postfix smtpd(8), it connects to dovecot/auth socket. > > > > $ telnet localhost 25 > > Trying 127.0.0.1... > > Connected to localhost. > > Escape character is '^]'. > > 220 sugar.osstech.co.jp ESMTP Postfix > > AUTH PLAIN dummy > > 535 5.7.8 Error: authentication failed: > > QUIT > > 221 2.0.0 Bye > > Connection closed by foreign host. > > > > Or use netcat-openbsd to connect to dovecot/auth socket: > > > > # nc.openbsd -U /var/spool/postfix/private/dovecot-auth & > > > > (6) Stop dovecot service. > > > > # /etc/init.d/dovecot stop > > And (7) /etc/init.d/dovecot start fails? From acrow at integrafin.co.uk Mon Jun 11 22:05:57 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 20:05:57 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued Message-ID: <4FD64195.5070006@integrafin.co.uk> Hi, Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Disconnected: Internal error occurred. Refer to server log for more information. [2012-06-11 19:57:43] in=308 out=820 Jun 11 19:57:43 alsace dovecot: auth: Debug: auth client connected (pid=1957) Ideally I'd like shared mailboxes to work in the first click - any ideas? Cheers Alex From gedalya at gedalya.net Mon Jun 11 22:39:39 2012 From: gedalya at gedalya.net (Gedalya) Date: Mon, 11 Jun 2012 15:39:39 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120611122837.317410@gmx.net> References: <20120611122837.317410@gmx.net> Message-ID: <4FD6497B.6090007@gedalya.net> On 06/11/2012 08:28 AM, oni-neko at gmx.net wrote: > Good day! > > I'm having trouble changing certificate/keys for my dovecot(version 1.2.9). > When I set up the server (unbuntu lts 10.4.4) I did it with a self-signed certificate. I can't remember exactly what I did, just that I followed the wiki and it worked fine =) > > Now I have to change the certificate because a friend bought an official one (from thawte) and I'm a bit stumped. > As dovecot can use supposedly use the same file for both key and cert file, I copied the new certificate to /etc/ssl/private/dovecot.pem and to /etc/ssl/certs/dovecot.pem. Are both files identical, do they both contain the private key? Why keep two copies of the same file? That's confusing. If you don't want to use separate files for the certificate and the private key then just concatenate them both in a single file, private key first, and make sure it's owned by root and readable by no one but root. Then just point ssl_cert_file and ssl_key_file to the same file. That should be more clear and consistent. Your file should look like this: -----BEGIN PRIVATE KEY----- ....etc... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- ....etc... -----END CERTIFICATE----- Followed by any intermediate CA certificates that might be necessary. > some googling brought up the file ssl-cert-snakeoil.key in /etc/ssl/private and /etc/ssl/certs that some people change in that context. As I also have a symlink /etc/ssl/private/ssl-mail.key that points to /etc/ssl/private/ssl-cert-snakeoil.key I'm starting to be confused (even more). dovecot is using the dovecot.pem-files, who/what uses the ssl-mail.key? If there's no reference to this file in dovecot's configuration then dovecot isn't using it. Maybe someone else e.g. postfix, maybe someone used to use it.. does it matter? It doesn't look like this is the source of your trouble. From tss at iki.fi Mon Jun 11 22:56:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:56:06 +0300 Subject: [Dovecot] Dovecot auth process delays exiting if LDAPS passdb used In-Reply-To: <87bokp7qgc.wl%fumiyas@osstech.jp> References: <87y5oi51ka.wl%fumiyas@osstech.jp> <87vcjm50kr.wl%fumiyas@osstech.jp> <1338305505.8270.10.camel@hurina> <87txynzuqs.wl%fumiyas@osstech.jp> <4C795253-9E52-40AF-912F-AF044EB9DF28@iki.fi> <87d3557txf.wl%fumiyas@osstech.jp> <87bokp7qgc.wl%fumiyas@osstech.jp> Message-ID: <6DEAF109-1B51-4060-BD38-D05BEC09BABB@iki.fi> On 11.6.2012, at 19.39, SATOH Fumiyasu wrote: > At Mon, 11 Jun 2012 18:32:35 +0300, > Timo Sirainen wrote: >>> If an auth client remains a connection to dovecot/auth, >>> dovecot/auth does NOT exit immediately when dovecot master exits. >> >> Ah, now we're getting somewhere :) Yes, this is correct and intentional. But it should still close the listeners, so this shouldn't happen: >> >> May 24 00:42:10 build-aix6 mail:err|error dovecot: master: Error: service(auth): Socket already exists: /opt/osstech/var/run/dovecot/auth-login > >>> (6) Stop dovecot service. >>> >>> # /etc/init.d/dovecot stop >> >> And (7) /etc/init.d/dovecot start fails? > > Yes: AIX 6.1, 7.1 > No: Debian GNU/Linux stable, testing, unstable / Solaris 10 OK, so this is AIX specific. Two problems: 1) I have no access to AIX to test and debug this, 2) even if I did, I'm not very motivated in debugging possibly hours for a system that is very rarely used in email servers.. (If any AIX user wanted to buy one of the Dovecot support services, I could look into this and get it fixed in some way.) It would also be possible to modify the sources a bit to get the pending processes killed immediately at shutdown. From tss at iki.fi Mon Jun 11 22:58:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 11 Jun 2012 22:58:03 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD64195.5070006@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> Message-ID: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> On 11.6.2012, at 22.05, Alex Crow wrote: > Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: > > Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U > nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox From acrow at integrafin.co.uk Mon Jun 11 23:35:33 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Mon, 11 Jun 2012 21:35:33 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> Message-ID: <4FD65695.1030100@integrafin.co.uk> On 11/06/12 20:58, Timo Sirainen wrote: > On 11.6.2012, at 22.05, Alex Crow wrote: > >> Sorry to bother the list again so soon after fixing my own problem, but I now have this issue when clients try to view shared folders in Thunderbird (v12). They can see the shared folder, but the first time they click on in nothing happens. The second time they get an authentication failure. The third or fourth time it finally loads the shared mailbox, and I see this a few times in the logs: >> >> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 > http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox > > Thanks Timo, So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? I would like the person viewing the shared box to be able to see the message status set by the sharing party. Cheers Alex From jesper at dahlnyerup.dk Tue Jun 12 00:37:13 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Mon, 11 Jun 2012 23:37:13 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> Message-ID: <20120611213713.GA28704@jespernyerup.dk> On Jun 11 14:51, Timo Sirainen wrote: > On 11.6.2012, at 11.09, Jesper Dahl Nyerup wrote: > > > In short, as far as we can tell, all the processes in D state appear to > > be waiting to close the file handle they got from their inotify_init(), > > and eventually all these close()s go through almost simultaneously. > > Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: > > echo 0 > /proc/sys/fs/inotify/max_user_watches > echo 0 > /proc/sys/fs/inotify/max_user_instances I can confirm that this removes the symptoms, and that it doesn't affect the service. Obviously IDLEing users are now only notified upon polling of the file system, but the I/O overhead of doing this seems minimal. It may be important to note, that even though load on our servers surpass 2000, both Dovecot and the server as a whole is responsive and servicing requests, up until the point where Dovecot reaches its configured maximal number of child processes. We're still chasing the root cause in the kernel or the VServer patch set. We'll of course make sure to post our findings here, and I'd very much appreciate to hear about other people's progress. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From tss at iki.fi Tue Jun 12 00:51:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:51:32 +0300 Subject: [Dovecot] v2.0.21 released Message-ID: http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig + dict: file backend supports now also fcntl/flock locking optionally - imap-login: Memory leak fixed - imap: Non-UTF8 input on SEARCH command parameters could have crashed - auth: Fixed crash with DIGEST-MD5 when attempting to do master user login without master passdbs. - sdbox: Don't use more fds than necessary when copying mails. - mdbox kept the user's storage locked a bit longer than it needed to From tss at iki.fi Tue Jun 12 00:55:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:55:00 +0300 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: <4FD65695.1030100@integrafin.co.uk> References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: On 11.6.2012, at 23.35, Alex Crow wrote: >>> Jun 11 19:57:43 alsace dovecot: imap(sharedviewer at integrafin.co.uk): Error: mdbox map /home/indexes/integrafin.co.uk/t/sharedviewer/shared/sharedviewee at integrafin.co.uk/storage/dovecot.map.index corrupted: U >>> nexpectedly lost shared/viewee at integrafin.co.uk/INBOX uid=73129 map_uid=74192 >> http://wiki2.dovecot.org/SharedMailboxes/Shared#dbox >> >> > > Thanks Timo, > > So should I just remove the INDEX part from the shared namespace? Or should I have the INDEX point to the sharer's indexes rather than the "sharee"? That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. From tss at iki.fi Tue Jun 12 00:57:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 00:57:21 +0300 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <722AEC19-15CD-4569-ADDD-CEDB355E1EAB@iki.fi> On 12.6.2012, at 0.37, Jesper Dahl Nyerup wrote: >> Yeah. Looks like a kernel bug. You could try if it goes away by disabling inotify in Dovecot. Either recompile with "configure --with-notify=none" or maybe you can disable inotify globally with: >> >> echo 0 > /proc/sys/fs/inotify/max_user_watches >> echo 0 > /proc/sys/fs/inotify/max_user_instances > > I can confirm that this removes the symptoms, and that it doesn't affect > the service. Obviously IDLEing users are now only notified upon polling > of the file system, but the I/O overhead of doing this seems minimal. It actually doesn't increase I/O overhead at all. Dovecot always does polling, even with inotify, since inotify doesn't necessarily work with shared filesystems (e.g. NFS). The main difference is that users don't get immediate notifications of new mails now, but have to wait for mailbox_idle_check_interval. From lists at sfricke.de Tue Jun 12 02:32:45 2012 From: lists at sfricke.de (Stefan Fricke) Date: Tue, 12 Jun 2012 01:32:45 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist Message-ID: <1660278.PoqUOhb7Bf@x> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. It works well but I can't get Sieve working. I always get the error that the target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to create it? Here is my doveconf -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } ssl_cert = was automatically rejected:%n%r } From walkerrichardj at gmail.com Tue Jun 12 06:44:10 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:44:10 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles Message-ID: I'm attempting to replace (a) a very old setup that has POP (qpopper) access to inboxes and a separate UW IMAP server that provides folders, with (b) a shiny new mail setup with dovecot providing both inboxes and IMAP support. For the new mail server I created a virtual machine running a minimal Fedora 16 installation and installed sendmail, MIMEDefang, SpamAssassin, ClamAV, procmail, and dovecot. I have kept installing updates as they become available. For now I'm running the old and new mail setups in parallel; I have configured the original sendmail server to forward copies of incoming messages to the new sendmail running on the virtual machine. I then compare the results (e.g., how spam filtering is working). I've kept as much as possible of the original _style_ of setup as possible, which in particular means using sendmail, and message delivery through procmail to mbox files in /var/spool/mail. The key difference is the use of dovecot to provide IMAP access to the inbox and IMAP folders. Because of the legacy setup, my desktop access to email is via Thunderbird 2.0.0.22 on a very old Mac PowerBook G4 to work with both old and new setups and I have two windows open to make comparison possible. (Yes, both mail servers are on separate computers, not on this notebook.) Mostly this is working fine (after a fair bit of tweaking, including adding custom SELinux rules to get rid of all AVCs). I put the notebook to sleep overnight, and in the morning I open it up and see what happens. After a few minutes, the window with the old setup does its POP fetch; the window with the new setup almost straightaway shows the new messages in its version of the inbox. Not quite: again, for legacy reasons I have some Thunderbird filters, and I have duplicated those (still within Thunderbird) for the new setup. The filters are: 1. Move messages tagged as spam by SpamAssassin to the Junk folder. 2. Move messages from GeoNetwork-related senders to a "GeoNetwork" folder. 3. Move all remaining messages to the "In" folder. Most mornings this works just fine. But not always. Sometimes I get duplicates in the "In" and "GeoNetwork" folders of the new dovecot-based setup. I used to get _garbled_ duplicates (with extra random bits of other messages at the end of the duplicates) in the new setup, which I presumed must be due to a locking configuration mismatch. Having fixed that (see below) I no longer get garbled duplicates, but I do still sometimes (including today) get identical duplicates. This seems to happen when one of the incoming messages has a very large attachment - but you may wish to treat that as hearsay. I attach below: 0. The line from /etc/mtab on the new server that covers the filesystem (i.e., including /var/spool and /home). 1. Output of "doveconf -n" and a note about how I modified locking from the Fedora default. 2. Output of "procmail -v". 3. Sendmail procmail mailer config (for good measure; I don't think you need this). 4. An excerpt from /var/log/maillog on the new server showing the beginning of dovecot processing this morning when I opened my notebook. 5. A link to the dovecot raw log files of my "INBOX" and "In" folder processing from this morning. You'll see from the dovecot log files that Thunderbird sends expunge commands, but the expunged messages hang around -- indeed, the same messages get expunged several times! And eventually they get fetched again -- hence the duplicates I see in Thunderbird. Given that INBOX.out contains: 08:56:53.765423 * 537 EXISTS 08:56:53.765423 * 533 RECENT and then, after many expunges: 08:56:58.441341 * 16 EXPUNGE 08:56:58.441341 * 11 EXPUNGE 08:56:58.441341 * 3 EXPUNGE 08:56:58.441341 * 539 EXISTS 08:56:58.441341 * 536 RECENT 08:56:58.441341 9 OK Expunge completed. it looks like I still have a locking problem. I have tried very hard to understand the locking options in dovecot.conf and to match dovecot with procmail -- apparently, there is more to do. 0. The line from /etc/mtab for the filesystem: ---------- /dev/mapper/vg_f16i386serverbasic-lv_root / ext4 rw,seclabel,relatime,user_xattr,acl,barrier=1,data=ordered 0 0 ---------- 1. doveconf -n says: ---------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.3.6-3.fc16.i686.PAE i686 Fedora release 16 (Verne) mail_debug = yes mail_privileged_group = mail namespace { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u prefix = "#mbox/" separator = / type = private } namespace { inbox = no location = maildir:~/Maildir prefix = separator = / type = private } passdb { driver = pam } service imap-login { inet_listener imap { address = localhost } } service imap { executable = imap postlogin } service pop3-login { inet_listener pop3 { address = localhost } } service postlogin { executable = script-login -d rawlog -t } ssl_cert = Copyright (c) 1997-2001, Philip A. Guenther Submit questions/answers to the procmail-related mailinglist by sending to: And of course, subscription and information requests for this list to: Locking strategies: dotlocking, fcntl() Default rcfile: $HOME/.procmailrc It may be writable by your primary group Your system mailbox: /var/spool/mail/rw ---------- (There is no $HOME/.procmailrc or other system-wide procmailrc.) 3. The mailer as defined in sendmail.cf says: ---------- Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=procmail -t -Y -a $h -d $u ---------- 4. The relevant lines from /var/log/maillog: ---------- Jun 12 08:56:53 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21618, TLS Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:53 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:56:58 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21625, TLS Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:56:58 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= Jun 12 08:57:03 localhost dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.2.200, lip=192.168.2.188, mpid=21632, TLS Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Effective uid=1000, gid=100, home=/home/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=#mbox/, sep=/, inbox=yes, hidden=yes, list=no, subscriptions=yes location=mbox:~/mail:INBOX=/var/spool/mail/rw Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: fs: root=/home/rw/mail, index=, control=, inbox=/var/spool/mail/rw, alt= Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: Namespace : type=private, prefix=, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir Jun 12 08:57:03 localhost dovecot: imap(rw): Debug: maildir++: root=/home/rw/Maildir, index=, control=, inbox=, alt= ---------- 5. dovecot raw logs for "INBOX" and "In". Because I have trouble comparing times in epoch format, I've run the logs through a little filter that replaces the timestamps at the beginning of each line with a timestamp in HH:MM:SS.nanosecond format in local time. I've carefully deleted lots of (what I hope are) lines you don't need from the logs. E.g., I deleted the middle section of a block of FETCH statements, leaving the first few and the last few. Please let me know if I deleted too much -- I was trying to be helpful. And of course I replaced e-mail address/subject lines/etc with XXXXXXXXXX. Although the Thunderbird filters are "supposed" to be run in the order I listed above, it seems that Thunderbird fetches all headers, works out what messages should be filtered to which folders, and then sends corresponding IMAP commands that copy the messages to the other folders in a _different_ order of the filters. (I.e., the INBOX log shows copy/store/expunge operations in the order "In", "Junk", then "GeoNetwork", rather than "Junk", "GeoNetwork", "In".) I have renamed the in/out log files as INBOX.in, INBOX.out, In.in, In.out and uploaded them to: https://sites.google.com/site/rwdownloadssite/dovecot-logs Thanks in advance to anyone who is willing to take a look and advise what I need to do. From walkerrichardj at gmail.com Tue Jun 12 06:58:33 2012 From: walkerrichardj at gmail.com (Richard Walker) Date: Tue, 12 Jun 2012 13:58:33 +1000 Subject: [Dovecot] Getting duplicates despite trying hard to match lock styles In-Reply-To: References: Message-ID: On 12/06/2012, Richard Walker wrote: > 1. Output of "doveconf -n" and a note about how I modified locking > from the Fedora default. Oops, I can send more of the config if necessary -- again, I was trying to be "helpful" by cutting out the default settings. The output of "doveconf | grep lock" is: dotlock_use_excl = yes lock_method = fcntl mail_max_lock_timeout = 0 mbox_dotlock_change_timeout = 2 mins mbox_lock_timeout = 5 mins mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl pop3_lock_session = no From a.kostyrev at serverc.ru Tue Jun 12 10:29:03 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Tue, 12 Jun 2012 18:29:03 +1100 Subject: [Dovecot] director: non standart ports at backends In-Reply-To: <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> References: <213B51F00051AE48A9F0E112880177178F79EF@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F79F0@Delta.sc.local> <8568BABD-F72C-47B2-B9A4-4902410404C6@iki.fi> Message-ID: <213B51F00051AE48A9F0E112880177178F79F1@Delta.sc.local> Thanks, that worked! I ended up with: password_query = select 'y' as proxy, \ NULL AS password, \ 'y' as nopassword, \ case '%a' \ when 110 then 2110 \ when 995 then 2995 \ when 143 then 2143 \ when 993 then 2993 \ when 24 then 224 \ when 4190 then 24190 end \ as port, \ case '%a' \ when 995 then 'any-cert' \ when 993 then 'any-cert' end \ as `ssl`; -----Original Message----- From: Timo Sirainen [mailto:tss at iki.fi] Sent: Monday, June 11, 2012 11:48 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director: non standart ports at backends Looking at your old mails, you seem to be using passdb static for director, but userdb sql? So you could switch to: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } password_query = select 'y' as proxy, 'y' as nopassword, if('%a'=143, 1430, 9930) as port where you'd change the if() to something that handles %s=imap vs %s=pop3 vs %s=lmtp and %a=143 vs %a=993 vs %a=110 vs %a=995. Maybe a "case" statement would be less ugly. Or simply make it a real table in sql. Anyway, that's the basic idea. On 11.6.2012, at 15.39, ???????? ????????? ?????????? wrote: > thanks Timo, for you time > but I still don't get it) > should I return "port" with just "port_num1,port_num2" value or how? > I've tried to google an example but with no success. > > -----Original Message----- > From: Timo Sirainen [mailto:tss at iki.fi] > Sent: Monday, June 11, 2012 11:01 PM > To: ???????? ????????? ?????????? > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] director: non standart ports at backends > > On 11.6.2012, at 12.27, ???????? ????????? ?????????? wrote: > >> hello, >> I'm trying to figure out how to proxy pop3 and pop3s that listens on non-standart ports at backends. >> For example, pop3 is at 1110 and pop3s at 1995 (on backend side). >> is it possible? >> how should I separate this ports in director's config? >> it's easy for one port: >> for example lmtp - you just use passdb in protocol lmtp {} > > The passdb needs to return the "port" field. You can't use static passdb for this, since it has no conditionals and you can't do per-port configuration. Maybe use sqlite (simply to use it as a scripting engine - empty database) or checkpassword as your passdb. > From rago at lal.in2p3.fr Tue Jun 12 12:41:47 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 11:41:47 +0200 Subject: [Dovecot] Authentication issue In-Reply-To: <20120609191958.GA12009@daniel.localdomain> References: <4FD0EB43.8070104@lal.in2p3.fr> <20120609191958.GA12009@daniel.localdomain> Message-ID: <4FD70EDB.6060105@lal.in2p3.fr> On 06/09/2012 09:19 PM, Daniel Parthey wrote: > Hi Emiliano, > > Emiliano Rago wrote: >> I need to set up a weird dovecot configuration: >> >> 1) outside a ssl tunnel I'd like to authenticate only with cram-md5 scheme >> 2) inside a ssl tunnel I'd like to authenticate only with plain auth > > You might try to set up two instances of dovecot, one for plain, one for ssl: > > http://wiki2.dovecot.org/RunningDovecot#Running_Multiple_Invocations_of_Dovecot Uhmmm, I don't like too much that solution, anyway, thank you very much! Regards, Emiliano From amateo at um.es Tue Jun 12 13:23:28 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:23:28 +0200 Subject: [Dovecot] Problem with lmtp director proxy Message-ID: <4FD718A0.50605@um.es> Hi, I have a timeout problem only when I have heavy load in my system. I have two director servers directing to 4 backend servers. The problem is when my smtp relays tries to deliver mail to my users via lmtp (proxied with director). In the smtp logs I have: Jun 12 11:41:18 xenon13 postfix/lmtp[4248]: 4433E5D5A0: to=, relay=pop.um.es[155.54.212.106]:24, delay=31, delays=0.41/0.06/0/30, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) If I look for this connection in the director servers I have: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) and in one of the final server (the one for the user in question): Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) So the mail seems to be correctly delivered in about 30 seconds. All my postfix timeouts are bigger than this time: lmtp_connect_timeout = 0s lmtp_connection_cache_time_limit = 2s lmtp_connection_reuse_time_limit = 300s lmtp_data_done_timeout = 600s lmtp_data_init_timeout = 120s lmtp_data_xfer_timeout = 180s lmtp_lhlo_timeout = 300s lmtp_mail_timeout = 300s lmtp_pix_workaround_delay_time = 10s lmtp_pix_workaround_threshold_time = 500s lmtp_quit_timeout = 300s lmtp_rcpt_timeout = 300s lmtp_rset_timeout = 20s lmtp_sasl_auth_cache_time = 90d lmtp_starttls_timeout = 300s lmtp_tls_session_cache_timeout = 3600s lmtp_xforward_timeout = 300s So... why do I have this error? As a side effect this mail was delivered twice in the user's mailbox, this is one and the other when postfix retries again. Any help? Thank you -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From janfrode at tanso.net Tue Jun 12 13:38:54 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 12 Jun 2012 12:38:54 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <20120612103854.GA29754@dibs.tanso.net> On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: > I have two director servers directing to 4 backend servers. Which dovecot version are you running on your directors and backends? We're running 2.0.14 plus the below linked patches and have not since this problem since applying the last one. http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c -jf From amateo at um.es Tue Jun 12 13:47:40 2012 From: amateo at um.es (Angel L. Mateo) Date: Tue, 12 Jun 2012 12:47:40 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <20120612103854.GA29754@dibs.tanso.net> References: <4FD718A0.50605@um.es> <20120612103854.GA29754@dibs.tanso.net> Message-ID: <4FD71E4C.1010509@um.es> El 12/06/12 12:38, Jan-Frode Myklebust escribi?: > On Tue, Jun 12, 2012 at 12:23:28PM +0200, Angel L. Mateo wrote: >> I have two director servers directing to 4 backend servers. > > Which dovecot version are you running on your directors and backends? > 2.1.5 > We're running 2.0.14 plus the below linked patches and have not > since this problem since applying the last one. > > > http://hg.dovecot.org/dovecot-2.0/raw-rev/8de8752b2e94 > http://hg.dovecot.org/dovecot-2.0/rev/71084b799a6c > I have checked if those patchs are included: * The first one seems not to apply, because it's for lmtp-proxy.c and this file seems completely different than the one in the patch * The second is already applied -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From rago at lal.in2p3.fr Tue Jun 12 15:08:31 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Tue, 12 Jun 2012 14:08:31 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders Message-ID: <4FD7313F.9060406@lal.in2p3.fr> Hi, I'd like to subscribe folder with doveadm: doveadm mailbox subscribe -u rago public.Conferences This command doesn't work, while it works with an ordinary folder. However it's possible to subscribe to the folder with an imap connection: 1 login rago "mypasswd" 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in 2 LSUB "" * * LSUB () "." "INBOX" 2 OK Lsub completed. 3 SUBSCRIBE "public.Conferences" 3 OK Subscribe completed. 4 LSUB "" * * LSUB () "." "INBOX" * LSUB () "." "public.Conferences" 4 OK Lsub completed. Am I doing anything wrong? This is my conf, thx for help, Emiliano # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 5 (Tikanga) ext4 auth_cache_size = 128 M auth_master_user_separator = * auth_mechanisms = plain cram-md5 mail_location = maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = . type = private } namespace { list = children location = maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } namespace { list = children location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC prefix = public. separator = . subscriptions = no type = public } passdb { args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt driver = passwd-file } passdb { args = /etc/dovecot/master-shared driver = passwd-file master = yes } passdb { args = /etc/dovecot/master-shared driver = passwd-file } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db sieve = /data/MAIL/SIEVE/%u/dovecot.sieve sieve_dir = /data/MAIL/SIEVE/%u } postmaster_address = root protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = mailreader mode = 0600 user = mailreader } } service imap-login { process_min_avail = 8 service_count = 0 vsz_limit = 512 M } service imap-postlogin { executable = script-login /etc/dovecot/postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = good day! Did anybody in here decide to go for commercial support from Dovecot Solutions Oy ? I'd like to know if you are satisfied with what they provide? if time of support reaction is really as what is stated at their site and stuff like that. From forall at stalowka.info Tue Jun 12 16:15:13 2012 From: forall at stalowka.info (For@ll) Date: Tue, 12 Jun 2012 15:15:13 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: <33993325.post@talk.nabble.com> References: <33993325.post@talk.nabble.com> Message-ID: On 11.06.2012 16:03, Tomislav Mihalicek wrote: > > Here you go... > > cat /etc/apt/sources.list > > # latest dovecot > # apt-get install debian-dovecot-auto-keyring > deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main > I'm looking the same version but for Ubuntu Server 12.04. From lists at kokelnet.de Tue Jun 12 16:49:33 2012 From: lists at kokelnet.de (Tobias Hachmer) Date: Tue, 12 Jun 2012 15:49:33 +0200 Subject: [Dovecot] =?utf-8?q?Dovecot_2=2E1_stable_packages_for_Debian=3F?= In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: Am 12.06.2012 15:15, schrieb For at ll: > I'm looking the same version but for Ubuntu Server 12.04. I use the packages from https://launchpad.net/~christian-roessner-net/+archive/ppa in production. Also the description of this ppa warns to use these packages only if you're able to help youself and it's a development ppa. But I have had no problems yet with these packages. I think there aren't packages out there someone would provide support for. So, compile it or use those development/ community packages or wait until dovecot 2.1 will get into debian/ubuntu stable. Regards, Tobias Hachmer From e-frog at gmx.de Tue Jun 12 19:17:54 2012 From: e-frog at gmx.de (e-frog) Date: Tue, 12 Jun 2012 18:17:54 +0200 Subject: [Dovecot] Dovecot 2.1 stable packages for Debian? In-Reply-To: References: <33993325.post@talk.nabble.com> Message-ID: <4FD76BB2.7040906@gmx.de> On 12.06.2012 15:15, wrote For at ll: > On 11.06.2012 16:03, Tomislav Mihalicek wrote: >> >> Here you go... >> >> cat /etc/apt/sources.list >> >> # latest dovecot >> # apt-get install debian-dovecot-auto-keyring >> deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> deb-src http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main >> > > I'm looking the same version but for Ubuntu Server 12.04. > 2.1.7 just landed in quantal yesterday: https://launchpad.net/ubuntu/+source/dovecot From user+dovecot at localhost.localdomain.org Tue Jun 12 20:00:27 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 12 Jun 2012 19:00:27 +0200 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <1660278.PoqUOhb7Bf@x> References: <1660278.PoqUOhb7Bf@x> Message-ID: <4FD775AB.8010503@localhost.localdomain.org> On 06/12/2012 01:32 AM Stefan Fricke wrote: > I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. > It works well but I can't get Sieve working. I always get the error that the > target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to > create it? Not with your current configuration. See: http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 > > Here is my doveconf -n: > > # 2.0.19: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS > mail_debug = yes > mail_location = maildir:~/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 sieve > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > service_count = 1 > } > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH: > +MEDIUM > ssl_key = userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 10 > } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > } > protocol lda { > deliver_log_format = msgid=%m: %$ > mail_plugins = sieve > postmaster_address = postmaster > quota_full_tempfail = yes > rejection_reason = Your message to <%t> was automatically rejected:%n%r > } > > > Regards, Pascal -- The trapper recommends today: cafefeed.1216418 at localdomain.org From tss at iki.fi Tue Jun 12 20:15:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 20:15:22 +0300 Subject: [Dovecot] Sieve: Mailbox doesn't exist In-Reply-To: <4FD775AB.8010503@localhost.localdomain.org> References: <1660278.PoqUOhb7Bf@x> <4FD775AB.8010503@localhost.localdomain.org> Message-ID: <854C866C-44BB-4EF4-95A3-D765ED980833@iki.fi> On 12.6.2012, at 20.00, Pascal Volk wrote: > On 06/12/2012 01:32 AM Stefan Fricke wrote: >> I have just set up a mail server on Ubuntu, using Postfix and Dovecot 2.0.19. >> It works well but I can't get Sieve working. I always get the error that the >> target mailbox doesn't exist. In fact it doesn't but isn'r Dovecot supposed to >> create it? > > Not with your current configuration. See: > http://hg.dovecot.org/dovecot-2.0/file/2.0.19/doc/example-config/conf.d/15-lda.conf#l39 Even better (more standard): Use fileinto :create "box"; From toml at engr.orst.edu Tue Jun 12 21:16:52 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Tue, 12 Jun 2012 11:16:52 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> Message-ID: <4FD78794.1030905@engr.orst.edu> On 6/11/12 5:21 AM, Timo Sirainen wrote: > On 8.6.2012, at 3.34, Tom Lieuallen wrote: > >> Note that if I change the prefix for that shared namespace to 'iphonemail/', it does present my shared folders as well as anything in a personal iphonemail directory. However, 'select' didn't work with the personal folders. My guess is it's mostly due to the difference in mail formats between the two (mbox& maildir). > > You should be able to use prefix=iphonemail/shared/ Timo et all, Unfortunately, that did not work. l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. So, the shared folders are listed twice when I do not include a prefix and neither are shown at all when I do include a prefix. namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = shared } I'm assuming I'm testing this correctly and in the best way. :-) thank you Tom Lieuallen From l.messner at physik.tu-berlin.de Tue Jun 12 21:56:13 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Tue, 12 Jun 2012 20:56:13 +0200 Subject: [Dovecot] auth_krb5_keytab ignored ? In-Reply-To: <20120611155124.GM89928@rosa.physik.tu-berlin.de> References: <20120608165902.GI89928@rosa.physik.tu-berlin.de> <1339416976.5967.29.camel@hurina> <20120611144345.GK89928@rosa.physik.tu-berlin.de> <20120611155124.GM89928@rosa.physik.tu-berlin.de> Message-ID: <20120612185613.GB80625@rosa.physik.tu-berlin.de> On Mon, Jun 11, 2012 at 05:51:24PM +0200, Leon Me?ner wrote: > On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > > On 11.6.2012, at 17.43, Leon Me?ner wrote: > > > > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > >> i > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > >> > > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > > >> environment is being called too late. > > > > > > It's still looking inside the default krb5.keytab . > > > > Which Kerberos library are you using? Maybe it doesn't support this way of giving the keytab. > > I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . > I will update the machine to 8.3 (which is the latest release in 8.x), Updating and recompiling did not help. I don't know where to look for the problem though. If i use the kerberos utilities with KRB5_KTNAME the environment variable is beeing picked up ok. 19:22_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab ktutil list /etc/mail3.krb5.keytab: Vno Type Principal 1 des-cbc-crc imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md4 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des-cbc-md5 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 1 des3-cbc-sha1 imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE 19:34_root at mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab kinit -k imap/mail3.physik-pool.tu-berlin.de 19:39_root at mail3:/usr/ports/mail/dovecot# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: imap/mail3.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE Issued Expires Principal Jun 12 19:39:11 Jun 13 05:39:11 krbtgt/PCPOOL.PHYSIK.TU-BERLIN.DE at PCPOOL.PHYSIK.TU-BERLIN.DE From dmiller at amfes.com Tue Jun 12 21:56:45 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Tue, 12 Jun 2012 11:56:45 -0700 Subject: [Dovecot] gnutls support In-Reply-To: <1284640879.3030.460.camel@kurkku.sapo.corppt.com> References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: On 9/16/2010 5:41 AM, Timo Sirainen wrote: > On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >> Other than license issues, is there an advantage to using gnutls vs >> openssl? Or is openssl superior - at least in the current implementations? > Dovecot's GNUTLS support was written long time ago and its API has > changed since. It doesn't work. But a working GNUTLS support would still > be nice some day. I don't much like OpenSSL. > > With 2.1.7 - is GNUTLS supported? -- Daniel From tss at iki.fi Tue Jun 12 21:59:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 12 Jun 2012 21:59:44 +0300 Subject: [Dovecot] gnutls support In-Reply-To: References: <4C918E28.1020301@amfes.com> <1284640879.3030.460.camel@kurkku.sapo.corppt.com> Message-ID: <22E936E6-12A6-449E-A82F-6E1B5061FA9E@iki.fi> On 12.6.2012, at 21.56, Daniel L. Miller wrote: > On 9/16/2010 5:41 AM, Timo Sirainen wrote: >> On Wed, 2010-09-15 at 20:25 -0700, Daniel L. Miller wrote: >>> Other than license issues, is there an advantage to using gnutls vs >>> openssl? Or is openssl superior - at least in the current implementations? >> Dovecot's GNUTLS support was written long time ago and its API has >> changed since. It doesn't work. But a working GNUTLS support would still >> be nice some day. I don't much like OpenSSL. > With 2.1.7 - is GNUTLS supported? No, and I have no plans to add it. But I don't mind if someone sends a patch. From acrow at integrafin.co.uk Tue Jun 12 22:34:50 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Tue, 12 Jun 2012 20:34:50 +0100 Subject: [Dovecot] 2.1.7 shared folder index issued In-Reply-To: References: <4FD64195.5070006@integrafin.co.uk> <9243C1F4-94EF-4259-A37F-D32DC3A63902@iki.fi> <4FD65695.1030100@integrafin.co.uk> Message-ID: <4FD799DA.6020508@integrafin.co.uk> > That depends on if the regular mail_location has any INDEX or not. In any case they must point to the same index. > > Timo, Thanks, I pointed them both the to same location (I keep my indexes on an SSD array) and now shared folders seem to work fine. Cheers for your help, Alex From anmeyer at anup.de Tue Jun 12 23:41:33 2012 From: anmeyer at anup.de (Andreas Meyer) Date: Tue, 12 Jun 2012 22:41:33 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: References: Message-ID: <20120612224133.6ae2eedb@itx.bitcorner.intern> Timo Sirainen wrote: > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > + dict: file backend supports now also fcntl/flock locking optionally > - imap-login: Memory leak fixed > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > login without master passdbs. > - sdbox: Don't use more fds than necessary when copying mails. > - mdbox kept the user's storage locked a bit longer than it needed to > Please can some soul explain the naming conventions used to release this software? Tue Jun 12 00:51:56 EEST 2012 Released v2.0.21. Tue May 29 22:24:49 EEST 2012 Released v2.1.7. I don't understand the numbering. Andreas From Ralf.Hildebrandt at charite.de Tue Jun 12 23:42:58 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Tue, 12 Jun 2012 22:42:58 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <20120612204258.GE13775@charite.de> * Andreas Meyer : > Timo Sirainen wrote: > > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz > > http://dovecot.org/releases/2.0/dovecot-2.0.21.tar.gz.sig > > > > + dict: file backend supports now also fcntl/flock locking optionally > > - imap-login: Memory leak fixed > > - imap: Non-UTF8 input on SEARCH command parameters could have crashed > > - auth: Fixed crash with DIGEST-MD5 when attempting to do master user > > login without master passdbs. > > - sdbox: Don't use more fds than necessary when copying mails. > > - mdbox kept the user's storage locked a bit longer than it needed to > > > > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering. 2.0 and 2.1 are different branches. -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From h.reindl at thelounge.net Tue Jun 12 23:45:40 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 12 Jun 2012 22:45:40 +0200 Subject: [Dovecot] v2.0.21 released In-Reply-To: <20120612224133.6ae2eedb@itx.bitcorner.intern> References: <20120612224133.6ae2eedb@itx.bitcorner.intern> Message-ID: <4FD7AA74.7030504@thelounge.net> Am 12.06.2012 22:41, schrieb Andreas Meyer: > Please can some soul explain the naming conventions used to release this software? > > Tue Jun 12 00:51:56 EEST 2012 > Released v2.0.21. > Tue May 29 22:24:49 EEST 2012 > Released v2.1.7. > > I don't understand the numbering the same as PHP http://www.php.net/archive/2012.php#id2012-05-08-1 PHP 5.4.3 and PHP 5.3.13 Released be happy that there is software where you not forced to upgrade as soon as a new manjor/minor version is out -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From amateo at um.es Wed Jun 13 09:58:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 08:58:46 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD718A0.50605@um.es> References: <4FD718A0.50605@um.es> Message-ID: <4FD83A26.3030209@um.es> Hi, I have checked in almost every error I had that the error is produced whenever happens a timeout of 30 seconds between opening the connection between the director and backend server and the final delivery of the message in the user's mailbox. When I have mails with just a few of recipients, I have no problem because this 30 seconds timeout is never reached. But when I have mails with more recipients and my storage has workload it is sometimes reached. But I haven't found any configuration for this 30 seconds timeout. What could it be this option? Because I have configured proxy_timeout=120 in proxy configuration: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host Looking for this timeout in the code, I have found these defines: director/director.c:#define DIRECTOR_RECONNECT_TIMEOUT_MSECS (30*1000) director/director.c:#define DIRECTOR_USER_MOVE_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_SEND_USERS_TIMEOUT_MSECS (30*1000) director/director-connection.c:#define DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS (30*1000) director/director-request.c:#define DIRECTOR_REQUEST_TIMEOUT_SECS 30 lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) Could it be one of these timeouts? In this case... is there any way to configure it without changing code? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From oni-neko at gmx.net Wed Jun 13 10:47:02 2012 From: oni-neko at gmx.net (oni-neko at gmx.net) Date: Wed, 13 Jun 2012 09:47:02 +0200 Subject: [Dovecot] question about changing certificate In-Reply-To: <4FD6497B.6090007@gedalya.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> Message-ID: <20120613074702.115300@gmx.net> thank you for your answer! -------- Original-Nachricht -------- > Datum: Mon, 11 Jun 2012 15:39:39 -0400 > Von: Gedalya > An: dovecot at dovecot.org > Betreff: Re: [Dovecot] question about changing certificate > Are both files identical, do they both contain the private key? umm, no, ok, I think I see at least part of the problem: I have only the certificate, but no key =/ durr, ok, that is way obvious as a problem. next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? thank you for answering my obviously quite, umm, uninformed questions =) greetings silvia -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a From rago at lal.in2p3.fr Wed Jun 13 12:59:15 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 11:59:15 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD7313F.9060406@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> Message-ID: <4FD86473.8010104@lal.in2p3.fr> Hi, what it's happening with the doveadm command below is that the file modified is /data/MAIL/PUBLIC/subscriptions while I'd like to modify the file /data/MAIL/rago/subscriptions With subscriptions=no every user can subscribe to public folder, so perhaps this behaviour is inappropriate; suggestions? Thanks, Emiliano Rago On 06/12/2012 02:08 PM, Emiliano Rago wrote: > Hi, > > I'd like to subscribe folder with doveadm: > > doveadm mailbox subscribe -u rago public.Conferences > > This command doesn't work, while it works with an ordinary folder. > However it's possible to subscribe to the folder with an imap connection: > > 1 login rago "mypasswd" > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > RIGHTS=texk] Logged in > 2 LSUB "" * > * LSUB () "." "INBOX" > 2 OK Lsub completed. > 3 SUBSCRIBE "public.Conferences" > 3 OK Subscribe completed. > 4 LSUB "" * > * LSUB () "." "INBOX" > * LSUB () "." "public.Conferences" > 4 OK Lsub completed. > > Am I doing anything wrong? > > This is my conf, thx for help, > Emiliano > > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > Server release 5 (Tikanga) ext4 > auth_cache_size = 128 M > auth_master_user_separator = * > auth_mechanisms = plain cram-md5 > mail_location = > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date > mbox_write_locks = fcntl > namespace { > inbox = yes > location = > prefix = > separator = . > type = private > } > namespace { > list = children > location = > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > prefix = shared.%%u. > separator = . > subscriptions = no > type = shared > } > namespace { > list = children > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > prefix = public. > separator = . > subscriptions = no > type = public > } > passdb { > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > driver = passwd-file > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > master = yes > } > passdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_anyone = allow > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > sieve_dir = /data/MAIL/SIEVE/%u > } > postmaster_address = root > protocols = imap sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > unix_listener auth-userdb { > group = mailreader > mode = 0600 > user = mailreader > } > } > service imap-login { > process_min_avail = 8 > service_count = 0 > vsz_limit = 512 M > } > service imap-postlogin { > executable = script-login /etc/dovecot/postlogin.sh > user = $default_internal_user > } > service imap { > executable = imap imap-postlogin > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/master-shared > driver = passwd-file > } > userdb { > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > allow_all_users=yes > driver = static > } > protocol lda { > mail_plugins = acl sieve > } > protocol imap { > mail_max_userip_connections = 128 > mail_plugins = acl imap_acl > } From gedalya at gedalya.net Wed Jun 13 13:14:51 2012 From: gedalya at gedalya.net (Gedalya) Date: Wed, 13 Jun 2012 06:14:51 -0400 Subject: [Dovecot] question about changing certificate In-Reply-To: <20120613074702.115300@gmx.net> References: <20120611122837.317410@gmx.net> <4FD6497B.6090007@gedalya.net> <20120613074702.115300@gmx.net> Message-ID: <4FD8681B.4070609@gedalya.net> On 06/13/2012 03:47 AM, oni-neko at gmx.net wrote: > next question: do I need the key to use the certificate or can I only use the certificate and leave the value of ssl_key_file empty? You certainly can't use the certificate without the key. And I guess dovecot needs ssl_key_file, unless it would be smart enough to figure it out for itself when you omit it. Either way, here is basically how it works. A certificate is not a secret, you in fact push it down to every connecting client. A certificate is something that identifies a server, and the private key is what makes it possible for you to demonstrate that you are the owner of the certificate. When a CA signs your certificate, you send them the public half of your key, and they make a certificate from it, and sign it, and that basically says: we were convinced that the entity that holds this key has a legitimate connection to this domain name. All that remains is for you to prove to the world that you are actually you = you are in possession of the private key. So, dovecot actually needs the key to do this mathematical magic every time a client connects. From amateo at um.es Wed Jun 13 14:15:00 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 13:15:00 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> Message-ID: <4FD87634.9000407@um.es> On 11/06/12 13:45, Timo Sirainen wrote: > On 11.6.2012, at 13.19, Angel L. Mateo wrote: > >>> Proxying is done by imap-login process, not imap process. For login processes there are different recommendations. >>> >> What are those recommendations? The ones at http://wiki2.dovecot.org/LoginProcess? > > Yes. > >> Let's suppose... I have 4 mainly imap backend servers (but they admit also pop3 connections) with a process_limit of 5120 for service imap (and default_client_limit of 1000 applied to pop3). And I have 2 director servers (configured as active-active behind a load balancer), so I need director servers to handle (more or less) 10240 imap connections. >> >> What is it better for the director's? Increasing process_limit for imap-login (so each process should handle less connections) or increasing client_limit (less processes handling more connections each)? > > If you increase process_limit to more than the number of CPU cores you have, then you increase the number of context switched done by the kernel, which decreases your performance. So I'd say increase client_limit. > I'm trying to configure it this way, so I have configure process_limit to the number of cores and client_limit big enough to attempt the maximum number of connections configured at the backends. In my test environment I have configured (this is extracted from doveconf -n output): service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } When I made the first connection, there's no problem, but if I try a second while the first is still open, I get: Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): client_limit (1) reached, client connections are being dropped Why is telling me that client_limit is reached? What client_limit is used? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Wed Jun 13 15:06:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:06:01 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <4FD87634.9000407@um.es> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> Message-ID: <1339589161.25551.0.camel@innu> On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: > In my test environment I have configured (this is extracted from > doveconf -n output): > > service imap-login { > client_limit = 10740 > executable = imap-login director > process_limit = 1 > process_min_avail = 1 > } > > When I made the first connection, there's no problem, but if I try a > second while the first is still open, I get: > > Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): > client_limit (1) reached, client connections are being dropped > > Why is telling me that client_limit is reached? What client_limit is used? Dunno. What Dovecot version? Show the whole doveconf -n? You don't have multiple dovecot.confs, right? From amateo at um.es Wed Jun 13 15:15:30 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 14:15:30 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339589161.25551.0.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> Message-ID: <4FD88462.5070908@um.es> On 13/06/12 14:06, Timo Sirainen wrote: > On Wed, 2012-06-13 at 13:15 +0200, Angel L. Mateo wrote: >> In my test environment I have configured (this is extracted from >> doveconf -n output): >> >> service imap-login { >> client_limit = 10740 >> executable = imap-login director >> process_limit = 1 >> process_min_avail = 1 >> } >> >> When I made the first connection, there's no problem, but if I try a >> second while the first is still open, I get: >> >> Jun 13 13:09:12 myotis40 dovecot: master: Warning: service(imap-login): >> client_limit (1) reached, client connections are being dropped >> >> Why is telling me that client_limit is reached? What client_limit is used? > > Dunno. What Dovecot version? Show the whole doveconf -n? You don't have > multiple dovecot.confs, right? > > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have multiple.confs but, because I'm managing configuration with puppet, is easier for me to have a few "service imap-login" entries in the 10-master.conf file. In previous checks I did, it seems to be mixed without problems, but I'm going to try to manually mixed them. What I have is: service imap-login { inet_listener imap { #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } # Number of connections to handle before starting a new process. Typically # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 # is faster. #service_count = 1 # Number of processes to always keep waiting for more connections. #process_min_avail = 0 # If you set service_count=0, you probably need to grow this. #vsz_limit = $default_vsz_limit } ... service imap-login { executable = imap-login director client_limit = 10740 process_limit = 1 process_min_avail = 1 } -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-4-amd64 x86_64 Ubuntu 10.04.4 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.187 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/expunged:INDEX=/var/indexes/%n prefix = .EXPUNGED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted:INDEX=/var/indexes/%n prefix = .DELETED/ separator = / subscriptions = no type = private } namespace { hidden = yes inbox = no list = no location = maildir:~/Maildir/deleted/expunged:INDEX=/var/indexes/%n prefix = .DELETED/.EXPUNGED/ separator = / subscriptions = no type = private } namespace { inbox = yes location = prefix = separator = / } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } protocols = imap pop3 lmtp imap lmtp pop3 service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { client_limit = 10740 executable = imap-login director process_limit = 1 process_min_avail = 1 } service imap { process_limit = 5120 process_min_avail = 1 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { client_limit = 2500 executable = pop3-login director process_limit = 1 process_min_avail = 1 } service pop3 { process_min_avail = 1 } ssl = no ssl_cert = References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> Message-ID: <1339590528.25551.2.camel@innu> On Wed, 2012-06-13 at 14:15 +0200, Angel L. Mateo wrote: > 2.1.5. Whole doveconf is attached. As far as I could find, I don't have > multiple.confs but, because I'm managing configuration with puppet, is > easier for me to have a few "service imap-login" entries in the > 10-master.conf file. In previous checks I did, it seems to be mixed > without problems, but I'm going to try to manually mixed them. What I > have is: .. > service imap-login { > # Number of connections to handle before starting a new process. > Typically > # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 > # is faster. > #service_count = 1 Oh, right, service_count=1 is the default and that overrides client_limit. Set it to 0. From tss at iki.fi Wed Jun 13 15:39:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:39:47 +0300 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339590528.25551.2.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> Message-ID: <1339591187.25551.3.camel@innu> On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: > Oh, right, service_count=1 is the default and that overrides > client_limit. Set it to 0. http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 From tss at iki.fi Wed Jun 13 15:50:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:50:33 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD86473.8010104@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> Message-ID: <1339591833.25551.4.camel@innu> Does it work if you do it via imap? echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > Hi, > > what it's happening with the doveadm command below is that > the file modified is /data/MAIL/PUBLIC/subscriptions > while I'd like to modify the file /data/MAIL/rago/subscriptions > > With subscriptions=no every user can subscribe to public folder, > so perhaps this behaviour is inappropriate; suggestions? > > Thanks, > Emiliano Rago > > > On 06/12/2012 02:08 PM, Emiliano Rago wrote: > > Hi, > > > > I'd like to subscribe folder with doveadm: > > > > doveadm mailbox subscribe -u rago public.Conferences > > > > This command doesn't work, while it works with an ordinary folder. > > However it's possible to subscribe to the folder with an imap connection: > > > > 1 login rago "mypasswd" > > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > > IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > > CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > > ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > > RIGHTS=texk] Logged in > > 2 LSUB "" * > > * LSUB () "." "INBOX" > > 2 OK Lsub completed. > > 3 SUBSCRIBE "public.Conferences" > > 3 OK Subscribe completed. > > 4 LSUB "" * > > * LSUB () "." "INBOX" > > * LSUB () "." "public.Conferences" > > 4 OK Lsub completed. > > > > Am I doing anything wrong? > > > > This is my conf, thx for help, > > Emiliano > > > > # 2.0.9: /etc/dovecot/dovecot.conf > > # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > > Server release 5 (Tikanga) ext4 > > auth_cache_size = 128 M > > auth_master_user_separator = * > > auth_mechanisms = plain cram-md5 > > mail_location = > > maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > > > > maildir_very_dirty_syncs = yes > > managesieve_notify_capability = mailto > > managesieve_sieve_capability = fileinto reject envelope > > encoded-character vacation subaddress comparator-i;ascii-numeric > > relational regex imap4flags copy include variables body enotify > > environment mailbox date > > mbox_write_locks = fcntl > > namespace { > > inbox = yes > > location = > > prefix = > > separator = . > > type = private > > } > > namespace { > > list = children > > location = > > maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > > prefix = shared.%%u. > > separator = . > > subscriptions = no > > type = shared > > } > > namespace { > > list = children > > location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > > prefix = public. > > separator = . > > subscriptions = no > > type = public > > } > > passdb { > > args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > > driver = passwd-file > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > master = yes > > } > > passdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > plugin { > > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > > acl_anyone = allow > > acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > > sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > > sieve_dir = /data/MAIL/SIEVE/%u > > } > > postmaster_address = root > > protocols = imap sieve > > service auth { > > unix_listener /var/spool/postfix/private/auth { > > mode = 0666 > > } > > unix_listener auth-userdb { > > group = mailreader > > mode = 0600 > > user = mailreader > > } > > } > > service imap-login { > > process_min_avail = 8 > > service_count = 0 > > vsz_limit = 512 M > > } > > service imap-postlogin { > > executable = script-login /etc/dovecot/postlogin.sh > > user = $default_internal_user > > } > > service imap { > > executable = imap imap-postlogin > > } > > ssl_cert = > ssl_key = > userdb { > > args = /etc/dovecot/master-shared > > driver = passwd-file > > } > > userdb { > > args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > > allow_all_users=yes > > driver = static > > } > > protocol lda { > > mail_plugins = acl sieve > > } > > protocol imap { > > mail_max_userip_connections = 128 > > mail_plugins = acl imap_acl > > } > From tss at iki.fi Wed Jun 13 15:59:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 15:59:29 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD83A26.3030209@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> Message-ID: <1339592369.25551.7.camel@innu> On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: > I have checked in almost every error I had that the error is produced > whenever happens a timeout of 30 seconds between opening the connection > between the director and backend server and the final delivery of the > message in the user's mailbox. > > When I have mails with just a few of recipients, I have no problem > because this 30 seconds timeout is never reached. But when I have mails > with more recipients and my storage has workload it is sometimes reached. Ah, so it's not really a bug. I thought it might be because there had been such problems before. > But I haven't found any configuration for this 30 seconds timeout. What > could it be this option? Because I have configured proxy_timeout=120 in > proxy configuration: > > pass_attrs = > irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host This should work.. > lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) This is the default, but proxy_timeout should override it. What do you get in logs with auth_debug=yes? From rago at lal.in2p3.fr Wed Jun 13 16:24:02 2012 From: rago at lal.in2p3.fr (Emiliano Rago) Date: Wed, 13 Jun 2012 15:24:02 +0200 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <1339591833.25551.4.camel@innu> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> Message-ID: <4FD89472.2070002@lal.in2p3.fr> It works! Thanks! Emiliano On 06/13/2012 02:50 PM, Timo Sirainen wrote: > Does it work if you do it via imap? > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: >> Hi, >> >> what it's happening with the doveadm command below is that >> the file modified is /data/MAIL/PUBLIC/subscriptions >> while I'd like to modify the file /data/MAIL/rago/subscriptions >> >> With subscriptions=no every user can subscribe to public folder, >> so perhaps this behaviour is inappropriate; suggestions? >> >> Thanks, >> Emiliano Rago >> >> >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: >>> Hi, >>> >>> I'd like to subscribe folder with doveadm: >>> >>> doveadm mailbox subscribe -u rago public.Conferences >>> >>> This command doesn't work, while it works with an ordinary folder. >>> However it's possible to subscribe to the folder with an imap connection: >>> >>> 1 login rago "mypasswd" >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL >>> RIGHTS=texk] Logged in >>> 2 LSUB "" * >>> * LSUB () "." "INBOX" >>> 2 OK Lsub completed. >>> 3 SUBSCRIBE "public.Conferences" >>> 3 OK Subscribe completed. >>> 4 LSUB "" * >>> * LSUB () "." "INBOX" >>> * LSUB () "." "public.Conferences" >>> 4 OK Lsub completed. >>> >>> Am I doing anything wrong? >>> >>> This is my conf, thx for help, >>> Emiliano >>> >>> # 2.0.9: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux >>> Server release 5 (Tikanga) ext4 >>> auth_cache_size = 128 M >>> auth_master_user_separator = * >>> auth_mechanisms = plain cram-md5 >>> mail_location = >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u >>> >>> maildir_very_dirty_syncs = yes >>> managesieve_notify_capability = mailto >>> managesieve_sieve_capability = fileinto reject envelope >>> encoded-character vacation subaddress comparator-i;ascii-numeric >>> relational regex imap4flags copy include variables body enotify >>> environment mailbox date >>> mbox_write_locks = fcntl >>> namespace { >>> inbox = yes >>> location = >>> prefix = >>> separator = . >>> type = private >>> } >>> namespace { >>> list = children >>> location = >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u >>> prefix = shared.%%u. >>> separator = . >>> subscriptions = no >>> type = shared >>> } >>> namespace { >>> list = children >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC >>> prefix = public. >>> separator = . >>> subscriptions = no >>> type = public >>> } >>> passdb { >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt >>> driver = passwd-file >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> master = yes >>> } >>> passdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> plugin { >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 >>> acl_anyone = allow >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve >>> sieve_dir = /data/MAIL/SIEVE/%u >>> } >>> postmaster_address = root >>> protocols = imap sieve >>> service auth { >>> unix_listener /var/spool/postfix/private/auth { >>> mode = 0666 >>> } >>> unix_listener auth-userdb { >>> group = mailreader >>> mode = 0600 >>> user = mailreader >>> } >>> } >>> service imap-login { >>> process_min_avail = 8 >>> service_count = 0 >>> vsz_limit = 512 M >>> } >>> service imap-postlogin { >>> executable = script-login /etc/dovecot/postlogin.sh >>> user = $default_internal_user >>> } >>> service imap { >>> executable = imap imap-postlogin >>> } >>> ssl_cert =>> ssl_key =>> userdb { >>> args = /etc/dovecot/master-shared >>> driver = passwd-file >>> } >>> userdb { >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u >>> allow_all_users=yes >>> driver = static >>> } >>> protocol lda { >>> mail_plugins = acl sieve >>> } >>> protocol imap { >>> mail_max_userip_connections = 128 >>> mail_plugins = acl imap_acl >>> } >> > > From tss at iki.fi Wed Jun 13 16:38:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:38:43 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD78794.1030905@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> Message-ID: <1339594723.25551.8.camel@innu> On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: > namespace { > hidden = yes > inbox = no > list = children > location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u > prefix = iphonemail/sharedimap/ > separator = / > type = shared type=public and same for the other shared namespace. The type=shared namespaces are for mailboxes shared between users. From tss at iki.fi Wed Jun 13 16:40:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 16:40:22 +0300 Subject: [Dovecot] doveadm doesn't subscribe to public folders In-Reply-To: <4FD89472.2070002@lal.in2p3.fr> References: <4FD7313F.9060406@lal.in2p3.fr> <4FD86473.8010104@lal.in2p3.fr> <1339591833.25551.4.camel@innu> <4FD89472.2070002@lal.in2p3.fr> Message-ID: <1339594822.25551.9.camel@innu> OK. v2.1 should have fixed this also for doveadm subscribe. On Wed, 2012-06-13 at 15:24 +0200, Emiliano Rago wrote: > It works! Thanks! > > Emiliano > > On 06/13/2012 02:50 PM, Timo Sirainen wrote: > > Does it work if you do it via imap? > > > > echo "a subscribe public.Conferences" | /usr/local/libexec/dovecot/imap -u rago > > > > On Wed, 2012-06-13 at 11:59 +0200, Emiliano Rago wrote: > >> Hi, > >> > >> what it's happening with the doveadm command below is that > >> the file modified is /data/MAIL/PUBLIC/subscriptions > >> while I'd like to modify the file /data/MAIL/rago/subscriptions > >> > >> With subscriptions=no every user can subscribe to public folder, > >> so perhaps this behaviour is inappropriate; suggestions? > >> > >> Thanks, > >> Emiliano Rago > >> > >> > >> On 06/12/2012 02:08 PM, Emiliano Rago wrote: > >>> Hi, > >>> > >>> I'd like to subscribe folder with doveadm: > >>> > >>> doveadm mailbox subscribe -u rago public.Conferences > >>> > >>> This command doesn't work, while it works with an ordinary folder. > >>> However it's possible to subscribe to the folder with an imap connection: > >>> > >>> 1 login rago "mypasswd" > >>> 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > >>> IDLE SORTSORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT > >>> CHILDREN NAMESPCE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > >>> ESEARCH ESORT SEARCHRES ITHIN CONTEXT=SEARCH LIST-STATUS ACL > >>> RIGHTS=texk] Logged in > >>> 2 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> 2 OK Lsub completed. > >>> 3 SUBSCRIBE "public.Conferences" > >>> 3 OK Subscribe completed. > >>> 4 LSUB "" * > >>> * LSUB () "." "INBOX" > >>> * LSUB () "." "public.Conferences" > >>> 4 OK Lsub completed. > >>> > >>> Am I doing anything wrong? > >>> > >>> This is my conf, thx for help, > >>> Emiliano > >>> > >>> # 2.0.9: /etc/dovecot/dovecot.conf > >>> # OS: Linux 2.6.32-220.4.1.el6.x86_64 x86_64 Red Hat Enterprise Linux > >>> Server release 5 (Tikanga) ext4 > >>> auth_cache_size = 128 M > >>> auth_master_user_separator = * > >>> auth_mechanisms = plain cram-md5 > >>> mail_location = > >>> maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u > >>> > >>> maildir_very_dirty_syncs = yes > >>> managesieve_notify_capability = mailto > >>> managesieve_sieve_capability = fileinto reject envelope > >>> encoded-character vacation subaddress comparator-i;ascii-numeric > >>> relational regex imap4flags copy include variables body enotify > >>> environment mailbox date > >>> mbox_write_locks = fcntl > >>> namespace { > >>> inbox = yes > >>> location = > >>> prefix = > >>> separator = . > >>> type = private > >>> } > >>> namespace { > >>> list = children > >>> location = > >>> maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/METADATA/SHARED/%u/%%u > >>> prefix = shared.%%u. > >>> separator = . > >>> subscriptions = no > >>> type = shared > >>> } > >>> namespace { > >>> list = children > >>> location = maildir:/data/MAIL/PUBLIC:INDEX=/data/MAIL/METADATA/PUBLIC > >>> prefix = public. > >>> separator = . > >>> subscriptions = no > >>> type = public > >>> } > >>> passdb { > >>> args = scheme=cram-md5 /data/PWDDB/cram_dovecot.txt > >>> driver = passwd-file > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> master = yes > >>> } > >>> passdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> plugin { > >>> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > >>> acl_anyone = allow > >>> acl_shared_dict = file:/data/MAIL/SHAREDDB/shared-mailboxes.db > >>> sieve = /data/MAIL/SIEVE/%u/dovecot.sieve > >>> sieve_dir = /data/MAIL/SIEVE/%u > >>> } > >>> postmaster_address = root > >>> protocols = imap sieve > >>> service auth { > >>> unix_listener /var/spool/postfix/private/auth { > >>> mode = 0666 > >>> } > >>> unix_listener auth-userdb { > >>> group = mailreader > >>> mode = 0600 > >>> user = mailreader > >>> } > >>> } > >>> service imap-login { > >>> process_min_avail = 8 > >>> service_count = 0 > >>> vsz_limit = 512 M > >>> } > >>> service imap-postlogin { > >>> executable = script-login /etc/dovecot/postlogin.sh > >>> user = $default_internal_user > >>> } > >>> service imap { > >>> executable = imap imap-postlogin > >>> } > >>> ssl_cert = >>> ssl_key = >>> userdb { > >>> args = /etc/dovecot/master-shared > >>> driver = passwd-file > >>> } > >>> userdb { > >>> args = uid=mailreader gid=mailreader home=/data/MAIL/SIEVE/%u > >>> allow_all_users=yes > >>> driver = static > >>> } > >>> protocol lda { > >>> mail_plugins = acl sieve > >>> } > >>> protocol imap { > >>> mail_max_userip_connections = 128 > >>> mail_plugins = acl imap_acl > >>> } > >> > > > > > From amateo at um.es Wed Jun 13 17:57:42 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 16:57:42 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339592369.25551.7.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> Message-ID: <4FD8AA66.7050909@um.es> El 13/06/12 14:59, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 08:58 +0200, Angel L. Mateo wrote: >> I have checked in almost every error I had that the error is produced >> whenever happens a timeout of 30 seconds between opening the connection >> between the director and backend server and the final delivery of the >> message in the user's mailbox. >> >> When I have mails with just a few of recipients, I have no problem >> because this 30 seconds timeout is never reached. But when I have mails >> with more recipients and my storage has workload it is sometimes reached. > > Ah, so it's not really a bug. I thought it might be because there had > been such problems before. > >> But I haven't found any configuration for this 30 seconds timeout. What >> could it be this option? Because I have configured proxy_timeout=120 in >> proxy configuration: >> >> pass_attrs = >> irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host > > This should work.. > >> lmtp/commands.c:#define LMTP_PROXY_DEFAULT_TIMEOUT_MSECS (1000*30) > > This is the default, but proxy_timeout should override it. > But then, why timeout is reached after only 30 seconds? Could it be other define timeout like DIRECTOR_CONNECTION_DONE_TIMEOUT_MSECS? > What do you get in logs with auth_debug=yes? > I've got always auth_debug=yes. In the director server, logs are: Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user1 proxy host=155.54.211.163 proxy_refresh=450 Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=user2 proxy host=155.54.211.163 proxy_refresh=450 .... (more users, a total of 34 recipients) Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: user=myuser proxy host=155.54.211.164 proxy_refresh=450 ... Jun 12 11:41:09 myotis41 dovecot: lmtp(6595): Disconnect from 155.54.212.167: Client quit (in reset) but I have checked with newer errors, all I see in logs are "Connect from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not produced any more (maybe because director has this information yet?) At backend servers are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10 +4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' ... Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQA AG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' From tss at iki.fi Wed Jun 13 18:17:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 18:17:57 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8AA66.7050909@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> Message-ID: <1339600677.25551.12.camel@innu> On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 > Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: > user=user1 proxy host=155.54.211.163 proxy_refresh=450 That says proxy_refresh, not proxy_timeout. > but I have checked with newer errors, all I see in logs are "Connect > from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not > produced any more (maybe because director has this information yet?) Director shouldn't affect it. There should still be auth input lines logged. doveconf -n? From toml at engr.orst.edu Wed Jun 13 19:58:19 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Wed, 13 Jun 2012 09:58:19 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <1339594723.25551.8.camel@innu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> Message-ID: <4FD8C6AB.6040909@engr.orst.edu> On 6/13/12 6:38 AM, Timo Sirainen wrote: > On Tue, 2012-06-12 at 11:16 -0700, Tom Lieuallen wrote: >> namespace { >> hidden = yes >> inbox = no >> list = children >> location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u >> prefix = iphonemail/sharedimap/ >> separator = / >> type = shared > > type=public and same for the other shared namespace. The type=shared > namespaces are for mailboxes shared between users. > Unfortunately, it still isn't working. namespace { inbox = yes location = prefix = separator = / type = private } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = sharedimap/ separator = / type = public } namespace { hidden = yes inbox = no list = children location = maildir:/a1/dove-shared:INDEX=/a2/imap-index/dove-shared/%u prefix = iphonemail/sharedimap/ separator = / type = public } l list "" * * LIST (\Noselect \HasChildren) "/" "foo1" * LIST (\NoInferiors \UnMarked) "/" "foo1/folder1" * LIST (\Noselect \HasChildren) "/" "iphonemail" * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" * LIST (\NoInferiors \UnMarked) "/" "Sent" * LIST (\NoInferiors \UnMarked) "/" "Trash" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. l list "iphonemail/" * * LIST (\NoInferiors \Marked) "/" "iphonemail/foo1" l OK List completed. l list "sharedimap/" * * LIST (\HasNoChildren) "/" "sharedimap/cesupport" * LIST (\HasNoChildren) "/" "sharedimap/mimesupport" l OK List completed. l list "iphonemail/sharedimap/" * * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/cesupport" * LIST (\HasNoChildren) "/" "iphonemail/sharedimap/mimesupport" l OK List completed. It seems to me like the logic for deciding which namespaces to follow is something like this: * If mail prefix = "", inspect and potentially use all namespaces * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. thank you Tom Lieuallen From tss at iki.fi Wed Jun 13 20:07:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 13 Jun 2012 20:07:23 +0300 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: <4FD8C6AB.6040909@engr.orst.edu> References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: On 13.6.2012, at 19.58, Tom Lieuallen wrote: >> type=public and same for the other shared namespace. The type=shared >> namespaces are for mailboxes shared between users. > > Unfortunately, it still isn't working. .. > It seems to me like the logic for deciding which namespaces to follow is something like this: > > * If mail prefix = "", inspect and potentially use all namespaces > > * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. > > In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? From amateo at um.es Wed Jun 13 20:11:36 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 13 Jun 2012 19:11:36 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <1339600677.25551.12.camel@innu> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> Message-ID: <4FD8C9C8.6090608@um.es> El 13/06/12 17:17, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 16:57 +0200, Angel L. Mateo wrote: >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Connect from 155.54.212.167 >> Jun 12 11:40:39 myotis41 dovecot: lmtp(6595): Debug: auth input: >> user=user1 proxy host=155.54.211.163 proxy_refresh=450 > > That says proxy_refresh, not proxy_timeout. > >> but I have checked with newer errors, all I see in logs are "Connect >> from" and "Disconnect from" messages. The logs "lmtp...Debug:" are not >> produced any more (maybe because director has this information yet?) > > Director shouldn't affect it. There should still be auth input lines > logged. doveconf -n? > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends So, at director servers the only logs I have are the one I have already sent. At the backend server, I have more logs, that are: Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: none: root=, index=, control=, inbox=, alt= Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Connect from 155.54.211.186 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: user1 home= uid=261853 gid=1001 Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=262339 gid=1001 ... (more recipients for the same message) Jun 12 11:40:38 myotis34 dovecot: lmtp(16824): Debug: auth input: home= uid=255606 gid=1001 ... (more recipients for the same message) Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: Effective uid=255606, gid=1001, home= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: maildir++: root=/Maildir, index=/var/indexes/, control=, inbox=/Maildir, alt= Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: using sieve path for user's script: /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: opening script /.dovecot.sieve Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: script binary /.dovecot.svbin successfully loaded Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: binary save: not saving binary /.dovecot.svbin, because it is already stored Jun 12 11:41:08 myotis34 dovecot: lmtp(16824, ): Debug: wJ9BD7YM10+4QQAAG5O5Qg: sieve: executing script from /.dovecot.svbin Jun 12 11:41:10 myotis34 dovecot: lmtp(16824, ): wJ9BD7YM10+4QQAAG5O5Qg: sieve: msgid=<182283367.48.1339494011054.JavaMail.tomcat at sakai-prod4>: stored mail into mailbox 'INBOX' Jun 12 11:41:11 myotis34 dovecot: lmtp(16824): Disconnect from 155.54.211.186: Connection closed (in reset) I have attached output of doveconf -n. What I have observed is that problem ocurrs when I have mails with lot of recipients, and happens to all recipients which data ends more than 30 seconds after the connection was established. Maybe this timeout has to be counted since the begining of the data command, not the establishment of the tcp connection, or, if this is another timer, the first should be greater. -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_username_format = %n auth_verbose = yes default_process_limit = 1000 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.185 155.54.211.186 disable_plaintext_auth = no lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_debug = yes passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = proxy=y nopassword=y driver = static } passdb { args = session=yes dovecot driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 } service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director } service imap { process_limit = 5120 process_min_avail = 6 } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 } service pop3-login { executable = pop3-login director } ssl = no ssl_cert = Hi Sir/Madam, I am using dovecot with postfix email server to deliver our mails. Our requirement is to save mail file with different name. So Please help me to locate the module which save mail to inbox. -- -- Thanks & regards Neeraj Gupta Software Engineer Email Id : neeraj6117 at gmail.com Mo:+91-9990366116 From CMarcus at Media-Brokers.com Wed Jun 13 22:36:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 13 Jun 2012 15:36:58 -0400 Subject: [Dovecot] Please help me out. In-Reply-To: References: Message-ID: <4FD8EBDA.5080801@Media-Brokers.com> On 2012-06-13 2:02 PM, neeraj gupta wrote: > Hi Sir/Madam, > > I am using dovecot with postfix email server to deliver our mails. > Our requirement is to save mail file with different name. > So Please help me to locate the module which save mail to inbox. No idea what you are asking for... but if you really want to dictate somehow the actual filename(s) that are stored on the filesystem, please don't, and rather explain what problem you are trying to solve that you think this is a good solution to. -- Best regards, Charles From nairda91 at hotmail.com Wed Jun 13 23:46:20 2012 From: nairda91 at hotmail.com (arleal) Date: Wed, 13 Jun 2012 13:46:20 -0700 (PDT) Subject: [Dovecot] Auth password problem Message-ID: <34008289.post@talk.nabble.com> i have debian squeeze. i have installed mds with ldap integration and i want to use dovecot/LDAP but i have problems with login. I have dovecot 1.2. I try all of dovecot wiki but i dont know how to configure it good dovecot.conf protocols = imap imaps pop3 pop3s listen = *, :: auth_verbose = yes auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes login_greeting = royoleal.com mailserver ready. mail_location = maildir:/home/users/%u/Maildir disable_plaintext_auth = no ssl_cert_file = /etc/ssl/certs/mail.pem ssl_key_file = /etc/ssl/private/mail.key log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot.log # IMAP configuration protocol imap { mail_plugins = quota imap_quota } # POP3 configuration protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_plugins = quota } # LDA configuration protocol lda { postmaster_address = postmaster auth_socket_path = /var/run/dovecot/auth-master mail_plugins = quota } # LDAP authentication auth default { mechanisms = plain login passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = dovecot group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } And this is dovecot-ldap.conf hosts = 127.0.0.1 auth_bind = yes ldap_version = 3 dn = cn=admin,dc=royoleal,dc=com dnpass = royoleal base = dc=royoleal,dc=com auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com scope = subtree user_attrs = uidNumber=uid,gidNumber=gid user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) pass_attrs = mail=mail,userPassword=password pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) default_pass_scheme = CRYPT When i try login with telnet or other program i have this problem in dovecot.log Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=14 3 rport=55040 resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid credentials (given password: prueba) Jun 13 22:45:13 auth(default): Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): Info: client out: FAIL 1 user=prueba at royoleal.com Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip= 127.0.0.1, secured Thanks. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34008289.html Sent from the Dovecot mailing list archive at Nabble.com. From ben at versang.com Thu Jun 14 10:20:05 2012 From: ben at versang.com (Ben Versang) Date: Thu, 14 Jun 2012 17:20:05 +1000 Subject: [Dovecot] Sieve stopped working Message-ID: Hi, I have installed RoundCube a couple of years ago on a Snow Leopard server. All nice and dandy up to today. Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. When I run ps aux |grep sieve it is not returning anything to me suggesting that the problem is not with sieve it-self but rather with Dovecot not starting the sieve. If anyone could give me some leads I can't think of anyting else. netstat -a |grep 2000 returns returns nothing telnet localhost 2000 Trying ::1... telnet: connect to address ::1: Connection refused Trying fe80::1... telnet: connect to address fe80::1: Connection refused Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused telnet: Unable to connect to remote host The rest of mail functions are working fine (IMAP, SMTP...). Thanks in advance Ben From voytek at sbt.net.au Thu Jun 14 10:34:45 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Thu, 14 Jun 2012 17:34:45 +1000 Subject: [Dovecot] migrating v.1 to v.2 Message-ID: I have a working Dovecot/MySQL with version 1.x I'm looking at setting a new server using ver. 2 I'm currently pre-planning: can I use config files from ver 1 installation on version 2 setup 'as is'; or what's a proper way to do such migration/upgrade ? -- V From nick+dovecot at bunbun.be Thu Jun 14 10:40:44 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Thu, 14 Jun 2012 09:40:44 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: Message-ID: <4FD9957C.9080605@bunbun.be> Voytek Eymont wrote: > I have a working Dovecot/MySQL with version 1.x > > I'm looking at setting a new server using ver. 2 > > I'm currently pre-planning: > can I use config files from ver 1 installation on version 2 setup 'as is'; > or what's a proper way to do such migration/upgrade ? > Hi, this question has been asked numerous times. It's also (in my case) the 1st couple of hits when searching in Google for "dovecot wiki upgrading". Try this http://wiki2.dovecot.org/Upgrading/ Rgds, N. From mikkel at euro123.dk Thu Jun 14 11:14:11 2012 From: mikkel at euro123.dk (Mikkel) Date: Thu, 14 Jun 2012 10:14:11 +0200 Subject: [Dovecot] disable_plaintext_auth = no as no effect on IMAP/POP3 logins Message-ID: <4FD99D53.7010300@euro123.dk> Hello In my installation the disable_plaintext_auth does not appear to take effect. I can see that the value is correct using doveconf -a but it doesn't change anything. Whenever attempting to log in using IMAP I get this: * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. POP3 login attempts give this error: -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) connections Besides adding disable_plaintext_auth=no to dovecot.conf I also tried adding it specifically to the imap section. I also tried to invoke it just for certain networks, like this: remote 0.0.0.0 { disable_plaintext_auth = no } But none of this takes any effect either. Adding the testing network as trusted networks is working fine removing the error. But I would rather not add the whole internet to the trusted network section just to allow plain text logins in imap. I'm in the process of migrating form 1.1 to 2.1 so this configuration is for testing things out and is mainly based on the default configuration files comming with the centos installation. I should add that everything else in this setup is working fine. I did many searches for information on this topic but nothing I could find apply to my case. I'm sorry to post such a long conf but I'm not sure what parts I could have safely omitted. Here goes: # doveconf -a # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_anonymous_username = anonymous auth_cache_negative_ttl = 2 mins auth_cache_size = 0 auth_cache_ttl = 2 mins auth_debug = no auth_debug_passwords = no auth_default_realm = plain auth_failure_delay = 2 secs auth_first_valid_uid = 500 auth_gssapi_hostname = auth_krb5_keytab = auth_last_valid_uid = 0 auth_master_user_separator = auth_mechanisms = plain auth_realms = plain login digest-md5 cram-md5 apop ntlm auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /var/run/dovecot config_cache_size = 1 M debug_log_path = default_client_limit = 1000 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 100 default_vsz_limit = 256 M deliver_log_format = msgid=%m: %$ dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins disable_plaintext_auth = no dotlock_use_excl = no doveadm_allowed_commands = doveadm_password = doveadm_proxy_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ first_valid_gid = 1 first_valid_uid = 105 hostname = usrmta01.talkactive.net imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imapc_host = imapc_master_user = imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_ca_dir = imapc_ssl_verify = yes imapc_user = %u import_environment = TZ info_log_path = /var/log/dovecot/dovecot.run instance_name = dovecot last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no lda_original_recipient_header = libexec_dir = /usr/libexec/dovecot listen = *, :: lmtp_proxy = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = /var/log/dovecot/dovecot.err log_timestamp = "%b %d %H:%M:%S " login_access_sockets = login_greeting = Dovecot ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c login_trusted_networks = mail_access_groups = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = always mail_full_filesystem_access = no mail_gid = mail_home = mail_location = mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = yes mail_nfs_storage = yes mail_plugin_dir = /usr/lib64/dovecot mail_plugins = quota mail_prefetch_count = 0 mail_privileged_group = mail_save_crlf = no mail_temp_dir = /tmp mail_uid = mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = yes namespace inbox { hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = no special_use = \Drafts } mailbox Junk { auto = no special_use = \Junk } mailbox Sent { auto = no special_use = \Sent } mailbox "Sent Messages" { auto = no special_use = \Sent } mailbox Trash { auto = no special_use = \Trash } prefix = separator = subscriptions = yes type = private } passdb { args = /local/config/dovecot-sql.conf default_fields = deny = no driver = sql master = no override_fields = pass = no } plugin { quota = maildir quota_rule2 = Trash:storage=+10M:messages=+100 quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 sieve_extensions = +imapflags +notify trash = /local/config/dovecot-trash.conf } pop3_client_workarounds = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_ca_dir = pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener /var/spool/postfix/private/auth { group = mode = 0666 user = } unix_listener auth-client { group = mode = 0600 user = } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = } unix_listener auth-userdb { group = mode = 0666 user = } unix_listener login/login { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs inet_listener { address = port = 0 ssl = no } privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener director-userdb { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 0 type = login user = $default_login_user vsz_limit = 256 M } service imap { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 256 M } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = required ssl_ca = ssl_cert = References: <4FD99D53.7010300@euro123.dk> Message-ID: <4FD9ABA2.1030908@euro123.dk> I just found the solution by coincidence. It appears there is a configuration file named: /etc/dovecot/conf.d/10-ssl.conf In that file the following line was active ssl = required That setting apparently overrides what disable_plaintext_auth has to say. After commenting out the ssl=required entry everything works as expected :-) Regards, Mikkel Den 14/06/12 10.14, Mikkel skrev: > Hello > > In my installation the disable_plaintext_auth does not appear to take > effect. > I can see that the value is correct using doveconf -a but it doesn't > change anything. > > Whenever attempting to log in using IMAP I get this: > * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but > your client did it anyway. If anyone was listening, the password was > exposed. > ls NO [PRIVACYREQUIRED] Plaintext authentication disallowed on > non-secure (SSL/TLS) connections. > > POP3 login attempts give this error: > -ERR Plaintext authentication disallowed on non-secure (SSL/TLS) > connections > > Besides adding disable_plaintext_auth=no to dovecot.conf I also tried > adding it specifically to the imap section. > I also tried to invoke it just for certain networks, like this: > > remote 0.0.0.0 { > disable_plaintext_auth = no > } > > But none of this takes any effect either. Adding the testing network as > trusted networks is working fine removing the error. > But I would rather not add the whole internet to the trusted network > section just to allow plain text logins in imap. > > I'm in the process of migrating form 1.1 to 2.1 so this configuration is > for testing things out and is mainly based on the default configuration > files comming with the centos installation. > I should add that everything else in this setup is working fine. > > > I did many searches for information on this topic but nothing I could > find apply to my case. > > I'm sorry to post such a long conf but I'm not sure what parts I could > have safely omitted. > Here goes: > > > # doveconf -a > # 2.1.1: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) > auth_anonymous_username = anonymous > auth_cache_negative_ttl = 2 mins > auth_cache_size = 0 > auth_cache_ttl = 2 mins > auth_debug = no > auth_debug_passwords = no > auth_default_realm = plain > auth_failure_delay = 2 secs > auth_first_valid_uid = 500 > auth_gssapi_hostname = > auth_krb5_keytab = > auth_last_valid_uid = 0 > auth_master_user_separator = > auth_mechanisms = plain > auth_realms = plain login digest-md5 cram-md5 apop ntlm > auth_socket_path = auth-userdb > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = no > auth_use_winbind = no > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > auth_username_format = %Lu > auth_username_translation = > auth_verbose = no > auth_verbose_passwords = no > auth_winbind_helper_path = /usr/bin/ntlm_auth > auth_worker_max_count = 30 > base_dir = /var/run/dovecot > config_cache_size = 1 M > debug_log_path = > default_client_limit = 1000 > default_idle_kill = 1 mins > default_internal_user = dovecot > default_login_user = dovenull > default_process_limit = 100 > default_vsz_limit = 256 M > deliver_log_format = msgid=%m: %$ > dict_db_config = > director_doveadm_port = 0 > director_mail_servers = > director_servers = > director_user_expire = 15 mins > disable_plaintext_auth = no > dotlock_use_excl = no > doveadm_allowed_commands = > doveadm_password = > doveadm_proxy_port = 0 > doveadm_socket_path = doveadm-server > doveadm_worker_count = 0 > dsync_alt_char = _ > first_valid_gid = 1 > first_valid_uid = 105 > hostname = usrmta01.talkactive.net > imap_capability = > imap_client_workarounds = > imap_id_log = > imap_id_send = > imap_idle_notify_interval = 2 mins > imap_logout_format = in=%i out=%o > imap_max_line_length = 64 k > imapc_host = > imapc_master_user = > imapc_password = > imapc_port = 143 > imapc_rawlog_dir = > imapc_ssl = no > imapc_ssl_ca_dir = > imapc_ssl_verify = yes > imapc_user = %u > import_environment = TZ > info_log_path = /var/log/dovecot/dovecot.run > instance_name = dovecot > last_valid_gid = 0 > last_valid_uid = 0 > lda_mailbox_autocreate = no > lda_mailbox_autosubscribe = no > lda_original_recipient_header = > libexec_dir = /usr/libexec/dovecot > listen = *, :: > lmtp_proxy = no > lmtp_save_to_detail_mailbox = no > lock_method = fcntl > log_path = /var/log/dovecot/dovecot.err > log_timestamp = "%b %d %H:%M:%S " > login_access_sockets = > login_greeting = Dovecot ready. > login_log_format = %$: %s > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c > login_trusted_networks = > mail_access_groups = > mail_attachment_dir = > mail_attachment_fs = sis posix > mail_attachment_hash = %{sha1} > mail_attachment_min_size = 128 k > mail_cache_fields = flags > mail_cache_min_mail_count = 0 > mail_chroot = > mail_debug = no > mail_fsync = always > mail_full_filesystem_access = no > mail_gid = > mail_home = > mail_location = > mail_log_prefix = "%s(%u): " > mail_max_keyword_length = 50 > mail_max_lock_timeout = 0 > mail_max_userip_connections = 10 > mail_never_cache_fields = imap.envelope > mail_nfs_index = yes > mail_nfs_storage = yes > mail_plugin_dir = /usr/lib64/dovecot > mail_plugins = quota > mail_prefetch_count = 0 > mail_privileged_group = > mail_save_crlf = no > mail_temp_dir = /tmp > mail_uid = > mailbox_idle_check_interval = 30 secs > mailbox_list_index = no > maildir_broken_filename_sizes = no > maildir_copy_with_hardlinks = yes > maildir_stat_dirs = no > maildir_very_dirty_syncs = no > master_user_separator = > mbox_dirty_syncs = yes > mbox_dotlock_change_timeout = 2 mins > mbox_lazy_writes = yes > mbox_lock_timeout = 5 mins > mbox_md5 = apop3d > mbox_min_index_size = 0 > mbox_read_locks = fcntl > mbox_very_dirty_syncs = no > mbox_write_locks = fcntl > mdbox_preallocate_space = no > mdbox_rotate_interval = 0 > mdbox_rotate_size = 2 M > mmap_disable = yes > namespace inbox { > hidden = no > ignore_on_failure = no > inbox = yes > list = yes > location = > mailbox Drafts { > auto = no > special_use = \Drafts > } > mailbox Junk { > auto = no > special_use = \Junk > } > mailbox Sent { > auto = no > special_use = \Sent > } > mailbox "Sent Messages" { > auto = no > special_use = \Sent > } > mailbox Trash { > auto = no > special_use = \Trash > } > prefix = > separator = > subscriptions = yes > type = private > } > passdb { > args = /local/config/dovecot-sql.conf > default_fields = > deny = no > driver = sql > master = no > override_fields = > pass = no > } > plugin { > quota = maildir > quota_rule2 = Trash:storage=+10M:messages=+100 > quota_warning = storage=80%% /local/scripts/quota-warning.sh 80 > sieve_extensions = +imapflags +notify > trash = /local/config/dovecot-trash.conf > } > pop3_client_workarounds = > pop3_enable_last = no > pop3_fast_size_lookups = no > pop3_lock_session = no > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_no_flag_updates = no > pop3_reuse_xuidl = no > pop3_save_uidl = no > pop3_uidl_format = %08Xu%08Xv > pop3c_host = > pop3c_password = > pop3c_port = 110 > pop3c_rawlog_dir = > pop3c_ssl = no > pop3c_ssl_ca_dir = > pop3c_ssl_verify = yes > pop3c_user = %u > postmaster_address = > protocols = imap pop3 lmtp > quota_full_tempfail = no > recipient_delimiter = + > rejection_reason = Your message to <%t> was automatically rejected:%n%r > rejection_subject = Rejected: %s > sendmail_path = /usr/sbin/sendmail > service anvil { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = anvil > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 1 > protocol = > service_count = 0 > type = anvil > unix_listener anvil-auth-penalty { > group = > mode = 0600 > user = > } > unix_listener anvil { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = auth -w > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener auth-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service auth { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = auth > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener /var/spool/postfix/private/auth { > group = > mode = 0666 > user = > } > unix_listener auth-client { > group = > mode = 0600 > user = > } > unix_listener auth-login { > group = > mode = 0600 > user = $default_internal_user > } > unix_listener auth-master { > group = > mode = 0600 > user = > } > unix_listener auth-userdb { > group = > mode = 0666 > user = > } > unix_listener login/login { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service config { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = config > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = config > unix_listener config { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service dict { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dict > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dict { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service director { > chroot = . > client_limit = 0 > drop_priv_before_exec = no > executable = director > extra_groups = > fifo_listener login/proxy-notify { > group = > mode = 00 > user = > } > group = > idle_kill = 4294967295 secs > inet_listener { > address = > port = 0 > ssl = no > } > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener director-admin { > group = > mode = 0600 > user = > } > unix_listener director-userdb { > group = > mode = 0600 > user = > } > unix_listener login/director { > group = > mode = 00 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service dns_client { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = dns-client > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener dns-client { > group = > mode = 0666 > user = > } > unix_listener login/dns-client { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service doveadm { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = doveadm-server > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener doveadm-server { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service imap-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = imap-login > extra_groups = > group = > idle_kill = 0 > inet_listener imap { > address = > port = 143 > ssl = no > } > inet_listener imaps { > address = > port = 993 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = imap > service_count = 0 > type = login > user = $default_login_user > vsz_limit = 256 M > } > service imap { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = imap > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = imap > service_count = 1 > type = > unix_listener login/imap { > group = > mode = 0666 > user = > } > user = > vsz_limit = 256 M > } > service indexer-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = indexer-worker > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 10 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = > vsz_limit = 18446744073709551615 B > } > service indexer { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = indexer > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener indexer { > group = > mode = 0666 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service ipc { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = ipc > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener ipc { > group = > mode = 0600 > user = > } > unix_listener login/ipc-proxy { > group = > mode = 0600 > user = $default_login_user > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > service lmtp { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = lmtp > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = lmtp > service_count = 0 > type = > unix_listener lmtp { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service log { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = log > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = log > unix_listener log-errors { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service pop3-login { > chroot = login > client_limit = 0 > drop_priv_before_exec = no > executable = pop3-login > extra_groups = > group = > idle_kill = 0 > inet_listener pop3 { > address = > port = 110 > ssl = no > } > inet_listener pop3s { > address = > port = 995 > ssl = yes > } > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = login > user = $default_login_user > vsz_limit = 18446744073709551615 B > } > service pop3 { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = pop3 > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1024 > process_min_avail = 0 > protocol = pop3 > service_count = 1 > type = > unix_listener login/pop3 { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service ssl-params { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = ssl-params > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = startup > unix_listener login/ssl-params { > group = > mode = 0666 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service stats { > chroot = empty > client_limit = 0 > drop_priv_before_exec = no > executable = stats > extra_groups = > fifo_listener stats-mail { > group = > mode = 0600 > user = > } > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener stats { > group = > mode = 0600 > user = > } > user = $default_internal_user > vsz_limit = 18446744073709551615 B > } > shutdown_clients = yes > ssl = required > ssl_ca = > ssl_cert = ssl_cert_username_field = commonName > ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL > ssl_client_cert = > ssl_client_key = > ssl_crypto_device = > ssl_key = ssl_key_password = > ssl_parameters_regenerate = 1 weeks > ssl_protocols = !SSLv2 > ssl_verify_client_cert = no > stats_command_min_time = 1 mins > stats_domain_min_time = 12 hours > stats_ip_min_time = 12 hours > stats_memory_limit = 16 M > stats_session_min_time = 15 mins > stats_user_min_time = 1 hours > submission_host = > syslog_facility = mail > userdb { > args = > default_fields = > driver = prefetch > override_fields = > } > userdb { > args = /local/config/dovecot-sql.conf > default_fields = > driver = sql > override_fields = > } > valid_chroot_dirs = > verbose_proctitle = no > verbose_ssl = no > version_ignore = no > protocol lda { > mail_plugins = quota quota sieve trash > } > protocol imap { > imap_client_workarounds = delay-newmail tb-extra-mailbox-sep > tb-lsub-flags > imap_logout_format = bytes=%i/%o > mail_plugins = quota quota imap_quota trash > } > protocol pop3 { > mail_plugins = quota quota > pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s > pop3_uidl_format = %08Xu%08Xv > } > > > Regards, Mikkel From branko at majic.rs Thu Jun 14 13:36:25 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 12:36:25 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34008289.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> Message-ID: <20120614123625.68527101@zetkin.int.primekey.se> Now, this answer won't help you, but you might find it useful (I've been fiddling with slapd access controls and what-not, so this helped me a lot). :) The best thing to debug the LDAP issues is to set the olcLogLevel in the slapd configuration tree to 256 - this way you'd get enough information to see what's going on when Dovecot tries to talk with the slapd server, and you won't get overwhelmed by the debugging information. On Debian Squeeze you'll also have to make sure you've set-up the log facility for slapd (by default it uses local4). You could add a file /etc/rsyslog.d/slapd.conf with the following line: local4.* /var/log/slapd.log Did you try logging-in by hand as well to the LDAP server? You could do it with, say: ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) arleal wrote: > > i have debian squeeze. i have installed mds with ldap integration and > i want to use dovecot/LDAP but i have problems with login. I have > dovecot 1.2. > > I try all of dovecot wiki but i dont know how to configure it good > > dovecot.conf > > protocols = imap imaps pop3 pop3s > listen = *, :: > auth_verbose = yes > auth_debug = yes > auth_debug_passwords = yes > mail_debug = yes > verbose_ssl = yes > login_greeting = royoleal.com mailserver ready. > mail_location = maildir:/home/users/%u/Maildir > disable_plaintext_auth = no > ssl_cert_file = /etc/ssl/certs/mail.pem > ssl_key_file = /etc/ssl/private/mail.key > log_path = /var/log/dovecot.log > info_log_path = /var/log/dovecot.log > > # IMAP configuration > protocol imap { > mail_plugins = quota imap_quota > } > > # POP3 configuration > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > mail_plugins = quota > } > > # LDA configuration > protocol lda { > postmaster_address = postmaster > auth_socket_path = /var/run/dovecot/auth-master > mail_plugins = quota > } > > # LDAP authentication > > auth default { > mechanisms = plain login > > passdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > userdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > > socket listen { > master { > path = /var/run/dovecot/auth-master > mode = 0660 > user = dovecot > group = mail > } > > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > > > And this is dovecot-ldap.conf > > hosts = 127.0.0.1 > auth_bind = yes > ldap_version = 3 > dn = cn=admin,dc=royoleal,dc=com > dnpass = royoleal > base = dc=royoleal,dc=com > auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com > scope = subtree > user_attrs = uidNumber=uid,gidNumber=gid > user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > pass_attrs = mail=mail,userPassword=password > pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) > default_pass_scheme = CRYPT > > When i try login with telnet or other program i have this problem in > dovecot.log > > > Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 > PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 > lport=14 3 rport=55040 > resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 > auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid > credentials (given password: prueba) Jun 13 22:45:13 auth(default): > Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): > Info: client out: FAIL 1 user=prueba at royoleal.com > Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 > attempts): user=, method=PLAIN, rip=127.0.0.1, > lip= 127.0.0.1, secured > > Thanks. -- Branko Majic Please use only Free formats when sending attachments to me. ?????? ????? ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From amateo at um.es Thu Jun 14 14:32:13 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 14 Jun 2012 13:32:13 +0200 Subject: [Dovecot] difference between client_limit and process_limit In-Reply-To: <1339591187.25551.3.camel@innu> References: <4FD1D2E5.3020901@um.es> <4FD1DE19.4050903@um.es> <4FD22956.20904@thelounge.net> <3E0F7337-B1BA-426F-84AF-D1D7710B80A3@iki.fi> <4FD5C63B.7040904@um.es> <4FD87634.9000407@um.es> <1339589161.25551.0.camel@innu> <4FD88462.5070908@um.es> <1339590528.25551.2.camel@innu> <1339591187.25551.3.camel@innu> Message-ID: <4FD9CBBD.2020701@um.es> El 13/06/12 14:39, Timo Sirainen escribi?: > On Wed, 2012-06-13 at 15:28 +0300, Timo Sirainen wrote: >> Oh, right, service_count=1 is the default and that overrides >> client_limit. Set it to 0. > > http://hg.dovecot.org/dovecot-2.1/rev/4c31e450a867 > Thank you. This solved my problem. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013988.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013988.html Sent from the Dovecot mailing list archive at Nabble.com. From nairda91 at hotmail.com Thu Jun 14 22:18:35 2012 From: nairda91 at hotmail.com (arleal) Date: Thu, 14 Jun 2012 12:18:35 -0700 (PDT) Subject: [Dovecot] Auth password problem In-Reply-To: <20120614123625.68527101@zetkin.int.primekey.se> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> Message-ID: <34013987.post@talk.nabble.com> ?????? ?????-2 wrote: > > Now, this answer won't help you, but you might find it useful (I've > been fiddling with slapd access controls and what-not, so this helped > me a lot). :) > > The best thing to debug the LDAP issues is to set the olcLogLevel in > the slapd configuration tree to 256 - this way you'd get enough > information to see what's going on when Dovecot tries to talk with the > slapd server, and you won't get overwhelmed by the debugging > information. On Debian Squeeze you'll also have to make sure you've > set-up the log facility for slapd (by default it uses local4). You > could add a file /etc/rsyslog.d/slapd.conf with the following line: > > local4.* /var/log/slapd.log > > Did you try logging-in by hand as well to the LDAP server? You could do > it with, say: > > ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > > On Wed, 13 Jun 2012 13:46:20 -0700 (PDT) > arleal wrote: > >> >> i have debian squeeze. i have installed mds with ldap integration and >> i want to use dovecot/LDAP but i have problems with login. I have >> dovecot 1.2. >> >> I try all of dovecot wiki but i dont know how to configure it good >> >> dovecot.conf >> >> protocols = imap imaps pop3 pop3s >> listen = *, :: >> auth_verbose = yes >> auth_debug = yes >> auth_debug_passwords = yes >> mail_debug = yes >> verbose_ssl = yes >> login_greeting = royoleal.com mailserver ready. >> mail_location = maildir:/home/users/%u/Maildir >> disable_plaintext_auth = no >> ssl_cert_file = /etc/ssl/certs/mail.pem >> ssl_key_file = /etc/ssl/private/mail.key >> log_path = /var/log/dovecot.log >> info_log_path = /var/log/dovecot.log >> >> # IMAP configuration >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> # POP3 configuration >> protocol pop3 { >> pop3_uidl_format = %08Xu%08Xv >> mail_plugins = quota >> } >> >> # LDA configuration >> protocol lda { >> postmaster_address = postmaster >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugins = quota >> } >> >> # LDAP authentication >> >> auth default { >> mechanisms = plain login >> >> passdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> socket listen { >> master { >> path = /var/run/dovecot/auth-master >> mode = 0660 >> user = dovecot >> group = mail >> } >> >> client { >> path = /var/spool/postfix/private/auth >> mode = 0660 >> user = postfix >> group = postfix >> } >> } >> } >> >> >> And this is dovecot-ldap.conf >> >> hosts = 127.0.0.1 >> auth_bind = yes >> ldap_version = 3 >> dn = cn=admin,dc=royoleal,dc=com >> dnpass = royoleal >> base = dc=royoleal,dc=com >> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com >> scope = subtree >> user_attrs = uidNumber=uid,gidNumber=gid >> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> pass_attrs = mail=mail,userPassword=password >> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)) >> default_pass_scheme = CRYPT >> >> When i try login with telnet or other program i have this problem in >> dovecot.log >> >> >> Jun 13 22:45:13 auth(default): Info: client in: AUTH 1 >> PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 >> lport=14 3 rport=55040 >> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13 >> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid >> credentials (given password: prueba) Jun 13 22:45:13 auth(default): >> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default): >> Info: client out: FAIL 1 user=prueba at royoleal.com >> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1 >> attempts): user=, method=PLAIN, rip=127.0.0.1, >> lip= 127.0.0.1, secured >> >> Thanks. > > -- > Branko Majic > Please use only Free formats when sending attachments to me. > > ?????? ????? > ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. > > I forgot see the ldap log. In the ldap.log i cant see nothing about that user trying to login with user prueba. That autenticate good. root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H ldap://localhost/ Enter LDAP Password: dn:uid=prueba,ou=Users,dc=royoleal,dc=com With telnet error of authentication. -- View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013987.html Sent from the Dovecot mailing list archive at Nabble.com. From branko at majic.rs Thu Jun 14 22:51:05 2012 From: branko at majic.rs (Branko Majic) Date: Thu, 14 Jun 2012 21:51:05 +0200 Subject: [Dovecot] Auth password problem In-Reply-To: <34013987.post@talk.nabble.com> References: <34008289.post@talk.nabble.com> <20120614123625.68527101@zetkin.int.primekey.se> <34013987.post@talk.nabble.com> Message-ID: <20120614215105.7944d8d3@trotsky.home.majic.rs> On Thu, 14 Jun 2012 12:18:35 -0700 (PDT) arleal wrote: > > I forgot see the ldap log. > In the ldap.log i cant see nothing about that user trying to login > with user prueba. > > That autenticate good. > > root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H > ldap://localhost/ > Enter LDAP Password: > dn:uid=prueba,ou=Users,dc=royoleal,dc=com > > With telnet error of authentication. Hm... Since you're using Dovecot, can you see Dovecot logging-in onto the server and performing queries (for user information)? I'll probably take another look at your config tomorrow (I've got Dovecot talking to my LDAP on Squeeze, although a bit different configuration in my case). -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From voytek at sbt.net.au Fri Jun 15 02:32:28 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:32:28 +1000 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: <4FD9957C.9080605@bunbun.be> References: <4FD9957C.9080605@bunbun.be> Message-ID: Nick, thanks, and, apologies: I did have a brief look at the docs, clearly, not searched enough, my fault. the docs are amazing, and, excellent, and, have precise anwser, mea culpa > upgrading". Try this http://wiki2.dovecot.org/Upgrading/ -- Voytek From voytek at sbt.net.au Fri Jun 15 02:50:52 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Fri, 15 Jun 2012 09:50:52 +1000 Subject: [Dovecot] imap max user ip conn, what's a safe increase? Message-ID: <6d5f54f3b9ba7f071def2453e9c15665.squirrel@sbt.net.au> I have dovecot 1.x, all's working well, thanks now that I'm using K9 mail on Android phone, whenever I try to access emails with an imap collect 'pass' from Snapper mail client on Palm, I get: "max number of connections from user+ip exceeded" I'm currently at default (unspecified) of 10 imap/3 pop what's a reasonable next number of IMAP connections I should up it to ? that won't bite on the backside...? 12 ? 20 ? when I run IMAP pass from Snapper, I only run it over inbox, maybe one other folder, max 2 folders, so 12 should do ? /etc/dovecot# grep max_user * dovecot.conf: #mail_max_userip_connections = 10 dovecot.conf: #mail_max_userip_connections = 3 -- Voytek From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 03:46:16 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 02:46:16 +0200 Subject: [Dovecot] Sieve stopped working In-Reply-To: References: Message-ID: <20120615004616.GA11872@daniel.localdomain> Hi Ben, Ben Versang wrote: > Sieve has stopped working and I have spent hours and been unable so far to get it up and running again. > > netstat -a |grep 2000 returns > returns nothing > > telnet localhost 2000 > Trying 127.0.0.1... > telnet: connect to address 127.0.0.1: Connection refused > telnet: Unable to connect to remote host > > The rest of mail functions are working fine (IMAP, SMTP...). Did you have a look at the wiki article? http://wiki2.dovecot.org/Pigeonhole/ManageSieve/Configuration The Pigeonhole ManageSieve service now binds to TCP port 4190 by default due to the IANA port assignment for the ManageSieve service. Maybe you're looking at the wrong port. Please attach the output of doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From nick+dovecot at bunbun.be Fri Jun 15 10:57:40 2012 From: nick+dovecot at bunbun.be (Nick Rosier) Date: Fri, 15 Jun 2012 09:57:40 +0200 Subject: [Dovecot] migrating v.1 to v.2 In-Reply-To: References: <4FD9957C.9080605@bunbun.be> Message-ID: <4FDAEAF4.3010908@bunbun.be> Hi Voytek, no apologies needed; Timo created an excellent wiki so that should be the 1st thing to search. But if there's anything unclear just ask. I'm not an expert but made the transitions from 1.2 -> 2.0 -> 2.1 thanks to this documentation. N. Voytek Eymont wrote: > Nick, > > thanks, and, apologies: > > I did have a brief look at the docs, clearly, not searched enough, my fault. > > the docs are amazing, and, excellent, and, have precise anwser, > mea culpa > >> upgrading". Try this http://wiki2.dovecot.org/Upgrading/ > > > From gedalya at gedalya.net Fri Jun 15 21:43:28 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:43:28 -0400 Subject: [Dovecot] doveadm backup panic Message-ID: <4FDB8250.8020600@gedalya.net> using latest auto build didn't help. this happens only with a specific account. # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup -u =----- at domain.com -R imapc: dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(---- at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7627bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7628658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb76e2e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb763a034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb76399d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb76e0297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb76df1e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb76f468b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Aborted From gedalya at gedalya.net Fri Jun 15 21:50:09 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 14:50:09 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB8250.8020600@gedalya.net> References: <4FDB8250.8020600@gedalya.net> Message-ID: <4FDB83E1.1070302@gedalya.net> On 06/15/2012 02:43 PM, Gedalya wrote: > using latest auto build didn't help. > this happens only with a specific account. > > # doveadm -o imapc_user=----- at domain.com -o imapc_password=---- backup > -u =----- at domain.com -R imapc: > dsync(---- at domain.com): Panic: pool_data_stack_realloc(): stack frame > changed > dsync(---- at domain.com): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb762b09a] -> > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) > [0xb762b1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0xb75fd99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) > [0xb763d7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) > [0xb7627bf9] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) > [0xb7628658] -> > /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) > [0xb762875a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) > [0xb76dc005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) > [0xb76deaa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) > [0xb76e2e61] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) > [0xb76e3a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) > [0xb76e3aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) > [0xb763a034] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) > [0xb763ae8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) > [0xb76399d0] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) > [0xb76e0297] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) > [0xb76df1e6] -> > /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb76ddfde] > -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) > [0xb76f468b] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) > [0xb76f47cc] -> doveadm() [0x8072510] -> doveadm() [0x8072789] -> > doveadm() [0x80729b2] -> doveadm(dsync_worker_msg_iter_next+0x29) > [0x8070a69] -> doveadm() [0x806b6e1] -> doveadm() [0x806b736] -> > doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> > doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] > Aborted > gdb: Starting program: /usr/bin/doveadm -o imapc_user=mailaccount at domain.com -o imapc_password=******* backup -u mailaccount at domain.com -R imapc: [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". dsync(mailaccount at domain.com): Panic: pool_data_stack_realloc(): stack frame changed dsync(mailaccount at domain.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr/lib/dovecot/libdovecot.so.0(+0x547ce) [0xb7e5f7ce] -> /usr/lib/dovecot/libdovecot.so.0(+0x3ebf9) [0xb7e49bf9] -> /usr/lib/dovecot/libdovecot.so.0(buffer_get_space_unsafe+0x78) [0xb7e4a658] -> /usr/lib/dovecot/libdovecot.so.0(buffer_append_space_unsafe+0x2a) [0xb7e4a75a] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x60005) [0xb7efe005] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x62aa9) [0xb7f00aa9] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x66e61) [0xb7f04e61] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_connection_input_pending+0x14d) [0xb7f05a3d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x67aac) [0xb7f05aac] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x44) [0xb7e5c034] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xce) [0xb7e5ce8e] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) [0xb7e5b9d0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_client_run+0xa7) [0xb7f02297] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_storage_run+0x26) [0xb7f011e6] -> /usr/lib/dovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x6de) [0xb7efffde] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x3b) [0xb7f1668b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x3c) [0xb7f167cc] -> /usr/bin/doveadm() [0x8072510] -> /usr/bin/doveadm() [0x8072789] -> /usr/bin/doveadm() [0x80729b2] -> /usr/bin/doveadm(dsync_worker_msg_iter_next+0x29) [0x8070a69] -> /usr/bin/doveadm() [0x806b6e1] -> /usr/bin/doveadm() [0x806b736] -> /usr/bin/doveadm(dsync_brain_msg_sync_more+0x4cb) [0x806bc7b] -> /usr/bin/doveadm(dsync_brain_sync+0x3bb) [0x806a3ab] Program received signal SIGABRT, Aborted. 0xb7fe1424 in __kernel_vsyscall () (gdb) bt full #0 0xb7fe1424 in __kernel_vsyscall () No symbol table info available. #1 0xb7cd8941 in raise () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #2 0xb7cdbd72 in abort () from /lib/i386-linux-gnu/i686/cmov/libc.so.6 No symbol table info available. #3 0xb7e4d0b0 in default_fatal_finish (type=, status=) at failures.c:191 backtrace = 0x80930a0 "/usr/lib/dovecot/libdovecot.so.0(+0x4209a) [0xb7e4d09a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x41) [0xb7e4d1a1] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb7e1f99e] -> /usr"... #4 0xb7e4d1a1 in default_fatal_handler (ctx=0xbfffef94, format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed", args=0xbfffefb4 "U\001") at failures.c:205 status = 0 #5 0xb7e1f99e in i_panic (format=0xb7e7a2e8 "pool_data_stack_realloc(): stack frame changed") at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = 0xbfffefb4 "U\001" #6 0xb7e5f7ce in pool_data_stack_realloc (pool=0x8092fd0, mem=0x8093000, old_size=32, new_size=64) at mempool-datastack.c:118 dpool = 0x8092fd0 #7 0xb7e49bf9 in buffer_alloc (buf=0x8092fe0, size=64) at buffer.c:32 __FUNCTION__ = "buffer_alloc" #8 0xb7e4a658 in buffer_check_limits (data_size=4, pos=32, buf=0x8092fe0) at buffer.c:64 new_size = 36 #9 buffer_get_space_unsafe (_buf=0x8092fe0, pos=32, size=4) at buffer.c:273 buf = 0x8092fe0 #10 0xb7e4a75a in buffer_append_space_unsafe (buf=0x8092fe0, size=4) at buffer.c:279 No locals. #11 0xb7efe005 in array_append_space_i (array=) at ../../../../src/lib/array.h:232 data = #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} kw = _data_stack_cur_id = 6 lseq = 341 rseq = 341 mailp = list = 0x80c72c8 flags_list = 0x80c7458 atom = 0x80c7570 "679" rec = flags = MAIL_SEEN ---Type to continue, or q to quit--- fetch_uid = 679 uid = 679 i = j = keywords = {arr = {buffer = 0x8092fe0, element_size = 4}, v = 0x8092fe0, v_modifiable = 0x8092fe0} seen_flags = __FUNCTION__ = "imapc_untagged_fetch" #13 0xb7f00aa9 in imapc_storage_untagged_cb (reply=0xbffff184, context=0x80c53e8) at imapc-storage.c:170 mcb__foreach_end = 0x80fd648 storage = 0x80c53e8 mbox = 0x80fd2c8 cb = mcb = 0x80fd638 #14 0xb7f04e61 in imapc_connection_input_untagged (conn=0x80c1950) at imapc-connection.c:906 imap_args = 0x80c7228 name = 0x80c72a0 "FETCH" value = parser = 0x80c7170 reply = {name = 0x80c72a0 "FETCH", num = 341, args = 0x80c7228, file_args = 0x80c1b08, file_args_count = 0, resp_text_key = 0x0, resp_text_value = 0x0, untagged_box_context = 0x80fd2c8} ret = #15 0xb7f05a3d in imapc_connection_input_one (conn=0x80c1950) at imapc-connection.c:1061 tag = 0x80c7290 "*" ret = -1 #16 imapc_connection_input_pending (conn=0x80c1950) at imapc-connection.c:1407 _data_stack_cur_id = 5 ret = #17 0xb7f05aac in imapc_connection_input (conn=0x80c1950) at imapc-connection.c:1100 errstr = ret = #18 0xb7e5c034 in io_loop_call_io (io=0x80d3d28) at ioloop.c:379 ioloop = 0x81655e0 t_id = 4 #19 0xb7e5ce8e in io_loop_handler_run (ioloop=0x81655e0) at ioloop-epoll.c:213 ctx = 0x80d3d58 events = 0x0 event = 0x80dec28 list = 0x80e3bb0 io = ---Type to continue, or q to quit--- tv = {tv_sec = 299, tv_usec = 999988} events_count = 1 msecs = ret = 1 i = j = call = #20 0xb7e5b9d0 in io_loop_run (ioloop=0x81655e0) at ioloop.c:398 No locals. #21 0xb7f02297 in imapc_client_run_pre (client=) at imapc-client.c:142 connp = prev_ioloop = 0x80984c8 #22 imapc_client_run (client=0x80c5bf0) at imapc-client.c:161 No locals. #23 0xb7f011e6 in imapc_storage_run (storage=0x80c53e8) at imapc-storage.c:118 No locals. #24 0xb7efffde in imapc_sync_index (ctx=0x80e6bb8) at imapc-sync.c:351 mbox = 0x80fd2c8 sync_rec = {uid1 = 3221222620, uid2 = 3086630900, type = 134997136, add_flags = 244 '\364', remove_flags = 63 '?', keyword_idx = 3085040665, guid_128 = "mK\361\267,\364\377\277\334\364\377\277\060\346\f\b"} seq1 = 3085537268 seq2 = 135130168 #25 imapc_sync_begin (force=, ctx_r=, mbox=0x80fd2c8) at imapc-sync.c:422 ctx = 0x80e6bb8 sync_flags = ret = #26 imapc_sync (mbox=0x80fd2c8) at imapc-sync.c:464 sync_ctx = force = #27 imapc_mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at imapc-sync.c:498 mbox = 0x80fd2c8 capabilities = changes = false ret = #28 0xb7f1668b in mailbox_sync_init (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1320 _data_stack_cur_id = 3 ctx = #29 0xb7f167cc in mailbox_sync (box=0x80fd2c8, flags=MAILBOX_SYNC_FLAG_FIX_INCONSISTENT) at mail-storage.c:1368 ctx = ---Type to continue, or q to quit--- status = {sync_delayed_expunges = 0} #30 0x08072510 in local_mailbox_open (guid=0x80e0e18, box_r=0xbffff4dc, worker=) at dsync-worker-local.c:791 lbox = 0x80ce610 box = 0x80fd2c8 metadata = {guid = "\210y\236\267\210\364\377\277\r\r?`\006\000", virtual_size = 13252281656649187328, cache_fields = 0x80fd2b8, precache_fields = 3080616300} #31 0x08072789 in iter_local_mailbox_open (iter=0x80ec1e8) at dsync-worker-local.c:826 worker = 0x80ce348 guid = 0x80e0e18 box = search_args = ret = #32 0x080729b2 in local_worker_msg_iter_next (_iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker-local.c:972 iter = 0x80ec1e8 mail = guid = #33 0x08070a69 in dsync_worker_msg_iter_next (iter=0x80ec1e8, mailbox_idx_r=0xb79e7988, msg_r=0xb79e796c) at dsync-worker.c:122 _data_stack_cur_id = 2 ret = #34 0x0806b6e1 in dsync_brain_msg_iter_next (iter=0xb79e7960) at dsync-brain-msgs.c:84 ret = 1 #35 0x0806b736 in dsync_brain_msg_sync_mailbox_end (iter1=0xb79e7960, iter2=0xb79e79b8) at dsync-brain-msgs.c:360 ret = #36 0x0806bc7b in dsync_brain_msg_sync_mailbox_more (sync=) at dsync-brain-msgs.c:392 No locals. #37 dsync_brain_msg_sync_more (sync=0xb79e7028) at dsync-brain-msgs.c:407 mailboxes = 0xb79e7070 count = 26 mailbox_idx = #38 0x0806a3ab in dsync_brain_sync_msgs (brain=) at dsync-brain.c:736 mailboxes = {arr = {buffer = 0x80f6ab8, element_size = 88}, v = 0x80f6ab8, v_modifiable = 0x80f6ab8} pool = 0x80f6aa8 ret = #39 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:857 No locals. #40 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #41 0x0806b202 in dsync_brain_subs_list_finished (brain=) at dsync-brain.c:169 No locals. ---Type to continue, or q to quit--- #42 dsync_worker_subs_input (context=0x80ed188) at dsync-brain.c:222 list = 0x80ed188 subs = {vname = 0x0, storage_name = 0x0, ns_prefix = 0x0, last_change = 0} unsubs = {name_sha1 = {guid = '\000' }, ns_prefix = 0x0, last_change = 0} ret = #43 0x0806a715 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:842 No locals. #44 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #45 0x0806b060 in dsync_brain_mailbox_list_finished (brain=) at dsync-brain.c:98 No locals. #46 dsync_worker_mailbox_input (context=0x80d73c8) at dsync-brain.c:125 list = 0x80d73c8 dsync_box = {name = 0x0, name_sep = 0 '\000', name_sha1 = {guid = '\000' }, mailbox_guid = { guid = '\000' }, uid_validity = 0, uid_next = 0, message_count = 0, first_recent_uid = 0, highest_modseq = 0, last_change = 0, flags = 0, cache_fields = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, v_modifiable = 0x0}} dup_box = 0x80d1cd0 ret = #47 0x0806a755 in dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:833 No locals. #48 dsync_brain_sync (brain=0x80c1b70) at dsync-brain.c:815 No locals. #49 0x0806b298 in dsync_brain_sync_all (brain=0x80c1b70) at dsync-brain.c:897 old_state = DSYNC_STATE_GET_MAILBOXES __FUNCTION__ = "dsync_brain_sync_all" #50 0x08068445 in cmd_dsync_start (ctx=0x809ef98, worker1=, worker2=) at doveadm-dsync.c:342 brain = 0x80c1b70 #51 0x08068aa7 in cmd_dsync_run (_ctx=0x809ef98, user=0x80b4020) at doveadm-dsync.c:387 ctx = 0x809ef98 worker1 = 0x80ce348 worker2 = 0x80ba350 workertmp = lock_path = lock = 0x809efc4 lock_fd = ret = 0 #52 0x08054510 in doveadm_mail_next_user (error_r=0xbffffa5c, ctx=0x809ef98, input=) at doveadm-mail.c:311 ret = 0 ---Type to continue, or q to quit--- #53 doveadm_mail_next_user (ctx=0x809ef98, input=, error_r=0xbffffa5c) at doveadm-mail.c:270 error = ret = #54 0x08054fd0 in doveadm_mail_cmd (cmd=0x809d000, argc=, argv=0x80981e4) at doveadm-mail.c:518 input = {module = 0x0, service = 0x807b55c "doveadm", username = 0x8098245 "mailaccount at domain.com", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = { s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x809ef98 getopt_args = wildcard_user = 0x0 error = 0xb7cbb054 "" ret = c = #55 0x08055489 in doveadm_mail_try_run (cmd_name=0x809823b "backup", argc=5, argv=0x80981d4) at doveadm-mail.c:577 cmd__foreach_end = 0x809d03c cmd = 0x809d000 cmd_name_len = 6 __FUNCTION__ = "doveadm_mail_try_run" #56 0x08054151 in main (argc=5, argv=0x80981d4) at doveadm.c:376 cmd_name = i = quick_init = false c = From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:03:06 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:03:06 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> Message-ID: <20120615200306.GA8276@daniel.localdomain> Timo Sirainen wrote: > On 10.6.2012, at 2.56, Daniel Parthey wrote: > > > doveadm search -u user at example.org -S localhost:19000 all > > produces the following error in the logs: > > dovecot: doveadm: Error: doveadm client attempted non-PLAIN authentication > > > > What am I missing? > > It's possible that this is just broken in v2.0. Try v2.1. mail01: 2.0.20 mail02: 2.1.7 mail03: 2.0.20 mail04: 2.0.20 Director for user at example.org currently points to mail02. Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), gettings segfaults on mail02 now. Got a core dump and created a gdb backtrace: mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all [...] 67b3b72453278b4f6a3d000051abeb58 447 67b3b72453278b4f6a3d000051abeb58 448 67b3b72453278b4f6a3d000051abeb58 449 67b3b72453278b4f6a3d000051abeb58 450 67b3b72453278b4f6a3d000051abeb58 451 67b3b72453278b4f6a3d000051abeb58 452 67b3b72453278b4f6a3d000051abeb58 453 67b3b72453278b4f6a3d000051abeb58 454 67b3b72453278b4f6a3d000051abeb58 455 67b3b72453278b4f6a3d000051abeb58 456 Segmentation fault (core dumped) gdb /usr/bin/doveadm /root/core (gdb) bt full #0 0x00007f953cbb9e32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007f953cc6eea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in ?? () No symbol table info available. #3 0x0000000000415667 in doveadm_print () No symbol table info available. #4 0x000000000041638d in ?? () No symbol table info available. #5 0x00007f953cf3f176 in io_loop_call_io () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #6 0x00007f953cf401ff in io_loop_handler_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #7 0x00007f953cf3f118 in io_loop_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #8 0x00007f953cf2b403 in master_service_run () from /usr/lib/dovecot/libdovecot.so.0 No symbol table info available. #9 0x0000000000414cae in ?? () No symbol table info available. #10 0x0000000000414dd2 in doveadm_mail_server_flush () No symbol table info available. #11 0x000000000041009a in ?? () No symbol table info available. #12 0x0000000000410501 in doveadm_mail_try_run () No symbol table info available. #13 0x0000000000417051 in main () No symbol table info available. Can you help to fix these segfaults, please? Regards Daniel -- https://plus.google.com/103021802792276734820 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 15 23:11:33 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 15 Jun 2012 22:11:33 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615200306.GA8276@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> Message-ID: <20120615201133.GA8541@daniel.localdomain> > mail01: 2.0.20 > mail02: 2.1.7 > mail03: 2.0.20 > mail04: 2.0.20 > > Director for user at example.org currently points to mail02. > > Compiled and installed 2.1.7 on mail02 (Ubuntu Lucid), > gettings segfaults on mail02 now. > > Got a core dump and created a gdb backtrace: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > [...] > 67b3b72453278b4f6a3d000051abeb58 447 > 67b3b72453278b4f6a3d000051abeb58 448 > 67b3b72453278b4f6a3d000051abeb58 449 > 67b3b72453278b4f6a3d000051abeb58 450 > 67b3b72453278b4f6a3d000051abeb58 451 > 67b3b72453278b4f6a3d000051abeb58 452 > 67b3b72453278b4f6a3d000051abeb58 453 > 67b3b72453278b4f6a3d000051abeb58 454 > 67b3b72453278b4f6a3d000051abeb58 455 > 67b3b72453278b4f6a3d000051abeb58 456 > Segmentation fault (core dumped) (gdb) bt full #0 0x00007ff6c763de32 in vfprintf () from /lib/libc.so.6 No symbol table info available. #1 0x00007ff6c76f2ea1 in __printf_chk () from /lib/libc.so.6 No symbol table info available. #2 0x000000000041ed4e in printf (value=0x64697567
) at /usr/include/bits/stdio2.h:105 No locals. #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 hdr = #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 headers = 0x1c37120 #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 text = 0x0 #6 server_handle_input (conn=0x1c4ab10) at server-connection.c:150 str = 0x1c28938 i = #7 server_connection_input (conn=0x1c4ab10) at server-connection.c:254 data = 0x1c4eae0 "b4f6a3d000051abeb58\t450\t67b3b72453278b4f6a3d000051abeb58\t451\t67b3b72453278b4f6a3d000051abeb58\t452\t67b3b72453278b4f6a3d000051abeb58\t453\t67b3b72453278b4f6a3d000051abeb58\t454\t67b3b72453278b4f6a3d000051ab"... size = 8192 line = reply = #8 0x00007ff6c79c3176 in io_loop_call_io (io=0x1c386d0) at ioloop.c:379 ioloop = 0x1c30820 t_id = 2 #9 0x00007ff6c79c41ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x1c35ff0 event = 0x1c36660 list = 0x1c30350 io = 0x64697567 tv = {tv_sec = 59, tv_usec = 945631} msecs = ret = i = 0 call = false #10 0x00007ff6c79c3118 in io_loop_run (ioloop=0x1c30820) at ioloop.c:398 No locals. #11 0x00007ff6c79af403 in master_service_run (service=0x1c306d0, callback=0xffffe906) at master-service.c:544 No locals. #12 0x0000000000414cae in doveadm_server_flush_one (server=0x1c46b00) at doveadm-mail-server.c:149 count = 0 #13 0x0000000000414dd2 in doveadm_mail_server_flush () at doveadm-mail-server.c:307 server = 0x1c46b00 #14 0x000000000041009a in doveadm_mail_cmd (cmd=0x1c35ca8, argc=4, argv=0x1c303a0) at doveadm-mail.c:529 ctx = 0x1c36cb0 getopt_args = 0x4336e6 "AS:u:" wildcard_user = 0x0 error = ret = 0 c = #15 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x1c303f0 "search", argc=1227192544, argv=0x437727) at doveadm-mail.c:577 cmd__foreach_end = 0x1c35e28 cmd = 0x1c35ca8 cmd_name_len = 0 __FUNCTION__ = "doveadm_mail_try_run" #16 0x0000000000417051 in main (argc=4, argv=0x1c30388) at doveadm.c:373 cmd_name = 0x1c303f0 "search" quick_init = false c = From tss at iki.fi Sat Jun 16 02:04:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:04:21 +0300 Subject: [Dovecot] doveadm backup panic In-Reply-To: <4FDB83E1.1070302@gedalya.net> References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: On 15.6.2012, at 21.50, Gedalya wrote: > #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 > old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d From tss at iki.fi Sat Jun 16 02:13:47 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:13:47 +0300 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <20120615201133.GA8541@daniel.localdomain> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> Message-ID: <1339802027.5967.31.camel@hurina> On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all .. > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > hdr = > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > headers = 0x1c37120 > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > text = 0x0 Hmm. See if the attached patch fixes it? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: text/x-patch Size: 1177 bytes Desc: not available URL: From tss at iki.fi Sat Jun 16 02:22:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Jun 2012 02:22:22 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FD8C9C8.6090608@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> Message-ID: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> On 13.6.2012, at 20.11, Angel L. Mateo wrote: > Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 Director adds proxy_refresh, but preserves proxy_timeout. From gedalya at gedalya.net Sat Jun 16 03:44:55 2012 From: gedalya at gedalya.net (Gedalya) Date: Fri, 15 Jun 2012 20:44:55 -0400 Subject: [Dovecot] doveadm backup panic In-Reply-To: References: <4FDB8250.8020600@gedalya.net> <4FDB83E1.1070302@gedalya.net> Message-ID: <4FDBD707.9030106@gedalya.net> On 06/15/2012 07:04 PM, Timo Sirainen wrote: > On 15.6.2012, at 21.50, Gedalya wrote: > >> #12 imapc_untagged_fetch (reply=0xbffff184, mbox=0x80fd2c8) at imapc-mailbox.c:349 >> old_kws = {arr = {buffer = 0x8093030, element_size = 4}, v = 0x8093030, v_modifiable = 0x8093030} > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/a28c8043842d > Yes, works now! Thank you. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 16 13:55:07 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 16 Jun 2012 12:55:07 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: Message-ID: > When i telnet to imap server and execute by hand > 1 login user password > select foldername > search body "someword" sorry it was 2 and 3 just like 1 at login. > > it works fine, and at blazing speed except first run (indexing). > i already indexed everything by doveadm index offline to prevent server > overload if multiple users (after i tell them) will try fulltext search. > > All great BUT it doesn't work in thunderbird. Just gives zero results. > > i used tcpdump to check how thunderbird executes it and it uses > > search undeleted body "someword" > > tried manually and it DOES NOT WORK. always give empty results. > > even search all body "someword" doesn't work. > > while > > search body "someword" > > > always work very well. > > what's wrong? > > # 2.1.7: /usr/local/etc/dovecot/dovecot.conf > # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no > listen = * > mail_location = maildir:~/Maildir > mail_plugins = fts fts_squat > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = } > passdb { > args = /usr/local/etc/dovecot/deny-users > deny = yes > driver = passwd-file > } > passdb { > driver = pam > } > plugin { > fts = squat > fts_squat = partial=4 full=10 > } > protocols = imap > ssl_cert = ssl_key = userdb { > driver = passwd > } > protocol imap { > mail_plugins = fts fts_squat > } > > From jonrysh at pacbell.net Sat Jun 16 22:08:27 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 12:08:27 -0700 Subject: [Dovecot] Import from Evolution Message-ID: <1339873707.2732.11.camel@amito> I need to import the mail database generated by the evolution mail reader into dovecot. Evolution stores its mail in maildir format (fully standards compatible, I think); I would be using the maildir format in dovecot. Is there anything in the wiki, etc. explaining exactly how to do this? Why do this? Evolution is hopelessly broken, and is not likely to be fixed in the forseeable future, and I would like to keep my mails in maildir form. Reviews of kmail are very bad, and thunderbird uses the mbox format for storage. Thanks in advance - jon From p at state-of-mind.de Sat Jun 16 23:16:36 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 16 Jun 2012 22:16:36 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339873707.2732.11.camel@amito> References: <1339873707.2732.11.camel@amito> Message-ID: <20120616201636.GB6858@state-of-mind.de> * Jonathan Ryshpan : > I need to import the mail database generated by the evolution mail > reader into dovecot. Evolution stores its mail in maildir format (fully > standards compatible, I think); I would be using the maildir format in > dovecot. Is there anything in the wiki, etc. explaining exactly how to > do this? > > Why do this? Evolution is hopelessly broken, and is not likely to be > fixed in the forseeable future, and I would like to keep my mails in > maildir form. Reviews of kmail are very bad, and thunderbird uses the > mbox format for storage. If it is native maildir you can configure that/your account to use maildir and simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it will create the necessary index files and you are ready to use it. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From jonrysh at pacbell.net Sun Jun 17 00:23:38 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 16 Jun 2012 14:23:38 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1339881818.2732.29.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. Sounds good. I'm sure than when you write "mailbox", you mean the folders (and not the index files) in the evolution mail database, located at ~/.local/share/evolution/mail/local and whose contents start: $ ls -lA ..#evolution.Junk.cmeta .jango.ibex.index.data ..#evolution.Trash.cmeta .jfour/ ..cmeta .jfour.cmeta ..maildir++ .jfour.ibex.index .Drafts/ .jfour.ibex.index.data .Drafts.cmeta .joer/ .Outbox/ .joer.cmeta .Outbox.cmeta .joyce/ <...> and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the system (via fetchmail and local sendmail). Please excuse me for double checking; evolution has archived 218,886 messages in 132 folders, and I want to avoid trouble if possible. Thanks for your help - jon From p at state-of-mind.de Sun Jun 17 01:04:31 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sun, 17 Jun 2012 00:04:31 +0200 Subject: [Dovecot] Import from Evolution In-Reply-To: <1339881818.2732.29.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1339881818.2732.29.camel@amito> Message-ID: <20120616220430.GB12243@state-of-mind.de> * Jonathan Ryshpan : > On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > > * Jonathan Ryshpan : > > > I need to import the mail database generated by the evolution mail > > > reader into dovecot. Evolution stores its mail in maildir format (fully > > > standards compatible, I think); I would be using the maildir format in > > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > > do this? > > > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > > fixed in the forseeable future, and I would like to keep my mails in > > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > > mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > Sounds good. > > I'm sure than when you write "mailbox", you mean the folders (and not > the index files) in the evolution mail database, located at Yes, I mean the folders and not the index files > ~/.local/share/evolution/mail/local and whose contents start: > $ ls -lA > ..#evolution.Junk.cmeta .jango.ibex.index.data > ..#evolution.Trash.cmeta .jfour/ > ..cmeta .jfour.cmeta > ..maildir++ .jfour.ibex.index > .Drafts/ .jfour.ibex.index.data > .Drafts.cmeta .joer/ > .Outbox/ .joer.cmeta > .Outbox.cmeta .joyce/ > <...> > and not $MAIL, i.e. /var/spool/mail/jonrysh, where mail arrives on the > system (via fetchmail and local sendmail). I don't mean $MAIL. > Please excuse me for double checking; evolution has archived 218,886 > messages in 132 folders, and I want to avoid trouble if possible. I am a friend of double checking. :) p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From wojtek at wojtek.tensor.gdynia.pl Sun Jun 17 15:04:22 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sun, 17 Jun 2012 14:04:22 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: >> maildir form. Reviews of kmail are very bad, and thunderbird uses the >> mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. if you want to use any of those hopeless programs just turn message caching in them (folder synchronization off in thunderbird) and login to dovecot, even on localhost. kmail v.3 is barely usable, v4 is good. From bradley.giesbrecht at gmail.com Sun Jun 17 18:19:05 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Sun, 17 Jun 2012 08:19:05 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message Message-ID: Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. I have an "doveadm search" that returns the messages that have the attachments I am after. Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? Or is there a doveadm command for this? Regards, Bradley Giesbrecht (pixilla) From daniel.parthey at informatik.tu-chemnitz.de Sun Jun 17 21:33:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 17 Jun 2012 20:33:38 +0200 Subject: [Dovecot] [Dovecot 2.1.7] SegFault on doveadm search through director proxy In-Reply-To: <1339802027.5967.31.camel@hurina> References: <20120609235603.GA17490@daniel.localdomain> <65A804FB-2F80-497C-9A96-3CC34B522FBF@iki.fi> <20120615200306.GA8276@daniel.localdomain> <20120615201133.GA8541@daniel.localdomain> <1339802027.5967.31.camel@hurina> Message-ID: <20120617183338.GA14271@daniel.localdomain> Timo Sirainen wrote: > On Fri, 2012-06-15 at 22:11 +0200, Daniel Parthey wrote: > > > mail02# doveadm -c /etc/dovecot-director/dovecot-director.conf search -u user at example.org all > .. > > #3 doveadm_print_flow_print (value=0x64697567
) at doveadm-print-flow.c:51 > > hdr = > > #4 0x0000000000415667 in doveadm_print (value=0x1c28970 "67b3b72453278b4f6a3d000051abeb58") at doveadm-print.c:65 > > headers = 0x1c37120 > > #5 0x000000000041638d in server_flush_field (conn=0x1c4ab10) at server-connection.c:111 > > text = 0x0 > > Hmm. See if the attached patch fixes it? > > diff -r a28c8043842d src/doveadm/doveadm-print.c > --- a/src/doveadm/doveadm-print.c Sat Jun 16 02:03:53 2012 +0300 > +++ b/src/doveadm/doveadm-print.c Sat Jun 16 02:13:03 2012 +0300 The patch seems to fix the problem. Thanks. Regards Daniel -- https://plus.google.com/103021802792276734820 From amateo at um.es Mon Jun 18 09:52:37 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 08:52:37 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> Message-ID: <4FDED035.1010804@um.es> El 16/06/12 01:22, Timo Sirainen escribi?: > On 13.6.2012, at 20.11, Angel L. Mateo wrote: > >> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends > > The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: > >> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 > I don't have any log like this. > "master out" must return proxy_timeout=1000. If it doesn't, then the problem is with your auth settings. > >> Jun 16 02:19:11 lmtp(11845): Debug: auth input: user=director proxy proxy_timeout=1000 host=1.2.3.4 proxy_refresh=450 > > Director adds proxy_refresh, but preserves proxy_timeout. > I can find these logs, but they don't include any proxy_timeout option, all of them are like: Jun 18 08:26:26 myotis41 dovecot: lmtp(640): Debug: auth input: user= proxy host=155.54.211.164 proxy_refresh=450 But I have found, I think, the problem... I had configured 2 user backends: !include auth-master.conf.ext !include auth-ldap.conf.ext The first for master password, and the other, to get users from a ldap directory. In my auth-ldap.conf.ext I changed the ldap driver for passdb to static (I can't check user password in the director for other reasons), so I had: passdb { driver = static args = proxy=y nopassword=y } userdb { driver = prefetch } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } so, although in the dovecot-ldap.conf.ext I have: pass_attrs = irisMailbox=userdb_mail,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,=proxy=y,=proxy_timeout=120,irisMailHost=host it seems that it isn't used and proxy_timeout it's not defined. So I have changed passdb definition to be: passdb { driver = static args = proxy=y nopassword=y proxy_timeout=120 } and now logs are like: Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 Is this correct? From voytek at sbt.net.au Mon Jun 18 09:54:15 2012 From: voytek at sbt.net.au (Voytek Eymont) Date: Mon, 18 Jun 2012 16:54:15 +1000 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing Message-ID: I'm trying to setup a new server on centos 6, from old dovecot 1.x I installed 'dovecot --version 2.1.1' from dovecot rpm I converted conf file as per migration specs, also, copied sql conf across when I try to retrieve email, log has *1: dovecot.conf -m *2 and sql conf *3 follows *1------------------------------- dovecot: master: Dovecot v2.1.1 starting up (core dumps disabled) dovecot: auth-worker(26890): mysql(127.0.0.1): Connected to database zzz dovecot: imap-login: Login: user=, method=PLAIN, rip=111.22.33.5, lip=111.22.33.4, mpid=26892, TLS dovecot: imap(name at tld): Error: user name at tld: Initialization failed: namespace configuration error: inbox=yes namespace missing dovecot: imap(name at tld): Error: Invalid user settings. Refer to server log for more information. *2----------------------------------- # doveconf -n # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_cache_size = 1 k auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:~/Maildir mail_privileged_group = mail mbox_write_locks = fcntl namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } user = root } ssl = required ssl_cert = Hi Timo, thank you very much for your quick reply. I tried that but it is not possible to SELECT such a mailbox. I have in dovecot.conf: --- mail_location=maildir:/data/messages%h namespace private { separator = / prefix = location = maildir:/data/messages%h inbox = yes list = yes } namespace public { separator = / prefix = greetings/ location = maildir:/data/greetings%h inbox = no list = yes hidden = yes } --- Messages are coming in from EXIM separated by a special HEADER into this two folders. For INBOX this works fine but not for greetings, although the maildir files are being created upon delivery. Sample IMAP Session AFTER delivering a greeting-type message: --- 01 OK Logged in. >> 02 list "" "*" * LIST (\HasNoChildren) "/" "INBOX" * LIST (\Noselect \HasChildren) "/" "greetings" * LIST (\HasNoChildren) "/" "greetings/INBOX" 02 OK List completed. >> 03 select "greetings/INBOX" 03 NO Mailbox doesn't exist: INBOX >> 04 select greetings 04 NO Mailbox doesn't exist: greetings --- What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? I am very sorry for having to bother you again, but I don't know what we are doing wrong here. (Dovecot version is 1.1.16) Guido Weiler -----Urspr?ngliche Nachricht----- Von: Timo Sirainen [mailto:tss at iki.fi] Gesendet: Montag, 11. Juni 2012 22:48 An: Guido Weiler Betreff: Re: Dovecot Maildir - How to Seperate mail folders You should be able to do this with namespaces. namespace { prefix = INBOX/VeryImportantMessages/ location = maildir:/very/important/messages hidden = yes } On 8.6.2012, at 18.09, Guido Weiler wrote: > Hello Timo, > > for one of our latest dovecot/IMAP-projects, we need to separate physical locations of some special IMAP folders. > So to make, for example the "INBOX/VeryImportantMessages"-Folder is on a completely different volume or mount point than the mails in INBOX or other user generated imap subfolders. > > Can you tell me if there is any possible way to implement this / change it in dovecots maildir implementation, or maybe it is already planned to do so in further versions of dovecot? > > We have to treat all messages in that one special folder with an extended backup scenario, and I think it would be the best if we can implement to have an additional mail_location parameter in dovecot.conf (e.g. important_mail_location). > > We are somewhat familiar with the dovecot source code since we already implemented plugins and other modifications to dovecot 1.1.16 but any advise or information is very appreciated. > > Kind regards, > > > Guido Weiler From amateo at um.es Mon Jun 18 12:56:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 11:56:56 +0200 Subject: [Dovecot] Sieve and fileinto encoding change? Message-ID: <4FDEFB68.7070807@um.es> Hello, I have changed from debian servers (debian lenny 5) running dovecot 1.1.16 to new ones with ubuntu 12.04 and dovecot 2.1.5 and now I'm having problems with sieve filters storing mails in folders with spanish characters (accents). Myh problem is the one described at http://www.dovecot.org/list/dovecot/2009-October/044061.html and http://dovecot.org/list/dovecot/2009-July/041690.html, that is, in my sieve scripts (generated with horde ingo) folder's names are in utf-7 instead of utf-8. Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... From tss at iki.fi Mon Jun 18 16:49:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:49:58 +0300 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message In-Reply-To: References: Message-ID: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. > > I have an "doveadm search" that returns the messages that have the attachments I am after. > > Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? > > Or is there a doveadm command for this? No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. From tss at iki.fi Mon Jun 18 16:50:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:50:53 +0300 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <4FDED035.1010804@um.es> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> Message-ID: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> On 18.6.2012, at 9.52, Angel L. Mateo wrote: > El 16/06/12 01:22, Timo Sirainen escribi?: >> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >> >>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >> >> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >> >>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >> > I don't have any log like this. Then you don't have auth_debug=yes. > Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 > > Is this correct? Yeah. From tss at iki.fi Mon Jun 18 16:51:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:51:42 +0300 Subject: [Dovecot] Sieve and fileinto encoding change? In-Reply-To: <4FDEFB68.7070807@um.es> References: <4FDEFB68.7070807@um.es> Message-ID: <51856467-76F5-4B86-9083-3B5DCB27C46B@iki.fi> On 18.6.2012, at 12.56, Angel L. Mateo wrote: > Although I'm planning to patch ingo, my question is why those same scripts, with utf-7 folder's names, are working with dovecot 1.1.16 but not with 2.1.5? Because in my old servers those scripts worked without any problem... Because v1.1 worked incorrectly and v2.1 works correctly :) From tss at iki.fi Mon Jun 18 16:53:39 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:53:39 +0300 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: On 18.6.2012, at 12.17, Guido Weiler wrote: > 01 OK Logged in. >>> 02 list "" "*" > * LIST (\HasNoChildren) "/" "INBOX" > * LIST (\Noselect \HasChildren) "/" "greetings" > * LIST (\HasNoChildren) "/" "greetings/INBOX" > 02 OK List completed. >>> 03 select "greetings/INBOX" > 03 NO Mailbox doesn't exist: INBOX >>> 04 select greetings > 04 NO Mailbox doesn't exist: greetings > > --- > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there isn't a mailbox with this name? > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > (Dovecot version is 1.1.16) Fixed in newer versions, upgrade. From tss at iki.fi Mon Jun 18 16:55:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 16:55:34 +0300 Subject: [Dovecot] migrating sql virtual 1 to 2, namespace configuration error: inbox=yes namespace missing In-Reply-To: References: Message-ID: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> On 18.6.2012, at 9.54, Voytek Eymont wrote: > I'm trying to setup a new server on centos 6, from old dovecot 1.x > > I installed 'dovecot --version 2.1.1' from dovecot rpm > I converted conf file as per migration specs, also, copied sql conf across .. > dovecot: imap(name at tld): Error: user name at tld: Initialization failed: > namespace configuration error: inbox=yes namespace missing Easiest fix: remove 15-mailboxes.conf Alternative fix: modify this namespace to actually work. Probably adding inbox=yes inside it is enough to do that. From tss at iki.fi Mon Jun 18 17:06:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:06:33 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: Message-ID: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> On 16.6.2012, at 13.55, Wojciech Puchar wrote: > even search all body "someword" doesn't work. > > while > > search body "someword" > > always work very well. > > what's wrong? Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Anyway, fts-lucene backend works better than fts-squat. From kruk at epsilon.eu.org Mon Jun 18 16:45:56 2012 From: kruk at epsilon.eu.org (Mariusz Kruk) Date: Mon, 18 Jun 2012 15:45:56 +0200 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location Message-ID: <4FDF3114.4070704@epsilon.eu.org> I've just stumbled across a strange thing which seems to be a bug. It happens in 2.0.9 as well as 2.0.11 in which I tested it. dovecot -n output: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.17.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) listen = * mail_location = maildir:~/mail mail_plugins = " quota listescape" mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = / type = private } passdb { driver = pam } plugin { quota = maildir:User quota quota_rule = *:storage=1G } protocols = imap ssl_cert = &1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/new", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX/test/cur", 0x7fff220ca290) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 If I either disable listescape or change namespace separator to dot, the path gets resolved correctly (although it's still wrong behaviour with '.' as separator, just happens to give right result in this case). # strace -e trace=stat doveadm quota recalc -u testimap 2>&1 | grep testimap stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/new", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/cur", 0x7fffac6b0cb0) = -1 ENOENT (No such file or directory) stat("/home/testimap/mail/.INBOX.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.INBOX.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/new", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail/.test/cur", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 stat("/home/testimap/mail", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 And in this case quota info gets updated correctly. I believe this is a bug but maybe I'm missing something about listescape configuration. Regards Mariusz Kruk From tss at iki.fi Mon Jun 18 17:08:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 17:08:46 +0300 Subject: [Dovecot] Maildir + quota + listescape = wrong dir location In-Reply-To: <4FDF3114.4070704@epsilon.eu.org> References: <4FDF3114.4070704@epsilon.eu.org> Message-ID: On 18.6.2012, at 16.45, Mariusz Kruk wrote: > I've just stumbled across a strange thing which seems to be a bug. > It happens in 2.0.9 as well as 2.0.11 in which I tested it. Listescape has some unfixable problems in v2.0. You've most likely hit one of them. v2.1 had some larger changes and fixes listescape to work perfectly. From amateo at um.es Mon Jun 18 17:47:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Mon, 18 Jun 2012 16:47:09 +0200 Subject: [Dovecot] Problem with lmtp director proxy In-Reply-To: <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> References: <4FD718A0.50605@um.es> <4FD83A26.3030209@um.es> <1339592369.25551.7.camel@innu> <4FD8AA66.7050909@um.es> <1339600677.25551.12.camel@innu> <4FD8C9C8.6090608@um.es> <72C5BD43-6254-40F1-8121-B0954739410F@iki.fi> <4FDED035.1010804@um.es> <04367574-1FFE-413C-BA54-3A213DCFBF3E@iki.fi> Message-ID: <4FDF3F6D.2030903@um.es> El 18/06/12 15:50, Timo Sirainen escribi?: > On 18.6.2012, at 9.52, Angel L. Mateo wrote: > >> El 16/06/12 01:22, Timo Sirainen escribi?: >>> On 13.6.2012, at 20.11, Angel L. Mateo wrote: >>> >>>> Ok, you were right. I was looking for logs at my log repository, which doesn't receive debug log. Nevertheless, the only auth lines I have found at the ones above, with the proxy_refresh=450. I haven't found any line with a timeout log in the proxies neither the backends >>> >>> The backend logs don't matter. Director adds the proxy_refresh. You haven't shown in your logs what auth process logs as debug messages. This is what is supposed to happen: >>> >>>> Jun 16 02:19:11 auth: Debug: master out: PASS 1 user=director proxy proxy_timeout=1000 >>> >> I don't have any log like this. > > Then you don't have auth_debug=yes. > I had this option. Relooking I have found these logs. I didn't see them before because of the format and because they aren't related with lmtp. I have them in the form: Jun 18 12:18:30 myotis41 dovecot: auth: Debug: master out: PASS#01160#011user=#011proxy#011proxy_timeout=150 >> Jun 18 08:46:18 myotis40 dovecot: lmtp(11276): Debug: auth input: user= proxy proxy_timeout=120 host=155.54.211.169 proxy_refresh=450 >> >> Is this correct? > > Yeah. Anyway, with the last change (defining the proxy_timeout at the static passdb definition, default 30 seconds timeout hasn't been applied anymore. From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 20:21:48 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 19:21:48 +0200 (CEST) Subject: [Dovecot] question about fts_squat Message-ID: i repost my question as it probably wasn't received properly - i did it just after subscribing possibly too early. thanks for answers ---------------------------------------------- just installed dovecot with fts_squat config attached after message. When i telnet to imap server and execute by hand 1 login user password select foldername search body "someword" it works fine, and at blazing speed except first run (indexing). i already indexed everything by doveadm index offline to prevent server overload if multiple users (after i tell them) will try fulltext search. All great BUT it doesn't work in thunderbird. Just gives zero results. i used tcpdump to check how thunderbird executes it and it uses search undeleted body "someword" tried manually and it DOES NOT WORK. always give empty results. even search all body "someword" doesn't work. while search body "someword" always work very well. what's wrong? # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: >> always work very well. >> >> what's wrong? > > Fixed: http://hg.dovecot.org/dovecot-2.1/rev/4ce1f9649592 Thanks. so - my post actually got right. sorry for repost! just got this delayed! > > Anyway, fts-lucene backend works better than fts-squat. Better in what respect? less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) From tss at iki.fi Mon Jun 18 20:30:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Jun 2012 20:30:21 +0300 Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: On 18.6.2012, at 20.23, Wojciech Puchar wrote: >> Anyway, fts-lucene backend works better than fts-squat. > Better in what respect? > > less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) Squat index updates are somewhat slow, especially if the index is large. From dovecot at beardz.net Mon Jun 18 20:35:29 2012 From: dovecot at beardz.net (Jase Thew) Date: Mon, 18 Jun 2012 18:35:29 +0100 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 Message-ID: <4FDF66E1.5050009@beardz.net> Hi, I upgraded from Dovecot v2.0.16 to v2.1.7 over night and I noticed this morning that one of my daily reports which lists summarised mailbox sizes per user has started listing nonsense for vsizes. The reporting script at its core calls : doveadm -f flow mailbox status -A -t 'messages vsize' '*' It appears that Dovecot 2.1.7 is not resetting the vsize after collating the sum total of mailboxes sizes for each user, so that vsize just constantly increases as it iterates over each user. Eg: # doveadm -f flow mailbox status -A -t 'messages vsize' '*' accounts at example.com messages=1 vsize=759 adam at example.com messages=0 vsize=759 amy at example.com messages=24 vsize=51699697 andy at example.com messages=5446 vsize=3220940815 anna at example.com messages=50 vsize=3224035563 careers at example.com messages=1 vsize=3224036311 craig at example.com messages=2471 vsize=4421343199 creative at example.com messages=189 vsize=4426884182 david at example.com messages=8 vsize=4440729729 davidw at example.com messages=0 vsize=4440729729 enquiries at example.com messages=1 vsize=4440730491 gemma at example.com messages=4109 vsize=6349098844 gin at example.com messages=86 vsize=6392599904 holly at example.com messages=2000 vsize=7200342663 ian at example.com messages=0 vsize=7200342663 info at example.com messages=4 vsize=7200558689 jackie at example.com messages=2 vsize=7200721146 jade at example.com messages=137 vsize=7210548548 jake at example.com messages=16667 vsize=15260532446 katie at example.com messages=1 vsize=15260533375 mark at example.com messages=0 vsize=15260533375 mike.a at example.com messages=9 vsize=15261474205 mike.s at example.com messages=296 vsize=15314352543 mike at example.com messages=6357 vsize=20631446344 nick at example.com messages=1184 vsize=21038046728 social at example.com messages=65 vsize=21038935461 will at example.com messages=85 vsize=21057572390 [SNIP] The same occurs with -u '*@example.com' in place of -A, and also for 'all' in place of 'messages vsize'. Is this expected behaviour in 2.1.x compared to 2.0.x, or have I stumbled upon a bug? Regards, Jase Thew. From admin at postia.de Mon Jun 18 20:44:38 2012 From: admin at postia.de (Martin Weil) Date: Mon, 18 Jun 2012 19:44:38 +0200 Subject: [Dovecot] dovecot-sieve and LMT Message-ID: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Dear list, My mail server is working perfectly. So I am trying to add feature after feature, until I have all the features I need. This has worked fine until now. I am trying to get dovecot-sieve to work. So I activated dovecot-lda and the sieve plugin and told postfix to use deliver instead of procmail. After restarting all services I then created a test sieve file. Obviously I have not yet understood the whole process completely because, it simply does not work. I suspect some permission problems or misconfiguration of the sieve file, but I am not sure where to look for solutions. -rw-r--r-- 1 2001 2001 116 2012-06-16 21:25 /var/mail/vmail/domain.com/user/dovecot.sieve dovecot.sieve require "fileinto"; if header :contains ["subject"] ["Test"] { fileinto ".Folder1"; } else { fileinto ".Folder2"; } Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) As far as I can tell there are no errors reported anywhere, I checked mail.log and syslog. 2001 is the virtual uid/gid of this particular user. If anyone can help me with this it would be great. The Mailserver works very well apart from this. There was one odd thing apart from this. In the docs I read that auth-master has to be running for deliver to work correctly. I did not know this before, but mails were delivered correctly after I started using deliver. So is there a need for auth-master to be running or not? Thanks a lot Martin dovecot -n output: # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-028stab091.2 i686 Ubuntu 10.04.4 LTS reiserfs log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps lda ssl: required ssl_cert_file: /home/mweil/CA/cert.pem ssl_key_file: /home/mweil/CA/key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_max_userip_connections: 25 mail_privileged_group: mail mail_uid: 10000 mail_gid: 10000 mail_location: maildir:/var/mail/vmail/%d/%n/mail mbox_write_locks: fcntl dotlock lda: postmaster_address: postmaster at domain.com mail_plugins: sieve mail_plugin_dir: /usr/lib/dovecot/modules/lda auth default: user: nobody passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: prefetch userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 432 plugin: sieve: /var/mail/vmail/%d/%u/dovecot.sieve postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix inet_interfaces = all mailbox_command = /usr/lib/dovecot/deliver mailbox_size_limit = 0 message_size_limit = 102400000 mydestination = host.domain.net, localhost, mydomain = domain.com myhostname = host.domain.com mynetworks = 127.0.0.1 myorigin = $mydomain readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_client_restrictions = smtpd_error_sleep_time = 1s smtpd_hard_error_limit = 20 smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated reject_unauth_destination reject_unverified_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_login_maps = pgsql:/etc/postfix/lookup/pgsql_sasl_senders.cf smtpd_sender_restrictions = smtpd_soft_error_limit = 10 smtpd_tls_auth_only = yes smtpd_tls_cert_file = /home/mweil/CA/cert.pem smtpd_tls_key_file = /home/mweil/CA/key.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_alias.cf virtual_gid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_gid.cf virtual_mailbox_base = /var/mail/vmail/ virtual_mailbox_domains = domain.com virtual_mailbox_limit = 0 virtual_mailbox_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_accounts.cf virtual_uid_maps = pgsql:/etc/postfix/lookup/pgsql_virtual_uid.cf From wojtek at wojtek.tensor.gdynia.pl Mon Jun 18 21:06:02 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Mon, 18 Jun 2012 20:06:02 +0200 (CEST) Subject: [Dovecot] question about fts_squat In-Reply-To: References: <2577BAC0-6D9C-4E23-8F6C-4831153C8EEA@iki.fi> Message-ID: thank you very much for help! On Mon, 18 Jun 2012, Timo Sirainen wrote: > On 18.6.2012, at 20.23, Wojciech Puchar wrote: > >>> Anyway, fts-lucene backend works better than fts-squat. >> Better in what respect? >> >> less than a second (when disk I/O was needed) fulltext search over 10000 mails doesn't look bad :) > > Squat index updates are somewhat slow, especially if the index is large. > > > From ms at mur.at Tue Jun 19 01:41:16 2012 From: ms at mur.at (Martin Schitter) Date: Tue, 19 Jun 2012 00:41:16 +0200 Subject: [Dovecot] pop3c_master_user Message-ID: <4FDFAE8C.9000208@mur.at> the configuration keyword "pop3c_master_user" mentioned in the dsync migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does not work for dovecot 2.1.7. a config line like: "pop3c_master_user = cyrus" will produce this error: doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf line 33: Unknown setting: pop3c_master_user it's not defined in: src/lib-storage/index/pop3c/pop3c-settings.* is this feature not enabled with intention? btw. another question: will 'doveadm backup' mirror all the IMAP ACL information? thanks martin From alec at alec.pl Tue Jun 19 10:51:56 2012 From: alec at alec.pl (A.L.E.C) Date: Tue, 19 Jun 2012 09:51:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> Message-ID: <4FE02F9C.5070208@alec.pl> On 06/18/2012 07:44 PM, Martin Weil wrote: > require "fileinto"; > if header :contains ["subject"] ["Test"] { > fileinto ".Folder1"; > } else { > fileinto ".Folder2"; > } > > Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) Don't add a dot on the beggining of the folder name in sieve scripts. Use fileinto :create "folder" or lda_mailbox_autocreate option to create non-existing folders. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From admin at postia.de Tue Jun 19 11:17:26 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 10:17:26 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE02F9C.5070208@alec.pl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> Message-ID: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Hi. Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. if header :contains ["subject"] ["Test"] { fileinto :create "Folder1"; } else { fileinto :create "Folder2"; } The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Thanks Martin Am 19.06.2012 um 09:51 schrieb A.L.E.C: > On 06/18/2012 07:44 PM, Martin Weil wrote: >> require "fileinto"; >> if header :contains ["subject"] ["Test"] { >> fileinto ".Folder1"; >> } else { >> fileinto ".Folder2"; >> } >> >> Of course Folder1 and Folder2 do exist. (/var/mail/vmail/domain.com/user/mail/.Folder1 and Folder2) > > Don't add a dot on the beggining of the folder name in sieve scripts. > Use fileinto :create "folder" or lda_mailbox_autocreate option to create > non-existing folders. > > -- > Aleksander 'A.L.E.C' Machniak > LAN Management System Developer [http://lms.org.pl] > Roundcube Webmail Developer [http://roundcube.net] > --------------------------------------------------- > PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From stephan at rename-it.nl Tue Jun 19 11:29:23 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 10:29:23 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> Message-ID: <4FE03863.6030403@rename-it.nl> Op 6/19/2012 10:17 AM, Martin Weil schreef: > Hi. > > Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. > > if header :contains ["subject"] ["Test"] { > fileinto :create "Folder1"; > } else { > fileinto :create "Folder2"; > } > > The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting Regards, Stephan. From admin at postia.de Tue Jun 19 12:20:21 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 11:20:21 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE03863.6030403@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> Message-ID: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Am 19.06.2012 um 10:29 schrieb Stephan Bosch: > Op 6/19/2012 10:17 AM, Martin Weil schreef: >> Hi. >> >> Thanks for your hints, I altered the file but sadly, there is no change in behavior. It's like sieve is not doing anything at all. >> >> if header :contains ["subject"] ["Test"] { >> fileinto :create "Folder1"; >> } else { >> fileinto :create "Folder2"; >> } >> >> The lda_mailbox_autocreate option seems to be a version 2.0 feature. I am using 1.2.9. > > Do your logs mention anything about LDA and Sieve being invoked? This wiki page shows a few hints on what this should look like and steps to be taken when LDA and Sieve are not being invoked: > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Troubleshooting > > Regards, > > Stephan. Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. But I am afraid sieve is still not working. Mails are still delivered to INBOX. Martin From stephan at rename-it.nl Tue Jun 19 13:44:56 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 12:44:56 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> Message-ID: <4FE05828.6020104@rename-it.nl> Op 6/19/2012 11:20 AM, Martin Weil schreef: > > Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. > > After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. > > But I am afraid sieve is still not working. Mails are still delivered to INBOX. Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. Regards, Stephan. From admin at postia.de Tue Jun 19 16:13:51 2012 From: admin at postia.de (Martin Weil) Date: Tue, 19 Jun 2012 15:13:51 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: <4FE05828.6020104@rename-it.nl> References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > Op 6/19/2012 11:20 AM, Martin Weil schreef: >> >> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >> >> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >> >> But I am afraid sieve is still not working. Mails are still delivered to INBOX. > > Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. > > Regards, > > Stephan. Thanks a lot for this tip. It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. Thanks a lot again. Martin From ef at math.uni-bonn.de Tue Jun 19 16:14:14 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Tue, 19 Jun 2012 15:14:14 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location Message-ID: <20120619131413.GN48358@trav.math.uni-bonn.de> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? I have mail_location = maildir:/import/mail/%n/:INDEX=/var/db/dovecot/indexes/%n and, in the plugin section, home = /import/mail/%n/home sieve = /import/mail/%n/dovecot.sieve sieve_dir = /import/mail/%n/sieve I would like to partially move users to another location (different file server) by using an LDAP entry. I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. The VirtualUsers/Home Wiki enty contains an example for relative paths user_attrs = .., mailDirectory=home=/var/vmail/%$ which I do not understand. From stephan at rename-it.nl Tue Jun 19 16:36:59 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Tue, 19 Jun 2012 15:36:59 +0200 Subject: [Dovecot] dovecot-sieve and LMT In-Reply-To: References: <2484ABE7-6C50-4A13-BC60-2B7A6B64FC55@postia.de> <4FE02F9C.5070208@alec.pl> <52A58089-3911-4A31-BBB4-36BBFC387918@postia.de> <4FE03863.6030403@rename-it.nl> <76CEBDAA-095B-44ED-A8CF-4FE58D2F7862@postia.de> <4FE05828.6020104@rename-it.nl> Message-ID: <4FE0807B.9070504@rename-it.nl> Op 6/19/2012 3:13 PM, Martin Weil schreef: > Am 19.06.2012 um 12:44 schrieb Stephan Bosch: > >> Op 6/19/2012 11:20 AM, Martin Weil schreef: >>> Indeed they did not. I incorrectly thought that a line in postfix's main.cf would change the delivery to deliver. That would have been true if I used local delivery. For virtual users postfix is using "virtual" by default. So I had to add deliver to postfix's master.cf and change the virtual_transport in main.cf. >>> >>> After configuring logging for deliver I can now confirm that it is used. I was mistaken by thinking local delivery is the same as virtual delivery. I could have avoided this by reading the wiki more carefully. Sorry about that. >>> >>> But I am afraid sieve is still not working. Mails are still delivered to INBOX. >> Do the logs say anything about Sieve? You can enable mail_debug in your configuration to obtain more verbose log messages about what Sieve is doing. >> >> Regards, >> >> Stephan. > > Thanks a lot for this tip. > It turned out I used the %u variable instead of %n in the path of the sieve script, so sieve was looking in a non existing directory. After correcting sieve complained about the :create statement. But after I removed it, it worked flawlessly. The :create tag doesn't work unless the mailbox extension is active; you need to add the following to the top of your Sieve script to use it: require "mailbox"; Regards, Stephan. From bradley.giesbrecht at gmail.com Tue Jun 19 16:51:06 2012 From: bradley.giesbrecht at gmail.com (Bradley Giesbrecht) Date: Tue, 19 Jun 2012 06:51:06 -0700 Subject: [Dovecot] doveadm fetch LARGE attachments and remove message [SOLVED] In-Reply-To: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> References: <2457470C-A66C-42E7-AC5E-C8B3D011631F@iki.fi> Message-ID: On Jun 18, 2012, at 6:49 AM, Timo Sirainen wrote: > On 17.6.2012, at 18.19, Bradley Giesbrecht wrote: > >> Looking at the wiki and man pages I am unsure how to fetch email attachments from a unix shell. >> >> I have an "doveadm search" that returns the messages that have the attachments I am after. >> >> Would I loop through an "doveadm fetch" and use a commandline imap client to save the attachments and move the message to the Trash? >> >> Or is there a doveadm command for this? > > No, there's currently no easy way to do this. doveadm fetch doesn't support that. You could possibly do this via IMAP, but it would be difficult to know which MIME part to fetch. Actually it's not even obvious if a MIME part is an attachment or not.. I used an imap client to create an imap folder named "unpack" , searched for the messages I needed and then moved them into the unpack folder. I then used munpack to unpack the messages from the unpack folder to a local disk directory. http://ftp.andrew.cmu.edu/pub/mpack/ Regards, Bradley Giesbrecht (pixilla) From dovecot at bestewogibt.de Tue Jun 19 20:12:40 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 19:12:40 +0200 Subject: [Dovecot] Trouble with Trash Message-ID: <4FE0B308.4040102@bestewogibt.de> Hi guys and girls, Version: 2.0.19 - running on Ubuntu 12.04 LTS Server dovecot -n: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.3.1 x86_64 Ubuntu 12.04 LTS mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } ssl_cert = was automatically rejected:%n%r } My problem is, that actually old mails in the Thrash-Folder are deleted. This is crap, because I want to look at some mails again. I'm not sure if my Thunderbird does it or Dovecot. I don't think, TB does it, there's actually no option, I think. Any ideas? P.S.: Sorry for the bad english. -- "If you haven?t found it yet, keep looking. Don?t settle." Dominic Pratt Fachinformatiker Systemintegration Handy: +49 173 8371427 From delrio at mie.utoronto.ca Tue Jun 19 20:54:47 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Tue, 19 Jun 2012 13:54:47 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0B308.4040102@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> Message-ID: <4FE0BCE7.6060809@mie.utoronto.ca> On 06/19/12 01:12 PM, Dominic Pratt wrote: > > My problem is, that actually old mails in the Thrash-Folder are > deleted. This is crap, because I want to look at some mails again. I'm > not sure if my Thunderbird does it or Dovecot. I don't think, TB does > it, there's actually no option, I think. > Thunderbird - Accounts - Server settings - Empty Trash on Exit From dovecot at bestewogibt.de Tue Jun 19 21:15:59 2012 From: dovecot at bestewogibt.de (Dominic Pratt) Date: Tue, 19 Jun 2012 20:15:59 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0BCE7.6060809@mie.utoronto.ca> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> Message-ID: <4FE0C1DF.1060900@bestewogibt.de> As already said... I don't think it's TB: http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Thanks anyway. Am 19.06.2012 19:54, schrieb Oscar del Rio: > Thunderbird - Accounts - Server settings - Empty Trash on Exit From tss at iki.fi Wed Jun 20 02:36:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 02:36:14 +0300 Subject: [Dovecot] message parser: Fixed infinite loop when parsing a specific message. Message-ID: <1340148974.5967.52.camel@hurina> I committed this change to all hg branches: http://hg.dovecot.org/dovecot-2.1/rev/4461b48fcc1f After that I realized that it doesn't actually matter, because it fixes only a situation where input buffer's size is less than 84 bytes. This happened on a test program where I was using a 64 byte buffer, but the real code in Dovecot always uses much larger buffers. So, don't worry, there's no way to actually DOS Dovecot with this. No need for distro people to create any security releases. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 20 03:32:07 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 20 Jun 2012 02:32:07 +0200 Subject: [Dovecot] Trouble with Trash In-Reply-To: <4FE0C1DF.1060900@bestewogibt.de> References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: Dominic Pratt schrieb: >As already said... I don't think it's TB: >http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg Hi Dominic, since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. Thunderbird might expire the mails in your Trash mailbox if they exceed a specified age or a specified message count. Please check your system date and the retention times of mails in your trash mailbox. Right click on the folder. Regards Daniel From a.kostyrev at serverc.ru Wed Jun 20 05:03:17 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 13:03:17 +1100 Subject: [Dovecot] director map and mysql Message-ID: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> hello! Is "doveadm director map" command suppose to work when I store "host" value in mysql table? It gives me nothing in output with no errors in log. I've successfully setup directors with static passdb, and decided to give a try setup with storing host value in mysql table. The proxying is actually working, I'm just unhappy with no output from "doveadm director map". on the other hand output from "doveadm director map" is not empty, when I configure my password_query not to return host from table. director's settings in dovecot.sql is: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } director_servers = 192.168.5.125 director_mail_servers = 192.168.5.110 192.168.5.111 service doveadm { inet_listener { port = 24245 } } protocol doveadm { auth_socket_path = director-userdb } doveadm_proxy_port = 24245 in /etc/dovecot/dovecot-sql.conf at director there's password_query = SELECT \ NULL AS password,\ 'Y' as nopassword, \ 'Y' AS proxy, \ MBOX_NAME as user, \ host2 as host \ from M_MAILBOX \ where MBOX_NAME = '%u' user_query = SELECT \ MBOX_NAME AS username, \ MAIL_DIRECTORY as home \ from M_MAILBOX \ where MBOX_NAME = '%u'; iterate_query = select MBOX_NAME AS username from M_MAILBOX; backend's conf: service doveadm { inet_listener { port = 24245 } } From tss at iki.fi Wed Jun 20 05:22:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 05:22:25 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From claude at phyto.qc.ca Wed Jun 20 05:28:39 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Tue, 19 Jun 2012 22:28:39 -0400 Subject: [Dovecot] troncated email Message-ID: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Hi, I'm on fc16 with dovecot and Claws Mail version 3.8.0 All email in INBOX are troncated as they arrive. I only get the title, from and date but no more core message could someone guide me so I find a solution for my problem. cannot lose my email Regards, Claude From a.kostyrev at serverc.ru Wed Jun 20 06:40:42 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Wed, 20 Jun 2012 14:40:42 +1100 Subject: [Dovecot] director map and mysql In-Reply-To: References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> Message-ID: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> thanks! but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? I planned to setup two dovecot storage servers where all mailboxes are mirrored between these two servers with dsync replication like described in http://www.dovecot.org/list/dovecot/2012-March/064243.html but I don't want this user to be redirected to two these servers in round-robin fashion. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Timo Sirainen Sent: Wednesday, June 20, 2012 1:22 PM To: ???????? ????????? ?????????? Cc: dovecot at dovecot.org Subject: Re: [Dovecot] director map and mysql On 20.6.2012, at 5.03, ???????? ????????? ?????????? wrote: > Is "doveadm director map" command suppose to work when I store "host" value in mysql table? > It gives me nothing in output with no errors in log. If you return a host for a user, then Dovecot does regular proxying and director doesn't know anything about the user. From jesper at dahlnyerup.dk Wed Jun 20 09:35:05 2012 From: jesper at dahlnyerup.dk (Jesper Dahl Nyerup) Date: Wed, 20 Jun 2012 08:35:05 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120611213713.GA28704@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> Message-ID: <20120620063504.GA2187@jespernyerup.dk> On Jun 11 23:37, Jesper Dahl Nyerup wrote: > We're still chasing the root cause in the kernel or the VServer patch > set. We'll of course make sure to post our findings here, and I'd very > much appreciate to hear about other people's progress. We still haven't found a solution, but here's what we've got thus far: - The issue is not VServer specific. We're able to reproduce it on recent vanilla kernels. - The issue has a strong correlation with the number of processor cores in the machine. The behavior is impossible to provoke on a dual core workstation, but is very widespread on 16 or 24 core machines. One of my colleagues has written a snippet of code that reproduces and exposes the problem, and we've sent this to the Inotify maintainers and the kernel mailing list, hoping that someone more familiar with the code will be quicker to figure out what is broken. If anyone's interested - either in following the issue or the code snippet that reproduces it - here's the post: http://thread.gmane.org/gmane.linux.kernel/1315430 As this is clearly a kernel issue, we're going to try to keep the discussion there, and I'll probably not follow up here, until the issue has been resolved. Jesper. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From klimenko.n at theitidea.ru Wed Jun 20 10:24:47 2012 From: klimenko.n at theitidea.ru (=?UTF-8?B?0J3QuNC60L7Qu9Cw0Lkg0JrQu9C40LzQtdC90LrQvg==?=) Date: Wed, 20 Jun 2012 11:24:47 +0400 Subject: [Dovecot] sieve and namespace Message-ID: <4FE17ABF.5010303@theitidea.ru> HI I'm tryin to set up sieve the way so it will put incoming message into Junk folder, which is described via namespace. Unfortunately rule doesn't work and message is put into Inbox. If i change destination folder to folder not described via namespace in the same rule the message is placed to that folder. please help dovecot 1.2.9 namespace: type: private prefix: Junk/ location: maildir:/opt/mail/Junk/INBOX:LAYOUT=fs hidden: yes list: yes subscriptions: yes From bind at enas.net Wed Jun 20 12:36:33 2012 From: bind at enas.net (Urban Loesch) Date: Wed, 20 Jun 2012 11:36:33 +0200 Subject: [Dovecot] Very High Load on Dovecot 2 and Errors in mail.err. In-Reply-To: <20120620063504.GA2187@jespernyerup.dk> References: <4FB35038.1000600@enas.net> <1337454348.4384.144.camel@innu> <4FB8C07B.5050604@enas.net> <4c605c0b2bc041f7f90300b36c716c22@us.es> <4FB8FFD7.5040301@enas.net> <20120611080907.GA11882@jespernyerup.dk> <20120611213713.GA28704@jespernyerup.dk> <20120620063504.GA2187@jespernyerup.dk> Message-ID: <4FE199A1.9090301@enas.net> Hi, yesterday I disabled the inotify as mentioned in the previous post and it works for me also. Thanks to all for the hint. On 20.06.2012 08:35, Jesper Dahl Nyerup wrote: > On Jun 11 23:37, Jesper Dahl Nyerup wrote: >> We're still chasing the root cause in the kernel or the VServer patch >> set. We'll of course make sure to post our findings here, and I'd very >> much appreciate to hear about other people's progress. > > We still haven't found a solution, but here's what we've got thus far: > > - The issue is not VServer specific. We're able to reproduce it on > recent vanilla kernels. > > - The issue has a strong correlation with the number of processor cores > in the machine. The behavior is impossible to provoke on a dual core > workstation, but is very widespread on 16 or 24 core machines. For the records: I have the problem on 2 different machines with different CPU's - PE2950 with 2x Intel Xeon X5450 3.00Ghz (8) CPU's (problem happens not so often as with PER610) - PER610 with 2x Intel Xeon X5650 2.67GHz (24) CPU's > > One of my colleagues has written a snippet of code that reproduces and > exposes the problem, and we've sent this to the Inotify maintainers and > the kernel mailing list, hoping that someone more familiar with the code > will be quicker to figure out what is broken. > > If anyone's interested - either in following the issue or the code > snippet that reproduces it - here's the post: > http://thread.gmane.org/gmane.linux.kernel/1315430 As you described on the kernel maillinglist, I can confirm. The higher the number of cpu's, the worse it gets. > > As this is clearly a kernel issue, we're going to try to keep the > discussion there, and I'll probably not follow up here, until the issue > has been resolved. > > Jesper. Thanks Urban From CMarcus at Media-Brokers.com Wed Jun 20 12:36:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 05:36:56 -0400 Subject: [Dovecot] troncated email In-Reply-To: <20120619222839.0c083529@oligoextra.phyto.qc.ca> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> Message-ID: <4FE199B8.5060304@Media-Brokers.com> On 2012-06-19 10:28 PM, Claude G?linas wrote: > I'm on fc16 with dovecot and Claws Mail version 3.8.0 We are much more interested in the dovecot version (and configuration - dovecot -n output is helpful there) than the version of Claws Mail. > All email in INBOX are troncated as they arrive. I only get the title, > from and date but no more core message > > could someone guide me so I find a solution for my problem. cannot lose > my email Since most of our Crystal Balls are broken, you will likely have to be much more precise in your request for help, by providing actual excerpts from logs while accessing mail, and you may even have to resort to enabling debugging... Start here: http://wiki2.dovecot.org/WhyDoesItNotWork Otherwise, you may get more help from a Fedora support list. -- Best regards, Charles From kayasaman at gmail.com Wed Jun 20 12:38:59 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Wed, 20 Jun 2012 10:38:59 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: Hi, I'm trying to setup Dovecot with MS AD and am using this as my guide: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm I can definitely access information on the AD server using wbinfo -g and wbinfo -u..... Currently my dovecot.conf file looks like this: # v1.1: #auth_ntlm_use_winbind = yes # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # If you're using POP3, you'll need this: #pop3_uidl_format = %g # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static allow_all_users=yes } According to the documentation I should be using: userdb static { ... } which seems to be Dovecot v1. config, and additionally the "allow_all_users=yes" statement when added seems again v1. config since Dovecot 2. won't even start? In the meantime when not using "allow_all_users" Dovecot throws up these errors: Jun 20 11:30:40 master: Warning: Killed with signal 15 (by pid=4149 uid=0 code=kill) Jun 20 11:30:48 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:30:48 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:30:59 master: Warning: Killed with signal 15 (by pid=4182 uid=0 code=kill) Jun 20 11:31:13 auth: Fatal: No passdbs specified in configuration file. LOGIN mechanism needs one Jun 20 11:31:13 master: Error: service(auth): command startup failed, throttling for 2 secs Jun 20 11:32:38 master: Warning: Killed with signal 15 (by pid=4245 uid=0 code=kill) Jun 20 11:32:58 imap-login: Warning: Auth connection closed with 1 pending requests (max 0 secs, pid=4265, EOF) Jun 20 11:32:58 auth: Fatal: master: service(auth): child 4266 killed with signal 11 (core not dumped - set service auth { drop_priv_before_exec=yes }) -- this was after adding: passdb { driver = static } to the mix. I'm using Dovecot 2.1.3 on FreeBSD 8.2 RELEASE x64. Can anyone help me configuring Dovecot to authenticate? Regards, Kaya From amateo at um.es Wed Jun 20 12:40:19 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:40:19 +0200 Subject: [Dovecot] dovecot 2.1.5 performance Message-ID: <4FE19A83.8080407@um.es> Hello, I'm migrating from 1.1.16 running in 4 debian lenny servers virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with VMWare, but I'm having lots a performance problems. I don't think that virtualization platform could be the problem, because the new servers running in xenserver has the same problems than running in vmware. I have about 70000 user accounts, most of them without real activity (they are students who doesn't read his email or have its account redirected to other provider). I have about 700-1000 concurrent imap connections. I have storage in nfs (nfsv3, the nfs server is a celerra), but indexes are in local filesystems (each server has its own index fs). Mailboxes are in maildir format. Old servers and actual director servers are load balanced with an radware appdirector load balancer (the new backend servers don't need to be balanced because I'm using a director farm) In the old platform I have scenario number 2 described at http://wiki2.dovecot.org/NFS, but in the new ones I have a director proxy directing all connections from each user to the same server (I don't specify any server for the user, director selects it according to the hash algorithm it has). Some doubts I have for the recommended in that url: * mmap_disable: both single and multi server configurations have mmap_disable=yes but in index file section says that you need it if you have your index files stored in nfs. I have it stored locally. Do I need mmap_disable=yes? What it's the best? * dotlock_use_excl: it is set to no in both configurations, but the comment says that it is needed only in nfsv2. Since I have nfs3, I have it set it to yes. * mail_nfs_storage: In single server is set to no, but in multi server it set to yes. Since I have a director in front of my backend server, what is the recommended? With this configuration, when I have a few connections (about 300-400 imap connections) everything is working fine, but when I disconnect the old servers and direct all my users' connections to the new servers I have lot of errors. server loads increments to over 300 points, with a very high io wait. With atop, I could see that of my 6 cores, I have one with almost 100% waiting for i/o and the other with almost 100% idle, but load of the server is very, very high. With the old servers, I have performance problems, access to mail is slow, but it works. But with the new ones it doesn't work at all. Any idea? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From amateo at um.es Wed Jun 20 12:46:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 11:46:09 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <4FE19BE1.6070702@um.es> On 20/06/12 11:40, Angel L. Mateo wrote: > Hello, > > I'm migrating from 1.1.16 running in 4 debian lenny servers > virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in > 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with > VMWare, but I'm having lots a performance problems. I don't think that > virtualization platform could be the problem, because the new servers > running in xenserver has the same problems than running in vmware. > > I have about 70000 user accounts, most of them without real > activity (they are students who doesn't read his email or have its > account redirected to other provider). I have about 700-1000 concurrent > imap connections. > > I have storage in nfs (nfsv3, the nfs server is a celerra), but > indexes are in local filesystems (each server has its own index fs). > Mailboxes are in maildir format. > > Old servers and actual director servers are load balanced with an > radware appdirector load balancer (the new backend servers don't need to > be balanced because I'm using a director farm) > > In the old platform I have scenario number 2 described at > http://wiki2.dovecot.org/NFS, but in the new ones I have a director > proxy directing all connections from each user to the same server (I > don't specify any server for the user, director selects it according to > the hash algorithm it has). > > Some doubts I have for the recommended in that url: > > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? > > With this configuration, when I have a few connections (about > 300-400 imap connections) everything is working fine, but when I > disconnect the old servers and direct all my users' connections to the > new servers I have lot of errors. server loads increments to over 300 > points, with a very high io wait. With atop, I could see that of my 6 > cores, I have one with almost 100% waiting for i/o and the other with > almost 100% idle, but load of the server is very, very high. > > With the old servers, I have performance problems, access to mail > is slow, but it works. But with the new ones it doesn't work at all. > > Any idea? > I forgot attaching my doveconf. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 -------------- next part -------------- # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_debug = yes auth_master_user_separator = * auth_verbose = yes default_process_limit = 1000 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_debug = yes mail_fsync = always mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n mail_nfs_storage = yes mail_privileged_group = mail maildir_stat_dirs = yes mdbox_rotate_size = 20 M passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes dovecot driver = pam } plugin { lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/ sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es service anvil { client_limit = 2003 } service auth { client_limit = 3000 unix_listener auth-userdb { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = References: <4FE19A83.8080407@um.es> <4FE19BE1.6070702@um.es> Message-ID: <4FE19EAD.4050400@ehu.es> El 20/06/12 11:46, Angel L. Mateo escribi?: > On 20/06/12 11:40, Angel L. Mateo wrote: >> Hello, >> >> I'm migrating from 1.1.16 running in 4 debian lenny servers >> virtualized with xenserver and 1 core and 5GB of RAM to 2.1.5 running in >> 4 ubuntu 12.04 servers with 6 cpu cores and 16GB of RAM virtualized with >> VMWare, but I'm having lots a performance problems. I don't think that >> virtualization platform could be the problem, because the new servers >> running in xenserver has the same problems than running in vmware. >> >> I have about 70000 user accounts, most of them without real >> activity (they are students who doesn't read his email or have its >> account redirected to other provider). I have about 700-1000 concurrent >> imap connections. >> >> I have storage in nfs (nfsv3, the nfs server is a celerra), but >> indexes are in local filesystems (each server has its own index fs). >> Mailboxes are in maildir format. >> >> Old servers and actual director servers are load balanced with an >> radware appdirector load balancer (the new backend servers don't need to >> be balanced because I'm using a director farm) >> >> In the old platform I have scenario number 2 described at >> http://wiki2.dovecot.org/NFS, but in the new ones I have a director >> proxy directing all connections from each user to the same server (I >> don't specify any server for the user, director selects it according to >> the hash algorithm it has). >> >> Some doubts I have for the recommended in that url: >> >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? >> As I see it, director ensures that only 1 server is accesing any given file, so you don't need any special conf (so mmap_disable=no & mail_nfs_storage=no) From tss at iki.fi Wed Jun 20 13:05:32 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 13:05:32 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE19A83.8080407@um.es> References: <4FE19A83.8080407@um.es> Message-ID: <1340186732.5967.71.camel@hurina> On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > * mmap_disable: both single and multi server configurations have > mmap_disable=yes but in index file section says that you need it if you > have your index files stored in nfs. I have it stored locally. Do I need > mmap_disable=yes? What it's the best? mmap_disable is used only for index files, so with local indexes use "no". (If indexes were on NFS, "no" would probably still work but I'm not sure if the performance would be better or worse. Errors would also trigger SIGBUS crashes.) > * dotlock_use_excl: it is set to no in both configurations, but the > comment says that it is needed only in nfsv2. Since I have nfs3, I have > it set it to yes. "yes" is ok. > * mail_nfs_storage: In single server is set to no, but in multi server > it set to yes. Since I have a director in front of my backend server, > what is the recommended? With director you can set this to "no". > With this configuration, when I have a few connections (about 300-400 > imap connections) everything is working fine, but when I disconnect the > old servers and direct all my users' connections to the new servers I > have lot of errors. Real errors that show up in Dovecot logs? What kind of errors? > server loads increments to over 300 points, with a > very high io wait. With atop, I could see that of my 6 cores, I have one > with almost 100% waiting for i/o and the other with almost 100% idle, > but load of the server is very, very high. Does the server's disk IO usage actually go a lot higher, or is it simply waiting without doing much of anything? I wonder if this is related to the inotify problems: http://dovecot.org/list/dovecot/2012-June/066474.html Another thought: Since indexes are stored locally, is it possible that the extra load comes simply from building the indexes on the new servers, while they already exist on the old ones? > mail_fsync = always v1.1 did the equivalent of mail_fsync=optimized. You could see if that makes a difference. > maildir_stat_dirs = yes Do you actually need this? It causes unnecessary disk IO and probably not needed in your case. > default_process_limit = 1000 Since you haven't enabled high-performance mode for imap-login processes and haven't otherwise changed the service imap-login settings, this means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. From amateo at um.es Wed Jun 20 13:49:24 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 20 Jun 2012 12:49:24 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE1AAB4.9030404@um.es> On 20/06/12 12:05, Timo Sirainen wrote: > On Wed, 2012-06-20 at 11:40 +0200, Angel L. Mateo wrote: > >> * mmap_disable: both single and multi server configurations have >> mmap_disable=yes but in index file section says that you need it if you >> have your index files stored in nfs. I have it stored locally. Do I need >> mmap_disable=yes? What it's the best? > > mmap_disable is used only for index files, so with local indexes use > "no". (If indexes were on NFS, "no" would probably still work but I'm > not sure if the performance would be better or worse. Errors would also > trigger SIGBUS crashes.) > >> * dotlock_use_excl: it is set to no in both configurations, but the >> comment says that it is needed only in nfsv2. Since I have nfs3, I have >> it set it to yes. > > "yes" is ok. > >> * mail_nfs_storage: In single server is set to no, but in multi server >> it set to yes. Since I have a director in front of my backend server, >> what is the recommended? > > With director you can set this to "no". > Ok, I'm going to change it. >> With this configuration, when I have a few connections (about 300-400 >> imap connections) everything is working fine, but when I disconnect the >> old servers and direct all my users' connections to the new servers I >> have lot of errors. > > Real errors that show up in Dovecot logs? What kind of errors? > Lot of errors like: Jun 20 12:42:37 myotis31 dovecot: imap(vlo): Warning: Maildir /home/otros/44/016744/Maildir/.INBOX.PRUEBAS: Synchronization took 278 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts) Jun 20 12:42:38 myotis31 dovecot: imap(vlo): Warning: Transaction log file /var/indexes/vlo/.INBOX.PRUEBAS/dovecot.index.log was locked for 279 seconds and in the relay server, lots of timeout errors delivering to lmtp: un 20 12:38:29 xenon14 postfix/lmtp[12004]: D48D55D4F7: to=, relay=pop.um.es[155.54.212.106]:24, delay=150, delays=0.09/0/0/150, dsn=4.4.0, status=deferred (host pop.um.es[155.54.212.106] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) >> server loads increments to over 300 points, with a >> very high io wait. With atop, I could see that of my 6 cores, I have one >> with almost 100% waiting for i/o and the other with almost 100% idle, >> but load of the server is very, very high. > > Does the server's disk IO usage actually go a lot higher, or is it > simply waiting without doing much of anything? I wonder if this is > related to the inotify problems: > http://dovecot.org/list/dovecot/2012-June/066474.html > Now we have rollbacked to the old servers, so I don't know. Next time we try, I'll check this. > Another thought: Since indexes are stored locally, is it possible that > the extra load comes simply from building the indexes on the new > servers, while they already exist on the old ones? > I don't think so, because: * In the old servers, we have no "director like" mechanism. One IP is always directed to the same server (during a session timeout, today could be one server and tomorrow another different), but mail is delivered randomly through one of the server. * Since last week (when we started migration) all mail is delivered into the mailboxes by the new servers, passing through director. So new server's indexes should be updated. >> mail_fsync = always > > v1.1 did the equivalent of mail_fsync=optimized. You could see if that > makes a difference. > I'll try this. >> maildir_stat_dirs = yes > > Do you actually need this? It causes unnecessary disk IO and probably > not needed in your case. > My fault. I understood the explanation completely wrong. I thought that yes should do what actually does no. I have fixed it. >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > I know it. I have to tune it. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From wojtek at wojtek.tensor.gdynia.pl Wed Jun 20 14:30:35 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 20 Jun 2012 13:30:35 +0200 (CEST) Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE1AAB4.9030404@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE1AAB4.9030404@um.es> Message-ID: >> > I know it. I have to tune it. > > -- he did not only changed Dovecot but OS. I would bet it is his OS problem - as he stated 100% of single core is used while 6 are available. something definitely not dovecot dependent. i would recommend installing exactly the same version of old dovecot on new OS and test it. From delrio at mie.utoronto.ca Wed Jun 20 16:45:06 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 20 Jun 2012 09:45:06 -0400 Subject: [Dovecot] Trouble with Trash In-Reply-To: References: <4FE0B308.4040102@bestewogibt.de> <4FE0BCE7.6060809@mie.utoronto.ca> <4FE0C1DF.1060900@bestewogibt.de> Message-ID: <4FE1D3E2.9010205@mie.utoronto.ca> On 06/19/12 08:32 PM, Daniel Parthey wrote: > Dominic Pratt schrieb: > >> As already said... I don't think it's TB: >> http://www.imagebanana.com/view/ht4sofoj/thunderbird.jpg > since you do not seem to have enabled the Trash plugin, Dovecot will not delete anything by itself. The only other way I can think of that Dovecot could delete messages would be if there is a "doveadm expunge" cron job running on the server. From weiler.guido at bergersysteme.com Wed Jun 20 17:06:25 2012 From: weiler.guido at bergersysteme.com (Guido Weiler) Date: Wed, 20 Jun 2012 14:06:25 +0000 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: > Date: Mon, 18 Jun 2012 16:53:39 +0300 > From: Timo Sirainen > To: Dovecot Mailing List > Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders > Message-ID: > Content-Type: text/plain; charset=us-ascii > > On 18.6.2012, at 12.17, Guido Weiler wrote: > > > 01 OK Logged in. > >>> 02 list "" "*" > > * LIST (\HasNoChildren) "/" "INBOX" > > * LIST (\Noselect \HasChildren) "/" "greetings" > > * LIST (\HasNoChildren) "/" "greetings/INBOX" > > 02 OK List completed. > >>> 03 select "greetings/INBOX" > > 03 NO Mailbox doesn't exist: INBOX > >>> 04 select greetings > > 04 NO Mailbox doesn't exist: greetings > > > > --- > > > > What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there > isn't a mailbox with this name? > > > > I am very sorry for having to bother you again, but I don't know what we are doing wrong here. > > (Dovecot version is 1.1.16) > > Fixed in newer versions, upgrade. > ------------------------------ Thank you. Can you tell me if this bug belongs to the LIST command only? Or is it generally impossible to SELECT such mailboxes with this version? Best Regards, Guido Weiler From CMarcus at Media-Brokers.com Wed Jun 20 17:19:56 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 20 Jun 2012 10:19:56 -0400 Subject: [Dovecot] Dovecot Maildir - How to Seperate mail folders In-Reply-To: References: Message-ID: <4FE1DC0C.7070008@Media-Brokers.com> Guido, when Timo says its time to upgrade, upgrade. On 2012-06-20 10:06 AM, Guido Weiler wrote: >> Date: Mon, 18 Jun 2012 16:53:39 +0300 >> From: Timo Sirainen >> To: Dovecot Mailing List >> Subject: Re: [Dovecot] Dovecot Maildir - How to Seperate mail folders >> Message-ID: >> Content-Type: text/plain; charset=us-ascii >> >> On 18.6.2012, at 12.17, Guido Weiler wrote: >> >>> 01 OK Logged in. >>>>> 02 list "" "*" >>> * LIST (\HasNoChildren) "/" "INBOX" >>> * LIST (\Noselect \HasChildren) "/" "greetings" >>> * LIST (\HasNoChildren) "/" "greetings/INBOX" >>> 02 OK List completed. >>>>> 03 select "greetings/INBOX" >>> 03 NO Mailbox doesn't exist: INBOX >>>>> 04 select greetings >>> 04 NO Mailbox doesn't exist: greetings >>> >>> --- >>> >>> What is this "\Noselect" mailbox showing up and why is it saying "greetings/INBOX" in the third row when in fact there> isn't a mailbox with this name? >>> >>> I am very sorry for having to bother you again, but I don't know what we are doing wrong here. >>> (Dovecot version is 1.1.16) >> >> Fixed in newer versions, upgrade. >> > ------------------------------ > > Thank you. Can you tell me if this bug belongs to the LIST command only? > Or is it generally impossible to SELECT such mailboxes with this version? > > Best Regards, > > Guido Weiler -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From rventura at h-st.com Wed Jun 20 18:50:43 2012 From: rventura at h-st.com (Romer Ventura) Date: Wed, 20 Jun 2012 10:50:43 -0500 Subject: [Dovecot] GlusterFS + Dovecot Message-ID: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From tss at iki.fi Wed Jun 20 19:04:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Jun 2012 19:04:02 +0300 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: On 20.6.2012, at 18.50, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? I've heard Dovecot complains about index corruption once in a while with glusterfs, even when not in multi-master mode. I wouldn't use it without some heavy stress testing first (with imaptest tool). From acrow at integrafin.co.uk Wed Jun 20 19:39:55 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Wed, 20 Jun 2012 17:39:55 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? Message-ID: <4FE1FCDB.6080503@integrafin.co.uk> Hi, I'm trying to access the IMAP archives with Thunderbird but can't seem to get it to work. I have tried an unencrypted connection, SSL and TLS but with no success. Any ideas? Thanks Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From masch at masch.it Wed Jun 20 20:07:44 2012 From: masch at masch.it (Mark Schmale) Date: Wed, 20 Jun 2012 19:07:44 +0200 Subject: [Dovecot] Problem with Dovecot 2.0/2.1 and MySQL 5.1 Message-ID: <20120620190744.4f01672f@mark_laptop> Hi everyone, since some time I got problems with dovecot & mysql. I got the problem with version 2.0.x and upgraded to 2.1.7 to check if its gone. But its not :( The logs just tell me this: dovecot: auth: Error: auth worker: Aborted request: Worker process died unexpectedly If I change to a sqlite setup, everything works fine. Here are some informations. I hope someone can tell me whats wrong with my system/setup. I really dont think that this is a bug because someone else should have hit that before me. doveconf - n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.2-hardened-r1 x86_64 Gentoo Base System release 2.1 auth_verbose = yes mail_location = maildir:~/%d/mail/%n managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail user = vmail } } ssl_cert = module = passdb_result = PASSDB_RESULT_INTERNAL_FAILURE password = 0x0 scheme = ret = __FUNCTION__ = "sql_query_callback" #2 0x00007fb891c3c940 in driver_sqlpool_query_callback (result=0x7fb891e82f60, request=0x7fb891e82e50) at driver-sqlpool.c:635 db = 0x7fb891e66540 conn = 0x0 conndb = 0x7fb891e66910 #3 0x00007fb891c3dbe0 in driver_mysql_query (db=, query=, callback=0x7fb891c3c8c0 , context=0x7fb891e82e50) at driver-mysql.c:296 result = 0x7fb891e82f60 #4 0x00007fb891c3cc41 in driver_sqlpool_query (_db=0x7fb891e66540, query=0x7fb891e561c8 "SELECT CONCAT( u.username, '@', d.name ) AS user, password FROM mail_user AS u LEFT JOIN mail_domains AS d ON u.domain = d.id WHERE u.username = 'masch' AND d.name = 'masch.it'", callback=0x7fb891c31960 , context=0x7fb891e82c08) at driver-sqlpool.c:657 db = 0x7fb891e66540 request = 0x7fb891e82e50 conn = 0x7fb891e667c0 #5 0x00007fb891c23b49 in auth_worker_handle_passv (args=0x7fb891e560b8, id=1, client=) at auth-worker-client.c:200 auth_request = 0x7fb891e82a80 passdb = password = 0x7fb891e55ff2 "somepassword" passdb_id = 1 #6 auth_worker_handle_line (line=, client=) at auth-worker-client.c:559 args = out>0x7fb891e560a8 id = 1 ret = false #7 auth_worker_input (client=0x7fb891e80650) at auth-worker-client.c:647 _data_stack_cur_id = 3 line = ret = true #8 0x00007fb89179f4b6 in io_loop_call_io (io=0x7fb891e80970) at ioloop.c:379 ioloop = 0x7fb891e5e390 t_id = 2 #9 0x00007fb8917a043f in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7fb891e69100 events = event = 0x7fb891e69170 list = 0x7fb891e809c0 io = tv = {tv_sec = 59, tv_usec = 999508} msecs = ret = 1 i = j = call = #10 0x00007fb89179ed50 in io_loop_run (ioloop=0x7fb891e5e390) at ioloop.c:398 No locals. #11 0x00007fb891786a87 in master_service_run (service=0x7fb891e5e240, callback=) at master-service.c:544 No locals. #12 0x00007fb891c289a3 in main (argc=2, argv=0x7fb891e5e080) at main.c:373 c = best regards, Mark Schmale From claude at phyto.qc.ca Thu Jun 21 02:49:16 2012 From: claude at phyto.qc.ca (Claude =?UTF-8?B?R8OpbGluYXM=?=) Date: Wed, 20 Jun 2012 19:49:16 -0400 Subject: [Dovecot] troncated email In-Reply-To: <4FE199B8.5060304@Media-Brokers.com> References: <20120619222839.0c083529@oligoextra.phyto.qc.ca> <4FE199B8.5060304@Media-Brokers.com> Message-ID: <20120620194916.44c68160@oligoextra.phyto.qc.ca> Le Wed, 20 Jun 2012 05:36:56 -0400, Charles Marcus a ?crit : > On 2012-06-19 10:28 PM, Claude G?linas wrote: > > I'm on fc16 with dovecot and Claws Mail version 3.8.0 > > We are much more interested in the dovecot version (and configuration > - dovecot -n output is helpful there) than the version of Claws Mail. > > > All email in INBOX are troncated as they arrive. I only get the > > title, from and date but no more core message > > > > could someone guide me so I find a solution for my problem. cannot > > lose my email > > Since most of our Crystal Balls are broken, you will likely have to > be much more precise in your request for help, by providing actual > excerpts from logs while accessing mail, and you may even have to > resort to enabling debugging... > > Start here: http://wiki2.dovecot.org/WhyDoesItNotWork > > Otherwise, you may get more help from a Fedora support list. > here is the dovecot -n # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 3.2.7-1.fc16.x86_64 x86_64 Fedora release 16 (Verne) disable_plaintext_auth = no mail_location = maildir:~/mail/INBOX:LAYOUT=fs maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service imap-login { inet_listener imap { address = localhost } } service pop3-login { inet_listener pop3 { address = localhost } } ssl_cert = -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 dear honorable doctor timo reading the list I saw appear a new style for the "writing of INBOX". namely this example mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = I do not know how to use it can you help me now is my config ~]# /usr/sbin/dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-32 i686 CentOS release 5.8 (Final) auth_mechanisms = plain login base_dir = /var/run/dovecot/ lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = [::] log_path = /var/log/maillog log_timestamp = %Y-%m-%d %H:%M:%S login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c mail_debug = yes mail_location = maildir:~/Maildir mail_max_userip_connections = 30 mail_plugins = " quota trash zlib" mailbox_list_index = yes maildir_broken_filename_sizes = yes managesieve_notify_capability = mailto managesieve_sieve_capability = comparator-i;octet comparator-i;ascii-casemap fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date spamtest spamtestplus virustest namespace { inbox = yes location = prefix = separator = . } passdb { driver = pam } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Sent autocreate4 = Drafts autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Sent autosubscribe4 = Drafts deleted_to_trash_folder = Trash plugin = $mail_plugins autocreate managesieve sieve quota quota = maildir:User quota quota_exceeded_message = Quota exceeded, please go to http://www.fakessh.eu/over_quota_help.html for instructions on how to fix this. quota_rule = *:storage=10GB quota_rule2 = Trash:storage=+10% quota_rule3 = Spam:storage=+20% quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /var/sieve-scripts/roundcube.sieve sieve_dir = ~/sieve sieve_global_path = whatever trash = /etc/dovecot/dovecot-trash.conf.ext zlib_save = bz2 zlib_save_level = 9 } protocols = sieve imap pop3 service anvil { client_limit = 6000 } service auth { client_limit = 6000 process_limit = 1 unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0600 user = postfix } unix_listener auth-master { mode = 0666 } unix_listener auth-userdb { mode = 0666 } vsz_limit = 64 M } service imap-login { client_limit = 0 inet_listener imap { port = 0 } inet_listener imaps { address = * , [::] port = 993 } process_limit = 1024 service_count = 1 vsz_limit = 64 M } service imap { process_limit = 1024 process_min_avail = 0 service_count = 1 vsz_limit = 64 M } service managesieve-login { inet_listener managesieve-login { address = * , [::] port = 2000 } process_limit = 1 vsz_limit = 64 M } service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { address = * , [::] port = 995 } process_limit = 1 vsz_limit = 64 M } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = mail } user = dovecot } ssl_ca = References: <7F977326-C48A-4907-8A02-512B83B347F9@iki.fi> Message-ID: Timo, thanks Timo Sirainen wrote: >Easiest fix: remove 15-mailboxes.conf > This didn't seem to fix it, though, perhaps I failed to test it properly >Alternative fix: modify this namespace to actually work. Probably >adding inbox=yes inside it is enough to do that. With some trepidation, I inserted the string where I thought it should go, and, bingo, it started working as expected. I probably should removed the full path from SQL query, and put in the Conf file as docs suggest, but I might leave that for another day. Thank you again, Voytek -- Swyped on Motrix with K-9 Mail. Please excuse my brevity. From p at state-of-mind.de Thu Jun 21 09:32:52 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Thu, 21 Jun 2012 08:32:52 +0200 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <4FE264AB.1090600@smtp.fakessh.eu> References: <4FE264AB.1090600@smtp.fakessh.eu> Message-ID: <20120621063252.GB2417@state-of-mind.de> * ml : > dear honorable doctor timo > > reading the list I saw appear a new style for the "writing of INBOX". > namely this example > > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = This 'new' type of writing defines mailboxes for SPECIAL-USE as defined in http://tools.ietf.org/rfc/rfc6154.txt. > I do not know how to use it can you help me now is my config If your mail clients support it, they will automatically map their mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you have assigned the respective $special_use option to. If they don't nothing will change. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 316 bytes Desc: Digital signature URL: From kayasaman at gmail.com Thu Jun 21 09:36:58 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Thu, 21 Jun 2012 07:36:58 +0100 Subject: [Dovecot] Dovecot not liking AD config from wiki?? Message-ID: I think the issue seems to be the mechanism between Dovecot and AD, so basically PAM..... I adapted my pam.d file to this: # auth auth sufficient pam_krb5.so no_warn try_first_pass debug #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account #account required pam_nologin.so #account required pam_unix.so account required pam_krb5.so in the hope that this config would work: userdb { driver = static args = uid=501 gid=501 home=/mail/%u driver = static # args = uid=500 gid=500 home=/ZPOOL_1/%u # allow_all_users=yes } passdb { driver = pam } However I am still having issues :-( Regards, Kaya From stan at hardwarefreak.com Thu Jun 21 10:50:02 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 21 Jun 2012 02:50:02 -0500 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D22A.9050200@hardwarefreak.com> On 6/20/2012 10:50 AM, Romer Ventura wrote: > Has anyone used GlusterFS as storage file system for dovecot or any other > email system? I have not, but can tell you from experience and education that distributed filesystems don't work well with transactional workloads such as IMAP and SMTP. The two reasons are high latency and problems with file locking, as Timo mentioned. Instead of asking if anyone here has tried to use GlusterFS, why not describe your situation and ask for advice on a solution? That usually works much better, and you gain valuable insight. -- Stan From robert at schetterer.org Thu Jun 21 10:57:43 2012 From: robert at schetterer.org (Robert Schetterer) Date: Thu, 21 Jun 2012 09:57:43 +0200 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <4FE2D3F7.5000709@schetterer.org> Am 20.06.2012 17:50, schrieb Romer Ventura: > Hello, > > > > Has anyone used GlusterFS as storage file system for dovecot or any other > email system..? > > > > It says that it can be presented as a NFS, CIFS and as GlusterFS using the > native client, technically using the client would allow the machine to read > and write to it, therefore, I think that Dovecot would not care about it. > Correct? > > > > Anyone out there used this setup?? > > > > Thanks. > > reading the faqs i wouldnt recommend it yet, but as Timo said try with performance tests first -- Best Regards MfG Robert Schetterer From amateo at um.es Thu Jun 21 11:44:56 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 10:44:56 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <1340186732.5967.71.camel@hurina> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> Message-ID: <4FE2DF08.7040400@um.es> El 20/06/12 12:05, Timo Sirainen escribi?: > >> default_process_limit = 1000 > > Since you haven't enabled high-performance mode for imap-login processes > and haven't otherwise changed the service imap-login settings, this > means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. > According to http://wiki2.dovecot.org/LoginProcess Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? From zimmys76 at web.de Thu Jun 21 11:46:50 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 21 Jun 2012 10:46:50 +0200 Subject: [Dovecot] public namespace Message-ID: <015301cd4f8a$68b0f0c0$3a12d240$@web.de> Hello, dovecot -n # 2.0.18: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid mail_gid = 5000 mail_location = maildir:~:INDEX=/var/mail/indexes/%d/%n mail_privileged_group = vmail mail_uid = 5000 namespace { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace { list = children location = maildir:/var/mail/vhosts/%d/public:INDEX=/var/mail/indexes/%d/%n/public prefix = Public/ separator = / subscriptions = no type = public } i?m a little bit confused but I hope I find help here. The user mailboxes work perfectly just the public mailbox is a little bit tricky I expect that all public maildirs be placed under /var/mail/vhosts/%d/public. ?They are created by defining a public namespace, under which all the shared mailboxes are?. For those special users, I have set the maillocation via passwd file to /%d/public/%n, all other users have /%d/%n. So we have following folder structure \public \public\.info \public\.lager \public\.buchhaltung And so on That?s works fine, but with subfolder start the problems. When the info-?user? loggs on and creates a subfolder under his INBOX(called hust2) then no other people can see this. Otherside, if a ?normal? user creates a folder in public folder info(called hust), the info ?user? can? t see this one. If I look to filesystem, the reason is clear: %d/public/.info# ls -la insgesamt 32 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 cur -rwxrwx---+ 1 vmail vmail 51 Jun 21 09:50 dovecot-uidlist -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:50 dovecot-uidvalidity.4fe04b06 drwx--S---+ 5 vmail vmail 78 Jun 19 11:54 .INBOX.hust2 drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 new -rw-rw----+ 1 vmail vmail 18 Jun 19 11:51 subscriptions drwx--S---+ 2 vmail vmail 6 Jun 19 11:50 tmp drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .Trash %d/public# ls -la insgesamt 16 -rw-rw----+ 1 vmail vmail 8 Jun 19 11:51 dovecot-uidvalidity -r--r-----+ 1 vmail vmail 0 Jun 19 11:51 dovecot-uidvalidity.4fe04b36 drwx--S---+ 7 vmail vmail 4096 Jun 21 09:50 .info drwx--S---+ 5 vmail vmail 78 Jun 21 09:51 .info.hust A look to the info mailbox makes it clear: info at BLABLA \INBOX \hust2 >create by info user in his mailbox \Trash \Public \info >his own public share \hust >create by other user in public folder What I need is: %d/public/lager/cur %d/public/lager/new %d/public/lager/tmp %d/public/lager/.foo %d/public/lager/.foo.bar %d/public/ info /cur %d/public/ info /new %d/public/ info /tmp %d/public/info/.hust %d/public/info/.hust.deeperhust %d/public/info/.hust2 All public maildirs under /%d/public/%n Must I create a namespace for all public maildirs?: namespace { location = maildir:/var/mail/vhosts/%d/public/info } namespace { location = maildir:/var/mail/vhosts/%d/public/lager } I can? t figure out on my own, please give me an explanation. Thanks for soon comment. Daniel From tss at iki.fi Thu Jun 21 12:53:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 12:53:59 +0300 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <4FE2DF08.7040400@um.es> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> Message-ID: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> On 21.6.2012, at 11.44, Angel L. Mateo wrote: > El 20/06/12 12:05, Timo Sirainen escribi?: >> >>> default_process_limit = 1000 >> >> Since you haven't enabled high-performance mode for imap-login processes >> and haven't otherwise changed the service imap-login settings, this >> means that you can have max. 1000 simultaneous IMAP SSL/TLS connections. >> > According to http://wiki2.dovecot.org/LoginProcess > > Since one login process can handle only one connection, the service's process_limit setting limits the number of users that can be logging in at the same time (defaults to default_process_limit=100). > > I understood this as there can only be up to 100 (or 1000 in my case) concurrently trying to log in, but once the user logs, the imap-login process ends (starting corresponding imap processes) and another users could log in. So there could be more than 100 users connected, but up to 100 trying to connect. Am I wrong? > > If I am wrong, why in my system there is no imap-login processes (or just a few) but a lot of imap? Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. I guess you don't have many SSL/TLS connections. From amateo at um.es Thu Jun 21 13:01:10 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Jun 2012 12:01:10 +0200 Subject: [Dovecot] dovecot 2.1.5 performance In-Reply-To: <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> References: <4FE19A83.8080407@um.es> <1340186732.5967.71.camel@hurina> <4FE2DF08.7040400@um.es> <38362A8F-90FE-4C7F-BFF9-9AA80DFDD4C2@iki.fi> Message-ID: <4FE2F0E6.1020406@um.es> El 21/06/12 11:53, Timo Sirainen escribi?: > > Look at the next sentence also: SSL/TLS proxying processes are also counted here, so if you're using SSL/TLS you'll need to make sure this count is higher than the maximum number of users that can be logged in simultaneously. > > I guess you don't have many SSL/TLS connections. I'm not using SSL/TLS (it is done by a ssl accelerator, so connections to backend is plain) From CMarcus at Media-Brokers.com Thu Jun 21 14:12:43 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 21 Jun 2012 07:12:43 -0400 Subject: [Dovecot] how to use new style namespace for INBOX In-Reply-To: <20120621063252.GB2417@state-of-mind.de> References: <4FE264AB.1090600@smtp.fakessh.eu> <20120621063252.GB2417@state-of-mind.de> Message-ID: <4FE301AB.3070403@Media-Brokers.com> On 2012-06-21 2:32 AM, Patrick Ben Koetter

wrote: > This 'new' type of writing defines mailboxes for SPECIAL-USE as > defined in http://tools.ietf.org/rfc/rfc6154.txt. > > If your mail clients support it, they will automatically map their > mailboxes for Sent, Junk, Trash, Drafts etc. to whatever mailbox you > have assigned the respective $special_use option to. > > If they don't nothing will change. Out of curiosity, do you (or does anyone else) know of a list of clients that do (or don't) support this (what I consider to be most *excellent*) feature? Specifically, what about the most problematic clients I know of - Outlook and Apple Mail? Maybe the wiki could be updated with this info, and us users could keep it up to date as time goes on? -- Best regards, Charles From tompru at jla.rutgers.edu Thu Jun 21 17:48:29 2012 From: tompru at jla.rutgers.edu (Tom Pawlowski) Date: Thu, 21 Jun 2012 10:48:29 -0400 Subject: [Dovecot] doveadm proxy kick in director setups Message-ID: <20120621144829.GA8792@hawkeye.rutgers.edu> Something I noticed on a 2.1.7 director test cluster (two directors, three backends): 'doveadm proxy kick user' will kick all connections for that user on that director only. Any additional connections on other directors will remain active unless the command is run on all directors. Are the proxy and director sub-commands intended to be separate and distinct in their operation? If so, then this makes sense, as a proxy isn't necessarily a director. Are there any plans for a proxy kick equivalent that would work across directors? -- Tom Pawlowski OIT-CSS System Administrator office: Hill 145 email: tompru at jla.rutgers.edu phone: (732) 445-2634 From emailbuilder88 at yahoo.com Thu Jun 21 21:05:24 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:05:24 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) Message-ID: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Hi, We are building a new system that will support a large number of users (high volume, high concurrent usage, etc).? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP.? It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this.? Am I correct or is it less clear-cut? Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? TIA From tss at iki.fi Thu Jun 21 21:13:21 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 21:13:21 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> On 21.6.2012, at 21.05, email builder wrote: > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. It's my (lay) understanding that with indexing and perhaps other things in Dovecot, it might perform better than Courier in larger environments like this. Am I correct or is it less clear-cut? If you disable index index files in Dovecot, its performance should be slightly better than Courier. With index files the performance is typically much better in Dovecot, especially if you use a (non-caching) webmail. > Any tips on making the migration (not migrating an existing system, I mean migrating our paradigm - things to consider, things to watch out for)? If you don't migrate any existing users, I guess this doesn't differ much from any other optimized Dovecot installation. Usually large installations (>1M users) use NetApp NFS + Dovecot director. You might also want to enable full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other things. From emailbuilder88 at yahoo.com Thu Jun 21 21:32:46 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 11:32:46 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files Message-ID: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. I know Sieve scripts are plain text files, but need to be compiled for use.? I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly.? But a couple questions: * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script?? I would need to replicate this manually. * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user?? Are there issues with this? * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Thank you From emailbuilder88 at yahoo.com Thu Jun 21 23:05:25 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 13:05:25 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> Message-ID: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Thank you very much for the fast reply. >> We are building a new system that will support a large number of users >> (high volume, high concurrent usage, etc).? We have played with Dovecot, but in >> most serious applications we have traditionally used Courier IMAP.? It's my >> (lay) understanding that with indexing and perhaps other things in Dovecot, it >> might perform better than Courier in larger environments like this.? Am I >> correct or is it less clear-cut? > > If you disable index index files in Dovecot, its performance should be slightly > better than Courier. With index files the performance is typically much better > in Dovecot, especially if you use a (non-caching) webmail. Interesting.? What would be the motivations for disabling indexing? Indexing is by default enabled? Do you know what webmails are caching vs. non-caching?? Am I correct that what you're pointing out is that with non-caching webmails you will notice IMAP performance differences more readily but that a caching webmail application might be better no matter which IMAP server because it reduces the need for webmail to make IMAP connections? >> Any tips on making the migration (not migrating an existing system, I mean >> migrating our paradigm - things to consider, things to watch out for)? > > If you don't migrate any existing users, I guess this doesn't differ > much from any other optimized Dovecot installation. Usually large installations > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > things. Ah, I didn't know about Director.? That looks very nice.? I had in mind that we would have to use Perdition, but an integrated solution might be good. Anyone have any thoughts or opinions considering Perdition vs. Director? Full text searches don't hurt performance too bad? Thanks for the other links, I will certainly go read up on them. From tss at iki.fi Thu Jun 21 23:22:44 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:22:44 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <1340310164.5967.86.camel@hurina> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: > Thank you very much for the fast reply. > > >> We are building a new system that will support a large number of users > > >> (high volume, high concurrent usage, etc). We have played with Dovecot, but in > >> most serious applications we have traditionally used Courier IMAP. It's my > >> (lay) understanding that with indexing and perhaps other things in Dovecot, it > >> might perform better than Courier in larger environments like this. Am I > >> correct or is it less clear-cut? > > > > If you disable index index files in Dovecot, its performance should be slightly > > better than Courier. With index files the performance is typically much better > > in Dovecot, especially if you use a (non-caching) webmail. > > Interesting. What would be the motivations for disabling indexing? > Indexing is by default enabled? Yes, enabled by default. There aren't many good reasons for disabling indexing. > Do you know what webmails are caching vs. non-caching? Nearly all of them are non-caching. (I don't know of any caching ones.) > Am I correct that what you're pointing out is that with non-caching > webmails you will notice IMAP performance differences more readily > but that a caching webmail application might be better no matter > which IMAP server because it reduces the need for webmail to make > IMAP connections? It's not about the IMAP connections themselves, but how often they fetch message (meta)data. http://www.imapwiki.org/Benchmarking should explain this better. Dovecot's indexing can lower the disk I/O usage perhaps by 10x compared to Courier. > >> Any tips on making the migration (not migrating an existing system, I mean > >> migrating our paradigm - things to consider, things to watch out for)? > > > > If you don't migrate any existing users, I guess this doesn't differ > > much from any other optimized Dovecot installation. Usually large installations > > (>1M users) use NetApp NFS + Dovecot director. You might also want to enable > > full text searches. http://wiki2.dovecot.org/PerformanceTuning lists some other > > things. > > Ah, I didn't know about Director. That looks very nice. I had in mind that > we would have to use Perdition, but an integrated solution might be good. > > Anyone have any thoughts or opinions considering Perdition vs. Director? Dovecot proxy has several Dovecot-specific features that make it work better than perdition (forwards client IP address to backend, handle CAPABILITY stuff better, maybe other things). > Full text searches don't hurt performance too bad? They should improve the performance, at least from the user's point of view when doing a search on webmail. But yes, the indexing itself does cost CPU cycles, disk I/O and disk usage (perhaps 30% more disk space). From h.reindl at thelounge.net Thu Jun 21 23:34:15 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:34:15 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38547.4060407@thelounge.net> Am 21.06.2012 22:22, schrieb Timo Sirainen: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) roundcube can if configured additionally you should install imapproxy on the webserver wehre your webmail is running and configure the webmail for using 127.0.0.1 - so only one connection per user is persistent instead make a new one for each ajax-request -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From lists at necoro.eu Thu Jun 21 23:37:55 2012 From: lists at necoro.eu (=?UTF-8?B?UmVuw6kgTmV1bWFubg==?=) Date: Thu, 21 Jun 2012 22:37:55 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <4FE38623.5050303@necoro.eu> Am 21.06.2012 22:22, schrieb Timo Sirainen: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) At least roundcube (v0.7.1 here) has some caching options: ------------------[excerpt from roundcubes main.inc.php]------------- // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. $rcmail_config['imap_cache'] = null; // Enables messages cache. Only 'db' cache is supported. $rcmail_config['messages_cache'] = false; -------------------------[end]---------------------------------------- But I don't know, whether this is the sort of caching you are referring to. - Ren? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From bdh at machinehum.com Thu Jun 21 23:37:52 2012 From: bdh at machinehum.com (Brian Hayden) Date: Thu, 21 Jun 2012 15:37:52 -0500 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: On Jun 21, 2012, at 3:22 PM, Timo Sirainen wrote: > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Thank you very much for the fast reply. >> >>>> We are building a new system that will support a large number of users >> >>>> (high volume, high concurrent usage, etc). We have played with Dovecot, but in >>>> most serious applications we have traditionally used Courier IMAP. It's my >>>> (lay) understanding that with indexing and perhaps other things in Dovecot, it >>>> might perform better than Courier in larger environments like this. Am I >>>> correct or is it less clear-cut? >>> >>> If you disable index index files in Dovecot, its performance should be slightly >>> better than Courier. With index files the performance is typically much better >>> in Dovecot, especially if you use a (non-caching) webmail. >> >> Interesting. What would be the motivations for disabling indexing? >> Indexing is by default enabled? > > Yes, enabled by default. There aren't many good reasons for disabling > indexing. > >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) Prayer, from University of Cambridge, or Chickadee, a fork of it. It's essentially a proper IMAP client in C that runs on a server, and uses HTTPS (via an embedded server, no external dependency on apache or etc.) to the end user just to deliver the display. When I was on the email project for the University of Minnesota, I modified it heavily for interface and to add some features that admins are used to having in systems where apache is involved (virtual hosts, things like that). I have it available (GPL) as a vanilla, de-branded package--Chickadee. Website is currently offline as I've been switching hosts, anyone who's interested can feel free to drop me a line. -Brian From tss at iki.fi Thu Jun 21 23:44:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:44:33 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38547.4060407@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> Message-ID: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> On 21.6.2012, at 23.34, Reindl Harald wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >>> Do you know what webmails are caching vs. non-caching? >> >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > roundcube can if configured > > additionally you should install imapproxy on the webserver > wehre your webmail is running and configure the webmail for > using 127.0.0.1 - so only one connection per user is > persistent instead make a new one for each ajax-request Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. From h.reindl at thelounge.net Thu Jun 21 23:48:03 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:48:03 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <4FE38883.8000808@thelounge.net> Am 21.06.2012 22:44, schrieb Timo Sirainen: > On 21.6.2012, at 23.34, Reindl Harald wrote: > >> Am 21.06.2012 22:22, schrieb Timo Sirainen: >>>> Do you know what webmails are caching vs. non-caching? >>> >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> roundcube can if configured >> >> additionally you should install imapproxy on the webserver >> wehre your webmail is running and configure the webmail for >> using 127.0.0.1 - so only one connection per user is >> persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. depends on network-latency, parallel users and last but not least count of folders - if you have 30 folders and roundcube refreshs every 20 seconds it will make in the worst case 180 connections for one user per minute maybe a bechmark with high load shows other values but felt performance in our setup is much better with imapproxy in front - roundcube feels like a desktop client -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:52:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:52:22 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? From h.reindl at thelounge.net Thu Jun 21 23:54:23 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 21 Jun 2012 22:54:23 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> Message-ID: <4FE389FF.2080106@thelounge.net> Am 21.06.2012 22:52, schrieb Timo Sirainen: > On 21.6.2012, at 23.48, Reindl Harald wrote: > >>> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. >> >> depends on network-latency, parallel users and last but >> not least count of folders - if you have 30 folders and >> roundcube refreshs every 20 seconds it will make in the >> worst case 180 connections for one user per minute > > Really? Doesn't it simply connect once every 20 seconds and send 30 STATUS requests in one connection? not 100% sure i simply tried it with proxy, was happy that it feels faster and last but not least i have lesser entries in maillog which goes to a central mysql-server for self-developed web-interfaces -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Thu Jun 21 23:57:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Jun 2012 23:57:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38883.8000808@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> Message-ID: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> On 21.6.2012, at 23.48, Reindl Harald wrote: >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > > depends on network-latency, parallel users and last but > not least count of folders - if you have 30 folders and > roundcube refreshs every 20 seconds it will make in the > worst case 180 connections for one user per minute > > maybe a bechmark with high load shows other values > > but felt performance in our setup is much better with > imapproxy in front - roundcube feels like a desktop client Oh, and of course it also depends on Dovecot configuration :) Authentication cache is needed and login processes must be in high performance mode. There is still the extra work of forking a new imap process (could also be avoided with yet another config option) and some other extra CPU usage, but those shouldn't cause much of a difference. The extra network latency during login is a good point though. From slusarz at curecanti.org Fri Jun 22 00:07:52 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:07:52 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: <20120621150752.Horde.Mln7K4F5lbhP440ot73xbcA@bigworm.curecanti.org> Quoting Timo Sirainen : > On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >> Do you know what webmails are caching vs. non-caching? > > Nearly all of them are non-caching. (I don't know of any caching ones.) IMP is caching (message/mailbox/folder listing), with full QRESYNC/CONDSTORE support. michael From lists at wildgooses.com Fri Jun 22 00:48:31 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:48:31 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE389FF.2080106@thelounge.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> Message-ID: <4FE396AF.4070309@wildgooses.com> On 21/06/2012 21:54, Reindl Harald wrote: > and last but not least i have lesser entries in maillog which > goes to a central mysql-server for self-developed web-interfaces I recently added imapproxy to my Roundcube installation. Benchmarks showed a very slight slowdown, but as you point out it reduced the login count from dovecot and I use a login script to kind of report last login / length of session and this tallies better with an imap desktop user now I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) On average I think few users should use it.. Or at least benchmark and add it reluctantly... Ed From lists at wildgooses.com Fri Jun 22 00:55:04 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 21 Jun 2012 22:55:04 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE39838.1030508@wildgooses.com> On 21/06/2012 21:37, Ren? Neumann wrote: > Am 21.06.2012 22:22, schrieb Timo Sirainen: >> On Thu, 2012-06-21 at 13:05 -0700, email builder wrote: >>> Do you know what webmails are caching vs. non-caching? >> Nearly all of them are non-caching. (I don't know of any caching ones.) > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. > > - Ren? It is caching, but unless your mysql / memcache server is lower latency than your dovecot server, then the caching does very little. I tested it very briefly and it added a lot of latency to my results when adding a mysql cache. However, my setup has the mysql/dovecot/roundcube all on the same machine, so latency is minimal. Roughly I found that the amount of caching is absolutely massive, eg roughly subject headers, message ids and more for every message in every folder. This meant multiple seconds of latency on first login and then slight additional latency on every folder view. I guess this might breakeven in the situation of a roundcube installation in an office and dovecot on the far end of an ADSL line with 60-100ms+ of latency and bandwidth constraints, but it's really, really hard to see it's sensible for two machines in the same datacenter with an uncontended network connection between them This isn't to say that the caching isn't sensible for use with other mail servers, but I don't see it offers any benefit for most Dovecot installations? However, very clever and full featured webmail client! Ed W P.S. Sogo has a kind of caching in that it has a clientside javascript cache. Not what was meant, but for all practical purposes much more useful... From slusarz at curecanti.org Fri Jun 22 00:58:01 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Thu, 21 Jun 2012 15:58:01 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE396AF.4070309@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> Message-ID: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Quoting Ed W : > I think the conclusion is that imapproxy is not necessary. There > are some advantages (eg with high network latency between web and > imap server, and reducing apparent login count), and some > disadvantages (extra complexity, slowdown) Not entirely true. See this thread: http://markmail.org/thread/z7ctwle2go6zafas Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. michael From tss at iki.fi Fri Jun 22 01:12:04 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 01:12:04 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: On 22.6.2012, at 0.58, Michael M Slusarz wrote: >> I think the conclusion is that imapproxy is not necessary. There are some advantages (eg with high network latency between web and imap server, and reducing apparent login count), and some disadvantages (extra complexity, slowdown) > > Not entirely true. See this thread: > > http://markmail.org/thread/z7ctwle2go6zafas > > Thread in short: imapproxy provides benefits for more MUAs that take advantage of the XIMAPPROXY feature (only IMP, AFAIK), and Timo is/was considering adding a similar state saving feature to Dovecot 2.2. Well, I had completely forgotten about it :) Reading my old mail: > There isn't a whole lot of state to be saved really. Mailbox GUID, UIDVALIDITY, > HIGHESTMODSEQ gives the mailbox state. Then you have the language/etc. states. > Clients could restore their earlier state from days ago, as long as Dovecot > still has the necessary .log records available (similar to how QRESYNC works). Yeah .. Perhaps something like: 1. if client issues LOGOUT XSTATE 2. And server sees that it can actually save all of the state (some things are a bit tricky, and probably not worth the trouble in initial implementation) 3. Then the server server sends * OK XSTATE * BYE 4. The client can pipeline after LOGIN/AUTHENTICATE: a XSTATERESTORE a OK Yeah! or a NO Not gonna work. Perhaps even a real RFC for this thing? .. If it's worth it.. Would save at least a few X bytes from network traffic :) From yggdrasil at gmx.co.uk Fri Jun 22 02:28:10 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 00:28:10 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve Message-ID: <87y5ng1bzp.fsf@gmx.co.uk> Hi, I am trying to st up Offlineimap to use Dovecots LDA to be able to use Sieve for mail filtering, but am not sure how to get this working. I think the right way would be to use 'preauthtunnel' in .offlineimaprc and try the setup below, which doesn't work. ,----.offlineimaprc | [Repository LocalRepository] | type = IMAP | preauthtunnel = ssh -q localhost '/usr/libexec/dovecot/deliver -d myloginid' `---- If I go via the network card, the snch is fine, but Sieve can't be used? ,---- | [Repository LocalRepository] | type = IMAP | preauthtunnel = MAIL=maildir:$HOME/Maildir/myMailDir /usr/libexec/dovecot/deliver -d mylogonid | remotehost = localhost | port = 143 | remoteuser = mylogonid | remotepass = mypassword `---- Has anyone got any tips on how to get offlineimap to send mail to Dovecot in a way that Siev3e can be used? thanks! -- Johnny From a.kostyrev at serverc.ru Fri Jun 22 05:27:38 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 13:27:38 +1100 Subject: [Dovecot] GlusterFS + Dovecot In-Reply-To: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> References: <7f9a01cd4efc$732ac3c0$59804b40$@h-st.com> Message-ID: <213B51F00051AE48A9F0E112880177178F7A43@Delta.sc.local> We've considered using gluster for our mail storage a month ago. I've seen index corruption even if mail was delivered by lmtp sequentially some split-brains with no clear reason with more than 2000 mails in box we had to wait for 40sec to open mailbox through roundcube, so we've decided to go for dsync replication instead with common mysql database for user storage and imap/pop3/lmtp proxy. -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Romer Ventura Sent: Thursday, June 21, 2012 2:51 AM To: dovecot at dovecot.org Subject: [Dovecot] GlusterFS + Dovecot Hello, Has anyone used GlusterFS as storage file system for dovecot or any other email system..? It says that it can be presented as a NFS, CIFS and as GlusterFS using the native client, technically using the client would allow the machine to read and write to it, therefore, I think that Dovecot would not care about it. Correct? Anyone out there used this setup?? Thanks. From emailbuilder88 at yahoo.com Fri Jun 22 05:28:50 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 19:28:50 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> Message-ID: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> > Oh, and of course it also depends on Dovecot configuration :) Authentication > cache is needed and login processes must be in high performance mode. I.e., I think: http://wiki2.dovecot.org/LoginProcess http://wiki2.dovecot.org/Authentication/Caching > There is > still the extra work of forking a new imap process (could also be avoided with > yet another config option) Are you referring to client_limit or service_count or something else as yet undeveloped? Speaking of which, I cannot understand the different between those two.? Hints in the configuration file (10-master.conf) and the wiki make them sound like they do the same thing -- ?? From tss at iki.fi Fri Jun 22 05:44:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 05:44:18 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: On 22.6.2012, at 5.28, email builder wrote: >> Oh, and of course it also depends on Dovecot configuration :) Authentication >> cache is needed and login processes must be in high performance mode. > > I.e., I think: > > http://wiki2.dovecot.org/LoginProcess > http://wiki2.dovecot.org/Authentication/Caching Yes. >> There is >> still the extra work of forking a new imap process (could also be avoided with >> yet another config option) > > Are you referring to client_limit or service_count or something else as yet undeveloped? service imap { service_count = 0 } (default=1) allows imap processes to be reused for more than 1 connection. The downside is that if there are any bugs in Dovecot, they might accidentally expose another user's email data to the wrong user. That's very unlikely to happen but since this isn't a performance problem in most (if any) systems I don't want to enable it by default. Dovecot code is written so that write buffer overflows (= arbitrary code execution) is minimized to be as zero possibility as I could think of, but read buffer overflows (= exposing data within the process) isn't treated nearly as much with paranoia. > Speaking of which, I cannot understand the different between those two. Hints in the > configuration file (10-master.conf) and the wiki make them sound like they do the same > thing -- ?? service_count limits the maximum of client_limit. One connection = one service. Once a process has serviced "service_count" number of connections it disconnects itself. There can never be more than "client_limit" number of simultaneous connections. The important stuff to understand about these are: * service_count=1: The most secure setting for a process. The process serves a single connection and kills itself. No possibility of data leaking to unintended connection. * service_count=0, client_limit=1: The process does blocking operations (e.g. blocking disk IO). You don't want one connection's blocking operation to affect other connections. But you're not paranoid about security, since in case of some bugs some data might leak to unintended connection. * service_count>0: Restart process ever N connections, just in case it leaks some memory. * client_limit>1: Limit the amount of CPU/memory a single process takes. The process should never be blocking on disk I/O or locks or anything else. This means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound processes it's fine. Maybe these could be copy&pasted to the wiki2/Services. From emailbuilder88 at yahoo.com Fri Jun 22 08:27:18 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Thu, 21 Jun 2012 22:27:18 -0700 (PDT) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> >>> Oh, and of course it also depends on Dovecot configuration :) >>> Authentication >>> cache is needed and login processes must be in high performance mode. >> >> I.e., I think: >> >> http://wiki2.dovecot.org/LoginProcess >> http://wiki2.dovecot.org/Authentication/Caching > > Yes. > >>> There is >>> still the extra work of forking a new imap process (could also be >>> avoided with >>> yet another config option) >> >> Are you referring to client_limit or service_count or something else as yet >> undeveloped? > > service imap { service_count = 0 } (default=1) allows imap processes to be > reused for more than 1 connection. The downside is that if there are any bugs in > Dovecot, they might accidentally expose another user's email data to the > wrong user. That's very unlikely to happen but since this isn't a > performance problem in most (if any) systems I don't want to enable it by > default. Dovecot code is written so that write buffer overflows (= arbitrary > code execution) is minimized to be as zero possibility as I could think of, but > read buffer overflows (= exposing data within the process) isn't treated > nearly as much with paranoia. > >> Speaking of which, I cannot understand the different between those two.? >> Hints in the >> configuration file (10-master.conf) and the wiki make them sound like they >> do the same >> thing -- ?? > > service_count limits the maximum of client_limit. One connection = one service. > Once a process has serviced "service_count" number of connections it > disconnects itself. There can never be more than "client_limit" number > of simultaneous connections. The important stuff to understand about these are: > > * service_count=1: The most secure setting for a process. The process serves a > single connection and kills itself. No possibility of data leaking to unintended > connection. > * service_count=0, client_limit=1: The process does blocking operations (e.g. > blocking disk IO). You don't want one connection's blocking operation to > affect other connections. But you're not paranoid about security, since in > case of some bugs some data might leak to unintended connection. > * service_count>0: Restart process ever N connections, just in case it leaks > some memory. > * client_limit>1: Limit the amount of CPU/memory a single process takes. The > process should never be blocking on disk I/O or locks or anything else. This > means it shouldn't be used for imap/pop3/lmtp processes. For CPU bound > processes it's fine. So really, a new process is created under *two* circumstances?? 1. when a process reaches client_limit number of *simultaneous* connections or? 2. when a process has serviced service_count number of connections.? Is this correct? So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 Thanks for the help!??? From aerion82 at gmail.com Fri Jun 22 08:49:54 2012 From: aerion82 at gmail.com (Aerion Stevens) Date: Fri, 22 Jun 2012 15:49:54 +1000 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend service on same server Message-ID: Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From a.kostyrev at serverc.ru Fri Jun 22 09:29:25 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 22 Jun 2012 17:29:25 +1100 Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server In-Reply-To: References: Message-ID: <213B51F00051AE48A9F0E112880177178F7A46@Delta.sc.local> I've already tortured Timo about that. check this thread out: http://www.dovecot.org/list/dovecot/2012-June/066315.html -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Aerion Stevens Sent: Friday, June 22, 2012 4:50 PM To: dovecot at dovecot.org Subject: [Dovecot] Dovecot proxy/director and mail pop3/imap backend serviceon same server Hi all, I am interested in running a Dovecot Proxy(with Director) on the same server as the main Dovecot IMAP/POP3 service. I have a basic Proxy/Director configuration working, however I am struggling with getting the Proxy and IMAP/POP3 service to coexist on the same server. I plan to use three IMAP/POP3 servers with a NFS/maildir backend, and I am playing with Dovecot 2.1.5 at the moment. I have two seperate configurations, one for the Proxy/Director and one for the Dovecot IMAP/POP3 "mail backend servers". For this to work my thoughts are that I will need to run the Proxy/Director imap/pop3 login process on the standard ports 143, 110, 993, 995 and for the Dovecot IMAP/POP3 mail backend service running on the same server will need to use different ports (I decided to be 9143, 9110, 9993, 9995 for example). How do I tell the director to proxy incoming imap/pop3 connection to the mail backend servers running on ports 9143, 9110, 9993, 9995 rather than the default imap/pop3 ports? Using the default ports will clearly cause loops. Can anyone kindly provide an example snippet of config that tells the director to use different port for IMAP and POP3 proxy? I have so far found the following pages helpful to what I am working on: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields http://wiki2.dovecot.org/Director Cheers, Aerion. From stephan at rename-it.nl Fri Jun 22 10:08:05 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:08:05 +0200 Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <4FE419D5.1060409@rename-it.nl> On 6/21/2012 8:32 PM, email builder wrote: > We have some scripts that take care of some tasks when creating new email accounts, such as creating some default mail filter rules. > > I know Sieve scripts are plain text files, but need to be compiled for use. I see that you can use seivec to compile scripts manually, which can help me create .dovecot.svbin which can be placed where needed and permissioned correctly. But a couple questions: > > * Sieve has the concept of an active script - is this merely whatever is compiled into the .dovecot.svbin file? This is the script file that the sieve= setting points to. The term 'active' only has real meaning when ManageSieve is used. Then, the active script file is a symbolic link that points into the sieve_dir= directory, thereby selecting which script is active. > * Does dovecot (managesieve) do any other housekeeping when a user sieve script is installed and set as the active script? I would need to replicate this manually. It makes the symbolic link. Compiling the script is done automatically when the script is first executed at delivery. > * If the default script is always the same (sorry, for us, the solution isn't global scripts), would it work to compile that script once, keep the compiled version somewhere and merely copy it into the correct place for a new user? Are there issues with this? You can pre-compile it, but the plaintext script must also exist at the indicated location. Sieve always looks for the plaintext script and only when that is found it checks for the presence of an earlier compiled binary. > * Should we always have the plain text version along with the compiled one for proper managesieve operation going forward (users can edit their sieve scripts) Yes. Regards, Stephan. From stephan at rename-it.nl Fri Jun 22 10:10:20 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 22 Jun 2012 09:10:20 +0200 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <87y5ng1bzp.fsf@gmx.co.uk> References: <87y5ng1bzp.fsf@gmx.co.uk> Message-ID: <4FE41A5C.4050609@rename-it.nl> On 6/22/2012 1:28 AM, Johnny wrote: > Hi, > > I am trying to st up Offlineimap to use Dovecots LDA to be able to use > Sieve for mail filtering, but am not sure how to get this working. I > think the right way would be to use 'preauthtunnel' in .offlineimaprc > and try the setup below, which doesn't work. [...] > Has anyone got any tips on how to get offlineimap to send mail to > Dovecot in a way that Siev3e can be used? Could you show your dovecot config (dovecot -n output) here? I'm wondering whether you have enabled the Sieve plugin for LDA. Regards, Stephan. From emailbuilder88 at yahoo.com Fri Jun 22 10:32:12 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:32:12 -0700 (PDT) Subject: [Dovecot] Manual manipulation of Sieve files In-Reply-To: <4FE419D5.1060409@rename-it.nl> References: <1340303566.38480.YahooMailNeo@web39306.mail.mud.yahoo.com> <4FE419D5.1060409@rename-it.nl> Message-ID: <1340350332.34438.YahooMailNeo@web39301.mail.mud.yahoo.com> Thanks for the reply -- >> We have some scripts that take care of some tasks when creating new email > accounts, such as creating some default mail filter rules. >> >> I know Sieve scripts are plain text files, but need to be compiled for >> use.? I see that you can use seivec to compile scripts manually, which can help >> me create .dovecot.svbin which can be placed where needed and permissioned >> correctly.? But a couple questions: >> >> * Sieve has the concept of an active script - is this merely whatever is >> compiled into the .dovecot.svbin file? > > This is the script file that the sieve= setting points to. The term > 'active' only has real meaning when ManageSieve is used. Then, the > active script file is a symbolic link that points into the sieve_dir= directory, > thereby selecting which script is active. > >> * Does dovecot (managesieve) do any other housekeeping when a user sieve >> script is installed and set as the active script?? I would need to replicate >> this manually. > > It makes the symbolic link. Compiling the script is done automatically when the > script is first executed at delivery. > >> * If the default script is always the same (sorry, for us, the solution >> isn't global scripts), would it work to compile that script once, keep the >> compiled version somewhere and merely copy it into the correct place for a new >> user?? Are there issues with this? > > You can pre-compile it, but the plaintext script must also exist at the > indicated location. Sieve always looks for the plaintext script and only when > that is found it checks for the presence of an earlier compiled binary. Oh, so it's even easier.? Our setup script can just put the plain text sieve script in the right place, create the .dovecot.sieve symlink and that's enough? Pasting in a precompiled would save a few CPU cycles upon first delivery? Great, thanks again. From emailbuilder88 at yahoo.com Fri Jun 22 10:42:47 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 00:42:47 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? Message-ID: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> We're considering a move from Courier to Dovecot.? So far, looks like it's not too bad, but the most challenging obstacle is what to do about our local delivery.? Factors: 1. we use a lot of maildrop "features" that are impossible in sieve without piping to an external program (would rather not re-write our working maildrop scripts in another language) 2. would love to try dbox 3. we use IMAP/Maildir++ quotas (looks like with a little finesse it's possible to get maildrop and dovecot to play nice on this account, yes?) I saw it suggested to just call LDA from maildrop for any maildrop "to" commands (hmmm, what about "cc"?) here: http://article.gmane.org/gmane.mail.imap.dovecot/56120 How much overhead will this take?? Would it be possible or advisable to use LMTP instead if that would help?? Is this idea just too crazy? From emailbuilder88 at yahoo.com Fri Jun 22 11:24:27 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:24:27 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <1340353467.4539.YahooMailNeo@web39306.mail.mud.yahoo.com> > We're considering a move from Courier to Dovecot.? So far, looks like > it's not too bad, but the most challenging obstacle is what to do about > our local delivery.? Factors: > > 1. we use a lot of maildrop "features" that are impossible in sieve > > without piping to an external program (would rather not re-write our > working maildrop scripts in another language) > > 2. would love to try dbox > > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) > > > I saw it suggested to just call LDA from maildrop for any maildrop > "to" commands (hmmm, what about "cc"?) here: > > http://article.gmane.org/gmane.mail.imap.dovecot/56120 > > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? Oh, doing this would also have benefit of updating dovecot indexes upon delivery, and we could ignore point 3 about the quotas and just let dovecot handle deliver time quotas too right?? (remove quota support from maildrop) Also saw a suggestion to do it a little different: http://article.gmane.org/gmane.mail.imap.dovecot/44897 So maildrop to "| foo" to "! foo at bar.com" cc "| foo" cc "! foo at bar.com" are left as is then to "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " to "| /dev/null" or just: to "| /usr/lib/dovecot/dovecot-lda -m " and cc "" is replaced with either: xfilter "/usr/lib/dovecot/dovecot-lda -m " or just: cc "| /usr/lib/dovecot/dovecot-lda -m " and the default end-of-script (INBOX) delivery for maildrop (an assumed "to 'INBOX'" command) can probably be replaced with one or the other of: xfilter "/usr/lib/dovecot/dovecot-lda" to "| /dev/null" or: to "| /usr/lib/dovecot/dovecot-lda" Does any of this make sense?? I wonder how it will look to the MTA (postfix here) when delivery fails.? It's also creating duplicate user lookups for the two delivery agents which isn't great. Maybe it'd be better to consider learning how to re-write our needed maildrop scripts as shell scripts (maildrop is close enough to bash I guess) and making sieve pipe out to them? From Ralf.Hildebrandt at charite.de Fri Jun 22 11:48:32 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 10:48:32 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> Message-ID: <20120622084832.GH16499@charite.de> * email builder : > 1. we use a lot of maildrop "features" that are impossible in sieve We're calling deliver from maildropc > 2. would love to try dbox For that you'd need to call deliver from maildropc > 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > it's possible to get maildrop and dovecot to play nice on this > account, yes?) deliver/dovecot is handling Maildir++ quotas just fine. > How much overhead will this take?? Would it be possible or > advisable to use LMTP instead if that would help?? Is this > idea just too crazy? does maildrop speak LMTP? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From emailbuilder88 at yahoo.com Fri Jun 22 11:59:19 2012 From: emailbuilder88 at yahoo.com (email builder) Date: Fri, 22 Jun 2012 01:59:19 -0700 (PDT) Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <20120622084832.GH16499@charite.de> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> Message-ID: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> >> 1. we use a lot of maildrop "features" that are impossible in >> sieve > > We're calling deliver from maildropc Ah, so this is actually sane enough of an idea that someone really uses it?? Is the performance reasonable?? Bounces or deferred mail all work as expected?? What syntax did you use to replace to/cc with calls to LDA? >> 2. would love to try dbox > > For that you'd need to call deliver from maildropc I take it you didn't try this >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse >> it's possible to get maildrop and dovecot to play nice on this >> account, yes?) > > deliver/dovecot is handling Maildir++ quotas just fine. But if you call dovecot LDA you're not limited to Maildir++ quotas, right?? You can strip quota support out of maildrop and just let dovecot LDA and dovecot IMAP enforce quotas which keeps things more simple, no? >> How much overhead will this take?? Would it be possible or >> advisable to use LMTP instead if that would help?? Is this >> idea just too crazy? > > does maildrop speak LMTP? Good point From Ralf.Hildebrandt at charite.de Fri Jun 22 12:27:13 2012 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Fri, 22 Jun 2012 11:27:13 +0200 Subject: [Dovecot] LDA vs maildrop... LDA *and* maildrop? In-Reply-To: <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> References: <1340350967.56083.YahooMailNeo@web39305.mail.mud.yahoo.com> <20120622084832.GH16499@charite.de> <1340355559.56885.YahooMailNeo@web39306.mail.mud.yahoo.com> Message-ID: <20120622092713.GJ16499@charite.de> * email builder : > > >> 1. we use a lot of maildrop "features" that are impossible in > > >> sieve > > > > We're calling deliver from maildropc > > Ah, so this is actually sane enough of an idea that someone > really uses it?? Is the performance reasonable?? Bounces or > deferred mail all work as expected?? What syntax did you use > to replace to/cc with calls to LDA? I'll send you my /etc/maildroprc it's working OK. I'm using deliver where I can, only a few things are done by maildrop/mailbot > >> 2. would love to try dbox > > > > For that you'd need to call deliver from maildropc > > I take it you didn't try this Exactly. > >> 3. we use IMAP/Maildir++ quotas (looks like with a little finesse > >> it's possible to get maildrop and dovecot to play nice on this > >> account, yes?) > > > > deliver/dovecot is handling Maildir++ quotas just fine. > > But if you call dovecot LDA you're not limited to Maildir++ > quotas, right? Correct. > ? You can strip quota support out of maildrop and just let dovecot LDA > and dovecot IMAP enforce quotas which keeps things more simple, no? Since I'm delegating all delivery to deliver, except for pipes, I'm using the quota facilities of deliver/dovecot -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From tss at iki.fi Fri Jun 22 12:47:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 12:47:31 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <03B002D3-5C2D-49CB-A94E-C0F2CC086746@iki.fi> <1340332130.74182.YahooMailNeo@web39301.mail.mud.yahoo.com> <1340342838.42261.YahooMailNeo@web39303.mail.mud.yahoo.com> Message-ID: <33DFF34D-EC88-4DBB-8B10-EA6BA1597F64@iki.fi> On 22.6.2012, at 8.27, email builder wrote: > So really, a new process is created under *two* circumstances? 1. when a > process reaches client_limit number of *simultaneous* connections or 2. when > a process has serviced service_count number of connections. Is this correct? Yes. > So for service *-login, is it OK to do something like service_count=5000, client_limit=2000 It would work, but for login processes the service_count can be 0. I haven't seen them leaking any memory recently. One somewhat annoying thing with service_count>1 is that the processes have to wait until all of the connections have disconnected before shutting down. For processes handling long running connections (especially IMAP) this can mean that you'll end up with a lot of processes that are ready to shutdown but a couple of connections prevent it from doing this. From yggdrasil at gmx.co.uk Fri Jun 22 14:35:09 2012 From: yggdrasil at gmx.co.uk (Johnny) Date: Fri, 22 Jun 2012 12:35:09 +0100 Subject: [Dovecot] Dovecot LDA, Offlineimap and Sieve In-Reply-To: <4FE41A5C.4050609@rename-it.nl> (Stephan Bosch's message of "Fri, 22 Jun 2012 09:10:20 +0200") References: <87y5ng1bzp.fsf@gmx.co.uk> <4FE41A5C.4050609@rename-it.nl> Message-ID: <87wr2zinpu.fsf@gmx.co.uk> Hi Stephan, Stephan Bosch writes: > On 6/22/2012 1:28 AM, Johnny wrote: >> Hi, >> >> I am trying to st up Offlineimap to use Dovecots LDA to be able to use >> Sieve for mail filtering, but am not sure how to get this working. I >> think the right way would be to use 'preauthtunnel' in .offlineimaprc >> and try the setup below, which doesn't work. > [...] >> Has anyone got any tips on how to get offlineimap to send mail to >> Dovecot in a way that Siev3e can be used? > > Could you show your dovecot config (dovecot -n output) here? I'm > wondering whether you have enabled the Sieve plugin for LDA. > I haven't set up Sieve yet, as I haven't been able to figure out how to use the Dovecot LDA. Or is this not required to run Sieve? Here's my config: ,---- | mbox_write_locks = fcntl | | namespace inbox { | | hidden = no | | inbox = yes | | list = yes | | location = | | mailbox Drafts { | | special_use = \Drafts | | } | | mailbox Junk { | | special_use = \Junk | | } | | mailbox Sent { | | special_use = \Sent | | } | | mailbox "Sent Messages" { | | special_use = \Sent | | } | | mailbox Trash { | | special_use = \Trash | | } | | prefix = | | separator = . | | subscriptions = yes | | type = private | | } | | passdb { | | args = scheme=MD5 username_format=%u /etc/dovecot/users | | driver = passwd-file | | } | | protocols = imap | | service auth { | | unix_listener auth-userdb { | | mode = 0666 | | } | | } | | ssl = required | | ssl_cert = Hi Timo, any idea whats this related too ? dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats shrank: mrbytes 21703727 < 25193928 -- Best Regards MfG Robert Schetterer From tss at iki.fi Fri Jun 22 16:34:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 16:34:33 +0300 Subject: [Dovecot] dovecot stats error In-Reply-To: <4FE46641.4030801@schetterer.org> References: <4FE46641.4030801@schetterer.org> Message-ID: <494CA511-4DC1-402B-9A00-D0678BBB1BF4@iki.fi> On 22.6.2012, at 15.34, Robert Schetterer wrote: > Hi Timo, > any idea whats this related too ? > > dovecot: stats: Error: Mail server input error: UPDATE-SESSION: stats > shrank: mrbytes 21703727 < 25193928 Which Dovecot version? I thought I fixed this already.. From Benoit.Branciard at univ-paris1.fr Fri Jun 22 16:59:18 2012 From: Benoit.Branciard at univ-paris1.fr (Benoit Branciard) Date: Fri, 22 Jun 2012 15:59:18 +0200 Subject: [Dovecot] cumulative userdb ? Message-ID: <4FE47A36.5090003@univ-paris1.fr> in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? that is, for all users: - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? This is *different* from the "multiple databases" setup described in http://wiki2.dovecot.org/Authentication/MultipleDatabases, where it is meant as "failover": the second database is looked up only if the user isn't found in the first database. -- Benoit BRANCIARD Service InfraStructures (SIS) - Direction du Syst?me d'Information (DSI) Universit? Paris 1 Panth?on-Sorbonne Centre Pierre Mend?s France B 406 - 90, rue de Tolbiac - 75634 Paris cedex 13 - France T?l : +33 1 44 07 89 68 - Fax : +33 1 44 07 89 66 Accueil t?l. : +33 1 44 07 89 65 Assistance : assistance-dsi at univ-paris1.fr Web : http://dsi.univ-paris1.fr -- Ce message a ete verifie par MailScanner pour des virus ou des polluriels et rien de suspect n'a ete trouve. From robertcoore at yahoo.com Fri Jun 22 18:46:35 2012 From: robertcoore at yahoo.com (robert coore) Date: Fri, 22 Jun 2012 15:46:35 +0000 (UTC) Subject: [Dovecot] permissions on auth-userdb References: Message-ID: googlemail.com> writes: > > Hi.. > > im still trying to upgrade to 2.0. > Im getting: > dovecot: lda: Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=10000(vmail) egid=10000(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, euid is not dir owner) > > the error is correct caus its owned by root. My Questions is who should own it ? > Im not sure how that works, what process/user calls the auth-userdb ? > The auth-userdb returns the args generated in master.conf, right ? > > i think comment out the user and group setting in master.conf will fix > it but im not sure if that is the securest way. > > the mails come from postfix via dovecot-lda > > Hans > > master.conf > service auth { > # auth_socket_path points to this userdb socket by default. It's typically > # used by dovecot-lda, doveadm, possibly imap process, etc. Its default > # permissions make it readable only by root, but you may need to relax these > # permissions. Users that have access to this socket are able to get a list > # of all usernames and get results of everyone's userdb lookups. > unix_listener auth-userdb { > mode = 0600 > #user = vmail > #group = vmail > } > > auth-ldap.conf.ext > passdb { > driver = ldap > args = /etc/dovecot/dovecot-ldap.conf.ext > } > userdb { > driver = static > args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ > mail=/home/MAILBOXES/%u/mail > } > > Hi all was getting the same errors took me 2 days to understand what it was saying to me but i finally solved it if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the owner and the premissions are srw-------- so vmail has not right to call or even use the process What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb I also did a chmod g+r /var/run/dovecot/auth-userdb ls -l /var/run/dovecot/auth-userdb srw----r-- 1 vmail vmail my unix_listener auth-userdb { mode = 600 { protocol lda { auth_socket_path = /var/run/dovecot/auth-userdb log_path = /home/vmail/dovecot-deliver.log that worked for me 1. havent restarted the dovecot service dont know if it will keep the settings. From tss at iki.fi Fri Jun 22 21:46:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Jun 2012 21:46:06 +0300 Subject: [Dovecot] cumulative userdb ? In-Reply-To: <4FE47A36.5090003@univ-paris1.fr> References: <4FE47A36.5090003@univ-paris1.fr> Message-ID: <643DEB67-BA15-4D0A-B157-5DAAC0A4276D@iki.fi> On 22.6.2012, at 16.59, Benoit Branciard wrote: > in Dovecot 2.0, is it possible to have kind of "cumulative" multiple userdb ? > > that is, for all users: > - extract some attributes (let's say: uid, gid, home) from a first userdb (Passwd for example), > - an extract some other attributes (mail for example, but overwriting those from the first userdb in case of redundancy) from a second userdb (LDAP for example) ? I've also wanted this a few times. But no, not possible currently. From ncjeffgus at zimage.com Sat Jun 23 00:24:36 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Fri, 22 Jun 2012 14:24:36 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" Message-ID: <1340400276.12426.9.camel@maclinux> I'm getting an error backing up mailboxes. I'm using the mirror command: dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o mail_home=/home/.incoming_mail_migrations/users/bob dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX dsync-remote(vmail): Error: command BOX-LIST failed dsync-local(vmail): Error: Worker server's mailbox iteration failed The mail user doesn't yet exist on the destination yet, thus the use of the mail_home parameter. I found a mailing list message where a person was having a similar problem but I couldn't find confirmation that the issue was resolved. In our case, the backup goes from maildir to mdbox format (we can't to convert to mdbox). Things seemed to be moving along, but there are quite a few examples of dsync failing. I think the issue happens more often with large mailboxes ( > 50GB ). We're running version 2.0.13. doveconf -n: # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) auth_mechanisms = plain login default_client_limit = 15000 default_process_limit = 10000 disable_plaintext_auth = no listen = * mail_gid = vmail mail_location = maildir:~/Maildir mail_plugins = zlib mail_uid = vmail mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { zlib_save = gz } protocols = imap pop3 service auth { client_limit = 10000 unix_listener auth-userdb { mode = 0666 } } service imap-postlogin { executable = script-login /usr/bin/postlogin-imap.sh user = $default_internal_user } service imap { drop_priv_before_exec = yes executable = imap process_limit = 10000 } service pop3-postlogin { executable = script-login /usr/bin/postlogin-pop.sh user = $default_internal_user } } service pop3 { drop_priv_before_exec = yes executable = pop3 process_limit = 2500 } ssl_cert = References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340415602.12632.2.camel@amito> On Sun, 2012-06-17 at 14:04 +0200, Wojciech Puchar wrote: > >> maildir form. Reviews of kmail are very bad, and thunderbird uses the > >> mbox format for storage. > > > > If it is native maildir you can configure that/your account to use maildir and > > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > > will create the necessary index files and you are ready to use it. > > if you want to use any of those hopeless programs just turn message > caching in them (folder synchronization off in thunderbird) and login to > dovecot, even on localhost. > > kmail v.3 is barely usable, v4 is good. It looks like you don't like any of the email programs we've discussed. Which email programs do you like? BTW: kmail on my system is 4.8.3 -- In more detail: $ kmail --version Qt: 4.8.2 KDE Development Platform: 4.8.3 (4.8.3) KMail: 4.8.3 Thanks - jon From jonrysh at pacbell.net Sat Jun 23 05:02:55 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Fri, 22 Jun 2012 19:02:55 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: <20120616201636.GB6858@state-of-mind.de> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> Message-ID: <1340416975.12632.19.camel@amito> On Sat, 2012-06-16 at 22:16 +0200, Patrick Ben Koetter wrote: > * Jonathan Ryshpan : > > I need to import the mail database generated by the evolution mail > > reader into dovecot. Evolution stores its mail in maildir format (fully > > standards compatible, I think); I would be using the maildir format in > > dovecot. Is there anything in the wiki, etc. explaining exactly how to > > do this? > > > > Why do this? Evolution is hopelessly broken, and is not likely to be > > fixed in the forseeable future, and I would like to keep my mails in > > maildir form. Reviews of kmail are very bad, and thunderbird uses the > > mbox format for storage. > > If it is native maildir you can configure that/your account to use maildir and > simply copy your mailbox over to Dovecot. When Dovecot accesses the mailbox it > will create the necessary index files and you are ready to use it. I have now set up dovecot on my system, and should now be in business, but when Thunderbird connects to Dovecot it doesn't see any folders. Here is the situation. Please excuse the length of this message; I have tried to include all useful information. My system is Fedora-17 Linux with all updates running on x86_64 hardware. Dovecot is installed and running with this configuration: $ dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_location = mbox:~/Dovecot:INBOX=/var/spool/mail/%u mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: <1340400276.12426.9.camel@maclinux> Message-ID: <746A0B68-368B-40D3-ACAB-8A39BDFDA99D@mediatemple.net> Hey, just a point of clarification. In at least some of the cases (possibly all, I'll leave that up to Jeff to state) an initial dsync (as documented in Jeff's message) was completed successfully and the problem occurred when we ran a second (using exactly the same cmd) time to catch any changes since the original sync (since the initial sync took many hours). Doug On Jun 22, 2012, at 2:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > > dsync-remote(vmail): Error: Mailboxes don't have unique GUIDs: > 1ef6ee37c694894d783100000581a675 is shared by INBOX and INBOX > dsync-remote(vmail): Error: command BOX-LIST failed > dsync-local(vmail): Error: Worker server's mailbox iteration failed > > The mail user doesn't yet exist on the destination yet, thus the use of > the mail_home parameter. > I found a mailing list message where a person was having a similar > problem but I couldn't find confirmation that the issue was resolved. > In our case, the backup goes from maildir to mdbox format (we can't to > convert to mdbox). Things seemed to be moving along, but there are quite > a few examples of dsync failing. I think the issue happens more often > with large mailboxes ( > 50GB ). > We're running version 2.0.13. > doveconf -n: > > # 2.0.13: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-274.12.1.el5 x86_64 CentOS release 5.7 (Final) > auth_mechanisms = plain login > default_client_limit = 15000 > default_process_limit = 10000 > disable_plaintext_auth = no > listen = * > mail_gid = vmail > mail_location = maildir:~/Maildir > mail_plugins = zlib > mail_uid = vmail > mmap_disable = yes > namespace { > inbox = yes > location = > prefix = INBOX. > separator = . > } > passdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > plugin { > zlib_save = gz > } > protocols = imap pop3 > service auth { > client_limit = 10000 > unix_listener auth-userdb { > mode = 0666 > } > } > service imap-postlogin { > executable = script-login /usr/bin/postlogin-imap.sh > user = $default_internal_user > } > service imap { > drop_priv_before_exec = yes > executable = imap > process_limit = 10000 > } > service pop3-postlogin { > executable = script-login /usr/bin/postlogin-pop.sh > user = $default_internal_user > } > } > service pop3 { > drop_priv_before_exec = yes > executable = pop3 > process_limit = 2500 > } > ssl_cert = ssl_key = userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/conf.d/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = zlib > } > protocol lda { > mail_plugins = zlib > } > protocol imap { > mail_max_userip_connections = 100 > mail_plugins = zlib > } > protocol pop3 { > mail_max_userip_connections = 30 > mail_plugins = zlib > } > > > ...Jeff > From manu at netbsd.org Sat Jun 23 08:04:30 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Sat, 23 Jun 2012 07:04:30 +0200 Subject: [Dovecot] pop3-throttle Message-ID: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Hello I am having a hard time with users using POP while leaving mailboxes of several gigabyte cumulated. This causes a lot of disk I/O and kills performancs for everyone. I try to encourage people migrating to IMAP, but that migration will take some time, and therefore I am looking for alterantive ways to workaround the problem. I found pop3-throttle-plugin.c, which seems a smart way to solve the problem, unfortunately it comes with no documentation. I was able to build it and load it, bu itsays nothing in the logs. Is there any doc somewhere? Any advices on how to set it up? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu at netbsd.org From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:20:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:20:23 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> Message-ID: > > We are building a new system that will support a large number of users (high volume, high concurrent usage, etc). what is large? >? We have played with Dovecot, but in most serious applications we have traditionally used Courier IMAP. >? It's my (lay) understanding that with indexing and perhaps other things >in Dovecot, it might perform better than Courier in larger environments >like this.? Am I correct or is it less clear-cut? No idea how well courier IMAP performs. But have idea how well dovecot performs. I don't have large configs like thousands of users as i don't handle "herd of random users" style cases, but in every place i have dovecot IMAP takes unnoticable amount of server load. Just make a test. Definitely use maildir format, not mbox. dovecot heavily accesses it's index files. they are not large relative to e-mail sizes. With really large case if I/O will limit you i would recommend using SSD storage to keep just indexes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:21:38 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:21:38 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <1340310164.5967.86.camel@hurina> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> Message-ID: > > Nearly all of them are non-caching. (I don't know of any caching ones.) which is definite adventage in spite of it's numerous security holes. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:22:37 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:22:37 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE38623.5050303@necoro.eu> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: >> Nearly all of them are non-caching. (I don't know of any caching ones.) > > At least roundcube (v0.7.1 here) has some caching options: > > ------------------[excerpt from roundcubes main.inc.php]------------- > // Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. > $rcmail_config['imap_cache'] = null; > > // Enables messages cache. Only 'db' cache is supported. > $rcmail_config['messages_cache'] = false; > -------------------------[end]---------------------------------------- > > But I don't know, whether this is the sort of caching you are referring to. what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:30:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:30:18 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: >> kmail v.3 is barely usable, v4 is good. > > It looks like you don't like any of the email programs we've discussed. > Which email programs do you like? it depends whether you ask what I personally use or what i recommend to my clients. I personally use alpine exclusively. I don't like GUI interfaces. And i use alpine directly handling maildir so it's not about IMAP. But if you need mail client over IMAP - alpine can do this, but cannot cache. mutt can cache if you like that program. i don't - in spite of much better functionality. alpine have lowest keypress to amount of word done ratio of any mail program i know. For my clients it depends - windoze: exclusively thunderbird. It's FAR FAR from perfect but still best you can get under windoze. - X11 terminal based config: well... it's funny but too thunderbird. All QT based programs are useless with X11 over network. Thunderbird works fine. I disable "folder synchronization" as well as indexing in it, so it's acceptably fast. The need to connecting over localhost from account X to account X to dovecot-imap is quite stupid but not a problem. For now it is thunderbird 10.0.5esr - both windows and FreeBSD From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 11:32:39 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 10:32:39 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340415602.12632.2.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: For Jonathan Ryshpan: for no obvious reason my IP is blocked at AT&T mail server you use. From michael at think-for-yourself.org Sat Jun 23 12:20:18 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 02:20:18 -0700 Subject: [Dovecot] Hardware infrastructure for email system Message-ID: <4FE58A52.8050708@think-for-yourself.org> Hi, I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read several threads in the areas of my questions here. While there are some that come close I haven't yet been able to get all my questions answered. I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. So right now both dovecot and roundcube run on the same box which is a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID 6, so only local storage using maildir. So far it's been holding up fine, but it's beginning to show signs of overload now. I also expect an increase in users over the next few months up to somewhere between 10 - 20,000 mail boxes. Hence the re-planning. My first priority in redesigning my setup is reliability. I definitely need something fail-save and as close to always on as possible. Next is performance. And while the budget is of course limited for the moment I'm setting that aside and will worry about that when the time comes. Now here is my question(s): In order to support up to 20,000 mailboxes (distributed over several times-zones so they won't all be used at the same time) with a very reliable service with good performance, what do I actually need? Do I need(ul) SAN or is it just a "would be nice to have"? If yes, why and what would be appropriate for my needs? Or will a setup with a few more servers like the ones I already have, using something like DRBD and distributing services (imap, http, spamd etc) onto different boxes do? I know I have more reading to do on all the different options out there, but would like some input from people that have experience in this area so I can focus on the stuff that's right for my situation. Michael From jonrysh at pacbell.net Sat Jun 23 12:23:35 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Sat, 23 Jun 2012 02:23:35 -0700 Subject: [Dovecot] Import from Evolution In-Reply-To: References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> Message-ID: <1340443415.20888.8.camel@amito> On Sat, 2012-06-23 at 10:30 +0200, Wojciech Puchar wrote: > >> kmail v.3 is barely usable, v4 is good. > > > > It looks like you don't like any of the email programs we've discussed. > > Which email programs do you like? > > it depends whether you ask what I personally use or what i recommend to my > clients. > > I personally use alpine exclusively. I don't like GUI interfaces. And i > use alpine directly handling maildir so it's not about IMAP. But if you > need mail client over IMAP - alpine can do this, but cannot cache. > > mutt can cache if you like that program. i don't - in spite of much better > functionality. alpine have lowest keypress to amount of word done ratio of > any mail program i know. > > For my clients it depends > > - windoze: exclusively thunderbird. It's FAR FAR from perfect but still > best you can get under windoze. > > - X11 terminal based config: well... it's funny but too thunderbird. All > QT based programs are useless with X11 over network. Thunderbird works > fine. I disable "folder synchronization" as well as indexing in it, so > it's acceptably fast. The need to connecting over localhost from account > X to account X to dovecot-imap is quite stupid but not a problem. > > For now it is thunderbird 10.0.5esr - both windows and FreeBSD I want to be able to read and write HTML, since my correspondents use and expect it, so alpine is out. I had been happy with evolution, but it is now badly broken under KDE, and I am in process of changing to Thunderbird, as you see. Thanks for the advice - jon From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:01:30 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:01:30 +0200 (CEST) Subject: [Dovecot] Import from Evolution In-Reply-To: <1340442919.20888.4.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340415602.12632.2.camel@amito> <1340442919.20888.4.camel@amito> Message-ID: sorry for replying through that links but - as you may see - replying to Jonathan will not work. If AT&T have such strange policy then i am just sorry. It sings the beginning of end of open internet if more companies will start to do this, and result in few huge corporations handling everything. Not happy world to live. On Sat, 23 Jun 2012, Jonathan Ryshpan wrote: > On Sat, 2012-06-23 at 10:32 +0200, Wojciech Puchar wrote: >> For Jonathan Ryshpan: >> >> for no obvious reason my IP is blocked at AT&T mail server you use. > > I'm not sure what's going on, but I suspect the problem is this: Many US > mail servers refuse to accept mail from any servers that they have not > approved; if mail is coming direct from you to ATT, rather than via some > large ISP, it will likely be refused. This is supposed to reduce the > amount of spam (fat chance). > > Thanks for your reply - jon > > > From lists at wildgooses.com Sat Jun 23 13:21:02 2012 From: lists at wildgooses.com (Ed W) Date: Sat, 23 Jun 2012 11:21:02 +0100 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> Message-ID: <4FE5988E.3010101@wildgooses.com> On 23/06/2012 09:22, Wojciech Puchar wrote: >>> Nearly all of them are non-caching. (I don't know of any caching ones.) >> >> At least roundcube (v0.7.1 here) has some caching options: >> >> ------------------[excerpt from roundcubes main.inc.php]------------- >> // Type of IMAP indexes cache. Supported values: 'db', 'apc' and >> 'memcache'. >> $rcmail_config['imap_cache'] = null; >> >> // Enables messages cache. Only 'db' cache is supported. >> $rcmail_config['messages_cache'] = false; >> -------------------------[end]---------------------------------------- >> >> But I don't know, whether this is the sort of caching you are >> referring to. > > what's a point of caching imap, except your webmail service is not > locally connected (localhost or LAN) to imap server? Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Ed From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 13:24:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 12:24:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: >>> But I don't know, whether this is the sort of caching you are referring >>> to. >> >> what's a point of caching imap, except your webmail service is not locally >> connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an > expensive operation, especially if you just asked for items 585-600 a moment > ago? > fine. how about overhead of cache itself? From p at state-of-mind.de Sat Jun 23 13:25:56 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 23 Jun 2012 12:25:56 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <20120623102555.GA5497@state-of-mind.de> Michael, * Michael Wessel : > I'm currently (re-)planning my email setup and have been doing some > research. I have done some searches and read several threads in the > areas of my questions here. While there are some that come close I > haven't yet been able to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about > 2000 active accounts. I have a separate SMTP server for outbound > mail and auth is done against a separate LDAP server. In front of > the POP/IMAP server I have another SMTP (4 in parallel actually) > server that receives and filters inbound mail through a company > specific, proprietary filter before the mail hits the POP/IMAP > server. LDAP & SMTP servers are ESXi VMs. Do people use 'real' mail clients to connect and IDLE too? > So right now both dovecot and roundcube run on the same box which is > a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in > RAID 6, so only local storage using maildir. So far it's been > holding up fine, but it's beginning to show signs of overload now. I > also expect an increase in users over the next few months up to > somewhere between 10 - 20,000 mail boxes. Hence the re-planning. > > My first priority in redesigning my setup is reliability. I > definitely need something fail-save and as close to always on as > possible. Next is performance. And while the budget is of course > limited for the moment I'm setting that aside and will worry about > that when the time comes. > > Now here is my question(s): > > In order to support up to 20,000 mailboxes (distributed over several > times-zones so they won't all be used at the same time) with a very > reliable service with good performance, what do I actually need? > > Do I need(ul) SAN or is it just a "would be nice to have"? If yes, > why and what would be appropriate for my needs? Or will a setup with > a few more servers like the ones I already have, using something > like DRBD and distributing services (imap, http, spamd etc) onto > different boxes do? Will the server enforce quota? What will be the average mailbox size? Do people share content e.g. mailings with attachments that go out to all recipients? What might be the maximum number of clients using the server at one time? Will all users use the same client product e.g. roundcube? What's your backup strategy? What do you use to backup mailboxes? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From CMarcus at Media-Brokers.com Sat Jun 23 13:29:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:29:26 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340400276.12426.9.camel@maclinux> References: <1340400276.12426.9.camel@maclinux> Message-ID: <4FE59A86.7020208@Media-Brokers.com> On 2012-06-22 5:24 PM, Jeff Gustafson wrote: > I'm getting an error backing up mailboxes. I'm using the mirror > command: > > dsync -fvo mail_home=/home/users/bob mirror ssh vmail at 10.1.4.1 dsync -o > mail_home=/home/.incoming_mail_migrations/users/bob > # 2.0.13: /etc/dovecot/dovecot.conf As you are aware (since you participated in the thread discussion about this months ago), Timo is working on a total rewrite of dsync, and if memory serves, it is mainly for 2.1+, and it is not recommend to use it in earlier versions if you need reliability (ie, 2.0.x, as you are using)... So, by all means, update and help timo make it better! Timo? Care to elaborate on where you are with this, and how much of the rewrite is being applied to 2.1 (all of it?), or backported to earlier versions? -- Best regards, Charles From CMarcus at Media-Brokers.com Sat Jun 23 13:34:06 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:34:06 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: References: Message-ID: <4FE59B9E.1050009@Media-Brokers.com> It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... On 2012-06-22 11:46 AM, robert coore wrote: > googlemail.com> writes: > >> >> Hi.. >> >> im still trying to upgrade to 2.0. >> Im getting: >> dovecot: lda: Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=10000(vmail) egid=10000(vmail) missing +r perm: >> /var/run/dovecot/auth-userdb, euid is not dir owner) >> >> the error is correct caus its owned by root. My Questions is who should own > it ? >> Im not sure how that works, what process/user calls the auth-userdb ? >> The auth-userdb returns the args generated in master.conf, right ? >> >> i think comment out the user and group setting in master.conf will fix >> it but im not sure if that is the securest way. >> >> the mails come from postfix via dovecot-lda >> >> Hans >> >> master.conf >> service auth { >> # auth_socket_path points to this userdb socket by default. It's typically >> # used by dovecot-lda, doveadm, possibly imap process, etc. Its default >> # permissions make it readable only by root, but you may need to relax > these >> # permissions. Users that have access to this socket are able to get a list >> # of all usernames and get results of everyone's userdb lookups. >> unix_listener auth-userdb { >> mode = 0600 >> #user = vmail >> #group = vmail >> } >> >> auth-ldap.conf.ext >> passdb { >> driver = ldap >> args = /etc/dovecot/dovecot-ldap.conf.ext >> } >> userdb { >> driver = static >> args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ >> mail=/home/MAILBOXES/%u/mail >> } >> >> > > > Hi all was getting the same errors took me 2 days to understand what it was > saying to me but i finally solved it > > > > if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the > owner and the premissions are srw-------- so vmail has not right to call or > even use the process > What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb > I also did a chmod g+r /var/run/dovecot/auth-userdb > ls -l /var/run/dovecot/auth-userdb > srw----r-- 1 vmail vmail > my unix_listener auth-userdb { > mode = 600 > { > > protocol lda { > auth_socket_path = /var/run/dovecot/auth-userdb > log_path = /home/vmail/dovecot-deliver.log > > that worked for me > 1. havent restarted the dovecot service dont know if it will keep the settings. > > > > > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From robert at schetterer.org Sat Jun 23 13:52:26 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sat, 23 Jun 2012 12:52:26 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE59FEA.80002@schetterer.org> Am 23.06.2012 11:20, schrieb Michael Wessel: > So right now both dovecot and roundcube run on the same box which is a > Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in RAID > 6, so only local storage using maildir. So far it's been holding up > fine, but it's beginning to show signs of overload now. I also expect an > increase in users over the next few months up to somewhere between 10 - > 20,000 mail boxes. Hence the re-planning. you should ask for paid support at Timo , or some other dovcot geeks near you -- Best Regards MfG Robert Schetterer From CMarcus at Media-Brokers.com Sat Jun 23 13:53:26 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 23 Jun 2012 06:53:26 -0400 Subject: [Dovecot] Import from Evolution In-Reply-To: <1340416975.12632.19.camel@amito> References: <1339873707.2732.11.camel@amito> <20120616201636.GB6858@state-of-mind.de> <1340416975.12632.19.camel@amito> Message-ID: <4FE5A026.20203@Media-Brokers.com> On 2012-06-22 10:02 PM, Jonathan Ryshpan wrote: > and /var/log/maillog shows the corresponding error: > > Jun 22 18:23:10 amito dovecot: imap(jonrysh): Error: > chown(/home/jonrysh/Dovecot/.imap/INBOX, group=12(mail)) failed: > Operation not permitted (egid=1000(jonrysh), group based on > /var/spool/mail/jonrysh - seehttp://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > As a complete Dovecot/IMAP newbie, I am completely confused. Any > advice will be much appreciated. Obviously a permissions problem... This may help: http://wiki2.dovecot.org/SharedMailboxes/Permissions But again, a dovecot tool to check and/or fix these itself would be nice... -- Best regards, Charles From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 14:09:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 13:09:18 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE58A52.8050708@think-for-yourself.org> References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: > > I'm currently (re-)planning my email setup and have been doing some research. > I have done some searches and read several threads in the areas of my > questions here. While there are some that come close I haven't yet been able > to get all my questions answered. > > I currently run a postfix, dovecot & roundcube setup and have about 2000 > active accounts. I have a separate SMTP server for outbound mail and auth is > done against a separate LDAP server. In front of the POP/IMAP server I have > another SMTP (4 in parallel actually) server that receives and filters > inbound mail through a company specific, proprietary filter before the mail > hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. And finally i cannot understand this dividing of servers just to merging it back using VMWare. Finally i would recommend to get rid of RAID6. It's terribly slow on writes and writes are common on mail server. Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. From h.reindl at thelounge.net Sat Jun 23 14:17:44 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:17:44 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A5D8.2050908@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> >> I'm currently (re-)planning my email setup and have been doing some research. I have done some searches and read >> several threads in the areas of my questions here. While there are some that come close I haven't yet been able >> to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about 2000 active accounts. I have a separate SMTP >> server for outbound mail and auth is done against a separate LDAP server. In front of the POP/IMAP server I have >> another SMTP (4 in parallel actually) server that receives and filters inbound mail through a company specific, >> proprietary filter before the mail hits the POP/IMAP server. LDAP & SMTP servers are ESXi VMs. > > it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. > And finally i cannot understand this dividing of servers just to merging it back using VMWare. because it is a big difference if you have anything in a single machine or splittet in virtual machines - you can move them at runtime to different hosts and if you run out of ressources for one of them you can buy a phyisclal machine, add it to the cluster and move the virtual machine without any downtime if you have all on one machine or VM you are not scaleable -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Sat Jun 23 14:23:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 14:23:02 +0300 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FE5988E.3010101@wildgooses.com> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> Message-ID: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> On 23.6.2012, at 13.21, Ed W wrote: >>> But I don't know, whether this is the sort of caching you are referring to. >> >> what's a point of caching imap, except your webmail service is not locally connected (localhost or LAN) to imap server? > > Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. From h.reindl at thelounge.net Sat Jun 23 14:23:57 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Jun 2012 13:23:57 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> Message-ID: <4FE5A74D.2010201@thelounge.net> Am 23.06.2012 13:09, schrieb Wojciech Puchar: > Finally i would recommend to get rid of RAID6. It's terribly slow on writes and > writes are common on mail server. depends, it is slower than RAID5, but safer > Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. oh no please do not recommend SATA crap with RAID1 and think it is faster than RAID6 - the additional writes doe snot matter if the whole disk-system is much faster and RAID1 has no benefit in performance nobody will use SATA disks for high peformance servers in production - really nobody these days! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:20:12 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:20:12 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: >> >> it is already enormous overshoot in hardware specs. And i do not really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources ok - for me it is just likes. You have higher change to have the need to move at the first place doing this :) From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 15:21:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 14:21:41 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot matter > if the whole disk-system is much faster and RAID1 has no benefit > in performance OK i would not recommend anything anymore. Normally my advices are for money. > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! > at least one person. and getting a bit of money helping other increasing performance of their setup. guess who. From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 16:04:47 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 15:04:47 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: >> >> Asking for items 600-615 from a threaded list, sorted by something, can be an expensive operation, especially if you just asked for items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. Normally there shouldn't be a need for extra caching layer except in cases of higher network latency. that is my point. and - esp. with webmail, i see no point to run such service in different place than dovecot server runs. Best - same server. Maybe - other server connected with fast LAN. From joe at tao.org.uk Sat Jun 23 18:18:40 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Sat, 23 Jun 2012 16:18:40 +0100 Subject: [Dovecot] Problems getting auto create plugin to work Message-ID: Hi there, I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? I've got this in my 20-imap.conf file: protocol imap { mail_plugins = $mail_plugins antispam autocreate } and this in my 90-plugins.conf file: plugin { autocreate = Trash autocreate2 = Spam autosubscribe = Trash autosubscribe2 = Spam ... etc } But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. Is there something else that I also need to do? Thanks, Joe From user+dovecot at localhost.localdomain.org Sat Jun 23 19:08:37 2012 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sat, 23 Jun 2012 18:08:37 +0200 Subject: [Dovecot] Problems getting auto create plugin to work In-Reply-To: References: Message-ID: <4FE5EA05.2090804@localhost.localdomain.org> On 06/23/2012 05:18 PM Dr Josef Karthauser wrote: > Hi there, > > I've configured the 'autocreate' plugin (in v.2.1.6), but it doesn't appear to be working. Can someone help me work out how to work out why please? > > I've got this in my 20-imap.conf file: > > protocol imap { > mail_plugins = $mail_plugins antispam autocreate > } > > and this in my 90-plugins.conf file: > > plugin { > autocreate = Trash > autocreate2 = Spam > autosubscribe = Trash > autosubscribe2 = Spam > > ... etc > } Don't show us configuration file snippets, always paste `doveconf -n` output. > But, the spam does not get created upon login. I've restart dovecot and restarted my mail client, but there's no hint of an spam folder. > > Is there something else that I also need to do? ,--[ http://dovecot.org/doc/NEWS-2.1 ]-- | ? | + Added mailbox {} sections, which deprecate autocreate plugin | ? `-- Have a look at the mailbox definitions configuration file: http://hg.dovecot.org/dovecot-2.1/file/tip/doc/example-config/conf.d/15-mailboxes.conf Regards, Pascal -- The trapper recommends today: deadbeef.1217518 at localdomain.org From acrow at integrafin.co.uk Sat Jun 23 20:00:52 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 18:00:52 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE1FCDB.6080503@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> Message-ID: <4FE5F644.8000606@integrafin.co.uk> On 20/06/12 17:39, Alex Crow wrote: > Hi, > > I'm trying to access the IMAP archives with Thunderbird but can't seem > to get it to work. I have tried an unencrypted connection, SSL and TLS > but with no success. Any ideas? > > Thanks > > Alex > Hi, Still stuck here - would really like to be able to access the archives in my email client... Anyone able to see the mailing list archives in Thunderbird or other IMAP clients? Are they currently down? Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From patrickdk at patrickdk.com Sat Jun 23 20:04:40 2012 From: patrickdk at patrickdk.com (Patrick Domack) Date: Sat, 23 Jun 2012 13:04:40 -0400 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A5D8.2050908@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <20120623130440.Horde.n_x2XJLnE6FP5fcoWOKAhaA@mail.patrickdk.com> Quoting Reindl Harald : > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> it is already enormous overshoot in hardware specs. And i do not >> really catch why you have "4 in parallel" servers. >> And finally i cannot understand this dividing of servers just to >> merging it back using VMWare. > > because it is a big difference if you have anything in a single > machine or splittet in virtual machines - you can move them at > runtime to different hosts and if you run out of ressources > for one of them you can buy a phyisclal machine, add it to the > cluster and move the virtual machine without any downtime > > if you have all on one machine or VM you are not scaleable Personally I found going from real hardware E51xx servers to E56xx servers to give double the performance per same speed and amount of cores for my mail server. Then moving it onto vmware slowed it down approx 15%. Overall still a let win, and using vmware for extra HA and easier maintenance is deferentially worth the slowdown. From tss at iki.fi Sat Jun 23 20:06:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:06:28 +0300 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <4FE5F644.8000606@integrafin.co.uk> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> Message-ID: <1340471188.5967.88.camel@hurina> On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: > > I'm trying to access the IMAP archives with Thunderbird but can't seem > > to get it to work. I have tried an unencrypted connection, SSL and TLS > > but with no success. Any ideas? > > > > Thanks > > > > Alex > > > Hi, > > Still stuck here - would really like to be able to access the archives > in my email client... > > Anyone able to see the mailing list archives in Thunderbird or other > IMAP clients? Are they currently down? It works fine as far as I can see, even with Thunderbird. What error do you get? From andrzej.filip at gmail.com Sat Jun 23 20:09:40 2012 From: andrzej.filip at gmail.com (Andrzej A. Filip) Date: Sat, 23 Jun 2012 19:09:40 +0200 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5A74D.2010201@thelounge.net> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> Message-ID: <4FE5F854.4050804@gmail.com> On 06/23/2012 01:23 PM, Reindl Harald wrote: > > Am 23.06.2012 13:09, schrieb Wojciech Puchar: >> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >> writes are common on mail server. > depends, it is slower than RAID5, but safer > >> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. > oh no please do not recommend SATA crap with RAID1 and think > it is faster than RAID6 - the additional writes doe snot mat > if the whole disk-system is much faster and RAID1 has no benefit > in performance > > nobody will use SATA disks for high peformance servers in > production - really nobody these days! Could you specify/define your idea of "high performance servers" land border? It may reduce the flame war. From dmalolepszy at optusnet.com.au Sat Jun 23 20:36:52 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 03:36:52 +1000 Subject: [Dovecot] SQLite dovecot query caching Message-ID: <4FE5FEB4.2050801@optusnet.com.au> Hi, I am wondering if Dovecot caches SQLite queries, and how well it works in high performance setups. I am particularly interested because in the below thread SQLite has been suggested as a means of Dovecot proxying connections to different ports. http://old.nabble.com/director%3A-non-standart-ports-at-backends-td33991991.html Cheers, Dominic. From tss at iki.fi Sat Jun 23 20:39:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 20:39:07 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE5FEB4.2050801@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> Message-ID: <1340473147.5967.89.camel@hurina> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > Hi, > > I am wondering if Dovecot caches SQLite queries, and how well it works > in high performance setups. I am particularly interested because in the > below thread SQLite has been suggested as a means of Dovecot proxying > connections to different ports. You can enable auth cache: http://wiki2.dovecot.org/Authentication/Caching From acrow at integrafin.co.uk Sat Jun 23 21:10:37 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 19:10:37 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE5F854.4050804@gmail.com> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> Message-ID: <4FE6069D.2050703@integrafin.co.uk> On 23/06/12 18:09, Andrzej A. Filip wrote: > On 06/23/2012 01:23 PM, Reindl Harald wrote: >> Am 23.06.2012 13:09, schrieb Wojciech Puchar: >>> Finally i would recommend to get rid of RAID6. It's terribly slow on writes and >>> writes are common on mail server. >> depends, it is slower than RAID5, but safer >> >>> Buy cheapest but largest SATA drive and use RAID1 (or RAID1+0) setup. >> oh no please do not recommend SATA crap with RAID1 and think >> it is faster than RAID6 - the additional writes doe snot mat >> if the whole disk-system is much faster and RAID1 has no benefit >> in performance >> >> nobody will use SATA disks for high peformance servers in >> production - really nobody these days! > Could you specify/define your idea of "high performance servers" land > border? > It may reduce the flame war. > Hi, With dovecot, you can separate indexes and email, and with dbox/mdbox, have ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. Note: with *dbox your indexes are the only place your mail flags are kept, so don't risk a single drive or even RAID5 for your index store. This is what I am moving into production from dovecot 1.x on a single RAID6 array (hardware, LSI controller, 6 10k SAS drives in RAID10) which has served very well for a while but is not getting too small for all our mail. Performance has been good for up to 350 users, average mailbox size >4G, about 25-35k incoming mails per day. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 21:20:24 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 04:20:24 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340473147.5967.89.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> Message-ID: <4FE608E8.6090106@optusnet.com.au> On 24/06/12 3:39 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >> Hi, >> >> I am wondering if Dovecot caches SQLite queries, and how well it works >> in high performance setups. I am particularly interested because in the >> below thread SQLite has been suggested as a means of Dovecot proxying >> connections to different ports. > You can enable auth cache: > http://wiki2.dovecot.org/Authentication/Caching > > This is a per user caching though, it will still have to perform a sql look up each time a unique user authenticates to determine what port the proxy should forward each connection. Is that accurate? From wojtek at wojtek.tensor.gdynia.pl Sat Jun 23 21:21:05 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Sat, 23 Jun 2012 20:21:05 +0200 (CEST) Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE6069D.2050703@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: > ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, > recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go > on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. But at least an improvement From tss at iki.fi Sat Jun 23 21:57:08 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 23 Jun 2012 21:57:08 +0300 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <4FE608E8.6090106@optusnet.com.au> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> Message-ID: <1340477828.5967.91.camel@hurina> On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: > On 24/06/12 3:39 AM, Timo Sirainen wrote: > > On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: > >> Hi, > >> > >> I am wondering if Dovecot caches SQLite queries, and how well it works > >> in high performance setups. I am particularly interested because in the > >> below thread SQLite has been suggested as a means of Dovecot proxying > >> connections to different ports. > > You can enable auth cache: > > http://wiki2.dovecot.org/Authentication/Caching > > > > > > This is a per user caching though, it will still have to perform a sql > look up each time a unique user authenticates to determine what port the > proxy should forward each connection. Is that accurate? It caches the passdb lookup. The cache key consists of the given % variables in the SQL query. So if your SQL query doesn't contain %n/%u then the cache doesn't add per-user entries. From acrow at integrafin.co.uk Sat Jun 23 22:06:31 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 20:06:31 +0100 Subject: [Dovecot] Dovecot list IMAP archives with thunderbird? In-Reply-To: <1340471188.5967.88.camel@hurina> References: <4FE1FCDB.6080503@integrafin.co.uk> <4FE5F644.8000606@integrafin.co.uk> <1340471188.5967.88.camel@hurina> Message-ID: <4FE613B7.7080809@integrafin.co.uk> On 23/06/12 18:06, Timo Sirainen wrote: > On Sat, 2012-06-23 at 18:00 +0100, Alex Crow wrote: >>> I'm trying to access the IMAP archives with Thunderbird but can't seem >>> to get it to work. I have tried an unencrypted connection, SSL and TLS >>> but with no success. Any ideas? >>> >>> Thanks >>> >>> Alex >>> >> Hi, >> >> Still stuck here - would really like to be able to access the archives >> in my email client... >> >> Anyone able to see the mailing list archives in Thunderbird or other >> IMAP clients? Are they currently down? > It works fine as far as I can see, even with Thunderbird. What error do > you get? > > > Hi Timo, No errors at all, I just never see any folder list or messages - tcpdump shows a few packets only when TLS mode is selected, but nothing after that, Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From dmalolepszy at optusnet.com.au Sat Jun 23 22:07:48 2012 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Sun, 24 Jun 2012 05:07:48 +1000 Subject: [Dovecot] SQLite dovecot query caching In-Reply-To: <1340477828.5967.91.camel@hurina> References: <4FE5FEB4.2050801@optusnet.com.au> <1340473147.5967.89.camel@hurina> <4FE608E8.6090106@optusnet.com.au> <1340477828.5967.91.camel@hurina> Message-ID: <4FE61404.1030102@optusnet.com.au> On 24/06/12 4:57 AM, Timo Sirainen wrote: > On Sun, 2012-06-24 at 04:20 +1000, Dominic Malolepszy wrote: >> On 24/06/12 3:39 AM, Timo Sirainen wrote: >>> On Sun, 2012-06-24 at 03:36 +1000, Dominic Malolepszy wrote: >>>> Hi, >>>> >>>> I am wondering if Dovecot caches SQLite queries, and how well it works >>>> in high performance setups. I am particularly interested because in the >>>> below thread SQLite has been suggested as a means of Dovecot proxying >>>> connections to different ports. >>> You can enable auth cache: >>> http://wiki2.dovecot.org/Authentication/Caching >>> >>> >> This is a per user caching though, it will still have to perform a sql >> look up each time a unique user authenticates to determine what port the >> proxy should forward each connection. Is that accurate? > It caches the passdb lookup. The cache key consists of the given % > variables in the SQL query. So if your SQL query doesn't contain %n/%u > then the cache doesn't add per-user entries. > > Thanks Timo, I re-read the link you sent me, and it makes a lot more sense now. I will play around with the different variables (especially the port related ones), to get the desired result. Gah its late I should go to sleep! From lists at svrinformatica.it Sat Jun 23 23:39:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 22:39:43 +0200 Subject: [Dovecot] 2.0.19 segfault Message-ID: <4FE6298F.6050502@svrinformatica.it> Hi, after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): child 6714 killed with signal 11 (core dumps disabled) I tested 2.0.21 and the problem is still here. The problem seems to appear only when the client is ms outlook, thunderbird works fine Here is the captured trace (I hope this is enough and I don't need to install debug symbols for everythings): Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (gdb) bt full #0 0x00007f4d01c1a031 in RC4 () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 No symbol table info available. #5 0x00007f4d01f82bcf in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #6 0x00007f4d01f79e04 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #7 0x00007f4d01f7a134 in ?? () from /lib/x86_64-linux-gnu/libssl.so.1.0.0 No symbol table info available. #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true ---Type to continue, or q to quit--- #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = ---Type to continue, or q to quit--- login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #16 0x00007f4d02c2d5a9 in _start () No symbol table info available. Nicola From acrow at integrafin.co.uk Sun Jun 24 00:13:28 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Sat, 23 Jun 2012 22:13:28 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> Message-ID: <4FE63178.9040203@integrafin.co.uk> On 23/06/12 19:21, Wojciech Puchar wrote: >> ALT storage, so for instance you could keep your indexes in a RAID10 >> of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and >> older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a >> NAS via NFS. > > far better solution but still about 2-3 times more $/performance than > needed, and more complex than needed. > > But at least an improvement > I'd respectfully disagree. If you only keep the most recent few weeks of email you could use reasonably priced SSDs for the indexes and perhaps downgrade to SATA for your "hot" store, both of which should be max 10% of your total space with more than a few months of email. My driving factor was to have different spindle sets for each purpose. Who knows, I might have overspent and could have done it with 3 separate SATA arrays. OTOH what about an SSD caching kit on your server? Supermicro at least do them (well, my UK vendor offers them). Just have a load of big SATA drives and use the kit for caching. The last time I looked a 256GB kit was about UKP 500. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at svrinformatica.it Sun Jun 24 00:34:47 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 23 Jun 2012 23:34:47 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <4FE63677.9080900@svrinformatica.it> Il 23/06/2012 22:39, Mailing List SVR ha scritto: > Hi, > > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot > 2.0.19 (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine > > Here is the captured trace (I hope this is enough and I don't need to > install debug symbols for everythings): > > Core was generated by `dovecot/imap-login -D'. > Program terminated with signal 11, Segmentation fault. > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > (gdb) bt full > #0 0x00007f4d01c1a031 in RC4 () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #1 0x0000000000000134 in ?? () > No symbol table info available. > #2 0x00000000000000cd in ?? () > No symbol table info available. > #3 0x00007f4d03e97470 in ?? () > No symbol table info available. > #4 0x00007f4d01c80629 in ?? () from > /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 > No symbol table info available. > #5 0x00007f4d01f82bcf in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #6 0x00007f4d01f79e04 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #7 0x00007f4d01f7a134 in ?? () from > /lib/x86_64-linux-gnu/libssl.so.1.0.0 > No symbol table info available. > #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:499 > ret = > #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) > at ssl-proxy-openssl.c:308 > ret = > corked = true > ---Type to continue, or q to quit--- > #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at > ioloop.c:384 > ioloop = 0x7f4d03e3e680 > t_id = 2 > #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) > at ioloop-epoll.c:213 > ctx = 0x7f4d03e505a0 > events = 0x6579351d > event = 0x7f4d03e50610 > list = 0x7f4d03e93690 > io = > tv = {tv_sec = 59, tv_usec = 999832} > msecs = > ret = 1 > i = > call = > #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at > ioloop.c:405 > No locals. > #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, > callback=) at master-service.c:481 > No locals. > #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at > main.c:371 > set_pool = 0x7f4d03e3e880 > allow_core_dumps = > ---Type to continue, or q to quit--- > login_socket = 0x7f4d02800763 "login" > c = > #15 0x00007f4d021d676d in __libc_start_main () > from /lib/x86_64-linux-gnu/libc.so.6 > No symbol table info available. > #16 0x00007f4d02c2d5a9 in _start () > No symbol table info available. > > Nicola > Here is a more detailed trace, Core was generated by `dovecot/imap-login -D'. Program terminated with signal 11, Segmentation fault. #0 RC4 () at rc4-x86_64.s:343 343 rc4-x86_64.s: File o directory non esistente. (gdb) bt full #0 RC4 () at rc4-x86_64.s:343 No locals. #1 0x0000000000000134 in ?? () No symbol table info available. #2 0x00000000000000cd in ?? () No symbol table info available. #3 0x00007f4d03e97470 in ?? () No symbol table info available. #4 0x00007f4d01c80629 in rc4_hmac_md5_cipher (ctx=, out=0x7f4d03e8d0b8 "\314V\347\335Lc\024\205\221'?\006\177\313\326?\313\317\303c\266\360\347\364\263\242\316z\326\307\320\303?\242`\303\321?\313?\177\315\305\313?\320\307u\307\320\320\303\316?z?\307\314\303\300\316v\242\313\306\316?\321c\030T SORT=DISPLAY\301\021\222RC\005D=R\244\237T\342\004\"\020ES TH\003\246AD=\247\032FS \351ULTIA&\315\025N8\032\341\255\364EZ\376\236\062 CHILDREN\\\b{\250\240\255PACE U\216\331\nLUS LIST-EXTENDED I18NLEVEL=h CO"..., in=, len=0) at e_rc4_hmac_md5.c:163 key = 0x1a rc4_off = 139968754799079 md5_off = blocks = l = plen = #5 0x00007f4d01f82bcf in tls1_enc (s=0x7f4d03e7b700, send=1) at t1_enc.c:828 ---Type to continue, or q to quit--- rec = 0x7f4d03e7bcb8 ds = 0x7f4d03e95cf0 l = 308 bs = 1 i = ii = j = k = pad = enc = 0x7f4d01f4eae0 #6 0x00007f4d01f79e04 in do_ssl3_write (s=0x7f4d03e7b700, type=23, buf=0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"..., len=292, create_empty_fragment=0) at s3_pkt.c:815 p = plen = 0x7f4d03e8d0b6 "" i = mac_size = 0 clear = prefix_len = eivlen = align = ---Type to continue, or q to quit--- wr = 0x7f4d03e7bcb8 wb = 0x7f4d03e7bc68 sess = #7 0x00007f4d01f7a134 in ssl3_write_bytes (s=0x7f4d03e7b700, type=23, buf_=0x7f4d03e7c514, len=) at s3_pkt.c:605 buf = 0x7f4d03e7c514 "A0 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CO"... tot = 0 n = 292 nw = i = #8 0x00007f4d027fed6f in ssl_write (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:499 ret = #9 0x00007f4d027fee68 in plain_read (proxy=0x7f4d03e7c0a0) at ssl-proxy-openssl.c:308 ret = corked = true #10 0x00007f4d025b5c98 in io_loop_call_io (io=0x7f4d03e84b10) at ioloop.c:384 ioloop = 0x7f4d03e3e680 t_id = 2 #11 0x00007f4d025b6d27 in io_loop_handler_run (ioloop=) ---Type to continue, or q to quit--- at ioloop-epoll.c:213 ctx = 0x7f4d03e505a0 events = 0x6579351d event = 0x7f4d03e50610 list = 0x7f4d03e93690 io = tv = {tv_sec = 59, tv_usec = 999832} msecs = ret = 1 i = call = #12 0x00007f4d025b5c28 in io_loop_run (ioloop=0x7f4d03e3e680) at ioloop.c:405 No locals. #13 0x00007f4d025a3e33 in master_service_run (service=0x7f4d03e3e550, callback=) at master-service.c:481 No locals. #14 0x00007f4d027f7cc2 in main (argc=2, argv=0x7f4d03e3e370) at main.c:371 set_pool = 0x7f4d03e3e880 allow_core_dumps = login_socket = 0x7f4d02800763 "login" c = #15 0x00007f4d021d676d in __libc_start_main (main=0x7f4d027f7a60

, argc=2, ubp_av=0x7fff37290a68, init=, fini=, ---Type to continue, or q to quit--- rtld_fini=, stack_end=0x7fff37290a58) at libc-start.c:226 result = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -1085834845464457622, 139968735532416, 140734118824544, 0, 0, 1085429787565592170, 1041548453329079914}, mask_was_saved = 0}}, priv = {pad = { 0x0, 0x0, 0x7fff37290a80, 0x1}, data = {prev = 0x0, cleanup = 0x0, canceltype = 925436544}}} not_first_call = #16 0x00007f4d02c2d5a9 in _start () Nicola From bdh at machinehum.com Sun Jun 24 01:01:47 2012 From: bdh at machinehum.com (Brian Hayden) Date: Sat, 23 Jun 2012 17:01:47 -0500 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <4FE63178.9040203@integrafin.co.uk> References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A74D.2010201@thelounge.net> <4FE5F854.4050804@gmail.com> <4FE6069D.2050703@integrafin.co.uk> <4FE63178.9040203@integrafin.co.uk> Message-ID: > On 23/06/12 19:21, Wojciech Puchar wrote: >>> ALT storage, so for instance you could keep your indexes in a RAID10 of SSDs, recent email on a RAID10 of 10kRPM/15kRPM SAS drives, and older email can go on a load of 5k/7.2k SATA drives in RAID6, or on a NAS via NFS. >> >> far better solution but still about 2-3 times more $/performance than needed, and more complex than needed. >> >> But at least an improvement Wojciech, how many users, does your installation serve? Not raw account numbers, but real users? The things you're saying sound mostly applicable to a small, easily-dictated env. -Brian From tss at iki.fi Sun Jun 24 01:05:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 01:05:09 +0300 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE6298F.6050502@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> Message-ID: <1340489109.5967.94.camel@hurina> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 > (ubuntu precise), in my logs I have a lot of these errors: > > Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): > child 6714 killed with signal 11 (core dumps disabled) > > I tested 2.0.21 and the problem is still here. The problem seems to > appear only when the client is ms outlook, thunderbird works fine Looks to me more like OpenSSL library bug. The only reason why it could be Dovecot bug is if Dovecot is causing memory corruption. Could you run imap-login via valgrind to see if this is the case? service imap-login { executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login chroot = } Also have you changed any ssl-related settings in dovecot.conf? From lists at svrinformatica.it Sun Jun 24 01:27:45 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 00:27:45 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <1340489109.5967.94.camel@hurina> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE642E1.5070609@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > attached my complete configuration, I hope there is a mistake in my config I looked at the code and there was no relevant change from dovecot 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated openssl too and this could be the problem, however is not clear to me while imap over ssl works fine with thunderdird and I see the crash in the logs for customers that seems to use ms outlook, Nicola > -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.svrinformatica.it last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at svrinformatica.it protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> Message-ID: <4FE647FD.4060400@svrinformatica.it> Il 24/06/2012 00:05, Timo Sirainen ha scritto: > On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: > >> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot 2.0.19 >> (ubuntu precise), in my logs I have a lot of these errors: >> >> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >> child 6714 killed with signal 11 (core dumps disabled) >> >> I tested 2.0.21 and the problem is still here. The problem seems to >> appear only when the client is ms outlook, thunderbird works fine > Looks to me more like OpenSSL library bug. the bug seems related to this patch: http://cvs.openssl.org/chngview?cn=22415 I'm applying just now > The only reason why it could > be Dovecot bug is if Dovecot is causing memory corruption. Could you run > imap-login via valgrind to see if this is the case? > > service imap-login { > executable = /usr/bin/valgrind -q --vgdb=no /usr/local/libexec/dovecot/imap-login > chroot = > } > > Also have you changed any ssl-related settings in dovecot.conf? > > > From lists at svrinformatica.it Sun Jun 24 02:05:43 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sun, 24 Jun 2012 01:05:43 +0200 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE647FD.4060400@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE647FD.4060400@svrinformatica.it> Message-ID: <4FE64BC7.7020204@svrinformatica.it> Il 24/06/2012 00:49, Mailing List SVR ha scritto: > Il 24/06/2012 00:05, Timo Sirainen ha scritto: >> On Sat, 2012-06-23 at 22:39 +0200, Mailing List SVR wrote: >> >>> after the upgrade from dovecot 2.0.13 (ubuntu oneiric) to dovecot >>> 2.0.19 >>> (ubuntu precise), in my logs I have a lot of these errors: >>> >>> Jun 23 00:20:29 server1 dovecot: master: Error: service(imap-login): >>> child 6714 killed with signal 11 (core dumps disabled) >>> >>> I tested 2.0.21 and the problem is still here. The problem seems to >>> appear only when the client is ms outlook, thunderbird works fine >> Looks to me more like OpenSSL library bug. > > the bug seems related to this patch: > > http://cvs.openssl.org/chngview?cn=22415 > > I'm applying just now I can confirm that the patch listed above solve the problem, thanks for pointing me to openssl, Nicola > >> The only reason why it could >> be Dovecot bug is if Dovecot is causing memory corruption. Could you run >> imap-login via valgrind to see if this is the case? >> >> service imap-login { >> executable = /usr/bin/valgrind -q --vgdb=no >> /usr/local/libexec/dovecot/imap-login >> chroot = >> } >> >> Also have you changed any ssl-related settings in dovecot.conf? >> >> >> > > > From dovecot at r.paypc.com Sun Jun 24 02:57:09 2012 From: dovecot at r.paypc.com (Robin) Date: Sat, 23 Jun 2012 16:57:09 -0700 Subject: [Dovecot] 2.0.19 segfault In-Reply-To: <4FE642E1.5070609@svrinformatica.it> References: <4FE6298F.6050502@svrinformatica.it> <1340489109.5967.94.camel@hurina> <4FE642E1.5070609@svrinformatica.it> Message-ID: <4FE657D5.8060205@r.paypc.com> On 6/23/2012 3:27 PM, Mailing List SVR wrote: > I looked at the code and there was no relevant change from dovecot > 2.0.13 and dovecot 2.0.19, upgrading between ubuntu releases updated > openssl too and this could be the problem, > > however is not clear to me while imap over ssl works fine with > thunderdird and I see the crash in the logs for customers that seems to > use ms outlook, There have been many interactions between OpenSSL (and some other SSL implementations) and some versions of schannel.dll (the system library responsible for SSL connections, used by Outlook and Internet Explorer, amongst other tools). M$ has released hotfixes addressing various problems in schannel.dll in the past, such as: http://support.microsoft.com/kb/933430 There is a fair bit of write-up online about how to configure your SSL servers to avoid problematic ciphers and socket configurations that help you avoid tripping over most of the bugs. For example: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie Whenever SSL is involved in the transaction process, always include it in your debug process as SSL negotiation is non-trivial and has been often fraught with some peril. =R= From spraker at yahoo.com Sun Jun 24 03:10:29 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:10:29 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 Message-ID: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Hello all, Just upgraded from Ubuntu 10.04 to 12.04 on a server today and went through a few issues that I finally got corrected with many different services. However, one of them - I absolutely cannot figure out. I was using Dovecot 1 in Ubuntu 10.04 - but in Ubuntu 12.04, it has been upgraded to Dovecot 2. Finally managed to get the configuration to work and get it to use MySQL as the back-end authentication method (had to install the dovecot-mysql package). But, I cannot get quotas to work. The moment I uncomment a quota line, Dovecot fails to start. Would appreciate any help with this. I am not using any of the individual configuration files on the conf.d folder - simply the dovecot.conf and dovecot-sql.conf file. Here is a copy of those. You can see the one commented line (mail_plugins under imap) simply will not work - but yet the one under POP works (although I don't think it is used): base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 33 last_valid_uid = 33 listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " mail_privileged_group = www-data passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { quota = maildir quota_rule = Trash:storage=100M } protocols = imap pop3 service auth { user = root } service imap-login { executable = /usr/lib/dovecot/imap-login } service imap { executable = /usr/lib/dovecot/imap } ssl = no userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol imap { imap_client_workarounds = mail_plugin_dir = /usr/lib/dovecot/modules/imap # mail_plugins = quota imap_quota } protocol pop3 { mail_plugins = quota pop3_uidl_format = %08Xu%08Xv } And for the dovecot-sql.conf file (passwords changed, of course): driver = mysql connect = dbname=horde user= password= host=localhost default_pass_scheme = PLAIN password_query = SELECT user_uid as user, user_pass as password FROM horde_users WHERE user_uid = '%u'; user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; I did not update the dovecot-sql.conf file at all - so I don't know if there maybe be some configuration issue with how it is pulling the quota limit from the database. Quotas are in bytes in the database. Certainly would appreciate any help with this. I went through the Dovecot Quota Configuration in the wiki but it wasn't any help - as I basically already have that line in the config file, but it will fail to start Dovecot. Thank you! Brian S. From tss at iki.fi Sun Jun 24 03:23:16 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:23:16 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.10, Brian Spraker wrote: > plugin { > quota = maildir > quota_rule = Trash:storage=100M This should be quota_rule2. Otherwise you'll just overwrite this here: > } > user_query = SELECT uid, gid, home, maildir, concat('maildir:storage=', quota) AS quota FROM horde_users WHERE user_uid = '%u'; You didn't update the quota configuration in here. Should be: concat('*:storage=', quota) AS quota_rule. BTW. This change happened during Dovecot v1.0 -> v1.1 change. Years ago for most people. :) From spraker at yahoo.com Sun Jun 24 03:29:47 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:29:47 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:23 PM > On 24.6.2012, at 3.10, Brian Spraker > wrote: > > > plugin { > >? quota = maildir > >? quota_rule = Trash:storage=100M > > This should be quota_rule2. Otherwise you'll just overwrite > this here: > > > } > > > user_query = SELECT uid, gid, home, maildir, > concat('maildir:storage=', quota) AS quota FROM horde_users > WHERE user_uid = '%u'; > > You didn't update the quota configuration in here. Should > be: concat('*:storage=', quota) AS quota_rule. > > BTW. This change happened during Dovecot v1.0 -> v1.1 > change. Years ago for most people. :) > > Thank you, Timo. I have made this change. However, I do remember before when I set set something as "quota_rule2", it was being ignored for some reason. I have updated at your response though. This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. Error in the syslog says: init: dovecot main process (xxxxx) terminated with status 89 Brian S. From tss at iki.fi Sun Jun 24 03:33:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:33:14 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340497787.45659.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.29, Brian Spraker wrote: > This still didn't correct the issue - and Dovecot won't start when I have the mail_plugins line under 'protocol imap' uncommented. You should also enable quota globally so it will work for doveadm and other tools you may end up using. > Error in the syslog says: > > init: dovecot main process (xxxxx) terminated with status 89 There should be another error message before this. From spraker at yahoo.com Sun Jun 24 03:45:03 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 17:45:03 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:33 PM > On 24.6.2012, at 3.29, Brian Spraker > wrote: > > > This still didn't correct the issue - and Dovecot won't > start when I have the mail_plugins line under 'protocol > imap' uncommented. > > You should also enable quota globally so it will work for > doveadm and other tools you may end up using. > > > Error in the syslog says: > > > > init: dovecot main process (xxxxx) terminated with > status 89 > > There should be another error message before this. > > Thank you for the fast replies Timo. I'm not sure I understand how to enable quota to work globally..? But what would be preventing it from working under 'protocol imap' as it did before? As for the log, here is the other lines that appeared above it: Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 From tss at iki.fi Sun Jun 24 03:51:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 03:51:12 +0300 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> References: <1340498703.67452.YahooMailClassic@web111404.mail.gq1.yahoo.com> Message-ID: On 24.6.2012, at 3.45, Brian Spraker wrote: > I'm not sure I understand how to enable quota to work globally..? Just put "mail_plugins = quota" outside protocol {} sections. > But what would be preventing it from working under 'protocol imap' as it did before? No idea, the error log should say the reason. > As for the log, here is the other lines that appeared above it: > > Jun 23 19:31:13 server dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Jun 23 19:31:13 server dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) These mean that dovecot master process was stopped by init process. Why it's doing that I have no idea. > Jun 23 19:31:13 server kernel: [100996.340925] init: dovecot main process (11580) terminated with status 89 Status 89 means that Dovecot should have logged an error about it. But I see no error here. I think Ubuntu is doing something weird. See what happens if you start dovecot using "dovecot -F" instead of any init script or such. From spraker at yahoo.com Sun Jun 24 04:01:46 2012 From: spraker at yahoo.com (Brian Spraker) Date: Sat, 23 Jun 2012 18:01:46 -0700 (PDT) Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: Message-ID: <1340499706.74316.YahooMailClassic@web111404.mail.gq1.yahoo.com> --- On Sat, 6/23/12, Timo Sirainen wrote: > From: Timo Sirainen > Subject: Re: [Dovecot] Dovecot Quotas in Version 2 > To: "Brian Spraker" > Cc: dovecot at dovecot.org > Date: Saturday, June 23, 2012, 7:51 PM > On 24.6.2012, at 3.45, Brian Spraker > wrote: > > > I'm not sure I understand how to enable quota to work > globally..? > > Just put "mail_plugins = quota" outside protocol {} > sections. > > >? But what would be preventing it from working > under 'protocol imap' as it did before? > > No idea, the error log should say the reason. > > > As for the log, here is the other lines that appeared > above it: > > > > Jun 23 19:31:13 server dovecot: master: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > Jun 23 19:31:13 server dovecot: log: Warning: Killed > with signal 15 (by pid=1 uid=0 code=kill) > > These mean that dovecot master process was stopped by init > process. Why it's doing that I have no idea. > > > Jun 23 19:31:13 server kernel: [100996.340925] init: > dovecot main process (11580) terminated with status 89 > > Status 89 means that Dovecot should have logged an error > about it. But I see no error here. I think Ubuntu is doing > something weird. See what happens if you start dovecot using > "dovecot -F" instead of any init script or such. > > Perfect! doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/imap) failed: No such file or directory I changed it to /usr/lib/dovecot/modules and now it works fine. Thank you for the help again! Brian S. From michael at think-for-yourself.org Sun Jun 24 04:21:34 2012 From: michael at think-for-yourself.org (Michael Wessel) Date: Sat, 23 Jun 2012 18:21:34 -0700 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: <20120623102555.GA5497@state-of-mind.de> References: <4FE58A52.8050708@think-for-yourself.org> <20120623102555.GA5497@state-of-mind.de> Message-ID: <4FE66B9E.1080901@think-for-yourself.org> Hi p at rick and thanks for the response. On 6/23/2012 3:25 AM, Patrick Ben Koetter wrote: > Michael, > > * Michael Wessel : >> I'm currently (re-)planning my email setup and have been doing some >> research. I have done some searches and read several threads in the >> areas of my questions here. While there are some that come close I >> haven't yet been able to get all my questions answered. >> >> I currently run a postfix, dovecot & roundcube setup and have about >> 2000 active accounts. I have a separate SMTP server for outbound >> mail and auth is done against a separate LDAP server. In front of >> the POP/IMAP server I have another SMTP (4 in parallel actually) >> server that receives and filters inbound mail through a company >> specific, proprietary filter before the mail hits the POP/IMAP >> server. LDAP & SMTP servers are ESXi VMs. > Do people use 'real' mail clients to connect and IDLE too? Yes, though not sure of the percentage. Most will likely use webmail, some will use POP and some will use IMAP with "real clients". Right now my guess would be about 20% IMAP with Outlook, Thunderbird and such, 10% POP and the rest webmail. > > >> So right now both dovecot and roundcube run on the same box which is >> a Dell PE2950 with dual quad-core Xeon, 16GB RAM and 6 1TB disks in >> RAID 6, so only local storage using maildir. So far it's been >> holding up fine, but it's beginning to show signs of overload now. I >> also expect an increase in users over the next few months up to >> somewhere between 10 - 20,000 mail boxes. Hence the re-planning. >> >> My first priority in redesigning my setup is reliability. I >> definitely need something fail-save and as close to always on as >> possible. Next is performance. And while the budget is of course >> limited for the moment I'm setting that aside and will worry about >> that when the time comes. >> >> Now here is my question(s): >> >> In order to support up to 20,000 mailboxes (distributed over several >> times-zones so they won't all be used at the same time) with a very >> reliable service with good performance, what do I actually need? >> >> Do I need(ul) SAN or is it just a "would be nice to have"? If yes, >> why and what would be appropriate for my needs? Or will a setup with >> a few more servers like the ones I already have, using something >> like DRBD and distributing services (imap, http, spamd etc) onto >> different boxes do? > Will the server enforce quota? Yes, default quota is 200MB right now, some have larger quotas and a few of those hit several GB. > > What will be the average mailbox size? Since the quota is probably going to go up some I'd guess around 400MB on average. > > Do people share content e.g. mailings with attachments that go out to all > recipients? No, only on a limited basis (like cc'ing maybe 15 or so people but even that's rare) There will be somewhat large attachments involved (20-30MB) but that's mostly between individual users and users outside my system. > > What might be the maximum number of clients using the server at one time? Hard to say with the data at hand. I have a caching IMAP proxy for webmail and that has so far recorded 50 as the highest concurrent connections. So adding IMAP users to that and then extrapolating this to 20000 total boxes I'd say 4-500. > > Will all users use the same client product e.g. roundcube? No, they have their choice of any POP3/IMAP client or webmail > > What's your backup strategy? What do you use to backup mailboxes? I was afraid someone was going to ask that question... there isn't one (it hurts just writing that!) The only "backup" currently in place is redundancy on the hardware-side plus limited (i.e. only parts of the mail store) to disk backup. The VMs are easily replaced, but if my maildir goes up in smoke tomorrow then I will probably follow shortly after! So that's definitely part of what I'm working out here. Wanted to nail down the general approach first though before looking at that. > > p at rick > From CMarcus at Media-Brokers.com Sun Jun 24 12:24:01 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 05:24:01 -0400 Subject: [Dovecot] Dovecot Quotas in Version 2 In-Reply-To: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> References: <1340496629.79833.YahooMailClassic@web111409.mail.gq1.yahoo.com> Message-ID: <4FE6DCB1.6000807@Media-Brokers.com> On 2012-06-23 8:10 PM, Brian Spraker wrote: > Would appreciate any help with this. I am not using any of the > individual configuration files on the conf.d folder - simply the > dovecot.conf and dovecot-sql.conf file. Here is a copy of those. Please don't just copy/paste from your configs, always provide doveconf -n output. This will prove that you are using the config that you *think* you are using (one problem with debian derivatives is that they often use chroot by default which can cause problems). So, if you have something in one of those other individual conf files in conf.d causing the problem, you'll see it in the doveconf -n output. Then, when providing logs, try not to censor them too much... often the real problem can be evident one or more lines above or below the line that you *think* is the most relevant... -- Best regards, Charles From c at roessner-network-solutions.com Sun Jun 24 12:58:43 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 11:58:43 +0200 Subject: [Dovecot] 2.1.7 TLS issues Message-ID: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Hi, I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? Thanks in advance -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 13:06:07 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 06:06:07 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE6E68F.6080803@Media-Brokers.com> On 2012-06-24 5:58 AM, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for > Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 > or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and > Outlook 2010 can no longer use 143/TLS correctly. Automx delvers > 143/TLS and Outlook tells me that it can not create a secure > connection. I changed automx to use 993/SSL and everything works. > Under Thunderbird 10ESR, I get a box that tells me that I need to > change settings. When I sent mail, TB told me that it could not copy > the mail to the sent folder. I also changed to 993/SSL and everything > is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over > 143/TLS. So my guess is that it has to do with OpenSSL. Did something > change in dovecot concerning TLS? Can I change options in the built > process? Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html ? -- Best regards, Charles From ckubu at so36.net Sun Jun 24 13:21:15 2012 From: ckubu at so36.net (ckubu) Date: Sun, 24 Jun 2012 12:21:15 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 Message-ID: <201206241221.16044.ckubu@so36.net> Hello, after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work properly. something went wrong in dict service connecting the postgres backend. that happens not on every connection. the db connection data are correct, no difference connecting via tcp or linux socket. dovecot log entries: Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || db- >cur_result == NULL) Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) [0x7ffc7d8e578a] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) [0x7ffc7d8e57d6] -> /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> dovecot/dict(main+0x169) [0x4059f9] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() [0x404b59] Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 killed with signal 6 (core dumps disabled) Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not connected to database Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration failed, can't update dict Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota calculation error Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not connected to database maybe i have missconfigured the dovecot system, but i don't find the mistake. can anybody give me a hint ? best wiches christoph ----- doveconf -n # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 auth_mechanisms = plain login digest-md5 cram-md5 apop auth_socket_path = /var/run/dovecot/auth-userdb auth_username_translation = %@ auth_verbose = yes auth_verbose_passwords = plain base_dir = /var/run/dovecot/ dict { acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext } disable_plaintext_auth = no first_valid_gid = 5000 first_valid_uid = 5000 hostname = mx.warenform.de last_valid_gid = 5000 last_valid_uid = 5000 listen = 178.63.63.151 2a01:4f8:121:c5::2 mail_gid = vmail mail_location = maildir:/var/vmail/%d/%n/Maildir mail_plugins = autocreate quota expire acl mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { special_use = \Junk } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext driver = sql } plugin { acl = vfile acl_shared_dict = proxy::acl autocreate = Spam autocreate2 = Sent autocreate3 = Trash autocreate4 = Drafts autosubscribe = Spam autosubscribe2 = Sent autosubscribe3 = Trash autosubscribe4 = Drafts expire = Trash expire2 = Trash.* expire3 = Spam expire_dict = proxy::expire quota = dict:User quota::proxy::quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = sieve = ~/.dovecot.sieve sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ } postmaster_address = admin at warenform.de protocols = imap pop3 sieve lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { inet_listener imap { address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener imaps { address = 178.63.63.151 2a01:4f8:121:c5::2 } process_min_avail = 16 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { address = 127.0.0.1 port = 4190 } } service pop3-login { inet_listener pop3 { address = 178.63.63.151 2a01:4f8:121:c5::2 } inet_listener pop3s { address = 178.63.63.151 2a01:4f8:121:c5::2 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } shutdown_clients = no ssl_cert = References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> Message-ID: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> > Maybe related to the OpenSSL bug that caused the problem (it sometimes helps to read/search emails on this list before posting) discussed just yesterday in this thread: > > http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html well, the packages I built are still running under 10.04 and therefor the library has not been upgraded to 1.0.1. This is the reason for this post. My question is, if doevcot got some code or anything else that focuses on the newer 1.0.1 library, and maybe broke something in older versions? -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Jun 24 14:22:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 24 Jun 2012 07:22:58 -0400 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <4FE6E68F.6080803@Media-Brokers.com> <46FA7370-959B-47CD-B0EB-0BCDFA1B3511@roessner-network-solutions.com> Message-ID: <4FE6F892.5010004@Media-Brokers.com> On 2012-06-24 6:42 AM, Christian R??ner wrote: >> Maybe related to the OpenSSL bug that caused the problem (it >> sometimes helps to read/search emails on this list before posting) >> discussed just yesterday in this thread: >> >> http://www.mail-archive.com/dovecot at dovecot.org/msg45828.html > well, the packages I built are still running under 10.04 and therefor > the library has not been upgraded to 1.0.1. This is the reason for > this post. My question is, if doevcot got some code or anything else > that focuses on the newer 1.0.1 library, and maybe broke something in > older versions? Ah, ok, missed that... Well, sorry I can't help, hopefully Timo will have an answer for you... -- Best regards, Charles From tss at iki.fi Sun Jun 24 17:19:15 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Jun 2012 17:19:15 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: On 24.6.2012, at 12.58, Christian R??ner wrote: > I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. > > At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? What was the Dovecot version you were using previously which worked? From r.vicinus at metaways.de Sun Jun 24 18:57:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Sun, 24 Jun 2012 17:57:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup Message-ID: <4FE738E9.6040706@metaways.de> Hi, i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: http://wiki2.dovecot.org/Migration/Dsync i first tried (local-mailbox port 18143 is the non dovecot imap server): /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: and got the following error: dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Sometimes (every other time?) i got the following segmentation fault: bt #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 #2 0x00007f15e32853fe in imapc_command_reply_free (conn=0x72f040) at imapc-connection.c:946 #3 imapc_connection_input_tagged (conn=0x72f040) at imapc-connection.c:1039 #4 0x00007f15e3285668 in imapc_connection_input_one (conn=0x72f040) at imapc-connection.c:1085 #5 imapc_connection_input_pending (conn=0x72f040) at imapc-connection.c:1407 #6 0x00007f15e3285922 in imapc_connection_input (conn=0x72f040) at imapc-connection.c:1100 #7 0x00007f15e2fe6176 in io_loop_call_io (io=0x792510) at ioloop.c:379 #8 0x00007f15e2fe71ff in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 #9 0x00007f15e2fe6118 in io_loop_run (ioloop=0x7529a0) at ioloop.c:398 #10 0x00007f15e3281e49 in imapc_client_run_pre (client=0x7333e0) at imapc-client.c:142 #11 imapc_client_run (client=0x7333e0) at imapc-client.c:161 #12 0x00007f15e3280f24 in imapc_storage_run (storage=0x732bd0) at imapc-storage.c:118 #13 0x00007f15e327f003 in imapc_save_append (_ctx=0x74dcb0) at imapc-save.c:232 #14 imapc_save_finish (_ctx=0x74dcb0) at imapc-save.c:255 #15 0x00007f15e1bf06a1 in quota_save_finish (ctx=0x74dcb0) at quota-storage.c:227 #16 0x00007f15e3292487 in mailbox_save_finish (_ctx=0x7f15e2d4ca40) at mail-storage.c:1669 #17 0x000000000042b736 in local_worker_save_msg_continue (worker=0x73c770) at dsync-worker-local.c:1681 #18 0x000000000042b98c in local_worker_msg_save (_worker=0x73c770, msg=0x7f15e38e4298, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker-local.c:1739 #19 0x000000000042b0d9 in dsync_worker_msg_save (worker=0x73c770, msg=, data=0x7fff56096db0, callback=0x4269f0 , context=0x78a610) at dsync-worker.c:234 #20 0x0000000000426ac5 in msg_get_callback (result=, data=0x7fff56096db0, context=0x78a610) at dsync-brain-msgs-new.c:79 #21 0x000000000042dca9 in local_worker_msg_get_next (worker=0x726f30, get=0x7fff56096e00) at dsync-worker-local.c:1844 #22 0x000000000042def8 in local_worker_msg_get (_worker=0x0, mailbox=, uid=3805596224, callback=0x2670, context=0x58) at dsync-worker-local.c:1865 #23 0x000000000042ace6 in dsync_worker_msg_get (worker=0x726f30, mailbox=0x7f15e38e40f1, uid=1, callback=0x426a40 , context=) at dsync-worker.c:261 #24 0x000000000042689e in dsync_brain_msg_sync_add_new_msg (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:181 #25 dsync_brain_mailbox_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:216 #26 dsync_brain_msg_sync_add_new_msgs (iter=0x7f15e38e41d8) at dsync-brain-msgs-new.c:315 #27 0x0000000000426164 in dsync_brain_msg_sync_more (sync=0x7f15e38e4050) at dsync-brain-msgs.c:436 #28 0x0000000000424979 in dsync_brain_sync_msgs (brain=0x7351c0) at dsync-brain.c:736 #29 dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:857 #30 0x0000000000425849 in dsync_brain_subs_list_finished (context=0x750fa0) at dsync-brain.c:169 #31 dsync_worker_subs_input (context=0x750fa0) at dsync-brain.c:222 #32 0x0000000000424cbd in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:842 #33 0x00000000004256bc in dsync_brain_mailbox_list_finished (context=0x743a60) at dsync-brain.c:98 #34 dsync_worker_mailbox_input (context=0x743a60) at dsync-brain.c:125 #35 0x0000000000424afe in dsync_brain_sync (brain=0x7351c0) at dsync-brain.c:833 #36 0x0000000000425568 in dsync_brain_sync_all (brain=0x7351c0) at dsync-brain.c:897 #37 0x0000000000422ad6 in cmd_dsync_start (ctx=0x706560, worker1=, worker2=) at doveadm-dsync.c:342 #38 0x0000000000422dfa in cmd_dsync_run (_ctx=0x706560, user=0x7209c0) at doveadm-dsync.c:387 #39 0x000000000040f888 in doveadm_mail_next_user (ctx=0x706560, input=, error_r=0x7fff560973d0) at doveadm-mail.c:311 #40 0x0000000000410071 in doveadm_mail_cmd (cmd=0x704880, argc=7, argv=0x6fe418) at doveadm-mail.c:518 #41 0x0000000000410501 in doveadm_mail_try_run (cmd_name=0x6fe4e4 "backup", argc=1443460960, argv=0x4377c7) at doveadm-mail.c:577 #42 0x00000000004170d1 in main (argc=7, argv=0x6fe3e8) at doveadm.c:373 The other times it shows the following error message (It seams to connect both times to the non dovecot imap server): doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=1000 gid=1000 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=1000, gid=1000, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.10.10.10:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing dsync(user at example.org): Warning: Mailbox changes caused a desync. You may want to run dsync again. dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Kind regards Reinhard From robert at schetterer.org Sun Jun 24 20:42:39 2012 From: robert at schetterer.org (Robert Schetterer) Date: Sun, 24 Jun 2012 19:42:39 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <4FE7518F.60200@schetterer.org> Am 24.06.2012 16:19, schrieb Timo Sirainen: > On 24.6.2012, at 12.58, Christian R??ner wrote: > >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? > Hi Christian, i made all the way trough all versions of dovecot trunk 2.0.x and since 2.1.5 on lucid 64 no problems at , but i recent had big problems with compile other stuff on ubuntu 12.4 with openssl ( didnt checked dovecot yet ) so my bet goes to the new ssl lib on 12.04 also there were workarounds in postfix to reflect this ssl update stuff, as far i remember hte ssl lib has some more and new features wich makes software not reflecting this ,may not work or fail sometimes, it may fixed with setup parameters i.e see here http://comments.gmane.org/gmane.mail.postfix.user/229196 --snip Viktor Dukhovni: > The OpenSSL API does not provide an interface to allow older programs > to disable new protocol versions defined in later versions of the API. > > Therefore, to disable TLS 1.1 or 1.2 one has to add code that uses > the new constants introduced with OpenSSL 1.0.1. > > Proposed patch attached. That will be a solution for Postfix 2.10. Meanwhile, for earlier Postfix releases, how much of the problem can be solved by changing from: mumble_tls_mandatory_protocols = SSLv3, TLSv1 (i.e. the current default) to: mumble_tls_mandatory_protocols = !SSLv2 I don't mind that the older Postfix versions would not be able to turn on/off protocols that didn't exist at the time Postfix was released. Wietse --snipend i guees there are equal workarounds settings possible in dovecot perhaps with ssl_cipher_list ? http://wiki.dovecot.org/SSL/DovecotConfiguration sorry lot of speculate here until not testet myself -- Best Regards MfG Robert Schetterer From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 21:23:46 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 19:23:46 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <9F4DE9B0-5EDB-4F8E-8EC9-B98856EDD4FB@JLAssocs.com> Hi, I see the plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From c at roessner-network-solutions.com Sun Jun 24 23:20:05 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 24 Jun 2012 22:20:05 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> Message-ID: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> >> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >> >> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? > > What was the Dovecot version you were using previously which worked? I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From role.Dovecot-Readers at JLAssocs.com Sun Jun 24 23:28:21 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Sun, 24 Jun 2012 21:28:21 +0100 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> On 24 Jun 2012, at 21:20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. > > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. It seems like it might not be so version-specific or even anything wrong at the server end. James. From juergen at pabel.net Sun Jun 24 23:37:00 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Sun, 24 Jun 2012 22:37:00 +0200 Subject: [Dovecot] Additional passdb result status Message-ID: <1340570220.13783.23.camel@P7230> Dear Dovecot-Team, I am implementing a plugin (for the pop3/imap process) that requires some data to provided from the authentication phase (a derivative of the password). For that, I have now implemented a passdb plugin that generates this data and I would like to "pass" this data down to the mail process (pop3/imap) via extra_fields in the reply of the authentication. The general idea is that my custom passdb plugin calculates the data, sets the extra_field and returns some error (authentication was not successful) so that the "real" passdb backend can be invoked to "really" validate the authentication data. However, in auth_request_handle_passdb_callback() the extra_fields are reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if that return code is used then any following passdb's aren't invoked any more - which makes sense with respect to user authenticiation. I would therefore like to propose that some IGNORE/CONTINUE-status to be introduced in auth/passdb.h, that would be handled in that extra_fields and possible other values are not reseted in order to allow such propagation of data from authentication process down to the mail process (which could be extracted from the reply string by parsing it). As a further implementation alternative (to the parsing of the reply string), I also propose that some new "environment" item be introduced (in auth_request) in order to allow such data passing in a generic manner. I hope you consider my proposal to be reasonable. If desired, I could implement this myself and provide a patch for merging (based on 2.0.x). If my proposal is generally unfavored, it would be great if any alternative approaches for my situation were suggested. Thanks. Regards, J?rgen PS: please reply to my e-mail (or CC me), as I have not subscribed to the dovecot list From c at roessner-network-solutions.com Mon Jun 25 01:09:10 2012 From: c at roessner-network-solutions.com (=?utf-8?Q?Christian_R=C3=B6=C3=9Fner?=) Date: Mon, 25 Jun 2012 00:09:10 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> <2FD79483-C77E-4FB8-8C93-2A2C93014B83@JLAssocs.com> Message-ID: <13AD4EF2-00E8-46E1-A5BE-39D8CFABBFD8@roessner-network-solutions.com> > >>>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>>> >>>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >>> >>> What was the Dovecot version you were using previously which worked? >> >> I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. >> >> @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > I've seen problems with all kinds of clients and servers, even with Dovecot 1.x where TLS/Auto settings fail and I simply always instruct end users to explicitly choose 993/SSL to get a good TLS connection reliably. > > It seems like it might not be so version-specific or even anything wrong at the server end. I never had such problems before. When I was coding automx, all tests succeeded with Dovecot and Outlook 2007/2010 and also Thunderbird was working perfectly. So in my opinion this is a version specific problem, as it started somewhere in 2.1.4+. I am using Dovecot since 1.0 (something like this) and never had 143/TLS problems Best regards Christian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4873 bytes Desc: not available URL: From robert at schetterer.org Mon Jun 25 01:26:41 2012 From: robert at schetterer.org (Robert Schetterer) Date: Mon, 25 Jun 2012 00:26:41 +0200 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <4FE79421.2000908@schetterer.org> Am 24.06.2012 22:20, schrieb Christian R??ner: > @Robert: I am talking about Ubuntu 10.04, so this can not be a problem with openssl itself, as that did not change > > -Christian R??ner miracle, i have no known problems with 10.04 ssl/tls 2.1.7 -- Best Regards MfG Robert Schetterer From tss at iki.fi Mon Jun 25 05:20:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 05:20:55 +0300 Subject: [Dovecot] 2.1.7 TLS issues In-Reply-To: <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> References: <824886E0-DD88-4B91-BE32-1839F449906F@roessner-network-solutions.com> <451CA0A8-E296-49DB-859A-BADACA1EFC78@roessner-network-solutions.com> Message-ID: <702E15F4-4689-477E-BE7D-6F1AB67C27E9@iki.fi> On 24.6.2012, at 23.20, Christian R??ner wrote: >>> I have an interesting problem: I am building dovecot packages for Ubuntu since 10.04. Never had bigger trouble with it. Now since 2.1.6 or 2.1.7 (I can not say more precisely), Thunderbird 10ESR and Outlook 2010 can no longer use 143/TLS correctly. Automx delvers 143/TLS and Outlook tells me that it can not create a secure connection. I changed automx to use 993/SSL and everything works. Under Thunderbird 10ESR, I get a box that tells me that I need to change settings. When I sent mail, TB told me that it could not copy the mail to the sent folder. I also changed to 993/SSL and everything is perfect. >>> >>> At the other and, Apples Mail.app and iOS devices work perfectly over 143/TLS. So my guess is that it has to do with OpenSSL. Did something change in dovecot concerning TLS? Can I change options in the built process? >> >> What was the Dovecot version you were using previously which worked? > > I am not sure which version worked. My best guess is 2.1.4 or 2.1.5, because I skipped 2.1.6. But 2.1.6 has the same issues, as my friend Uwe did report the same issues with that one. Well, there hasn't been many changes in the SSL code. The only thing I can think of is this memory leak fix, which temporarily wasn't implemented correctly. You could try what happens if you revert it: changeset: 14418:85ad4baedd43 user: Timo Sirainen date: Thu Apr 12 10:48:55 2012 +0300 summary: login: Another attempt at fixing SSL memory leak. changeset: 14417:f80f18d0ffa3 user: Timo Sirainen date: Thu Apr 12 10:41:44 2012 +0300 summary: login: Reverted memory leak fix, because it broke some SSL setups? changeset: 14416:584bd77c38fd user: Timo Sirainen date: Wed Apr 11 19:06:44 2012 +0300 summary: Memory leak fixes. From zdy0818 at gmail.com Mon Jun 25 05:52:55 2012 From: zdy0818 at gmail.com (DongYu.Zhen) Date: Mon, 25 Jun 2012 10:52:55 +0800 Subject: [Dovecot] dovecot support ms-tnef mail parser? Message-ID: <4FE7D287.6020507@gmail.com> Hello everybody, I used iRedMail Server with dovecot-1.2.0. I used OutLook2007 send a RTF mail and the mail can't be parsed normal. In dovecot maildir storage the mail body appeared ,/ / /------=_NextPart_000_0007_01CD52BC.99E1BE10 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat"/ How to parse ms-tnef mail by dovecot? Thank you. From ott at mirix.org Mon Jun 25 09:15:38 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Mon, 25 Jun 2012 08:15:38 +0200 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE7D287.6020507@gmail.com> References: <4FE7D287.6020507@gmail.com> Message-ID: <4FE8020A.7080806@mirix.org> On 2012-06-25 04:52, DongYu.Zhen wrote: > How to parse ms-tnef mail by dovecot? You can't do that directly in Dovecot. What you can do is to use a utility called tnef [1] (available in major GNU/Linux distributions) on the client to extract the data on the client. Otherwise you could use ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). I tried tnef on rare occasions and it worked. Regards, Matthias-Christian [1] http://sourceforge.net/projects/tnef/ [2] http://sourceforge.net/projects/ytnef/ [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding From kayasaman at gmail.com Mon Jun 25 10:20:39 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:20:39 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? Message-ID: Hi, I'm trying to configure a server to use SAMBA and Winbind to authenticate to Active Directory.... I managed to get this portion up and running even the Dovecot portion. For reference something similar to this guide: http://www.whitneytechnologies.com/?p=119 However PAM is slightly different: # cat /etc/pam.d/dovecot auth sufficient pam_krb5.so no_user_check validate account sufficient pam_permit.so This is what my dovecot.conf file looks like: # cat dovecot.conf # v1.2+: auth_use_winbind = yes auth_winbind_helper_path = /usr/local/bin/ntlm_auth protocols = imap # It's nice to have separate log files for Dovecot. You could do this # by changing syslog configuration also, but this is easier. log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log # Disable SSL for now. ssl = no disable_plaintext_auth = no # We're using Maildir format #mail_location = maildir:~/Maildir mail_location = mbox:/mail:INBOX=/mail/%u # Authentication configuration: auth_verbose = yes auth_debug = yes auth_username_format = %n auth_mechanisms = plain ntlm login userdb { driver = static # args = uid=501 gid=1001 home=/mail/%u args = home=/mail/%u driver = static } passdb { driver = pam args = failure_show_msg=yes } Now what I would like to know is, which is better for "virtual hosting" Maildir or mbox? Basically my requirement is that I would like to separate users via either individual folders and then put each user's mbox or Maildir in the created directory, or simply name each mbox or Maildir according to the user name. First up is this possible? Secondly, how would I go about doing it? My users are not allowed to login to the system outside of IMAP as it's a Mail only server. Currently I've been looking at many links: http://satish-linuxbug.blogspot.co.uk/2008/08/freebsd-with-active-directory-single.html http://joseph.randomnetworks.com/2005/11/08/freebsd-users-and-groups-with-samba-winbind-and-active-directory/ http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind http://wiki2.dovecot.org/TestInstallation http://wiki2.dovecot.org/VirtualUsers http://www.linuxmail.info/active-directory-dovecot-pam-authentication/ http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall I'm running dovecot version 2.1.7 on FreeBSD 8.2 x64 RELEASE. The system is not being used as an MTA server meaning that only IMAP transfers are being done using MS Outlook then filtered by Thunderbird. Regards, Kaya From trever at middleearth.sapphiresunday.org Mon Jun 25 10:27:41 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:27:41 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE812ED.9060604@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Hi, > > I'm trying to configure a server to use SAMBA and Winbind to > authenticate to Active Directory.... I managed to get this portion up > and running even the Dovecot portion. > > For reference something similar to this guide: > > http://www.whitneytechnologies.com/?p=119 > > > However PAM is slightly different: > > > # cat /etc/pam.d/dovecot > auth sufficient pam_krb5.so no_user_check validate > account sufficient pam_permit.so > > > This is what my dovecot.conf file looks like: If you are using Samba 4 (possibly recent versions of S3), any reason you are not doing krb5 and ldap (for account verification, not authentication) on dovecot instead of through pam? It is a bit harder to setup, but no text passwords. I still do pam_krb5 for devices that cannot do kerberos. I am using Maildir, but my setup is currently largely idle. Trever -- "Marxist Law of Distribution of Wealth: Shortages will be divided equally among the peasants." -- Unknown From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:28:00 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:28:00 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <201BCC0D-AD89-4A07-A4F0-13C42AFC2A63@JLAssocs.com> On 25 Jun 2012, at 08:20, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? I always use Maildir in preference to mbox . . it's just such a lovely solution, imho :) (Mind you, I'm on a *nix server, so filesystem behaviour may be a consideration for non-*nix hosts.) > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > First up is this possible? > > Secondly, how would I go about doing it? In haste, I haven't been able to check your email thoroughly, but I have used passwd with an extra field appended to each user, to identify the mailbox location. If you're authenticating against ActiveDirectory, then I guess that means generating a passwd-file style 'database' from the users in ActiveDirectory and I have no idea if that's trivial. Sorry if my rushed thoughts are too sketchy to be of use, but thought I'd share my experience in case it offers any pointers. J. From trever at middleearth.sapphiresunday.org Mon Jun 25 10:37:42 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 01:37:42 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE81546.8000202@middleearth.sapphiresunday.org> On 06/25/2012 01:20 AM, Kaya Saman wrote: > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > Sorry, I missed this at first. It is quite simple. I don't store it in passwd or any other place, since you are doing vmail, you might find this easiest: in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): mail_home = /home/vmail/%Ld/%Ln mail_location = maildir:~/Maildir in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and group used to access mails...?): mail_uid=vmail mail_gid=vmail Obviously, vmail may not be your user for vmail. Also, some of my notes may no longer be accurate for location, just find where it exists and edit. I hope this helps. Of course, this is a Maildir setup. mbox is probably very similar, but I have had too many mbox style mail queues go south losing all of the mail (or more than one would like), so I do Maildir, even though it isn't necessarily the best use of disk space. Trever -- "I do not fear computers. I fear the lack of them." -- Isaac Asimov From kayasaman at gmail.com Mon Jun 25 10:52:51 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 08:52:51 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: > > Now what I would like to know is, which is better for "virtual > hosting" Maildir or mbox? > > > Basically my requirement is that I would like to separate users via > either individual folders and then put each user's mbox or Maildir in > the created directory, or simply name each mbox or Maildir according > to the user name. > > > First up is this possible? > > > Secondly, how would I go about doing it? > > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find this > easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and > group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > > Obviously, vmail may not be your user for vmail. Also, some of my notes may > no longer be accurate for location, just find where it exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is probably very > similar, but I have had too many mbox style mail queues go south losing all > of the mail (or more than one would like), so I do Maildir, even though it > isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Thanks for the responses! Sorry if I reply to every single one in this email however, I am using Gmail's awful Web UI so I don't really have much control over what I'm doing...... To start with the reason I'm not using LDAP is because I couldn't find enough information on how to set it up! I did post here a couple of times but got no responses...... so I figured it was something that people either didn't know or found trivial. I'll take a look at the above config for Maildir format as briefly playing around with mbox it seems that folders on the / root (parent) IMAP directory are stored separately. It may be better if everything got stored under the Maildir heading.... I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! Regards, Kaya From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 10:58:45 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 08:58:45 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> On 25 Jun 2012, at 08:52, Kaya Saman wrote: > I've previously **only** ever worked with Maildir but I was told that there are some benefits to mbox which is why I decided to try to use it here! I used mbox before Dovecot, but once I found Maildir, I never looked back. I've not come up with any significant advantages of mbox that count for much in my experiences and installations . . Would be interested to hear of suggested advantages that I might have overlooked or know of reasons why they're not an issue . . not sure how much the list wants to hear, but feel free to email me direct if you want. J. From CMarcus at Media-Brokers.com Mon Jun 25 11:45:15 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:45:15 -0400 Subject: [Dovecot] dovecot support ms-tnef mail parser? In-Reply-To: <4FE8020A.7080806@mirix.org> References: <4FE7D287.6020507@gmail.com> <4FE8020A.7080806@mirix.org> Message-ID: <4FE8251B.8010008@Media-Brokers.com> On 2012-06-25 2:15 AM, Matthias-Christian Ott wrote: > On 2012-06-25 04:52, DongYu.Zhen wrote: >> How to parse ms-tnef mail by dovecot? > > You can't do that directly in Dovecot. What you can do is to use a > utility called tnef [1] (available in major GNU/Linux distributions) on > the client to extract the data on the client. Otherwise you could use > ytnef [2] with procmail or Dovecot sieve_pipe [3] on the server (see [4]). > > I tried tnef on rare occasions and it worked. > > Regards, > Matthias-Christian > > [1] http://sourceforge.net/projects/tnef/ > [2] http://sourceforge.net/projects/ytnef/ > [3] http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe > [4] http://wiki.clug.org.za/wiki/Automatic_winmail.dat_decoding Sounds like a good candidate for a plug-in. Currently I use the Lookout extension in Thunderbird to do this, but it isn't perfect... -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 11:47:55 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 04:47:55 -0400 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <4FE825BB.4030105@Media-Brokers.com> On 2012-06-24 4:37 PM, J?rgen Pabel wrote: > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. What specifically is the *purpose* of this? > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. I think it is usually preferred that you do things like this against either the current shipping/stable branch (2.1.x), or even hg (2.2)... much better chance that it would be accepted. -- Best regards, Charles From CMarcus at Media-Brokers.com Mon Jun 25 12:31:24 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:31:24 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: Message-ID: <4FE82FEC.1070109@Media-Brokers.com> On 2012-06-25 3:20 AM, Kaya Saman wrote: > # cat dovecot.conf > # v1.2+: > auth_use_winbind = yes Please always only provide output of doveconf -n, not copy/pastes from the config files. This proves (to yourself and everyone else) that you are using the config that dovecot is actually using - it this shows you mistakes like typos, certain deprecated/invalid settings, and even if you are editing the wrong config file(s). -- Best regards, Charles From kayasaman at gmail.com Mon Jun 25 12:34:35 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Mon, 25 Jun 2012 10:34:35 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE82FEC.1070109@Media-Brokers.com> References: <4FE82FEC.1070109@Media-Brokers.com> Message-ID: On Mon, Jun 25, 2012 at 10:31 AM, Charles Marcus wrote: > On 2012-06-25 3:20 AM, Kaya Saman wrote: >> >> # cat dovecot.conf >> # v1.2+: >> auth_use_winbind = yes > > > Please always only provide output of doveconf -n, not copy/pastes from the > config files. > > This proves (to yourself and everyone else) that you are using the config > that dovecot is actually using - it this shows you mistakes like typos, > certain deprecated/invalid settings, and even if you are editing the wrong > config file(s). > > -- > > Best regards, > > Charles Thanks for the tip! I didn't know of the dovecot -n command so thanks for pointing that out to me...... It's strange as I've been fiddling around with mail servers for some time in test labs at home but I still feel like I'm on the outside looking in; oh well at least this design at work is much better even though it took forever to get the PAM potion for AD sorted out. Regards, Kaya From CMarcus at Media-Brokers.com Mon Jun 25 12:44:19 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 05:44:19 -0400 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> Message-ID: <4FE832F3.3000405@Media-Brokers.com> On 2012-06-25 3:58 AM, J E Lyon wrote: > I've not come up with any significant advantages of mbox that count > for much in my experiences and installations . . Would be interested > to hear of suggested advantages that I might have overlooked One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. -- Best regards, Charles From ef at math.uni-bonn.de Mon Jun 25 12:54:02 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 11:54:02 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120619131413.GN48358@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> Message-ID: <20120625095401.GT50872@trav.math.uni-bonn.de> > With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? No-one, this one? Too simple? Too stupid? Too obvious? Not possible? From branko at majic.rs Mon Jun 25 13:01:40 2012 From: branko at majic.rs (Branko Majic) Date: Mon, 25 Jun 2012 12:01:40 +0200 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <20120625120140.033c2297@zetkin.int.primekey.se> On Mon, 25 Jun 2012 08:52:51 +0100 Kaya Saman wrote: > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. For my own use I've switched to the LDAP as provider of user information and credentials (for Dovecot/Postfix/ejabberd/anything I can get to talk to the LDAP). It's not that hard to figure out, but getting used to LDAP itself can take a little bit of time. In my case I'm using the LDAP just for checking if a user is present on the system and for authentication purposes (for the mail server). Haven't tried using quota etc with LDAP. Anything in particular you're having problems coping with? :) -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. From role.Dovecot-Readers at JLAssocs.com Mon Jun 25 13:04:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Mon, 25 Jun 2012 11:04:43 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE832F3.3000405@Media-Brokers.com> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <267BC57F-B747-4F58-B309-ACE4BDA3A88C@JLAssocs.com> <4FE832F3.3000405@Media-Brokers.com> Message-ID: On 25 Jun 2012, at 10:44, Charles Marcus wrote: > On 2012-06-25 3:58 AM, J E Lyon wrote: >> I've not come up with any significant advantages of mbox that count >> for much in my experiences and installations . . Would be interested >> to hear of suggested advantages that I might have overlooked > > One major advantage of mbox (and now mdbox) over maildir is the time it takes to back things up for larger mail stores. > > It takes much less time to compare a single mbox file that contains 20,000 messages (and rsync only the changed bits) than it does to compare read/compare 20,000 individual files (maildir)... > > I too like maildir, but am seriously considering implementing a solution where older mail is automatically archived to slower/cheaper SATA III based storage using mdbox format. Very interesting. I use "rdiff-backup" as a cronjob in the wee hours (, so the fact it takes a while to work out what to incrementally save, doesn't matter to me -- but the point is that I know it's an issue and have addressed it that way. I too have contemplated some automated archiving of older mail . . it's getting closer to needing to be addressed at some point soon I think. J. From CMarcus at Media-Brokers.com Mon Jun 25 14:39:35 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 07:39:35 -0400 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <4FE84DF7.7030707@Media-Brokers.com> On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap > server with doveadm backup as described there: What version of dovecot (doveconf -n output_? > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u > user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying > to run backup in wrong direction. Source is empty and destination is not. -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax From r.vicinus at metaways.de Mon Jun 25 15:55:48 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 14:55:48 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE84DF7.7030707@Media-Brokers.com> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> Message-ID: <4FE85FD4.8090708@metaways.de> On 25/06/12 13:39, Charles Marcus wrote: > On 2012-06-24 11:57 AM, Reinhard Vicinus wrote: >> i try to migrate mails from a non dovecot imap server to a dovecot imap >> server with doveadm backup as described there: > > What version of dovecot (doveconf -n output_? dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.10.10.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } From tss at iki.fi Mon Jun 25 17:35:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 17:35:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625095401.GT50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 12.54, Edgar Fu? wrote: >> With 1.2, is it possible to specify home, sieve and sieve_dir relative to mail_location? > No-one, this one? > > Too simple? Too stupid? Too obvious? Not possible? Mail/Sieve dirs can be relative to home dir, not vice versa.. > I know it's possible to specify everything relative to home, so I could probably use relative ~/../-type paths for mail_locatin etc., but that looks a bit awkward. Yeah, that would probably work. Maybe look into changing your directory hierarchy so mails are under home. From ef at math.uni-bonn.de Mon Jun 25 17:42:49 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 16:42:49 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> Message-ID: <20120625144248.GW50872@trav.math.uni-bonn.de> > Mail/Sieve dirs can be relative to home dir, not vice versa. OK, thanks. > Yeah, that would probably work. I'll try that. > Maybe look into changing your directory hierarchy so mails are under home. Too late. Also, as directories corresponding to IMAP folders always start with a dot, it appeared quite natural to me to have ``home'' and ``sieve'' at the same level as ``.dovecot'' (and ``cur'', for that matter). Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? From tss at iki.fi Mon Jun 25 19:37:56 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:37:56 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625144248.GW50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: On 25.6.2012, at 17.42, Edgar Fu? wrote: > Ah, and what about the WIKI ``user_attrs = .., mailDirectory=home=/var/vmail/%$'' example that I don't understand? Well, you could use a single mailDirectory LDAP attribute that expands to your mail directory to provide for all of the other home/sieve fields as well. But that requires Dovecot v2.1. From ncjeffgus at zimage.com Mon Jun 25 19:45:51 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 09:45:51 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE59A86.7020208@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> Message-ID: <1340642751.7730.2.camel@maclinux.zimage.com> On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: > > > > # 2.0.13: /etc/dovecot/dovecot.conf > > As you are aware (since you participated in the thread discussion about > this months ago), Timo is working on a total rewrite of dsync, and if > memory serves, it is mainly for 2.1+, and it is not recommend to use it > in earlier versions if you need reliability (ie, 2.0.x, as you are using)... I did try the 2.1.x version of dsync back in March. I found the version to be very unreliable. It would crash with many types of operations (e.g. maildir -> mdbox conversions). ...Jeff From tss at iki.fi Mon Jun 25 19:46:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:46:14 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE738E9.6040706@metaways.de> References: <4FE738E9.6040706@metaways.de> Message-ID: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: > > http://wiki2.dovecot.org/Migration/Dsync > > i first tried (local-mailbox port 18143 is the non dovecot imap server): > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: > > and got the following error: > > dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. > As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: Now this is copying from mdbox to imapc, which is also why you're getting the crash: > Sometimes (every other time?) i got the following segmentation fault: > > bt > #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 > #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing I think this is also because it's going to wrong direction. > i think the problem could be that the account name on the remote server and the local server is absolute identical and doveadm backup has therefore problems discerning between the two locations. But that's only a stab in the dark and any help is appreciated. Shouldn't be a problem. From CMarcus at Media-Brokers.com Mon Jun 25 19:49:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 25 Jun 2012 12:49:37 -0400 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <1340642751.7730.2.camel@maclinux.zimage.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> Message-ID: <4FE896A1.4060701@Media-Brokers.com> On 2012-06-25 12:45 PM, Jeff Gustafson wrote: > On Sat, 2012-06-23 at 06:29 -0400, Charles Marcus wrote: >>> # 2.0.13: /etc/dovecot/dovecot.conf >> As you are aware (since you participated in the thread discussion about >> this months ago), Timo is working on a total rewrite of dsync, and if >> memory serves, it is mainly for 2.1+, and it is not recommend to use it >> in earlier versions if you need reliability (ie, 2.0.x, as you are using)... > I did try the 2.1.x version of dsync back in March. I found the version > to be very unreliable. It would crash with many types of operations > (e.g. maildir -> mdbox conversions). Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. Also, that was 3 *months* ago - more than likely a lot has changed since then. I'd suggest you try again with 2.1.7... -- Best regards, Charles From tss at iki.fi Mon Jun 25 19:54:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 19:54:06 +0300 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <4FE896A1.4060701@Media-Brokers.com> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> Message-ID: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> On 25.6.2012, at 19.49, Charles Marcus wrote: >> I did try the 2.1.x version of dsync back in March. I found the version >> to be very unreliable. It would crash with many types of operations >> (e.g. maildir -> mdbox conversions). > > Well, the version in 2.0.x was problematic, which is why Timo was rewriting it from scratch. > > Also, that was 3 *months* ago - more than likely a lot has changed since then. > > I'd suggest you try again with 2.1.7... The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version of v2.0's dsync. I have no idea why v2.1's dsync would be less reliable than v2.0's. It only had bugfixes. Anyway, the GUID error could very well be because of buggy mailbox listing code in v2.0, which was rewritten for v2.1. From ef at math.uni-bonn.de Mon Jun 25 21:08:57 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Mon, 25 Jun 2012 20:08:57 +0200 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> Message-ID: <20120625180857.GX50872@trav.math.uni-bonn.de> > But that requires Dovecot v2.1. I was refering to http://wiki1.dovecot.org/VirtualUsers/Home which, to my understanding, should apply to 1.2. I don't understand the Example at the bottom: > LDAP with relative directory paths > > If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: > > user_attrs = .., mailDirectory=home=/var/vmail/%$ > Then just use mail_location = maildir:~/Maildir. From trever at middleearth.sapphiresunday.org Mon Jun 25 21:20:59 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 25 Jun 2012 12:20:59 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE8AC0B.40906@middleearth.sapphiresunday.org> On 06/25/2012 01:52 AM, Kaya Saman wrote: > On Mon, Jun 25, 2012 at 8:37 AM, Trever L. Adams > wrote: >> On 06/25/2012 01:20 AM, Kaya Saman wrote: >> >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> >> Sorry, I missed this at first. It is quite simple. I don't store it in >> passwd or any other place, since you are doing vmail, you might find this >> easiest: >> >> in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): >> >> mail_home = /home/vmail/%Ld/%Ln >> mail_location = maildir:~/Maildir >> >> in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user and >> group used to access mails...?): >> >> mail_uid=vmail >> mail_gid=vmail >> >> Obviously, vmail may not be your user for vmail. Also, some of my notes may >> no longer be accurate for location, just find where it exists and edit. >> >> I hope this helps. Of course, this is a Maildir setup. mbox is probably very >> similar, but I have had too many mbox style mail queues go south losing all >> of the mail (or more than one would like), so I do Maildir, even though it >> isn't necessarily the best use of disk space. >> >> Trever >> -- >> "I do not fear computers. I fear the lack of them." -- Isaac Asimov > Thanks for the responses! > > Sorry if I reply to every single one in this email however, I am using > Gmail's awful Web UI so I don't really have much control over what I'm > doing...... > > > To start with the reason I'm not using LDAP is because I couldn't find > enough information on how to set it up! I did post here a couple of > times but got no responses...... so I figured it was something that > people either didn't know or found trivial. Sorry, I missed these. I have been busy. Tim and others were very kind and helped me figure things out. I do not have any web sites where I can post things, so I will give an overview here and if you need help, either follow up privately or here. > > I'll take a look at the above config for Maildir format as briefly > playing around with mbox it seems that folders on the / root (parent) > IMAP directory are stored separately. It may be better if everything > got stored under the Maildir heading.... I've previously **only** ever > worked with Maildir but I was told that there are some benefits to > mbox which is why I decided to try to use it here! > > Regards, > > > Kaya > The only draw back I see with maildir is one file per message. This makes it resilient to corruption that mbox sees (if a message gets corrupted, you erase one message and that corruption won't propagate even if you leave it in place). In many setups this also leads to MUCH faster system. On unix systems this doesn't just waste disk space, it could lead to inode (or whatever your *nix of choice calls it) depletion. I haven't yet seen this in my setups. I archive most of my personal mail, so I have at least some of my mail going back to 1998, I think. Kerberos Directions: Microsoft suggests on linux systems that you create an account (separate from the HOST account) and add the appropriate user principal names. There are pros and cons to this, their way is a and doing it as part of the host account is b. a) On S4 dc (replace MAILSERVER_HOST and MAILSERVER_FQDN with host and host.example.org, in lowercase as I use the caps only to help me see what I need to change, respectively as fits your domain - i.e. not example.org and create some long random password and put it wherever you see $RANDOMPASSWORD) : /usr/local/samba/sbin/samba-tool newuser mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add imap/MAILSERVER_FQDN mail-MAILSERVER_HOST /usr/local/samba/sbin/samba-tool spn add smtp/MAILSERVER_FQDN mail-MAILSERVER_HOST /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ smtp/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ imap/MAILSERVER_FQDN --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD /root/samba-master/source4/scripting/bin/ktpass.sh --out /tmp/mail.keytab --princ mail-MAILSERVER_HOST --path-to-ldbsearch /usr/local/samba/bin/ --pass $RANDOMPASSWORD Move the mail.keytab to dovecot's main configuration directory on dovecot server (/etc/dovecot here). Then do the appropriate version of: chmod 640 /etc/dovecot/mail.keytab chown dovecot.dovenull /etc/dovecot/mail.keytab b) Make sure your local samba setup is joined to the domain. Make sure it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as part of its password management, etc. net ads keytab add smtp/mail_server_fqdn net ads keytab add imap/mail_server_fqdn You may have to edit the sam.ldb on your S4 server as many times S3 doesn't create the principals ( /usr/local/samba/bin/ldbedit -H /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ should do the trick and add userPrincipalName so that it has imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own userPrincipalName, this should give the machine account 3 userPrincipalName lines) then do the following modified for your samba krb5.keytab location (the following is how to set the extended posix ACLs on Linux, I don't know what it would be for FreeBSD, this adds read writes to dovecot user on the file krb5.keytab): setfacl -m u:dovecot:r krb5.keytab NOTE: For ldap access dovecot needs access to the krb5.keytab as I haven't figured out why, but Windows (including S4) AD doesn't like the a) method principals acting in some of the ways they need to. So, I just go with method b. Change the following or insert them into your dovecot setup modifying to fit your setup (/etc/dovecot/conf.d/10-auth.conf for me) : auth_realms = DOMAIN_FQDN auth_gssapi_hostname = HOST_FQDN auth_krb5_keytab = /etc/dovecot/mail.keytab (this is method a, b would be /etc/krb5.keytab) auth_mechanisms = gssapi gss-spnego login plain If you are using postfix anywhere, you can use dovecot as the lda (avoid messing with trying to make it deliver to the right directories, etc.) and use dovecot for the auth. Doing the later makes things overlap perfectly for auth too. LDAP (simple if you used method b, method a always gave me trouble - if people reading this know how to make method a work, I would love to read it myself as it may be more secure according to Microsoft): Create a userdb setup that reads (I do this in a file called /etc/dovecot/conf.d/auth-vmail.conf.ext): userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } Then create that dovecot-ldap.conf.ext file (again, make sure your replace DOMAIN_FQDN with example.org, or whatever it is in your setup, replacing example.org as well): hosts = DOMAIN_FQDN base = dc=example,dc=org ldap_version = 3 user_attrs = userPrincipalName=user user_filter = (&(objectClass=person)(|(mail=%u)(sAMAccountName=%u)(userPrincipalName=%u))) dn = mail-MAIL_HOST at DOMAIN_FQDN sasl_bind = yes sasl_mech = GSSAPI sasl_realm = DOMAIN_FQDN sasl_authz_id = mail-MAIL_HOST at DOMAIN_FQDN (this is for method a, method b you would think would be the machine$ account, but I found it works better without this line with method b) # For using doveadm -A: iterate_attrs = userPrincipalName=user iterate_filter = (objectClass=person) Finally, you need to do a cronjob that will keep a credential cache for the machine account around for dovecot to use to do ldap: 02 03 */2 * * /usr/bin/kinit -l 10d -k MAIL_HOST$ -c /etc/dovecot/krb5.cc && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc 03 * * * * /usr/bin/kinit -c /etc/dovecot/krb5.cc -R && /bin/chown dovecot:dovecot /etc/dovecot/krb5.cc Does the trick for me. The cronjob should be for root, hence the need for the chown. It may work as dovecot. I cannot remember if it does or not. If it does, have the cronjob be for dovecot's user. One side effect of the above ldap.conf.ext file, the mail entry (this is the mail shown in AD Users and Computers if you edit a user) becomes an alias. So, if you wish to hide users logins or have an additional email in the same domain, use the mail field (you can edit it similar to how you added the userPrincipalName above). to hide user logins, do the client setup so that it uses the alias as the from address and account name stuff while using the real login for all the login stuff. Unless I missed a step, you just need to tell Outlook, Thunderbird, etc. to do GSSAPI or SPNEGO with GSSAPI (whatever Outlook calls it). If you use postfix with dovecot lda, the aliasing stuff works. If you don't, you will have to setup some things for postfix to do the aliasing the same way. I have such ldap-users and ldap-alias.cf files. I am not sure they work as I don't remember if I ever tested them before moving to dovecot lda. They should work with method b, so long as you also add the postfix user to the read list. I find dovecot lda with sieve gives me everything I need/want, so I won't test these out. They are available to anyone upon request. Nothing here interferes with pam_krb5 stuff you mentioned. As I said, I use it myself for devices or setups that can't/don't do krb5. There you have it. I hope this helps you and others. Trever P.S. Yes, I know you said this is not an MTA box, just IMAP. I keep mentioning postfix as in my work, it works best for me and it is nice to have them work very well together. -- "Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid." -- Mark Twain From r.vicinus at metaways.de Mon Jun 25 21:21:43 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Mon, 25 Jun 2012 20:21:43 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> Message-ID: <4FE8AC37.3070606@metaways.de> On 25/06/12 18:46, Timo Sirainen wrote: > On 24.6.2012, at 18.57, Reinhard Vicinus wrote: > >> i try to migrate mails from a non dovecot imap server to a dovecot imap server with doveadm backup as described there: >> >> http://wiki2.dovecot.org/Migration/Dsync >> >> i first tried (local-mailbox port 18143 is the non dovecot imap server): >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -R -f -u user at example.org -m Sent imapc: >> >> and got the following error: >> >> dsync(user at example.org): Fatal: dsync backup: Looks like you're trying to run backup in wrong direction. Source is empty and destination is not. > Strange. -R is supposed to make it copy from imapc to mdbox.. Have you tried if Dovecot can see mails at all from the remote server? Try doveadm -o mail=imapc: -o ... fetch instead of doveadm backup command. You're right it was an error in my setup that caused this problem. After fixing that problem it now works as expected. The only thing I don't get working is running it via the doveadm-server socket with: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -S /var/run/dovecot-director/doveadm-server -R -u user at example.org imapc: In the logfile on the server there is the following error message: Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed So I think that all the -o configurations aren't transfered via the doveadm-server socket. >> As the dovecot imap account is newly created and therefore empty it seams to try to backup from the dovecot imap server to the non dovecot imap server. So i tried instead: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mailbox_list_index=no -v -D backup -f -u user at example.org -m Sent imapc: > Now this is copying from mdbox to imapc, which is also why you're getting the crash: > >> Sometimes (every other time?) i got the following segmentation fault: >> >> bt >> #0 0x00007f15e2c9ed74 in strcasecmp () from /lib/libc.so.6 >> #1 0x00007f15e327eaff in imapc_save_callback (reply=0x7fff56096a70, context=) at imapc-save.c:168 > Note how it's saving a mail to imapc. But still, that's a bug, fixed: http://hg.dovecot.org/dovecot-2.1/rev/20703dbd1168 > >> dsync(user at example.org): Warning: Destination mailbox Sent has been modified, need to recreate it before we can continue syncing > I think this is also because it's going to wrong direction. Yes, the problem there was that it was the wrong direction. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: director.conf.txt URL: From tss at iki.fi Mon Jun 25 21:48:35 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:48:35 +0300 Subject: [Dovecot] specifying home/sieve/sieve_dir relative to mail_location In-Reply-To: <20120625180857.GX50872@trav.math.uni-bonn.de> References: <20120619131413.GN48358@trav.math.uni-bonn.de> <20120625095401.GT50872@trav.math.uni-bonn.de> <20120625144248.GW50872@trav.math.uni-bonn.de> <20120625180857.GX50872@trav.math.uni-bonn.de> Message-ID: <56B9BE37-BE23-47B7-BB8C-D18BCB341FB9@iki.fi> That example means that if you have in LDAP "mailDirectory=domain.com/username" field, and you want user's home to be /var/vmail/domain.com/username, then you can set mailDirectory=home=/var/vmail/%$ where %$ gets expanded to domain.com/username. I don't think it's relevant to what you want. On 25.6.2012, at 21.08, Edgar Fu? wrote: >> But that requires Dovecot v2.1. > I was refering to > http://wiki1.dovecot.org/VirtualUsers/Home > which, to my understanding, should apply to 1.2. > I don't understand the Example at the bottom: > >> LDAP with relative directory paths >> >> If your LDAP database uses e.g. mailDirectory = domain/user/, you can use it as a base for home directory: >> >> user_attrs = .., mailDirectory=home=/var/vmail/%$ >> Then just use mail_location = maildir:~/Maildir. > From tss at iki.fi Mon Jun 25 21:50:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Jun 2012 21:50:09 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE8AC37.3070606@metaways.de> References: <4FE738E9.6040706@metaways.de> <6713F7A5-A529-4E0E-BC5A-D98A9147EA5C@iki.fi> <4FE8AC37.3070606@metaways.de> Message-ID: <65751386-8372-4922-B705-AF62DD04CF83@iki.fi> On 25.6.2012, at 21.21, Reinhard Vicinus wrote: > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Error: user user at example.org: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: missing imapc_host > Jun 25 20:01:26 10.129.3.200 dovecot: dsync(user at example.org): Fatal: User init failed > > So I think that all the -o configurations aren't transfered via the doveadm-server socket. Correct. None of them are, and that's by design. From mailinglist at august.de Mon Jun 25 22:03:41 2012 From: mailinglist at august.de (mailinglist) Date: Mon, 25 Jun 2012 21:03:41 +0200 Subject: [Dovecot] started with dovecot sieve Message-ID: As I am new to dovecot and sieve I am really happy to get it working in a straight forward way. Thanks for the documentation to whom it concerns. Now I came to my limits with this failure messages in /home/rolf/.dovecot.sieve.log: sieve: info: started log at Jun 25 20:22:54. error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error. with this messages in mail.info: Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) I guess the mentioned mail is spam. However, does this tell about some wrong configuration or access rights? Any indication what to improve? I get such an error about every 6 minutes. From ncjeffgus at zimage.com Mon Jun 25 22:07:28 2012 From: ncjeffgus at zimage.com (Jeff Gustafson) Date: Mon, 25 Jun 2012 12:07:28 -0700 Subject: [Dovecot] dsync error: "Mailboxes don't have unique GUIDs" In-Reply-To: <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> References: <1340400276.12426.9.camel@maclinux> <4FE59A86.7020208@Media-Brokers.com> <1340642751.7730.2.camel@maclinux.zimage.com> <4FE896A1.4060701@Media-Brokers.com> <091D561F-7991-44EE-BC70-4BB22B5B319B@iki.fi> Message-ID: <1340651248.10841.1.camel@maclinux> On Mon, 2012-06-25 at 19:54 +0300, Timo Sirainen wrote: > On 25.6.2012, at 19.49, Charles Marcus wrote: > > I'd suggest you try again with 2.1.7... > > The rewritten dsync is in v2.2 tree. v2.1's dsync is a fixed version > of v2.0's dsync. I have no idea why v2.1's dsync would be less > reliable than v2.0's. It only had bugfixes. > > Anyway, the GUID error could very well be because of buggy mailbox > listing code in v2.0, which was rewritten for v2.1. I will try the latest 2.1.x code and see what happens. dsync in 2.0.x seems to work just fine... most of the time. ...Jeff From juergen at pabel.net Tue Jun 26 00:42:57 2012 From: juergen at pabel.net (=?ISO-8859-1?Q?J=FCrgen?= Pabel) Date: Mon, 25 Jun 2012 23:42:57 +0200 Subject: [Dovecot] Additional passdb result status In-Reply-To: <1340570220.13783.23.camel@P7230> References: <1340570220.13783.23.camel@P7230> Message-ID: <1340660577.4872.8.camel@P7230> Hi, I am replying to my own message because it's probably the "cleanest" reply since I am not subscribed to the mailing list and thus can't reply to Charles' message itself. > What specifically is the *purpose* of this? To encrypt the data on the server (like the zlib plugin does for compression). Said value will be password used to unlock/decrypt the encryption key stored on the server. (I have implemented several cryptographic software components, so I believe that I understand what all is required for something like such a plugin to be implemented correctly). > I think it is usually preferred that you do things like this against > either the current shipping/stable branch (2.1.x), or even hg (2.2).. > much better chance that it would be accepted. Agreed - I'm just developing on Ubuntu 12.04 which has 2.0. However, porting patches from 2.0 to 2.1/2.2 shouldn't be too hard from what I've seen so far. Cheers, J?rgen Am Sonntag, den 24.06.2012, 22:37 +0200 schrieb J?rgen Pabel: > Dear Dovecot-Team, > > I am implementing a plugin (for the pop3/imap process) that requires > some data to provided from the authentication phase (a derivative of the > password). For that, I have now implemented a passdb plugin that > generates this data and I would like to "pass" this data down to the > mail process (pop3/imap) via extra_fields in the reply of the > authentication. The general idea is that my custom passdb plugin > calculates the data, sets the extra_field and returns some error > (authentication was not successful) so that the "real" passdb backend > can be invoked to "really" validate the authentication data. > > However, in auth_request_handle_passdb_callback() the extra_fields are > reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if > that return code is used then any following passdb's aren't invoked any > more - which makes sense with respect to user authenticiation. I would > therefore like to propose that some IGNORE/CONTINUE-status to be > introduced in auth/passdb.h, that would be handled in that extra_fields > and possible other values are not reseted in order to allow such > propagation of data from authentication process down to the mail process > (which could be extracted from the reply string by parsing it). > > As a further implementation alternative (to the parsing of the reply > string), I also propose that some new "environment" item be introduced > (in auth_request) in order to allow such data passing in a generic > manner. > > I hope you consider my proposal to be reasonable. If desired, I could > implement this myself and provide a patch for merging (based on 2.0.x). > If my proposal is generally unfavored, it would be great if any > alternative approaches for my situation were suggested. Thanks. > > Regards, > J?rgen > > PS: please reply to my e-mail (or CC me), as I have not subscribed to > the dovecot list > From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 00:59:14 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Mon, 25 Jun 2012 23:59:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: Message-ID: <20120625215914.GA7831@daniel.localdomain> Hi Rolf, Rolf wrote: > Now I came to my limits with this failure messages in > /home/rolf/.dovecot.sieve.log: > > sieve: info: started log at Jun 25 20:22:54. > error: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: > failed to store into mailbox 'INBOX': BUG: Unknown internal error. > > with this messages in mail.info: > > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: client=localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> > Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: from=, size=5291, nrcpt=1 (queue active) > Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from localhost[127.0.0.1] > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: failed to store into mailbox 'INBOX': BUG: Unknown internal error > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user logfile /home/rolf/.dovecot.sieve.log may reveal additional details) > > I guess the mentioned mail is spam. However, does this tell about > some wrong configuration or access rights? Any indication what to > improve? I get such an error about every 6 minutes. lda ist the local delivery agent which seems to fail during delivery. "setegid(privileged) failed" looks like your lda running under a specific user is not allowed to change to the specified group id, maybe the user not a member of the configured group, but this is just a guess. For a deeper analysis we will need the full output of the following command: doveconf -n Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 01:47:16 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Mon, 25 Jun 2012 15:47:16 -0700 Subject: [Dovecot] What does "namespace inbox {..." mean Message-ID: <1340664436.3984.23.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. On the other hand the sample configuration coming with dovecot in my distro puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears from the wiki that the word following the namespace declarator (if this is the right word) should be either "public", "shared", or "private", and describes a property of the namespace being declared. So what does: namespace inbox {... mean? Similarly in another part of the wiki (see http://wiki2.dovecot.org/Plugins/Virtual), I read that it's possible to have namespace virtual { namespace real { ... which only increases my perplexity. Please advise! Thanks - jon From janfrode at tanso.net Tue Jun 26 09:44:10 2012 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 26 Jun 2012 08:44:10 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> Message-ID: <20120626064410.GA19106@dibs.tanso.net> On Thu, Jun 21, 2012 at 11:44:33PM +0300, Timo Sirainen wrote: > > > > additionally you should install imapproxy on the webserver > > wehre your webmail is running and configure the webmail for > > using 127.0.0.1 - so only one connection per user is > > persistent instead make a new one for each ajax-request > > Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. > That was me, there -> http://dovecot.org/list/dovecot/2012-February/063666.html -jf From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 15:41:46 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 14:41:46 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626064410.GA19106@dibs.tanso.net> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: >>> wehre your webmail is running and configure the webmail for >>> using 127.0.0.1 - so only one connection per user is >>> persistent instead make a new one for each ajax-request >> >> Someone benchmarked Dovecot a while ago in this list with and without imapproxy and the results showed that imapproxy simply slowed things down by adding extra latency. This probably isn't true for all installations, but I don't think there's much of a difference either way. nothing strange. I really wonder if there are available FASTER implementations of imap service. Quite probably not. It's stupid how webmail works but dovecot doesn't have a problem to get new connections every now and then. just make sure you didn't set up SSL by accident. From wojtek at wojtek.tensor.gdynia.pl Tue Jun 26 16:11:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Tue, 26 Jun 2012 15:11:18 +0200 (CEST) Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: > The only draw back I see with maildir is one file per message. This it is mostly adventage. > makes it resilient to corruption that mbox sees (if a message gets > corrupted, you erase one message and that corruption won't propagate > even if you leave it in place). In many setups this also leads to MUCH > faster system. On unix systems this doesn't just waste disk space, it even with 32kB block/4kB fragment filesystem under FreeBSD which is my common setup, it isn't that a problem. i just checked one of my users folder - 2.3GB in 8500 files. the average is 270 kilobytes per mail. checked few others and it looks similar. dovecot's own storage system can do something in between - packing smallest messages by a few in one file. > could lead to inode (or whatever your *nix of choice calls it) > depletion. you decide how much inode you need while creating filesystem on every unix system, except filesystems where it is allocated on demand. What you will gain is clear separation of mails. You may in any case use widely available standard unix tools to move, delete, search, whatever with this files, and dovecot would rebuild it's indexes then. The other major gain are backups. With one file per mail differential/incremental backups will work fine. As everyone do backups this is important, unless you have so cheap and quick backup system that you can just do full backup most cases. Tapes, while certainly fast, are unfortunately not a cheap solution anymore. I don't mean drive, but cartridges. The disadventages are more I/O when multiple files are processed but it is not a common case. Dovecot makes great job in indexing. The other may be (with linux) slow operation on huge directories. I wasn't using linux for 6 years and that's only what i am told from others. Possibly it is already improved in linux. In FreeBSD there is compile time option UFS_DIRHASH for kernel that make even million file directories work quick. as of latter discussion about what microsoft recommends with linux (being of course expert of everything) - i would keep silent. From joseba.torre at ehu.es Tue Jun 26 17:16:14 2012 From: joseba.torre at ehu.es (Joseba Torre) Date: Tue, 26 Jun 2012 16:16:14 +0200 Subject: [Dovecot] Director + managesieve: is it posible? Message-ID: <4FE9C42E.6010407@ehu.es> Hi, I've just tried to add managesieve to our director server, and when I try to connect they fail with Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Jun 26 12:28:13 director2 dovecot: managesieve-login: Disconnected (internal failure, 1 succesful auths): user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> Is it posible to use director for this? Or only static proxy is allowed? Aaaaaaaaagur. From tss at iki.fi Tue Jun 26 17:27:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 17:27:13 +0300 Subject: [Dovecot] Director + managesieve: is it posible? In-Reply-To: <4FE9C42E.6010407@ehu.es> References: <4FE9C42E.6010407@ehu.es> Message-ID: <5A5A3920-BA5C-4A4F-A8CD-069CDF543569@iki.fi> On 26.6.2012, at 17.16, Joseba Torre wrote: > I've just tried to add managesieve to our director server, and when I try to connect they fail with > > Jun 26 12:28:13 director2 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=sieve#011secured#011session=5LNQjl3DjQAKAAsR#011lip=10.0.100.75#011rip=10.0.11.17#011lport=4190#011rport=39309#011resp= > Jun 26 12:28:13 director2 dovecot: managesieve-login: Error: proxy: host not given: user=, method=PLAIN, rip=10.0.11.17, lip=10.0.100.75, TLS, session=<5LNQjl3DjQAKAAsR> "host not given". You've not configured service managesieve-login { executable = managesieve-login director } From mailinglist at august.de Tue Jun 26 17:51:22 2012 From: mailinglist at august.de (mailinglist) Date: Tue, 26 Jun 2012 16:51:22 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120625215914.GA7831@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <7ed0b690c6cd82969f98c080b2f9678f@august.de> Am 2012-06-25 23:59, schrieb Daniel Parthey: > Hi Rolf, > > Rolf wrote: >> Now I came to my limits with this failure messages in >> /home/rolf/.dovecot.sieve.log: >> >> sieve: info: started log at Jun 25 20:22:54. >> error: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error. >> >> with this messages in mail.info: >> >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: connect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: 90898E0190: >> client=localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 postfix/cleanup[21669]: 90898E0190: >> message-id=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com> >> Jun 25 20:22:54 rolf14 postfix/qmgr[21172]: 90898E0190: >> from=, size=5291, nrcpt=1 (queue active) >> Jun 25 20:22:54 rolf14 postfix/smtpd[21674]: disconnect from >> localhost[127.0.0.1] >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: >> msgid=<1340648569.94073.YahooMailClassic at web190304.mail.sg3.yahoo.com>: >> failed to store into mailbox 'INBOX': BUG: Unknown internal error >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: sieve: script >> /home/rolf/.dovecot.sieve failed with unsuccessful implicit keep (user >> logfile /home/rolf/.dovecot.sieve.log may reveal additional details) >> >> I guess the mentioned mail is spam. However, does this tell about >> some wrong configuration or access rights? Any indication what to >> improve? I get such an error about every 6 minutes. > > lda ist the local delivery agent which seems to fail during delivery. > "setegid(privileged) failed" looks like your lda running under a > specific > user is not allowed to change to the specified group id, maybe the > user > not a member of the configured group, but this is just a guess. > > For a deeper analysis we will need the full output of the following > command: > > doveconf -n > > Regards, > Daniel Thank you for your kind answer, Daniel. I have installed dovecot and docecot-sieve by Debians aptitude (see dpkg -l blow). As far as I understand the "ps -f ax" output (see below) dovecot runs with root priviledges and postfix runs with its own user priviledges. The mbox files below /var/mail are owned by their respective users and have "mail" as their group, both can write, world can do nothing. I added every related system user to the mail group, also restarted postfix and dovecot. root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix As I understand it, postfix activates the lda "deliver" as user "postfix". Therefore it should be able to write to the mboxes at /var/mail. If needed dovecot can write there as well. Hope you can find something by the following 3 outputs: 1. dovecot -n, 2. ps -f ax, 3. dpkg -l Kind Regards, Rolf =========== 1 dovecot -n root at rolf14:/var/mail# dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4-4.slh.1-aptosid-amd64 x86_64 Debian wheezy/sid disable_plaintext_auth = no hostname = august.de mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail passdb { args = failure_show_msg=yes driver = pam } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_default = /var/lib/dovecot/sieve/default.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at august.de protocols = " imap pop3" sendmail_path = /usr/lib/sendmail ssl_cert = (keine Beschreibung vorhanden) ii dovecot-core 1:2.1.7-2 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-gssapi (keine Beschreibung vorhanden) ii dovecot-imapd 1:2.1.7-2 secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes un dovecot-ldap (keine Beschreibung vorhanden) un dovecot-lmtpd (keine Beschreibung vorhanden) un dovecot-managesieved (keine Beschreibung vorhanden) un dovecot-mysql (keine Beschreibung vorhanden) un dovecot-pgsql (keine Beschreibung vorhanden) ii dovecot-pop3d 1:2.1.7-2 secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-sieve 1:2.1.7-2 sieve filters support for Dovecot un dovecot-solr (keine Beschreibung vorhanden) un dovecot-sqlite (keine Beschreibung vorhanden) root at rolf14:/var/mail# Nachricht 1 von 12 From andre.rodier at gmail.com Tue Jun 26 18:04:13 2012 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Tue, 26 Jun 2012 16:04:13 +0100 Subject: [Dovecot] userdb errors after upgrading to 2.1 Message-ID: Hello everybody, I am running debian wheezy for development and test, and I recently upgrade to dovecot 2.1.7 I am using LDAP lookups, and virtual users with the same UID/GID. Everything was working fine before, but now, I have this error when I try to send an email to a local account: -------------------------------------------------------- Jun 26 15:46:52 lapetus dovecot: lmtp(24518): Error: user user.test at indienet.com: Auth USER lookup failed Jun 26 15:46:52 lapetus dovecot: auth: Error: userdb(user.test at indienet.com,127.0.0.1): client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (change userdb socket -------------------------------------------------------- However, even if I set the permissions to 0666, I still have the same error. Can you point me in the right direction to fix this, please? Kind regards, Andr? Rodier From CMarcus at Media-Brokers.com Tue Jun 26 18:54:52 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 26 Jun 2012 11:54:52 -0400 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> Message-ID: <4FE9DB4C.20309@Media-Brokers.com> On 2012-03-03 1:10 PM, Thomas Leuxner wrote: > Am 03.03.2012 um 13:07 schrieb Steven Haigh: > >> I'm just wondering if anyone knows if this got implemented? I've >> beenlooking at doing this for quite some time... > Yes it was. It has been discussed extensively: > > http://www.dovecot.org/list/dovecot-news/2012-February/000213.html > http://www.dovecot.org/list/dovecot/2011-December/062327.html Thanks for the thread references Thomas, I just re-read them and didn't see my question asked... The obvious downside to the current RFC based umplementation is that it requires Client cooperation... My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. -- Best regards, Charles From kayasaman at gmail.com Tue Jun 26 19:23:49 2012 From: kayasaman at gmail.com (Kaya Saman) Date: Tue, 26 Jun 2012 17:23:49 +0100 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE81546.8000202@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> Message-ID: <4FE9E215.3090700@gmail.com> On 06/25/2012 08:37 AM, Trever L. Adams wrote: > On 06/25/2012 01:20 AM, Kaya Saman wrote: >> Now what I would like to know is, which is better for "virtual >> hosting" Maildir or mbox? >> >> >> Basically my requirement is that I would like to separate users via >> either individual folders and then put each user's mbox or Maildir in >> the created directory, or simply name each mbox or Maildir according >> to the user name. >> >> >> First up is this possible? >> >> >> Secondly, how would I go about doing it? >> > Sorry, I missed this at first. It is quite simple. I don't store it in > passwd or any other place, since you are doing vmail, you might find > this easiest: > > in /etc/dovecot/conf.d/10-mail.conf (where mail_location is): > > mail_home = /home/vmail/%Ld/%Ln > mail_location = maildir:~/Maildir > > in /etc/dovecot/conf.d/10-mail.conf (after paragraph ?# System user > and group used to access mails...?): > > mail_uid=vmail > mail_gid=vmail > Obviously, vmail may not be your user for vmail. Also, some of my > notes may no longer be accurate for location, just find where it > exists and edit. > > I hope this helps. Of course, this is a Maildir setup. mbox is > probably very similar, but I have had too many mbox style mail queues > go south losing all of the mail (or more than one would like), so I do > Maildir, even though it isn't necessarily the best use of disk space. > > Trever > -- > "I do not fear computers. I fear the lack of them." -- Isaac Asimov Hi, I'm just responding as the OP to say that the above was what I was looking for! Thanks Trever :-) Everything is setup and working fine now. Though responding quite late and of course having read through the latest messages within the thread I don't feel that my users will notice any difference between mbox or mdbox and Maildir format, speedwise. The reasoning behind this is that my end users unfortunately are all using M$ Outlook which is absolute garbage! FULL STOP! Comparing the IMAP capability speeds between Thunderbird and Outlook linking to my server yielded that I was able to get around 150Mbps transfer rate using T-Bird while Outlook only managed a few 100's of kbps. I think it's because 2010 relies heavily on PST's (whatever they are....) and the fact it is ultimately M$ also so it's basically built by nincompoops to be sold at hideous prices and even higher tech-support prices. In all fairness to Outlook I did manage to get a pathetic ~2Mvbps tops of transfer...... :-S Luckily I'm the only one using T-Bird or Alpine so am fine :-) Can't send any mail though as need to go through Exchange - there's no winning in the corporate world :-( Regards, Kaya From trever at middleearth.sapphiresunday.org Tue Jun 26 19:47:17 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:47:17 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: <4FE8AC0B.40906@middleearth.sapphiresunday.org> References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E795.50506@middleearth.sapphiresunday.org> > b) Make sure your local samba setup is joined to the domain. Make sure > it writes an appropriate krb5.keytab (/etc/krb5.keytab in my setup) as > part of its password management, etc. > > net ads keytab add smtp/mail_server_fqdn > net ads keytab add imap/mail_server_fqdn > > > You may have to edit the sam.ldb on your S4 server as many times S3 > doesn't create the principals ( /usr/local/samba/bin/ldbedit -H > /usr/local/samba/private/sam.ldb sAMAccountName=mailserverhostname$ > should do the trick and add userPrincipalName so that it has > imap/MAILSERVER_FQDN and smtp/MAILSERVER_FQDN, each being its own > userPrincipalName, this should give the machine account 3 > userPrincipalName lines) Sorry to anyone who was following what I wrote. I made a mistake. This should NOT be userPrincipalName, it should be servicePrincipalName. (There should already be 1 or 2 such lines that says HOST/host or HOST/host.fqdn) Trever From trever at middleearth.sapphiresunday.org Tue Jun 26 19:48:52 2012 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Tue, 26 Jun 2012 10:48:52 -0600 Subject: [Dovecot] Virtual users - what is better Maildir or mbox? In-Reply-To: References: <4FE81546.8000202@middleearth.sapphiresunday.org> <4FE8AC0B.40906@middleearth.sapphiresunday.org> Message-ID: <4FE9E7F4.9090706@middleearth.sapphiresunday.org> On 06/26/2012 07:11 AM, Wojciech Puchar wrote: >> The only draw back I see with maildir is one file per message. This > > it is mostly adventage. Agreed. > >> makes it resilient to corruption that mbox sees (if a message gets >> corrupted, you erase one message and that corruption won't propagate >> even if you leave it in place). In many setups this also leads to MUCH >> faster system. On unix systems this doesn't just waste disk space, it > > even with 32kB block/4kB fragment filesystem under FreeBSD which is my > common setup, it isn't that a problem. > i just checked one of my users folder - 2.3GB in 8500 files. the > average is 270 kilobytes per mail. > > checked few others and it looks similar. > > > dovecot's own storage system can do something in between - packing > smallest messages by a few in one file. > >> could lead to inode (or whatever your *nix of choice calls it) >> depletion. > you decide how much inode you need while creating filesystem on every > unix system, except filesystems where it is allocated on demand. Yes, as I noted, I haven't seen this. But it could be an annoyance depending on how things were created and when. I don't believe all file systems can do allocation on demand. I don't know. > > as of latter discussion about what microsoft recommends with linux > (being of course expert of everything) - i would keep silent. > The only reason I know what they recommend is it came up on several sites that described how to setup the service principals. I read something recently on Samba lists that explains why this may be their recommendation. The funny thing is, it really isn't any different than on their systems unless they think that because it is their system the keytab is some how miraculously going to stay more secure than it would on other systems. Sorry if I seemed like I was claiming to be some super expert. I just had a lot of help to pull things together. If he was struggling to find things, I would like to help. Trever -- "Fairy tales are more than true; not because they tell us that dragons exist, but because they tell us that dragons can be beaten." -- G.K. Chesterton From role.Dovecot-Readers at JLAssocs.com Tue Jun 26 21:34:22 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Tue, 26 Jun 2012 19:34:22 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present Message-ID: Hi, After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html That explains it. Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. I'd be as happy getting my procmail script to tell Dovecot to update the index based on the flag, but I'm pretty sure that's not possible :) Any ideas greatly appreciated, thanks. ~ James. From slusarz at curecanti.org Tue Jun 26 22:03:41 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:03:41 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> Message-ID: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Quoting Timo Sirainen : > On 23.6.2012, at 13.21, Ed W wrote: > >>>> But I don't know, whether this is the sort of caching you are >>>> referring to. >>> >>> what's a point of caching imap, except your webmail service is not >>> locally connected (localhost or LAN) to imap server? >> >> Asking for items 600-615 from a threaded list, sorted by something, >> can be an expensive operation, especially if you just asked for >> items 585-600 a moment ago? > > Can be, but is it? :) Dovecot attempts to cache/index stuff as well. > Normally there shouldn't be a need for extra caching layer except in > cases of higher network latency. Timo: I'm not sure if you are saying that all client-side caching is wrong. If so, I'm going to disagree with you, especially when dealing with more complex data structures. Let me first say that I don't take IMAP response parsing to be a computationally easy action. So it's not just network latency you are worrying about; parsing a line can be the limiting factor in many cases. For example, a deeply threaded 400 message mailbox will return a THREAD response line that will take quite a bit of recursive parsing to decode. And various FETCH criteria most definitely benefit from local caching above/beyond what dovecot provides. An example: BODYSTRUCTURE. This may be cached on the dovecot side, but when received by the MUA you have to parse the IMAP BODYSTRUCTURE response (not trivial). You also have to potentially handle IMAP response codes in the server command completion line. And the bodystructure data is probably not all that useful until converted to a usable object on the MUA side, which may be another relatively expensive operation. So a locally cached bodystructure object is a substantial performance benefit over having to recreate this data from the cached data on the dovecot side. ENVELOPE is similar. Most likely this will be converted to an object representation in the MUA so you have the same benefits as BODYSTRUCTURE. Additionally, in IMP we do things like scan for broken charset headers (e.g. Subject headers that contain non-ASCII characters) and have some algorithms to fix these issues. This "value-added" code would be prohibitively expensive if we have to do it on every mailbox access. Message flags are another benefit to caching. The list of flags may be cached on dovecot, but not having to issue a flag FETCH every time you access a mailbox can be a substantial benefit. But I will heartily agree that nobody should be caching things like headertext or bodypart data. There is little/no benefit you receive from caching this locally. This is where you should be leveraging the storage on the IMAP server. As an MUA author you can't rely on the fact that you are connecting to a competent IMAP server. You just as likely are going to be connecting to a server that implements base RFC 3501, and most likely implements that incorrectly. Not all of us are lucky to connect to Dovecot (or Cyrus). So smart caching most definitely can and will increase performance of an MUA, regardless of caching performed by the IMAP server. michael From slusarz at curecanti.org Tue Jun 26 22:09:16 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 13:09:16 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <20120626064410.GA19106@dibs.tanso.net> Message-ID: <20120626130916.Horde.SApgK4F5lbhP6gjcZtb2KWA@bigworm.curecanti.org> Quoting Wojciech Puchar : > It's stupid how webmail works but dovecot doesn't have a problem to > get new connections every now and then. just make sure you didn't > set up SSL by accident. Would you mind explaining why you think it is "stupid" the way webmail works? I assume you are angry because a webmail installation will normally need to create a new IMAP connection on every user interaction at the browser level. Unfortunately, HTTP is a stateless protocol which makes webmail a disconnected client. But it is no different than other disconnected clients, e.g. mail app on a smartphone. I am confused on why you think this is stupid. The existence of disconnected clients has been contemplated since the beginning of IMAP (see RFC 1733; RFC 4549), and much work has been done to the IMAP protocol (CONDSTORE, QRESYNC, to a lesser extent SORT/THREAD) to increase performance on these clients - especially since that's where MUA usage is exploding. michael From daniel.parthey at informatik.tu-chemnitz.de Tue Jun 26 23:10:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 22:10:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626201036.GA6929@daniel.localdomain> Rolf wrote: > Am 2012-06-25 23:59, schrieb Daniel Parthey: > >Hi Rolf, > > > >Rolf wrote: > >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Doesn't lda(rolf) mean it is being executed under user "rolf", not root or dovecot? How exactly do you invoke lda from your /etc/postfix/master.cf? You might also try to use LMTP via TCP to deliver mails from postfix to dovecot to work around any permission problems. > I have installed dovecot and docecot-sieve by Debians aptitude You don't seem to be the only one with these problems, see Debian BTS: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 > As far as I understand the "ps -f ax" output (see > below) dovecot runs with root privileges and postfix runs with its > own user privileges. > > root 20998 1 0 Jun25 ? Ss 0:03 /usr/sbin/dovecot -c /etc/dovecot/dovecot.conf Well, the master process often runs as root, but child processes like lda may be configured to run as an unprivileged, or even as the user which owns the mailbox. > The mbox files below /var/mail are owned by > their respective users and have "mail" as their group, both can > write, world can do nothing. I added every related system user to > the mail group, also restarted postfix and dovecot. > root at rolf14:/var/mail# more /etc/group | grep mail: mail:x:8:amavis,dovecot,clamav,postfix User "rolf" is not a member of group "mail", but I don't think he needs to be, otherwise he would be able to read the mails of all users on the system and this would be a security risk. > As I understand it, postfix activates the lda "deliver" as user > "postfix". Therefore it should be able to write to the mboxes at > /var/mail. If needed dovecot can write there as well. The lda should rather switch to the owner of the respective INBOX, e.g. /var/mail/rolf. Log message "lda(rolf)" looks like this happens. To summarize, I think LMTP will be the easiest way to fix the permission problems. Otherwise you would need to fiddle out how to prevent dovecot lda from switching to group additional group "mail", since unprivileged user "rolf" is not allowed to do that. Regards, Daniel -- https://plus.google.com/103021802792276734820 From jonrysh at pacbell.net Tue Jun 26 23:35:00 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 13:35:00 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir Message-ID: <1340742900.2495.14.camel@amito> I'm trying to set up a dovecot server for which mail arrives in an mbox, and mail is stored in a maildir. The wiki (see http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and Maildir". It advises handling this situation by creating two namespaces: one for the mbox and the other for the maildir. Each of these namespaces starts with namespace private { On the other hand the sample configuration in the documentation puts inbox in a namespace starting with: namespace inbox { # Namespace type: private, shared or public #type = private It appears that there has been a change in the configuration syntax after the wiki was written, and that the word following namespace no longer gives a property of the namespace, but rather its name. Is this correct? In any case, how should the configuration be modified to handle mixed mailboxes? Thanks - jon From ssilva at sgvwater.com Tue Jun 26 23:48:43 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 13:48:43 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340742900.2495.14.camel@amito> References: <1340742900.2495.14.camel@amito> Message-ID: on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > I'm trying to set up a dovecot server for which mail arrives in an mbox, > and mail is stored in a maildir. The wiki (see > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > Maildir". It advises handling this situation by creating two > namespaces: one for the mbox and the other for the maildir. Each of > these namespaces starts with > namespace private { > > On the other hand the sample configuration in the documentation puts > inbox in a namespace starting with: > namespace inbox { > # Namespace type: private, shared or public > #type = private > > It appears that there has been a change in the configuration syntax > after the wiki was written, and that the word following namespace > no longer gives a property of the namespace, but rather its name. > Is this correct? In any case, how should the configuration be modified > to handle mixed mailboxes? > > Thanks - jon > > > If you are working with 2.0 or later dovecot, you should be at http://wiki2.dovecot.org/Namespaces From tss at iki.fi Tue Jun 26 23:49:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 26 Jun 2012 23:49:28 +0300 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: On 26.6.2012, at 21.34, J E Lyon wrote: > After many hours of searching (!) and lots of testing procmail scripts, I found the explanation I was looking for -- something you explained at http://www.dovecot.org/list/dovecot/2008-July/032551.html > > That explains it. > > Thing is, though, every time I've seen shared mailboxes -- really shared by multiple staff or not -- the preference is in fact for the shared behaviours to also "share" the Seen flags. Typically, someone doesn't want to read an email that someone else has already picked up and started dealing with or responded to. (They'll file it in due course, but the Seen flag is the first indicator that someone's opened and started to deal with it.) > > Hacking source code and branching and whatnot isn't easy or done lightly, but I wondered if anything else had come to light in recent years about this issue. So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions From matthieu.rakotojaona at gmail.com Tue Jun 26 21:55:04 2012 From: matthieu.rakotojaona at gmail.com (Matthieu RAKOTOJAONA) Date: Tue, 26 Jun 2012 18:55:04 +0000 (UTC) Subject: [Dovecot] Wrong headers in dovecot-crlf Message-ID: Hello everyone, I'm using the very good imaptest [0] tool to test my little imap server implementation. I've tried to use the dovecot-crlf [1] file, but it looks like there are some major issues : $ grep -n "In-Reply-To.*;" tests/data/dovecot-crlf 479:In-Reply-To: <20020806175441.GA7148 at linux.taugt.net>; from rueckert at informatik.uni-rostock.de on Tue, Aug 06, 2002 at 07:54:41PM +0200 525:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 564:In-Reply-To: <20020806234054.GA30820 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Tue, Aug 06, 2002 at 08:40:54PM -0300 673:In-Reply-To: <20020807231956.GA11240 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Wed, Aug 07, 2002 at 08:19:56PM -0300 795:In-Reply-To: <20020808131329.GA30775 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 10:13:30AM -0300 964:In-Reply-To: <20020808193533.GA28619 at carpa.ciagri.usp.br>; from marcelo at carpa.ciagri.usp.br on Thu, Aug 08, 2002 at 04:35:33PM -0300 21545:In-Reply-To: <1046294808.30811.66.camel at hurina>; from tss at iki.fi on Wed, Feb 26, 2003 at 11:26:48PM +0200 22042:In-Reply-To: <1046373554.18310.4.camel at hurina>; from tss at iki.fi on Thu, Feb 27, 2003 at 09:19:14PM +0200 23712:In-Reply-To: <20030227212127.A10927 at pcx3332.desy.de>; from Juergen.Kahnert at DESY.de on Thu, Feb 27, 2003 at 09:21:27PM +0100 25498:In-Reply-To: ; from Leslie_Viljoen at icoc.org on Thu, Mar 13, 2003 at 12:44:52PM +0200 30654:In-Reply-To: <1048667343.30187.100.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 10:29:03AM +0200 31126:In-Reply-To: <1048704303.31565.214.camel at hurina>; from tss at iki.fi on Wed, Mar 26, 2003 at 08:45:03PM +0200 31313:In-Reply-To: <1048928723.6856.21.camel at hurina>; from tss at iki.fi on Sat, Mar 29, 2003 at 11:05:23AM +0200 31820:In-Reply-To: <1049101161.884.126.camel at hurina>; from tss at iki.fi on Mon, Mar 31, 2003 at 11:59:21AM +0300 31890:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 10:12:22AM -0500 32037:In-Reply-To: ; from charlieb-dovecot at e-smith.com on Mon, Mar 31, 2003 at 02:19:27PM -0500 32463:In-Reply-To: <1049243642.11879.25.camel at hurina>; from tss at iki.fi on Wed, Apr 02, 2003 at 03:34:02AM +0300 As you can see, many of the "In-Reply-To" headers are polluted with some junk. The situation is the same for many "Message-ID" headers. I don't know why they are here, but I think it's a mistake. I thought I would let you know. [0] http://imapwiki.org/ImapTest [1] http://www.dovecot.org/tmp/dovecot-crlf Regards, -- Matthieu RAKOTOJAONA From jonrysh at pacbell.net Wed Jun 27 00:19:20 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Tue, 26 Jun 2012 14:19:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: References: <1340742900.2495.14.camel@amito> Message-ID: <1340745560.2495.27.camel@amito> On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: > on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: > > I'm trying to set up a dovecot server for which mail arrives in an mbox, > > and mail is stored in a maildir. The wiki (see > > http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and > > Maildir". It advises handling this situation by creating two > > namespaces: one for the mbox and the other for the maildir. Each of > > these namespaces starts with > > namespace private { > > > > On the other hand the sample configuration in the documentation puts > > inbox in a namespace starting with: > > namespace inbox { > > # Namespace type: private, shared or public > > #type = private > > > > It appears that there has been a change in the configuration syntax > > after the wiki was written, and that the word following namespace > > no longer gives a property of the namespace, but rather its name. > > Is this correct? In any case, how should the configuration be modified > If you are working with 2.0 or later dovecot, you should be at > http://wiki2.dovecot.org/Namespaces I am using 2.1.7 . I surmise from this Namespace page that the form: namespace { where is one of "public", "private", or "shared" creates an unnamed namespace of type while the form: namespace { where is none of "public", "private", or "shared", creates a namespace with the name and the default type (unspecified on this page, but probably private). The namespace can be given the type desired by an (undocumented) namespace setting: namespace inbox ( type = Is this correct? Thanks - jon From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 00:47:39 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Tue, 26 Jun 2012 23:47:39 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> Message-ID: <20120626214739.GA8465@daniel.localdomain> Rolf wrote: > Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted Manual page "man 2 setegid" states that setegid() sets the effective group ID of the calling process. Unprivi- leged user processes may only set the effective group ID to the real group ID, the effective group ID or the saved set-group-ID. Your "postfix" user is a member of group "mail", but "mail" which you configured as "mail_privileged_group = vmail" is neither the primary group of user "postfix", nor is it the effective group id of the calling postfix process. Therefore you might get the error as documented in the manpage setegid(2): EPERM The calling process is not privileged (Linux: does not have the CAP_SETUID capability in the case of seteuid(), or the CAP_SET- GID capability in the case of setegid()) and euid (respectively, egid) is not the real user (group) ID, the effective user (group) ID, or the saved set-user-ID (saved set-group-ID). Regards Daniel -- https://plus.google.com/103021802792276734820 From ssilva at sgvwater.com Wed Jun 27 01:10:33 2012 From: ssilva at sgvwater.com (Scott Silva) Date: Tue, 26 Jun 2012 15:10:33 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: on 6/26/2012 2:19 PM Jonathan Ryshpan spake the following: > On Tue, 2012-06-26 at 13:48 -0700, Scott Silva wrote: >> on 6/26/2012 1:35 PM Jonathan Ryshpan spake the following: >>> I'm trying to set up a dovecot server for which mail arrives in an mbox, >>> and mail is stored in a maildir. The wiki (see >>> http://wiki.dovecot.org/Namespaces) refers to this as "Mixed mbox and >>> Maildir". It advises handling this situation by creating two >>> namespaces: one for the mbox and the other for the maildir. Each of >>> these namespaces starts with >>> namespace private { >>> >>> On the other hand the sample configuration in the documentation puts >>> inbox in a namespace starting with: >>> namespace inbox { >>> # Namespace type: private, shared or public >>> #type = private >>> >>> It appears that there has been a change in the configuration syntax >>> after the wiki was written, and that the word following namespace >>> no longer gives a property of the namespace, but rather its name. >>> Is this correct? In any case, how should the configuration be modified > >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? > > Thanks - jon > > > > I am not sure, as I am using pure maildir... Follow the wiki, as there is an example there for mbox inbox and maildir message store... Mixed mbox and Maildir If you have your INBOX as mbox in /var/mail/username and the rest of the mailboxes in Maildir format under ~/Maildir, you can do this by creating two namespaces: namespace { separator = / prefix = "#mbox/" location = mbox:~/mail:INBOX=/var/mail/%u inbox = yes hidden = yes list = no } namespace { separator = / prefix = location = maildir:~/Maildir } From slusarz at curecanti.org Wed Jun 27 01:23:23 2012 From: slusarz at curecanti.org (Michael M Slusarz) Date: Tue, 26 Jun 2012 16:23:23 -0600 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38547.4060407@thelounge.net> <8A2BA8AE-3A0A-4131-9C15-7811D9E688CE@iki.fi> <4FE38883.8000808@thelounge.net> <2ABE733D-E478-4B40-93FB-8F1CDAB72193@iki.fi> <4FE389FF.2080106@thelounge.net> <4FE396AF.4070309@wildgooses.com> <20120621155801.Horde.YXauVYF5lbhP45jpl_ezE_A@bigworm.curecanti.org> Message-ID: <20120626162323.Horde._ABQfIF5lbhP6jZb2CnwFcA@bigworm.curecanti.org> Quoting Timo Sirainen : > Well, I had completely forgotten about it :) Reading my old mail: > >> There isn't a whole lot of state to be saved really. Mailbox GUID, >> UIDVALIDITY, >> HIGHESTMODSEQ gives the mailbox state. Then you have the >> language/etc. states. >> Clients could restore their earlier state from days ago, as long as Dovecot >> still has the necessary .log records available (similar to how >> QRESYNC works). > > Yeah .. Perhaps something like: > > 1. if client issues LOGOUT XSTATE > > 2. And server sees that it can actually save all of the state (some > things are a bit tricky, and probably not worth the trouble in > initial implementation) > > 3. Then the server server sends > * OK XSTATE > * BYE This makes sense. Although wouldn't it be: * OK [XSTATE ] State saved. > 4. The client can pipeline after LOGIN/AUTHENTICATE: > a XSTATERESTORE > a OK Yeah! > or > a NO Not gonna work. Couple of suggestions here: 1) Maybe allow XSTATERESTORE to be sent BEFORE authentication also/instead? The way that Dovecot would restore state might be different from the way another IMAP server would restore state. It's possible that another server could optimize things if, at authentication time, it knew it was going to restore state. i.e.: a XSTATERESTORE a OK Will attempt to restore state. b (LOGIN/AUTHENTICATE command) * OK [XSTATERESTOREOK] State restored. -- or -- * OK [XSTATERESTORENO] State NOT restored. b OK Logged in. 2) Could extend LOGIN/AUTHENTICATE to accept XSTATERESTORE parameter. Pros: saves round-trip. Cons: extending LOGIN/AUTHENTICATE at this stage of IMAP 4 development is probably overkill (Although this implementation already requires extending the LOGOUT command) > Perhaps even a real RFC for this thing? .. If it's worth it.. Would > save at least a few X bytes from network traffic :) It could potentially be a few more than X bytes. Here's an extreme example of the potential savings: Initial connection: ------------------- 1 (LOGIN/AUTHENTICATE) 1 OK Logged in. 2 CAPABILITY * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE ACL RIGHTS=texk 2 OK Capability completed. 3 ID ("name" "foo" "version" "1.0") * ID ("name" "foo2" "version" "bar2" "os" "linux") 3 OK ID completed 4 ENABLE QRESYNC * ENABLED QRESYNC 4 OK Enabled. 5 COMPARATOR "de;*" i;basic * COMPARATOR i;basic 5 OK Will use i;basic for collation 6 LANGUAGE DE * LANGUAGE (DE) * NAMESPACE (("" "/")) (("Other Users/" "/" "TRANSLATION" ("Andere Ben&APw-tzer/"))) (("Public Folders/" "/" "TRANSLATION" ("Gemeinsame Postf&AM8-cher/"))) 6 OK Sprachwechsel durch LANGUAGE-Befehl ausgefuehrt [IMAP session] 50 LOGOUT XSTATE * OK [XSTATE 123abc] * BYE Subsequent connection: ---------------------- 1 XSTATERESTORE 123abc 1 OK Will attempt to restore state. 2 (LOGIN/AUTHENTICATE) * OK [XSTATERESTOREOK] State restored. 2 OK Angemeldet. Given this (admittedly) extreme example, the savings are 689 bytes (+126 bytes for staterestore overhead, -815 bytes for state setup). Additionally, the server/client have to process 4 less IMAP commands. This is a significant savings IMHO. Whether or not this is appropriate for a real RFC, it would probably be useful to document in RFC fashion regardless. michael From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 08:44:16 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 07:44:16 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: > > Timo: I'm not sure if you are saying that all client-side caching is wrong. > If so, I'm going to disagree with you, especially when dealing with more > complex data structures. it is always good - on WAN links. From robert at schetterer.org Wed Jun 27 09:23:21 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 08:23:21 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> Message-ID: <4FEAA6D9.2090208@schetterer.org> Am 27.06.2012 07:44, schrieb Wojciech Puchar: >> >> Timo: I'm not sure if you are saying that all client-side caching is >> wrong. If so, I'm going to disagree with you, especially when dealing >> with more complex data structures. > > > it is always good - on WAN links. Hi, i dont wanna flame into this thread, cause its heavy tec stuff which i dont really fit in but for some webmail you can use http://imapproxy.org/ its running here fine with squirrelmail and roundcube -- Best Regards MfG Robert Schetterer From wojtek at wojtek.tensor.gdynia.pl Wed Jun 27 10:32:20 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Wed, 27 Jun 2012 09:32:20 +0200 (CEST) Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: <4FEAA6D9.2090208@schetterer.org> References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: > > Hi, i dont wanna flame into this thread, cause its heavy tec stuff > which i dont really fit in > > but for some webmail you can use http://imapproxy.org/ the discussion was about if running proxy at all make sense. Proxies are to reduce traffic or server load by avoiding repetitive requests. With dovecot it's unlikely proxy itself will be faster, so second reason doesn't exist. With same computer or fast lan or virtual lan (==normal way of running webmail) first reason doesn't exist. From robert at schetterer.org Wed Jun 27 10:51:02 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 27 Jun 2012 09:51:02 +0200 Subject: [Dovecot] Dovecot performance under high load (vs. Courier) In-Reply-To: References: <1340301924.56701.YahooMailNeo@web39301.mail.mud.yahoo.com> <5266B92B-3883-4105-839E-4D4B9B84A964@iki.fi> <1340309125.61246.YahooMailNeo@web39306.mail.mud.yahoo.com> <1340310164.5967.86.camel@hurina> <4FE38623.5050303@necoro.eu> <4FE5988E.3010101@wildgooses.com> <51EF9BC7-BE99-4DE9-800A-E8FDF7779A4B@iki.fi> <20120626130341.Horde.obOLRYF5lbhP6geNfgGGPNA@bigworm.curecanti.org> <4FEAA6D9.2090208@schetterer.org> Message-ID: <4FEABB66.2020802@schetterer.org> Am 27.06.2012 09:32, schrieb Wojciech Puchar: >> >> Hi, i dont wanna flame into this thread, cause its heavy tec stuff >> which i dont really fit in >> >> but for some webmail you can use http://imapproxy.org/ > > the discussion was about if running proxy at all make sense. > > Proxies are to reduce traffic or server load by avoiding repetitive > requests. > > With dovecot it's unlikely proxy itself will be faster, so second reason > doesn't exist. > > With same computer or fast lan or virtual lan (==normal way of running > webmail) first reason doesn't exist. Hi, sorry ,only my meaning, beside coding layout questions about dovecot etc which is clearly not my case for questions like: "does a proxy make sense" there will never be an uni right answer the answer may ever depend on what fits best at your side general setup/layout -- Best Regards MfG Robert Schetterer From zimmys76 at web.de Wed Jun 27 10:53:36 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Wed, 27 Jun 2012 09:53:36 +0200 Subject: [Dovecot] last hope... public namespace and directory structure Message-ID: <000601cd5439$f613bc50$e23b34f0$@web.de> hello, I would like to migrate to dovecot, but I have a problem with a public namespace declaration: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-2-amd64 x86_64 Debian wheezy/sid And here are the relevant parts from the configuration: namespace { location = maildir:/var/mail/vhosts/%d/public prefix = Public. separator = . type = public } namespace inbox { prefix = separator = . subscriptions = yes type = private } I assume that all folders under ./public/ are public mailboxes. The public folder itself is not a maildir, but contains the team mailboxes i.e. ./public/.sales/ ./public/.service/ ./public/.purchase/ The file passwd for those 3 samples looks like this: sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase Note: All other users have mail_location /var/mail/vhosts/%d/%n Now a have the following problem: If I login in as user sales and create a folder foo and in there a folder bar. The directory structure is: ./public/. sales /.foo and /public/. sales /.foo.bar that?s exactly what I?m expect. Now I logon as ?normal? user. I can see the namespace Public with the sales mailbox but no subfolder foo or foo.bar. Now I create also the folders foo and in there bar, but the result is to me unexpected ;-): ./public/. sales ./public/. sales.foo ./public/. sales.foo.bar Looking forward to your comment, Daniel From mailinglist at august.de Wed Jun 27 11:38:57 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:38:57 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626201036.GA6929@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: Am 2012-06-26 22:10, schrieb Daniel Parthey: > Rolf wrote: >> Am 2012-06-25 23:59, schrieb Daniel Parthey: >> >Hi Rolf, >> > >> >Rolf wrote: >> >>Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Doesn't lda(rolf) mean it is being executed under user "rolf", > not root or dovecot? could be. However, following your mail I tried several alternatives for grouping, made the user itself part of mail group, made postfix and dovecot part of the users real group, made all part of roots real group, made the users part of postfix and dovecot real group ... I could have made failures in trying all this combinations but the failure remained in any case. (I switched all back for security reasons, the failure is still there.) > > How exactly do you invoke lda from your /etc/postfix/master.cf? these are my lines from /etc/postfix/main.cf: #mailbox_command = procmail -a "$EXTENSION" mailbox_command = /usr/lib/dovecot/deliver if I switch procmail back on the input gets delivered and I can see them using roundcube as a client for dovecot. > > You might also try to use LMTP via TCP to deliver mails > from postfix to dovecot to work around any permission problems. > LMTP would be new to me and I fear just other hard-to-understand configuration topics. What I did as a workaround is to have a last rule in each .dovecot.sieve: fileinto "rest". It works and this way the INBOX is no longer needed. >> I have installed dovecot and docecot-sieve by Debians aptitude > > You don't seem to be the only one with these problems, see Debian > BTS: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626130 Do not understand how they have solved the problem. Changing 0660 to 0600 for the /var/mail/user mboxes (with user:mail for user:group) seems not to be a logical solution - have not tried that. From mailinglist at august.de Wed Jun 27 11:45:14 2012 From: mailinglist at august.de (mailinglist) Date: Wed, 27 Jun 2012 10:45:14 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120626214739.GA8465@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626214739.GA8465@daniel.localdomain> Message-ID: <47949791e5f9fa35b1136eba76b378cb@august.de> Am 2012-06-26 23:47, schrieb Daniel Parthey: > Rolf wrote: >> Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: >> setegid(privileged) failed: Operation not permitted > > Manual page "man 2 setegid" states that > Yes, thank you Daniel for pointing me to this subjects. Now I got a bit a deeper understanding how a file gets executed. My problem is that I do not exactly know from the error message who is starting what by which effective group id and to what group id it tries to switch. All guessing did not lead to a result. I tried: postfix is starting deliver with the effective group id "postfix" and wants to set the group id either to "mail" or to "rolf". But no success. From tss at iki.fi Wed Jun 27 12:04:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:04:19 +0300 Subject: [Dovecot] [PATCH] GSSAPI authorization and virtual users In-Reply-To: <1331057521.84875.2.camel@leela.office.red-redemption.com> References: <1330973136.70967.33.camel@leela.office.red-redemption.com> <1331057521.84875.2.camel@leela.office.red-redemption.com> Message-ID: <1340787859.25551.47.camel@innu> On Tue, 2012-03-06 at 18:12 +0000, Sam Morris wrote: > On Mon, 2012-03-05 at 20:52 +0200, Timo Sirainen wrote: > > On 5.3.2012, at 20.45, Sam Morris wrote: > > > > > 3. The credentials lookup triggers an info log message saying that > > > credentials for GSSAPI were requested, "but we have only (e.g.) > > > MD5-CRYPT". The authplugin doesn't actually want the credential, > > > but I think that the only way the authplugin can trigger a > > > passdb lookup is by requesting it. > > > > I'll look at the rest more closely later, but this should be an easy fix: request "" instead of "GSSAPI". > > Thanks for pointing that out. Here's a newer version of the patch with > that change. I also realised that the gss_buffer is not required in the > code that runs once the passdb lookup is complete, so I removed the code > that stashes it in struct gssapi_auth_request. I finally looked into this and did some changes. Does it still work? :) http://hg.dovecot.org/dovecot-2.2/rev/183adc90781c From tss at iki.fi Wed Jun 27 12:25:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:25:31 +0300 Subject: [Dovecot] Problem with 'doveadm mailbox status -t' reporting cumulative vsizes after upgrading from v2.0.16 to v2.1.7 In-Reply-To: <4FDF66E1.5050009@beardz.net> References: <4FDF66E1.5050009@beardz.net> Message-ID: <1340789131.25551.48.camel@innu> On Mon, 2012-06-18 at 18:35 +0100, Jase Thew wrote: > The reporting script at its core calls : > > doveadm -f flow mailbox status -A -t 'messages vsize' '*' > > It appears that Dovecot 2.1.7 is not resetting the vsize after collating > the sum total of mailboxes sizes for each user, so that vsize just > constantly increases as it iterates over each user. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/d8d587bd5a29 From tss at iki.fi Wed Jun 27 12:30:01 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:30:01 +0300 Subject: [Dovecot] pop3c_master_user In-Reply-To: <4FDFAE8C.9000208@mur.at> References: <4FDFAE8C.9000208@mur.at> Message-ID: <1340789401.25551.49.camel@innu> On Tue, 2012-06-19 at 00:41 +0200, Martin Schitter wrote: > the configuration keyword "pop3c_master_user" mentioned in the dsync > migration documentation (http://wiki2.dovecot.org/Migration/Dsync) does > not work for dovecot 2.1.7. > > a config line like: "pop3c_master_user = cyrus" will produce this error: > > doveconf: Fatal: Error in configuration file /etc/dovecot/local.conf > line 33: Unknown setting: pop3c_master_user Added: http://hg.dovecot.org/dovecot-2.1/rev/06ba409a63d3 From tss at iki.fi Wed Jun 27 12:31:46 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:31:46 +0300 Subject: [Dovecot] director map and mysql In-Reply-To: <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> References: <213B51F00051AE48A9F0E112880177178F7A2E@Delta.sc.local> <213B51F00051AE48A9F0E112880177178F7A2F@Delta.sc.local> Message-ID: <1340789506.25551.51.camel@innu> On Wed, 2012-06-20 at 14:40 +1100, ???????? ????????? ?????????? wrote: > but what mechanisms do I have if I want certain user to be always proxied to certain host, but if that host is down, to redirect him to another? You'll have to mark the host down in SQL, and change your SQL query to return something else for the "host" value when that host is down (either another host or NULL to let director handle it). From tss at iki.fi Wed Jun 27 12:37:13 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:37:13 +0300 Subject: [Dovecot] doveadm proxy kick in director setups In-Reply-To: <20120621144829.GA8792@hawkeye.rutgers.edu> References: <20120621144829.GA8792@hawkeye.rutgers.edu> Message-ID: <1340789833.25551.54.camel@innu> On Thu, 2012-06-21 at 10:48 -0400, Tom Pawlowski wrote: > Something I noticed on a 2.1.7 director test cluster (two directors, > three backends): 'doveadm proxy kick user' will kick all connections > for that user on that director only. Any additional connections on other > directors will remain active unless the command is run on all directors. > > Are the proxy and director sub-commands intended to be separate and > distinct in their operation? If so, then this makes sense, as a proxy > isn't necessarily a director. They are separate, yes. > Are there any plans for a proxy kick equivalent that would work > across directors? With director it would be possible to kick all users that match the user's 32bit hash. If there are hash collisions then it would kick also other users.. Another possibility would be to create something that allows running the same doveadm command in all directors, but ssh pretty much can do that already. :) From tss at iki.fi Wed Jun 27 12:50:20 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 12:50:20 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> Message-ID: <1340790620.25551.60.camel@innu> On Sat, 2012-06-23 at 07:04 +0200, Emmanuel Dreyfus wrote: > Hello > > I am having a hard time with users using POP while leaving mailboxes > of several gigabyte cumulated. This causes a lot of disk I/O and kills > performancs for everyone. I try to encourage people migrating to > IMAP, but that migration will take some time, and therefore I am looking > for alterantive ways to workaround the problem. What mailbox format do you use? This shouldn't be a problem with for example mdbox, probably not with sdbox either and with mbox/maildir there are settings that can improve this. Or are you not talking about opening the mailbox, but about clients redownloading all the mails all the time? > I found pop3-throttle-plugin.c, which seems a smart way to solve the > problem, unfortunately it comes with no documentation. I was able to > build it and load it, bu itsays nothing in the logs. Is there any > doc somewhere? Any advices on how to set it up? It's about allowing clients to see only X new mails per Y time. But I don't see how that would help with your problem if that's related to old mails. Anyway, quick docs: "touch /etc/dovecot/pop3-throttle-enabled" to enable the throttling plugin { pop3_throttle_max_msgs = 10 pop3_throttle_max_kbytes = 1024 } Which allows a single user to see max 10 new messages or max 1 MB of new messages per 15 minutes, whichever limit comes first. After 15 minutes more messages become visible again to reach the limit. The 15 minute limit is configurable by recompiling: #define POP3_THROTTLE_STATE_RESET_SECS (60*15) From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 13:01:51 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 11:01:51 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: References: Message-ID: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions Timo, Thanks for pointing me in the right direction . . I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . At least I know exactly where the problems are now, thanks! ~ James. From amateo at um.es Wed Jun 27 14:10:09 2012 From: amateo at um.es (Angel L. Mateo) Date: Wed, 27 Jun 2012 13:10:09 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache Message-ID: <4FEAEA11.1070900@um.es> Hi, We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From lists at wildgooses.com Wed Jun 27 14:40:38 2012 From: lists at wildgooses.com (Ed W) Date: Wed, 27 Jun 2012 12:40:38 +0100 Subject: [Dovecot] Hardware infrastructure for email system In-Reply-To: References: <4FE58A52.8050708@think-for-yourself.org> <4FE5A5D8.2050908@thelounge.net> Message-ID: <4FEAF136.9070509@wildgooses.com> On 23/06/2012 13:20, Wojciech Puchar wrote: >>> >>> it is already enormous overshoot in hardware specs. And i do not >>> really catch why you have "4 in parallel" servers. >>> And finally i cannot understand this dividing of servers just to >>> merging it back using VMWare. >> >> because it is a big difference if you have anything in a single >> machine or splittet in virtual machines - you can move them at >> runtime to different hosts and if you run out of ressources > > ok - for me it is just likes. You have higher change to have the need > to move at the first place doing this :) Actually, I'm a huge buyer of "virtualisation". There is *no other* way that people should be running their servers right now... (hand waving sweeping generalisation - obviously add context, etc, before taking literally). There are various types of virtualisation solution and they have pros and cons, but I think there is close to zero reason not to use some kind of virtualisation option for all new deployments. Probably he is using something clever like vmware esx - I like the theory there where you can literally fail over a running machine to new hardware, without even stopping it running, very neat. I personally use linux-vservers which are almost identical to running on bare metal server (it's kind of a fancy form of chroot), this means I don't have commercial grade failover, but it only takes 5-15 seconds to "reboot" each container, so that's an acceptable downtime for my requirements. Good luck! Ed W From manu at netbsd.org Wed Jun 27 14:55:09 2012 From: manu at netbsd.org (Emmanuel Dreyfus) Date: Wed, 27 Jun 2012 11:55:09 +0000 Subject: [Dovecot] pop3-throttle In-Reply-To: <1340790620.25551.60.camel@innu> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> Message-ID: <20120627115509.GF27064@homeworld.netbsd.org> On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: > What mailbox format do you use? This shouldn't be a problem with for > example mdbox, probably not with sdbox either and with mbox/maildir > there are settings that can improve this. This is mbox. > Or are you not talking about opening the mailbox, but about clients > redownloading all the mails all the time? I don't think the client downloads the whole mailbox each time. It takes so long on a 1 GB mbox that the users would have complained. However, I can see a lot of disk I/O activity for pop daemon operating on the bigger mbox (easy to spot looking at the process uid) -- Emmanuel Dreyfus manu at netbsd.org From tss at iki.fi Wed Jun 27 15:22:18 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:22:18 +0300 Subject: [Dovecot] pop3-throttle In-Reply-To: <20120627115509.GF27064@homeworld.netbsd.org> References: <1km4rjc.f50hxq1iocthjM%manu@netbsd.org> <1340790620.25551.60.camel@innu> <20120627115509.GF27064@homeworld.netbsd.org> Message-ID: <78425DD3-20B3-4155-A465-7F05140BEC27@iki.fi> On 27.6.2012, at 14.55, Emmanuel Dreyfus wrote: > On Wed, Jun 27, 2012 at 12:50:20PM +0300, Timo Sirainen wrote: >> What mailbox format do you use? This shouldn't be a problem with for >> example mdbox, probably not with sdbox either and with mbox/maildir >> there are settings that can improve this. > > This is mbox. > >> Or are you not talking about opening the mailbox, but about clients >> redownloading all the mails all the time? > > I don't think the client downloads the whole mailbox each time. It > takes so long on a 1 GB mbox that the users would have complained. > However, I can see a lot of disk I/O activity for pop daemon operating > on the bigger mbox (easy to spot looking at the process uid) Try mbox_very_dirty_syncs=yes From tss at iki.fi Wed Jun 27 15:24:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:24:37 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEAEA11.1070900@um.es> References: <4FEAEA11.1070900@um.es> Message-ID: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> On 27.6.2012, at 14.10, Angel L. Mateo wrote: > We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? Nope. What do you need it for? From tss at iki.fi Wed Jun 27 15:29:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 15:29:00 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FE59B9E.1050009@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> Message-ID: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> On 23.6.2012, at 13.34, Charles Marcus wrote: > It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses. > > Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)... The problem with those is that it depends on the installation. Each user may need different permissions. Many installations don't have a way to list users to even do a userdb lookup. I guess it would be possible to write such a tool for specific installations where it could work, but it wouldn't work everywhere.. From CMarcus at Media-Brokers.com Wed Jun 27 15:34:18 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 27 Jun 2012 08:34:18 -0400 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> Message-ID: <4FEAFDCA.3060902@Media-Brokers.com> On 2012-06-27 8:29 AM, Timo Sirainen wrote: > On 23.6.2012, at 13.34, Charles Marcus wrote: >> It would be nice if there were a wiki page specifically describing >> how permissions should be set for all of the services/directories >> that dovecot uses. >> >> Even better would be a dovecot/doveconf command that would test the >> permissions and, if possible, even fix them (like the postfix >> 'set-permissions' command)... > The problem with those is that it depends on the installation. Each > user may need different permissions. Many installations don't have a > way to list users to even do a userdb lookup. I guess it would be > possible to write such a tool for specific installations where it > could work, but it wouldn't work everywhere. Hmmm... I wonder how postfix does it then... maybe it doesn't have as many potential variations I guess? Is there maybe just a basic/standard set of permissions that can work for many installations, then have a way to detect non-standard installs and just provide a link to a wiki page describing things in more detail? Is there a wiki page for this already? I didn't find one... -- Best regards, Charles From r.vicinus at metaways.de Wed Jun 27 16:10:29 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Wed, 27 Jun 2012 15:10:29 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FE85FD4.8090708@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> Message-ID: <4FEB0645.6000302@metaways.de> Hi, if i delete the home directory and all content below an existing account user at example.org. Then run: /usr/bin/doveadm quota recalc -u user at example.org and afterwards: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: i get the following errors: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user at example.org): Debug: auth input: user at example.org home=/mail/dovecot/example.org/user uid=501 gid=123 quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Added userdb setting: plugin/quota_rule=*:bytes=2000M:messages=0 doveadm(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user doveadm(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 doveadm(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org doveadm(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org doveadm(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 doveadm(user at example.org): Debug: fs: root=/mail/dovecot/example.org/user/mail, index=, control=, inbox=, alt= doveadm(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Effective uid=501, gid=123, home=/mail/dovecot/example.org/user dsync(user at example.org): Debug: Quota root: name=User quota backend=dict args=:proxy::quota dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=* bytes=2097152000 messages=0 dsync(user at example.org): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 dsync(user at example.org): Debug: Quota warning: bytes=1992294400 (95%) messages=0 reverse=no command=quota-warning 95 user at example.org dsync(user at example.org): Debug: Quota warning: bytes=1677721600 (80%) messages=0 reverse=no command=quota-warning 80 user at example.org dsync(user at example.org): Debug: dict quota: user=user at example.org, uri=proxy::quota, noenforcing=0 dsync(user at example.org): Debug: imapc: root=, index=, control=, inbox=, alt= dsync(user at example.org): Debug: imapc(local-mailbox:18143): Looking up IP address dsync(user at example.org): Debug: imapc(local-mailbox:18143): Connecting to 10.129.3.196:18143 dsync(user at example.org): Debug: imapc(local-mailbox:18143): Server capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticating as user at example.org dsync(user at example.org): Debug: imapc(local-mailbox:18143): Authenticated successfully dsync(user at example.org): Error: Can't delete mailbox INBOX: INBOX can't be deleted. dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Trash doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Debug: Namespace : /mail/dovecot/example.org/user/mail/mailboxes/Sent doesn't exist yet, using default permissions dsync(user at example.org): Debug: Namespace : Using permissions from /mail/dovecot/example.org/user/mail: mode=0700 gid=-1 dsync(user at example.org): Info: INBOX: only in dest (guid=54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Info: Trash: only in source (guid=7f5af7ba291b2df1a11d573bdb55d7e9) dsync(user at example.org): Info: Sent: only in source (guid=bfb2e03fdce327671e82bf173b1ccb8b) dsync(user at example.org): Info: INBOX: only in source (guid=c92f64f79f0d1ed01e6d5b314f04886c) dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=54c23c119d04eb4f005100004f99b03d dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox c92f64f79f0d1ed01e6d5b314f04886c dsync(user at example.org): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) dsync(user at example.org): Debug: imapc(local-mailbox:18143): Disconnected is this an intented behaviour or is this a bug in quota recalc? if i delete the home directory again after the quota recalc recreated it no errors are reported and the mail are all copied as intended. Kind regards Reinhard -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot.conf.txt URL: From ckubu at so36.net Wed Jun 27 16:26:21 2012 From: ckubu at so36.net (ckubu) Date: Wed, 27 Jun 2012 15:26:21 +0200 Subject: [Dovecot] dict Panic after upgrade to 2.1.7 In-Reply-To: <201206241221.16044.ckubu@so36.net> References: <201206241221.16044.ckubu@so36.net> Message-ID: <201206271526.22116.ckubu@so36.net> hallo, > after upgrade my mailsystem to dovecot version 2.1.7, dovecot doesn't work > properly. something went wrong in dict service connecting the postgres > backend. that happens not on every connection. the db connection data are > correct, no difference connecting via tcp or linux socket. > > dovecot log entries: > Jun 23 23:19:10 mx dovecot: dict: Panic: file driver-pgsql.c: line 84 > (driver_pgsql_set_state): assertion failed: (state == SQL_DB_STATE_BUSY || > db- > > >cur_result == NULL) > > Jun 23 23:19:10 mx dovecot: dict: Error: Raw backtrace: > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x4478a) > [0x7ffc7d8e578a] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(+0x447d6) > [0x7ffc7d8e57d6] -> > /usr/local/dovecot-2.1.7/lib/dovecot/libdovecot.so.0(i_error+0) > [0x7ffc7d8bc5ef] -> dovecot/dict() [0x40a9a6] -> dovecot/dict() [0x40aa01] > -> dovecot/dict() [0x40be43] -> dovecot/dict() [0x409474] -> > dovecot/dict(sql_db_cache_deinit+0x20) [0x4089d0] -> > dovecot/dict(main+0x169) [0x4059f9] -> > /lib/libc.so.6(__libc_start_main+0xfd) [0x7ffc7d335c8d] -> dovecot/dict() > [0x404b59] > Jun 23 23:19:10 mx dovecot: dict: Fatal: master: service(dict): child 13812 > killed with signal 6 (core dumps disabled) > > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:09 mx dovecot: dict: Error: dict sql iterate failed: Not > connected to database > Jun 23 23:23:09 mx dovecot: pop3(xxx at yyy.zz): Error: acl: dict iteration > failed, can't update dict > Jun 23 23:23:17 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:17 mx dovecot: imap(xxx at yyy.zz): Error: Internal quota > calculation error > Jun 23 23:23:19 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > Jun 23 23:23:40 mx dovecot: dict: Error: dict sql lookup failed: Not > connected to database > > maybe i have missconfigured the dovecot system, but i don't find the > mistake. can anybody give me a hint ? It seem's, that these errors occcures, if acl support ist activated. i deactivated acl support last night for a while, and no such errors occured. I can't make long term test, because that is a produktion system and i switched back to version 2.0.9, which runs with acl support but without that errors . bw Christoph > > ----- doveconf -n > # 2.1.7: /usr/local/dovecot-2.1.7/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-vserver-amd64 x86_64 Debian 6.0.5 ext3 > auth_mechanisms = plain login digest-md5 cram-md5 apop > auth_socket_path = /var/run/dovecot/auth-userdb > auth_username_translation = %@ > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /var/run/dovecot/ > dict { > acl = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > expire = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > quota = pgsql:/usr/local/dovecot/etc/dovecot/sql-dict.conf.ext > } > disable_plaintext_auth = no > first_valid_gid = 5000 > first_valid_uid = 5000 > hostname = mx.warenform.de > last_valid_gid = 5000 > last_valid_uid = 5000 > listen = 178.63.63.151 2a01:4f8:121:c5::2 > mail_gid = vmail > mail_location = maildir:/var/vmail/%d/%n/Maildir > mail_plugins = autocreate quota expire acl > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > namespace { > list = children > location = maildir:/var/vmail/%%d/%%n/Maildir:INDEX=~/Maildir/shared/%%u > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Spam { > special_use = \Junk > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > plugin { > acl = vfile > acl_shared_dict = proxy::acl > autocreate = Spam > autocreate2 = Sent > autocreate3 = Trash > autocreate4 = Drafts > autosubscribe = Spam > autosubscribe2 = Sent > autosubscribe3 = Trash > autosubscribe4 = Drafts > expire = Trash > expire2 = Trash.* > expire3 = Spam > expire_dict = proxy::expire > quota = dict:User quota::proxy::quota > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+200M > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > recipient_delimiter = > sieve = ~/.dovecot.sieve > sieve_before = /usr/local/dovecot/etc/dovecot/sieve/move-spam.sieve > sieve_dir = ~/sieve > sieve_global_dir = /usr/local/dovecot/etc/dovecot/sieve/global/ > } > postmaster_address = admin at warenform.de > protocols = imap pop3 sieve lmtp > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0600 > user = vmail > } > } > service dict { > unix_listener dict { > mode = 0600 > user = vmail > } > } > service imap-login { > inet_listener imap { > address = 127.0.0.1 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener imaps { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > process_min_avail = 16 > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0660 > user = postfix > } > } > service managesieve-login { > inet_listener sieve { > address = 127.0.0.1 > port = 4190 > } > } > service pop3-login { > inet_listener pop3 { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > inet_listener pop3s { > address = 178.63.63.151 2a01:4f8:121:c5::2 > } > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = vmail > } > user = dovecot > } > shutdown_clients = no > ssl_cert = ssl_key = syslog_facility = local1 > userdb { > args = /usr/local/dovecot/etc/dovecot/sql-connect.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = autocreate quota expire acl sieve > } > protocol lda { > mail_plugins = autocreate quota expire acl sieve > } > protocol imap { > imap_client_workarounds = delay-newmail > mail_max_userip_connections = 24 > mail_plugins = autocreate quota expire acl imap_quota imap_acl > ssl_cert = ssl_key = } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > ssl_cert = ssl_key = } > > > ----- sql-dict.conf.ext: > > connect = host=/var/run/postgresql user=db_user password=db_passwd > dbname=db_name > > # quota > map { > pattern = priv/quota/storage > table = quota2 > username_field = username > value_field = bytes > } > map { > pattern = priv/quota/messages > table = quota2 > username_field = username > value_field = messages > } > > # expires > map { > pattern = shared/expire/$user/$mailbox > table = expires > value_field = expire_stamp > > fields { > username = $user > mailbox = $mailbox > } > } > > # acl > map { > pattern = shared/shared-boxes/user/$to/$from > table = user_shares > value_field = dummy > > fields { > from_user = $from > to_user = $to > } > } > > map { > pattern = shared/shared-boxes/anyone/$from > table = anyone_shares > value_field = dummy > > fields { > from_user = $from > } > } -- e: ckubu at so36.net From tss at iki.fi Wed Jun 27 17:24:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:24:51 +0300 Subject: [Dovecot] RFE: IMAP LIST Extension for Special-Use Mailboxes In-Reply-To: <4FE9DB4C.20309@Media-Brokers.com> References: <20110311215739.GD13492@state-of-mind.de> <4F520990.2000903@crc.id.au> <83D77B81-EC49-4755-A866-E30B41E8B246@leuxner.net> <4FE9DB4C.20309@Media-Brokers.com> Message-ID: <603EF78F-44FB-4BAE-BBA1-A8D21E89043D@iki.fi> On 26.6.2012, at 18.54, Charles Marcus wrote: > My question (I guess for Timo) is, would it be crazy/possible to implement some kind of 'alias' conversion in dovecot that would work regardless of client cooperation? > > Ie, in a config file, add a list of 'aliases' for these special use folders (similar to how it is done now), but where dovecot would then silently translate/map a request for any of the defined aliases to the defined special use folder? so, if Outlook wants to save a sent message to 'Sent Items', it would simply and silently be saved to 'Sent' (or whatever the admin had defined as the 'real' sent folder). This wouldn't then require anything to be implemented in a client, it would only require the Admin to know what clients they want to support and what folders those clients look for by default. There would be two possibilities: 1) Have aliases where the alias is visible with LIST and all other commands. Most clients will then show that mailbox duplicated with two names, probably causing user confusion. 2) Have aliases where the alias isn't visible with LIST, but it would be possible to APPEND/COPY messages there, or CREATE, SELECT, etc. I have no idea how different clients would behave with this behavior. Might work with some, or might not.. You can kind of emulate 2) behavior and see what happens by setting up namespaces like: namespace { prefix = separator = / inbox = yes list = no hidden = no } namespace { prefix = RealMails/ separator = / list = no hidden = yes } # I think there needs to be one list=yes namespace: namespace { prefix = something/ separator = / list = yes hidden = yes location = mbox:/var/lib/dovecot/empty } Anyway you could see if clients show the Drafts/Sent etc. mailboxes that they create and allows actually accessing them. From tss at iki.fi Wed Jun 27 17:30:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Jun 2012 17:30:26 +0300 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340745560.2495.27.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> Message-ID: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: >> If you are working with 2.0 or later dovecot, you should be at >> http://wiki2.dovecot.org/Namespaces > > I am using 2.1.7 . I surmise from this Namespace page that the form: > namespace { > where is one of "public", "private", or "shared" creates an > unnamed namespace of type while the form: > namespace { > where is none of "public", "private", or "shared", creates a > namespace with the name and the default type (unspecified on this > page, but probably private). I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. > The namespace can be given the type > desired by an (undocumented) namespace setting: > namespace inbox ( > type = > Is this correct? It's mentioned in examples :) Yeah, could be more clearly mentioned in the wiki page too. Of course it's already in the example-config/conf.d/10-mail.conf file. The part in namespace { } should also be in the wiki page, although that's not namespace-specific thing at all, but works everywhere in dovecot.conf. It simply gives a (human-readable) name for the namespace within the configuration, it doesn't actually do anything. From role.Dovecot-Readers at JLAssocs.com Wed Jun 27 19:10:17 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Wed, 27 Jun 2012 17:10:17 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) Message-ID: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Hi, I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) Am I missing something, or does everyone really build from source? Thanks, James. From wgrcunha at gmail.com Wed Jun 27 19:27:36 2012 From: wgrcunha at gmail.com (Francisco Wagner C. Freire) Date: Wed, 27 Jun 2012 13:27:36 -0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: I dont known about Angel, but for me is useful because sometimes i need to deactivate smtp/imap/pop access from accounts, or change their home after storage migration, and removing a specific record i can use a long time cache. On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > > > We have dovecot configured with auth cache. Is there any way to > remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > > From brad at pixilla.com Wed Jun 27 21:27:55 2012 From: brad at pixilla.com (Bradley Giesbrecht) Date: Wed, 27 Jun 2012 11:27:55 -0700 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> Message-ID: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > Hi, > > I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) > > Am I missing something, or does everyone really build from source? I was not aware of this plugin. Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? http://wiki2.dovecot.org/Plugins/deleted-to-trash Regards, Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2724 bytes Desc: not available URL: From role.Dovecot-Readers at jlassocs.com Wed Jun 27 21:34:20 2012 From: role.Dovecot-Readers at jlassocs.com (J E Lyon) Date: Wed, 27 Jun 2012 19:34:20 +0100 Subject: [Dovecot] The deleted_to_trash Plugin (workaround Outlook 2007 behaviour) In-Reply-To: <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> References: <71645618-2034-4DA6-8C6D-3F4F2C2D7F9A@JLAssocs.com> <5CEBBEE0-EF29-4A53-BC75-3B67072DFFEE@pixilla.com> Message-ID: On 27 Jun 2012, at 19:27, Bradley Giesbrecht wrote: > On Jun 27, 2012, at 9:10 AM, J E Lyon wrote: > >> Hi, >> >> I see this plugin exists for v1 & v2, all very interesting... Surprised no one seems to have created an RPM and it looks like deleted_to_trash is one of the very few plugins to not be shipped as part of the default install with CentOS 5.5 or CentOS 6 (i.e. Dovecot v1 & v2 respectively.) >> >> Am I missing something, or does everyone really build from source? > > I was not aware of this plugin. > > Looking at the plugin configuration options how would one handle all the various folder names that users use for "Trash"? > http://wiki2.dovecot.org/Plugins/deleted-to-trash Hi Brad, Well, it could be a configurable folder name, or not, but it doesn't matter _too_ much . . Looking at various IMAP clients, they already use a variety of folder names, so if I access my IMAP account using my MacBook and my Android and an installation of MS-Outlook, then I might end up with a Deleted folder *and* a Trash folder. It doesn't much matter, I can undelete within an application where I've accidentally hit "delete" and if I'm looking further back for something deleted last week, I can search both folders if I can't remember where it was deleted. It all works out adequately in the end -- from an end user's point of view -- even if it's not very pretty from a software design point of view. J. From daniel.parthey at informatik.tu-chemnitz.de Wed Jun 27 21:47:36 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 27 Jun 2012 20:47:36 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> Message-ID: <20120627184736.GA7546@daniel.localdomain> Rolf wrote: > LMTP would be new to me and I fear just other hard-to-understand > configuration topics. LMTP (Lightweight Message Transfer Protocol) is really simple, similar to SMTP, but immediately returns a status code which tells whether the delivery has been successful or not. I encourage you to read this HOWTO: http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP Dovecot listens and accepts mails on the LMTP service port, postfix delivers mails directly into this LMTP service port. Since it is an additional service, you should be able to try it first, without interfering with your deliver functionality. Here you can read, how the LMTP communication looks like: http://de.wikipedia.org/wiki/LMTP Regards Daniel -- https://plus.google.com/103021802792276734820 From ef at math.uni-bonn.de Wed Jun 27 23:18:45 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Wed, 27 Jun 2012 22:18:45 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? Message-ID: <20120627201844.GX57210@trav.math.uni-bonn.de> With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? E.g. something that would extend user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? From jonrysh at pacbell.net Thu Jun 28 02:34:15 2012 From: jonrysh at pacbell.net (Jonathan Ryshpan) Date: Wed, 27 Jun 2012 16:34:15 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> Message-ID: <1340840055.2391.26.camel@amito> On Wed, 2012-06-27 at 17:30 +0300, Timo Sirainen wrote: > On 27.6.2012, at 0.19, Jonathan Ryshpan wrote: > > >> If you are working with 2.0 or later dovecot, you should be at > >> http://wiki2.dovecot.org/Namespaces > > > > I am using 2.1.7 . I surmise from this Namespace page that the form: > > namespace { > > where is one of "public", "private", or "shared" creates an > > unnamed namespace of type while the form: > > namespace { > > where is none of "public", "private", or "shared", creates a > > namespace with the name and the default type (unspecified on this > > page, but probably private). > > I don't see any of that in the wiki2 page. Maybe you were looking at wiki1 page. Quite right; this comes from a reading of pages in both wiki1 and wiki2. I now surmise that this isn't a good idea since wiki1 describes v1.x and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is all this correct? > > The namespace can be given the type > > desired by an (undocumented) namespace setting: > > namespace inbox ( > > type = > > Is this correct? > > It's mentioned in examples :) Yeah, could be more clearly mentioned in > the wiki page too. Of course it's already in the > example-config/conf.d/10-mail.conf file. The part in namespace > { } should also be in the wiki page, although that's not > namespace-specific thing at all, but works everywhere in dovecot.conf. > It simply gives a (human-readable) name for the namespace within the > configuration, it doesn't actually do anything. It looks like it does *something*, since 15-mailboxes.conf contains the lines: # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { I am continuing to attempt to set up dovecot to keep its mail store in maildir form while receiving it from an mbox, but without success. Dovecot reports the error that it can't create the file ~/mail/.imap/INBOX (and also that it can't chown it to user mail, not surprising since it doesn't exist). This seems reasonable, since jonrysh (that is me) is not a member of the group mail. What should be done next? Should I join the group mail? It seems that this should not be necessary in general. The mail store is in ~/maildir, so what is the function of the mbox ~/mail? Dovecot must be misconfigured, but it's not clear to a newbie like myself what's wrong. Any advice would be appreciated. I have attached an extract from maillog showing the errors (dovecot.log) dovecot reports (dovecot.log), and the output of dovecot -n (dovecot-n). Thanks for your help - jon -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot.log Type: text/x-log Size: 2636 bytes Desc: not available URL: -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.4.3-1.fc17.x86_64 x86_64 Fedora release 17 (Beefy Miracle) mail_debug = yes mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace data { location = maildir:~/Dovecot prefix = separator = . } namespace inbox { hidden = yes inbox = yes list = no location = mbox:~/mail:INBOX=/var/spool/mail/%u mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = "#mbox." separator = . type = private } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = required ssl_cert = References: Message-ID: Francisco Wagner C. Freire writes: > On Wed, Jun 27, 2012 at 9:24 AM, Timo Sirainen wrote: > >> On 27.6.2012, at 14.10, Angel L. Mateo wrote: >> >>> We have dovecot configured with auth cache. Is there any way to >> remove a specific entry (not all) from this cache? >> >> Nope. What do you need it for? > > I dont known about Angel, but for me is useful because sometimes i need to > deactivate smtp/imap/pop access from accounts, or change their home after > storage migration, and removing a specific record i can use a long time > cache. I'm not sure that the auth cache holds that information, but I think you can at least invalidate a particular auth cache entry by 1) Changing the user password (and save the previous hash) 2) Authenticate using the new credentials (and invalidate the auth cache entry). For example, you can just do a manual connection on your dovecot server x login someuser newpassword This will replace the cache entry with a new one. 3) When you are ready to put the account back online, change the password back to the original. A password mismatch forces a resync to your authentication system which will restore the auth cache. Joseph Tam From dlie76 at yahoo.com.au Thu Jun 28 07:53:39 2012 From: dlie76 at yahoo.com.au (Daminto Lie) Date: Wed, 27 Jun 2012 21:53:39 -0700 (PDT) Subject: [Dovecot] (no subject) Message-ID: <1340859219.73690.YahooMailNeo@web113410.mail.gq1.yahoo.com> http://ccomplaint.com/Vocational-Schools/googlesave.html?otv=vby.mig&himoj=yug.jyg&fob=ihol From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 08:54:01 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 07:54:01 +0200 (CEST) Subject: [Dovecot] indexer-worker Message-ID: why this process (which most probably do squat index/update) runs as root, not - like imap process - as user? 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker From tss at iki.fi Thu Jun 28 09:39:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:39:45 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120627201844.GX57210@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> Message-ID: <1340865585.25551.61.camel@innu> On Wed, 2012-06-27 at 22:18 +0200, Edgar Fu? wrote: > With 1.2, is there a syntax to, for LDAP lookups, use a given fixed replacement for a non-present LDAP attribute? > E.g. something that would extend > user_attrs = mailFileServer=mail=maildir:/import/mail/%$/%d > to use maildir:/import/mail/foo/%d in case the mailFileServer attribute is not present? The "mail" field defaults to mail_location setting. Other fields you can put to plugin {} section. From tss at iki.fi Thu Jun 28 09:43:49 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:43:49 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: References: Message-ID: <1340865829.25551.64.camel@innu> On Wed, 2012-06-27 at 19:08 -0700, Joseph Tam wrote: > > I dont known about Angel, but for me is useful because sometimes i need to > > deactivate smtp/imap/pop access from accounts, or change their home after > > storage migration, and removing a specific record i can use a long time > > cache. > > I'm not sure that the auth cache holds that information, userdb lookups are also cached. > but I think you > can at least invalidate a particular auth cache entry by > > 1) Changing the user password (and save the previous hash) > 2) Authenticate using the new credentials (and invalidate > the auth cache entry). For example, you can just > do a manual connection on your dovecot server > > x login someuser newpassword > > This will replace the cache entry with a new one. > > 3) When you are ready to put the account back online, change the > password back to the original. A password mismatch forces > a resync to your authentication system which will restore > the auth cache. This works for passdb cache, but not for userdb cache. It would be possible to add a doveadm command for this.. I think the main reason why I already didn't do it last time I was asked this was because I wanted to use "doveadm auth cache flush" or something similar as the command, but there already exists "doveadm auth" command and "cache flush" would be treated as username=cache password=flush :( Anyone have thoughts on a better doveadm command name? Or should I just break it and have v2.2 use "doveadm auth check" or something for the old "doveadm auth" command? From tss at iki.fi Thu Jun 28 09:46:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:46:27 +0300 Subject: [Dovecot] indexer-worker In-Reply-To: References: Message-ID: <1340865987.25551.67.camel@innu> On Thu, 2012-06-28 at 07:54 +0200, Wojciech Puchar wrote: > why this process (which most probably do squat index/update) runs as root, > not - like imap process - as user? > > 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker It runs as root while not really doing anything, but when it starts accessing users' files it temporarily drops privileges. This is necessary if users have multiple different UIDs. If you have only one UID e.g. vmail, you could set: service indexer-worker { user = vmail } There are a couple of ways to do this automatically whenever it's possible.. I guess I'll add those to v2.2. From tss at iki.fi Thu Jun 28 09:49:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:49:10 +0300 Subject: [Dovecot] permissions on auth-userdb In-Reply-To: <4FEAFDCA.3060902@Media-Brokers.com> References: <4FE59B9E.1050009@Media-Brokers.com> <87A001AB-60A4-45D2-B48C-29114263DA75@iki.fi> <4FEAFDCA.3060902@Media-Brokers.com> Message-ID: <1340866150.25551.70.camel@innu> On Wed, 2012-06-27 at 08:34 -0400, Charles Marcus wrote: > On 2012-06-27 8:29 AM, Timo Sirainen wrote: > > On 23.6.2012, at 13.34, Charles Marcus wrote: > >> It would be nice if there were a wiki page specifically describing > >> how permissions should be set for all of the services/directories > >> that dovecot uses. > >> > >> Even better would be a dovecot/doveconf command that would test the > >> permissions and, if possible, even fix them (like the postfix > >> 'set-permissions' command)... > > > The problem with those is that it depends on the installation. Each > > user may need different permissions. Many installations don't have a > > way to list users to even do a userdb lookup. I guess it would be > > possible to write such a tool for specific installations where it > > could work, but it wouldn't work everywhere. > > Hmmm... I wonder how postfix does it then... maybe it doesn't have as > many potential variations I guess? Postfix internally doesn't really use anything except root and postfix users. Dovecot can be configured in many different ways to handle mail users and that configuration affects quite a many settings. > Is there maybe just a basic/standard set of permissions that can work > for many installations, then have a way to detect non-standard installs > and just provide a link to a wiki page describing things in more detail? I guess there could be two common settings described: Virtual users with one UID, and system users with multiple UIDs. > Is there a wiki page for this already? I didn't find one... Maybe something could be written under http://wiki2.dovecot.org/UserIds From tss at iki.fi Thu Jun 28 09:53:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:53:29 +0300 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <4FEB0645.6000302@metaways.de> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> Message-ID: <1340866409.25551.72.camel@innu> On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: > Hi, > > if i delete the home directory and all content below an existing account > user at example.org. Then run: > > /usr/bin/doveadm quota recalc -u user at example.org Are you sure quota recalc makes a difference here? What if you simply run doveadm twice? > and afterwards: > > /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw > -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o > imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: > > dsync(user at example.org): Error: Mailbox INBOX changed its GUID > (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) > dsync(user at example.org): Error: msg iteration failed: Couldn't open > mailbox c92f64f79f0d1ed01e6d5b314f04886c Bug/"feature" .. you could try if running with "imapc:/tmp/imapc-username" instead of "imapc:" helps. From tss at iki.fi Thu Jun 28 09:58:06 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 09:58:06 +0300 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <000601cd5439$f613bc50$e23b34f0$@web.de> References: <000601cd5439$f613bc50$e23b34f0$@web.de> Message-ID: <1340866686.25551.75.camel@innu> On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and create a > folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From r.vicinus at metaways.de Thu Jun 28 10:03:52 2012 From: r.vicinus at metaways.de (Reinhard Vicinus) Date: Thu, 28 Jun 2012 09:03:52 +0200 Subject: [Dovecot] Mail migration to dovecot with doveadm backup In-Reply-To: <1340866409.25551.72.camel@innu> References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> Message-ID: <4FEC01D8.6010405@metaways.de> On 28/06/12 08:53, Timo Sirainen wrote: > On Wed, 2012-06-27 at 15:10 +0200, Reinhard Vicinus wrote: >> Hi, >> >> if i delete the home directory and all content below an existing account >> user at example.org. Then run: >> >> /usr/bin/doveadm quota recalc -u user at example.org > Are you sure quota recalc makes a difference here? What if you simply > run doveadm twice? Running doveadm twice without quota recalc prior works without problems. >> and afterwards: >> >> /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw >> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >> >> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >> dsync(user at example.org): Error: msg iteration failed: Couldn't open >> mailbox c92f64f79f0d1ed01e6d5b314f04886c > Bug/"feature" .. you could try if running with > "imapc:/tmp/imapc-username" instead of "imapc:" helps. This works also without problems. So thanks for your help because this solves my problem. Let me know if i should test something more. From amateo at um.es Thu Jun 28 10:04:46 2012 From: amateo at um.es (Angel L. Mateo) Date: Thu, 28 Jun 2012 09:04:46 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> Message-ID: <4FEC020E.9020802@um.es> El 27/06/12 14:24, Timo Sirainen escribi?: > On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >> We have dovecot configured with auth cache. Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. For example, when I made the question, home directory's of one user changed and all mails to him was been discarted because of this and I had to flush all cache to solve this. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868887590 Fax: 868888337 From zimmys76 at web.de Thu Jun 28 10:41:15 2012 From: zimmys76 at web.de (Daniel Fischer) Date: Thu, 28 Jun 2012 09:41:15 +0200 Subject: [Dovecot] last hope... public namespace and directory structure In-Reply-To: <1340866686.25551.75.camel@innu> References: <000601cd5439$f613bc50$e23b34f0$@web.de> <1340866686.25551.75.camel@innu> Message-ID: <001001cd5501$66201800$32604800$@web.de> Hello Timo, Thanks for your reply. I have the dovewiki a little bit misunderstod. "Public mailboxes are typically mailboxes that are visible to all users or to large user groups. They are created by defining a public namespace, under which all the shared mailboxes are" Daniel -----Urspr?ngliche Nachricht----- Von: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] Im Auftrag von Timo Sirainen Gesendet: Donnerstag, 28. Juni 2012 08:58 An: Daniel Fischer Cc: dovecot at dovecot.org Betreff: Re: [Dovecot] last hope... public namespace and directory structure On Wed, 2012-06-27 at 09:53 +0200, Daniel Fischer wrote: > The file passwd for those 3 samples looks like this: > > sales@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.sales > > service@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.service > > purchase@$DOMAIN::5000:5000::/var/mail/vhosts/$DOMAIN/public/.purchase > > Note: All other users have mail_location /var/mail/vhosts/%d/%n > > Now a have the following problem: If I login in as user sales and > create a folder foo and in there a folder bar. It can't work like that. You need to have all of the these homes to be /var/mail/vhosts/$DOMAIN/public if you want them to be able to create any new folders. Then if needed add ACLs to the users. For delivering mails to these users you could set up a Sieve script to do it, or maybe something else.. From role.Dovecot-Readers at JLAssocs.com Thu Jun 28 10:48:43 2012 From: role.Dovecot-Readers at JLAssocs.com (J E Lyon) Date: Thu, 28 Jun 2012 08:48:43 +0100 Subject: [Dovecot] Maildir Seen Flags not heeded when dovecot-shared present In-Reply-To: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> References: <294FDEA3-FE7A-4386-9D5D-A602141E3D17@JLAssocs.com> Message-ID: <4665F4E5-F6F8-43FE-AF57-4F793590DAB7@JLAssocs.com> Timo & List, Just by way of a follow-up, running tests on a 1.0 installation of Dovecot confirms it. Sure enough, I was still configuring my mail stores based on my outdated understanding and hadn't fully appreciated changes to what dovecot-shared files affect in recent versions. Thanks all, J. On 27 Jun 2012, at 11:01, J E Lyon wrote: > On 26 Jun 2012, at 21:49, Timo Sirainen wrote: > >> So you don't want shared seen flags? You can simply not create dovecot-shared file nowadays. It's not necessary. The only other purpose for it was as the template for file permissions, but those are nowadays taken from the maildir itself: http://wiki2.dovecot.org/SharedMailboxes/Permissions > > > Timo, > > Thanks for pointing me in the right direction . . > > I started with Dovecot back in the pre-v1 days and used dovecot-shared from when it first helped with permissions and things -- never actually minded about seen flags back then. > > So, I've always thought of dovecot-shared as being primarily about making the permissions work, and hadn't realised things have been steadily changing in that regard. > > So, I now have Dovecot on both CentOS 5.5 & CentOS 6, which means v1 & v2 . . unfortunately though, the CentOS 5.5 default package is 1.0.x and that means I miss out on 1.1+ features there, as well as the improved handling of file permissions in 1.2 that I now see after scrutinising the differences . . > > At least I know exactly where the problems are now, thanks! > > ~ James. From ef at math.uni-bonn.de Thu Jun 28 12:19:33 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Thu, 28 Jun 2012 11:19:33 +0200 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <1340865585.25551.61.camel@innu> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> Message-ID: <20120628091933.GB58060@trav.math.uni-bonn.de> > The "mail" field defaults to mail_location setting. Ah, yes, thanks. So simple I didn't think of it. Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? From tss at iki.fi Thu Jun 28 13:31:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 13:31:33 +0300 Subject: [Dovecot] Default for non-present LDAP attributes? In-Reply-To: <20120628091933.GB58060@trav.math.uni-bonn.de> References: <20120627201844.GX57210@trav.math.uni-bonn.de> <1340865585.25551.61.camel@innu> <20120628091933.GB58060@trav.math.uni-bonn.de> Message-ID: <73D0D0C9-01EC-4B6E-A22C-C7A1F74A0B63@iki.fi> On 28.6.2012, at 12.19, Edgar Fu? wrote: >> The "mail" field defaults to mail_location setting. > Ah, yes, thanks. So simple I didn't think of it. > Will it default when the LDAP attribute is not present or will I have to check the attribute's presence in the LDAP filter? The default settings are in dovecot.conf. LDAP attributes that are returned by the LDAP server override those settings. From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 13:38:18 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 12:38:18 +0200 (CEST) Subject: [Dovecot] indexer-worker In-Reply-To: <1340865987.25551.67.camel@innu> References: <1340865987.25551.67.camel@innu> Message-ID: >> 29413 root 1 76 0 22820K 9204K kqread 1 0:17 5.86% indexer-worker > > It runs as root while not really doing anything, but when it starts > accessing users' files it temporarily drops privileges. This is > necessary if users have multiple different UIDs. to showed it with root privilege and 60% CPU load+disk I/O when doing text search over not yet indexed folder. > If you have only one UID e.g. vmail, you could set: > i'm not sure what you exactly mean. I have simplest possible config - mail accounts are unix accounts and mail is at Maildir my config below # 2.1.7: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 disable_plaintext_auth = no listen = * mail_location = maildir:~/Maildir mail_plugins = fts fts_squat namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/deny-users deny = yes driver = passwd-file } passdb { driver = pam } plugin { fts = squat fts_squat = partial=4 full=10 } protocols = imap ssl_cert = References: <4FE738E9.6040706@metaways.de> <4FE84DF7.7030707@Media-Brokers.com> <4FE85FD4.8090708@metaways.de> <4FEB0645.6000302@metaways.de> <1340866409.25551.72.camel@innu> <4FEC01D8.6010405@metaways.de> Message-ID: <4FEC3915.9010304@metaways.de> On 28/06/12 09:03, Reinhard Vicinus wrote: >>> and afterwards: >>> >>> /usr/bin/doveadm -o imapc_user=user at example.org -o >>> imapc_password=imappw >>> -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o >>> imapc_port=18143 -D -v backup -R -f -u user at example.org imapc: >>> >>> dsync(user at example.org): Error: Mailbox INBOX changed its GUID >>> (c92f64f79f0d1ed01e6d5b314f04886c -> 54c23c119d04eb4f005100004f99b03d) >>> dsync(user at example.org): Error: msg iteration failed: Couldn't open >>> mailbox c92f64f79f0d1ed01e6d5b314f04886c >> Bug/"feature" .. you could try if running with >> "imapc:/tmp/imapc-username" instead of "imapc:" helps. > This works also without problems. So thanks for your help because this > solves my problem. Let me know if i should test something more. > Sorry, I either made a mistake in my test setup or i can't reproduce it, but adding imapc:/tmp/imapc-username instead of imapc: doesn't help. I have circumvented my problem by changing the quota values directly in the database in my migration process. But there is the following difference between using imapc:/tmp/imapc-username and plain imapc: if i backup a single, on both servers empty mailbox with different guids from the non dovecot imap server to the dovecot imap server, then plain imapc: throws some errors but works, imapc:/tmp/imapc-username throws more errors and only deletes the mailbox on the destination. Test setup is as follow: Both accounts don't contain a mailbox Test1: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 /usr/bin/doveadm mailbox status -u user at example.org all Test1 Create Mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test1 Create Mailbox Test1 on the dovecot server: doveadm mailbox create -u user at example.org Test1 List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test1 Test1 messages=0 recent=0 uidnext=1 uidvalidity=1340879819 unseen=0 highestmodseq=1 vsize=0 guid=a8076214cb33ec4f396700004f99b03d Start Backup with imapc:/tmp/user: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test1 imapc:/tmp/user dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox 0f6e69ad71659995677b43f8a8312025 dsync(user at example.org): Error: Failed to sync mailbox Test1: Mailbox doesn't exist: Test1 dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a8076214cb33ec4f396700004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a8076214cb33ec4f396700004f99b03d List the status of mailbox Test1 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test1 Test1 messages=0 recent=0 uidnext=0 uidvalidity=87991 unseen=0 highestmodseq=0 vsize=0 guid=0f6e69ad71659995677b43f8a8312025 List the status of mailbox Test1 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org all Test1 result: the mailbox Test1 on the dovecot server got deleted. with plain imapc: copying works but there are also still error messages: Create Mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox create -u user at example.org Test2 Create Mailbox Test2 on the dovecot server: doveadm mailbox create -u user at example.org Test2 List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=1340879820 unseen=0 highestmodseq=1 vsize=0 guid=a19eee292435ec4f676a00004f99b03d Start Backup with imapc: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 backup -R -f -u user at example.org -m Test2 imapc: dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: msg iteration failed: Couldn't open mailbox a19eee292435ec4f676a00004f99b03d dsync(user at example.org): Error: Trying to open a non-listed mailbox with guid=a19eee292435ec4f676a00004f99b03d List the status of mailbox Test2 on the imapc server: /usr/bin/doveadm -o imapc_user=user at example.org -o imapc_password=imappw -o imapc_host=local-mailbox -o imapc_features=rfc822.size -o imapc_port=18143 -o mail=imapc: mailbox status -u user at example.org all Test2 Test2 messages=0 recent=0 uidnext=0 uidvalidity=87993 unseen=0 highestmodseq=0 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e List the status of mailbox Test2 on the dovecot server: /usr/bin/doveadm mailbox status -u user at example.org Test2 Test2 messages=0 recent=0 uidnext=1 uidvalidity=87993 unseen=0 highestmodseq=1 vsize=0 guid=c0fd4ba8bd514c5c43ab9a897c8c014e If instead of a normal Mailbox the special mailbox INBOX is used there are still more errors and both ways don't work. I think because backup isn't able to delete the mailbox INBOX on the destination site. So i'll make sure that when i migrate an account the mail destination is really empty. From a.kostyrev at serverc.ru Thu Jun 28 15:01:54 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:01:54 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Hello! somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. Does anybody in here actually use this setup? I've decided to give it a try, but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. thanks! From lists at wildgooses.com Thu Jun 28 15:15:09 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:15:09 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> Message-ID: <4FEC4ACD.20104@wildgooses.com> On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:22:41 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:22:41 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: > Note that you wouldn't get anything back from a similar fail of a RAID10 > array either (unless we are talking temporary removal and re-insertion?) use multiple RAID1 arrays, 2 drives each, one filesystem each. From a.kostyrev at serverc.ru Thu Jun 28 15:32:47 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Thu, 28 Jun 2012 23:32:47 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> >Note that you wouldn't get anything back from a similar fail of a RAID10 array either I wasn't aware of it, that's interesting. >(unless we are talking temporary removal and re-insertion?) nope, I'm talking about complete pair's crash when two disks die. I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but when we have 12 or 24 disks in storage... -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Ed W Sent: Thursday, June 28, 2012 11:15 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: > Hello! > > somewhere in maillist I've seen RAID1+md concat+XFS being promoted as mailstorage. > Does anybody in here actually use this setup? > > I've decided to give it a try, > but ended up with not being able to recover any data off survived pairs from linear array when _the_first of raid1 pairs got down. > This is the configuration endorsed by Stan Hoeppner. His description of the benefits is quite compelling, but real world feedback is interesting to achieve. Note that you wouldn't get anything back from a similar fail of a RAID10 array either (unless we are talking temporary removal and re-insertion?) Ed W From wojtek at wojtek.tensor.gdynia.pl Thu Jun 28 15:46:36 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Thu, 28 Jun 2012 14:46:36 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: >> (unless we are talking temporary removal and re-insertion?) > nope, I'm talking about complete pair's crash when two disks die. > I do understand that's the possibility of such outcome (when two disks in the same pair crash) is not high, but > when we have 12 or 24 disks in storage... then may 6-12 filesystems. overall probability of double disk failure is same, but you will loose 1/6-1/12 of data. > From lists at wildgooses.com Thu Jun 28 15:56:46 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 13:56:46 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> Message-ID: <4FEC548E.4030405@wildgooses.com> On 28/06/2012 13:46, Wojciech Puchar wrote: >>> (unless we are talking temporary removal and re-insertion?) >> nope, I'm talking about complete pair's crash when two disks die. >> I do understand that's the possibility of such outcome (when two >> disks in the same pair crash) is not high, but >> when we have 12 or 24 disks in storage... > > then may 6-12 filesystems. overall probability of double disk failure > is same, but you will loose 1/6-1/12 of data. But the compromise is that you gain the complexity of maintaining more filesystems and needing to figure out how to split your data across multiple filesystems The options today however seem to be only: - RAID6 (suffers slow write speeds, especially for smaller files) - RAID1 pairs with striping (raid0) over the top. (doesn't achieve max speeds for small files. 2 disk failures a problem. No protection against "silent corruption" of 1 disk) - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg md-linear+XFS / BTRFS. With the filesystem aware of the underlying arrangement it can theoretically optimise file placement and dramatically increase write speeds for small files in the same manner that RAID-0 theoretically achieves. (However, still no protection against "silent" single drive corruption unless btrfs perhaps adds this in the future?) So given the statistics show us that 2 disk failures are much more common than we expect, and that "silent corruption" is likely occurring within (larger) real world file stores, there really aren't many battle tested options that can protect against this - really only RAID6 right now and that has significant limitations... RAID1+XFS sounds very interesting. Curious to hear some failure testing on this now. Also I'm watching btrfs with a 12 month+ view Cheers Ed W From a.kostyrev at serverc.ru Thu Jun 28 16:06:07 2012 From: a.kostyrev at serverc.ru (=?koi8-r?B?68/T1NnSxdcg4czFy9PBzsTSIOHMxcvTxcXXyd4=?=) Date: Fri, 29 Jun 2012 00:06:07 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> >- RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >md-linear+XFS / BTRFS. With the filesystem aware of the underlying >arrangement it can theoretically optimise file placement and >dramatically increase write speeds for small files in the same manner >that RAID-0 theoretically achieves. (However, still no protection >against "silent" single drive corruption unless btrfs perhaps adds this >in the future?) not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. From mailinglist at august.de Thu Jun 28 17:36:46 2012 From: mailinglist at august.de (mailinglist) Date: Thu, 28 Jun 2012 16:36:46 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: <20120627184736.GA7546@daniel.localdomain> References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: Am 2012-06-27 20:47, schrieb Daniel Parthey: > Rolf wrote: >> LMTP would be new to me and I fear just other hard-to-understand >> configuration topics. > > LMTP (Lightweight Message Transfer Protocol) is really simple, > similar to SMTP, but immediately returns a status code which > tells whether the delivery has been successful or not. > > I encourage you to read this HOWTO: > http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > Dovecot listens and accepts mails on the LMTP service port, > postfix delivers mails directly into this LMTP service port. > > Since it is an additional service, you should be able to try > it first, without interfering with your deliver functionality. > > Here you can read, how the LMTP communication looks like: > http://de.wikipedia.org/wiki/LMTP > > Regards > Daniel Yes, Daniel, thank you. I had found this pieces from your privious mail. I understand that LMTP is an alternative to SMTP when it comes to mail communication inside a server or a local network. I understand that LMTP is newer. But if you look at incoming mail via SMTP on socket 25 and than look at the mail via roundcoube (communicating with dovecot) what is the difference and why should I care? That is - if I introduce LMTP - postfix will talk to dovecot by a different protocol. Correct? Will dovecot change its behavior? As I am not an SMTP insider (never did SMTP using telnet) I hardly understand what this change could do to my problem. Wouldn't dovecot LDA "deliver" still try to change the INBOX and will have access problems that I do not understand? Do you have a link for me, explaining what "deliver" does with a mail that is not subject to any of the "fileinto" of a sieve filter? What user accounts are involved in that function? Why does it not work with the Debian default that a user is not a member of the group "mail" that is assigned to their INBOX? (If this is part of the problem what I do not know for sure, yet.) From garyamort at gmail.com Thu Jun 28 17:43:29 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 10:43:29 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services Message-ID: I did some searching in the mail archives and didn't see any discussion of integration with AWS, so I wanted to through out my thoughts/plans and see if it has been done before. I am setting up my own personal website on EC2 along with an email server, and I really don't like the idea of using the disk drive as permanent mail storage. EBS is too small instance storage is ephermeral. Looking over the docs, the dbox format seems most easily copied for my needs. http://wiki2.dovecot.org/MailboxFormat/dbox To make life easy, I'll stick with just single-dbox as a start, however multi-dbox would be doable. With dbox, the only thing that I need to change is the alternate storage model: "An upshot of the way alternate storage works is that any given storage file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can only appear *either* in the primary storage area *or* the alternate storage area but not both ? if the corresponding file appears in both areas then there is an inconsistency." First I want to add AWS S3 as a storage option for alternate storage. Then instead of the above model, the new model would be that email is always stored in alternate storage, and may be in primary storage. So, when mail comes in, I'd have Dovecot save the email to the alternate storage S3 bucket and update the indexs and other information[ideally, for convenience purposes, a few bits of relevant indexing information can be stored as metadata in the S3 object - sufficient so that instead of retrieving the entire S3 object, just the meta data can be pulled to build indexes. When a client attempts to retrieve an email message, Dovecot would check primary storage as it does now, if the message is not found than it will retrieve it from the alternate storage system AND store a copy in the primary storage. Primary storage can be periodically purged, have quota's to keep it from growing too large, etc. In this way, primary storage can be viewed as a message cache, just keeping the messages that are currently of interest, while S3 is the real data. [Ideally, this can be expanded so that when a message comes in, in addition to storing a copy in S3, an AWS SNS notification can be issued so if multiple IMAP servers are running, they can all subscribe to the same SNS channel and update themselves as needed]. This give me unlimited disk storage at S3 prices, I would even like to be able to set a few options based on the folder, so I can enable versioning on important message folders, use the even cheaper reduced redundancy storage for archives, and set expiration dates on email in the trash and spam folders so S3 will automatically purge the messages after a month. Secondly, I'd like to replace the Mysql database usage with a simpleDB database. While simpleDB lacks much of MySQL's sophistication, it doesn't seem that Dovecot is really using any of that, so simpleDB can be functionally equivalent. The primary purpose of using simpleDB is that this way the entire Dovecot system can be ephermeral. When a properly configured dovecot AMI is launched, it will start up, pull it's config data from an S3 bucket, subscribe to the SNS channel for new updates, and then start the Dovecot server. It won't care if it is the only Dovecot server, or if there are 500 other servers running. They all share the same simpleDB database. Whenever any change is made that is relevant to server configuration, a notice is generated to SNS, and all the email is stored in S3. As a starting point, I'm thinking the best place for me to start coding is the single-s3-dbox message store as it has the least moving parts[mainly just fix up the save function to run the way I need it to, and the retrieve function to make a local copy of any incoming email...additional metadata functionality can be added later]. Has anyone else been working on something similar? -Gary From lists at wildgooses.com Thu Jun 28 19:20:26 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 17:20:26 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> Message-ID: <4FEC844A.9090302@wildgooses.com> On 28/06/2012 14:06, ???????? ????????? ?????????? wrote: >> - RAID1 pairs, plus some kind of intelligent overlay filesystem, eg >> md-linear+XFS / BTRFS. With the filesystem aware of the underlying >> arrangement it can theoretically optimise file placement and >> dramatically increase write speeds for small files in the same manner >> that RAID-0 theoretically achieves. (However, still no protection >> against "silent" single drive corruption unless btrfs perhaps adds this >> in the future?) > not only "silent" single drive corruption problem but as I stated in start of topic - crash of first pair. > Bad things are going to happen if you loose a complete chunk of your filesystem. I think the current state of the world is that you should assume that realistically you will be looking to your backups if you loose the wrong 2 disks in a raid1 or raid10 array. However, the thing which worries me more with multidisk arrays is accidental disconnection of multiple disks, eg backplane fails, or a multi-lane connector is accidently unplugged. Linux MD raid often seems to have the ability to reconstruct arrays after such accidents. I don't have more recent experience with hardware controller arrays, but I have (sadly) found that such a situation is terminal on some older hardware controllers... Interested to hear other failure modes (and successful rescues) from RAID1+linear+XFS setups? Cheers Ed W From CMarcus at Media-Brokers.com Thu Jun 28 19:54:38 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 12:54:38 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC844A.9090302@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> Message-ID: <4FEC8C4E.1020209@Media-Brokers.com> On 2012-06-28 12:20 PM, Ed W wrote: > Bad things are going to happen if you loose a complete chunk of your > filesystem. I think the current state of the world is that you should > assume that realistically you will be looking to your backups if you > loose the wrong 2 disks in a raid1 or raid10 array. Which is a very good reason to have at least one hot spare in any RAID setup, if not 2. RAID10 also statistically has a much better chance of surviving a multi drive failure than RAID5 or 6, because it will only die if two drives in the same pair fail, and only then if the second one fails before the hot spare is rebuilt. -- Best regards, Charles From tss at iki.fi Thu Jun 28 20:14:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:14:29 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 17.43, Gary Mort wrote: > http://wiki2.dovecot.org/MailboxFormat/dbox > > To make life easy, I'll stick with just single-dbox as a start, however > multi-dbox would be doable. > > With dbox, the only thing that I need to change is the alternate storage > model: > "An upshot of the way alternate storage works is that any given storage > file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can > only appear *either* in the primary storage area *or* the alternate storage > area but not both ? if the corresponding file appears in both areas then > there is an inconsistency." Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > First I want to add AWS S3 as a storage option for alternate storage. > > Then instead of the above model, the new model would be that email is > always stored in alternate storage, and may be in primary storage. So, > when mail comes in, I'd have Dovecot save the email to the alternate > storage S3 bucket and update the indexs and other information[ideally, for > convenience purposes, a few bits of relevant indexing information can be > stored as metadata in the S3 object - sufficient so that instead of > retrieving the entire S3 object, just the meta data can be pulled to build > indexes. The indexes have to be in primary storage. > When a client attempts to retrieve an email message, Dovecot would check > primary storage as it does now, if the message is not found than it will > retrieve it from the alternate storage system AND store a copy in the > primary storage. I think the storing wouldn't be very useful. Most clients download the message once. There's no reason to cache it if it doesn't get downloaded again. The way it should work that new mails are immediately delivered to both primary and alt storage. > Secondly, I'd like to replace the Mysql database usage with a simpleDB > database. While simpleDB lacks much of MySQL's sophistication, it doesn't > seem that Dovecot is really using any of that, so simpleDB can be > functionally equivalent. Dovecot will probably get Redis and/or memcache backend for passdb+userdb. If simpledb is similar key-value database I guess the same code could be used partially. From tss at iki.fi Thu Jun 28 20:21:31 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:21:31 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> On 28.6.2012, at 20.14, Timo Sirainen wrote: >> "An upshot of the way alternate storage works is that any given storage >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >> only appear *either* in the primary storage area *or* the alternate storage >> area but not both ? if the corresponding file appears in both areas then >> there is an inconsistency." > > Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. Hmm. Although looking at the mdbox index rebuilding code: /* duplicate file. either readdir() returned it twice (unlikely) or it exists in both alt and primary storage. to make sure we don't lose any mails from either of the files, give this file a new ID and rename it. */ It probably shouldn't be doing that. sdbox isn't doing that: /* we were supposed to open the file in alt storage, but it exists in primary storage as well. skip it to avoid adding it twice. */ From tss at iki.fi Thu Jun 28 20:38:17 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 20:38:17 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 20.21, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > >>> "An upshot of the way alternate storage works is that any given storage >>> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) can >>> only appear *either* in the primary storage area *or* the alternate storage >>> area but not both ? if the corresponding file appears in both areas then >>> there is an inconsistency." >> >> Whoever wrote that wasn't exactly correct (or clear). There's no problem having the same file in both primary and alt storage. Only if the files are different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. Hmm. I already implemented this by having it ignore the problem if the files have the same sizes, but then started wondering if there's really any point in doing that. m.* files can be appended to later, and altmoving always creates files with new numbers, and even if it does renaming there's duplicate suppression, so .. I guess there wasn't any point in doing that after all. From garyamort at gmail.com Thu Jun 28 20:55:50 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 13:55:50 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On Thu, Jun 28, 2012 at 1:14 PM, Timo Sirainen wrote: > On 28.6.2012, at 17.43, Gary Mort wrote: > > First I want to add AWS S3 as a storage option for alternate storage. > > > > Then instead of the above model, the new model would be that email is > > always stored in alternate storage, and may be in primary storage. So, > > when mail comes in, I'd have Dovecot save the email to the alternate > > storage S3 bucket and update the indexs and other information[ideally, > for > > convenience purposes, a few bits of relevant indexing information can be > > stored as metadata in the S3 object - sufficient so that instead of > > retrieving the entire S3 object, just the meta data can be pulled to > build > > indexes. > > The indexes have to be in primary storage. > > True, but the data they are based on I'm assuming does not include the full email message, just a few key pieces: uniqueid, subject, from, to, etc. For an always running server, the indexes are always up to date in primary. For a server starting up with no index data, it will need to rebuild the index information[or for a second server running when new email has been delivered]. As such, rather then download every single email message just for a few bits of key info, I can run a re-index process to pull just the meta information and grab the data from there. > > When a client attempts to retrieve an email message, Dovecot would check > > primary storage as it does now, if the message is not found than it will > > retrieve it from the alternate storage system AND store a copy in the > > primary storage. > > I think the storing wouldn't be very useful. Most clients download the > message once. There's no reason to cache it if it doesn't get downloaded > again. The way it should work that new mails are immediately delivered to > both primary and alt storage. > > I've got tons of space - so I don't mind having 750MB or so for primary email message storage. If I can track how many times a message was actually read, over time I can get an idea of how I use it and setup the primary storage purge rules accordingly. > > Secondly, I'd like to replace the Mysql database usage with a simpleDB > > database. While simpleDB lacks much of MySQL's sophistication, it > doesn't > > seem that Dovecot is really using any of that, so simpleDB can be > > functionally equivalent. > > Dovecot will probably get Redis and/or memcache backend for passdb+userdb. > If simpledb is similar key-value database I guess the same code could be > used partially. > > simpleDB is more like SQLLITE: "Amazon SimpleDB is a highly available and flexible non-relational data store that offloads the work of database administration. Developers simply store and query data items via web services requests and Amazon SimpleDB does the rest." http://aws.amazon.com/simpledb/ Data model: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/DataModel.html Domain == Table Item == row ItemName == primary key Attributes == column Value == data in column[multi value, so there can be multiple values for an attribute of an item] There is no built in key relationship between data, it's just one big flat table. Columns/Attributes only have 2 types, string or integer You query the data like an SQL table: http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html Because there are no dates, it's best to store dates as UTC timestamps which are integers and can then be compared against numerically. The datastore is spread over multiple Amazon data servers and can take up to a second to sync, so there are two methods of querying the data. Default: eventually consistent read: get the data quickly Optional: consistent read: check /all/ datastores and get the latest data Since the data in simpleDB may not be updated frequently, a simple hack using the notification system could be: Before updating simpleDB send SNS notice that the data is being updated and where[domain, user, config] Update Data After updating simpleDB send SNS notice that the update is complete Other servers running can record data updating notices in memory and expire them in about 15 seconds. For any queries they want to make for that type of data in the next 15 seconds, they will use consistent read. The nice thing about using S3 and simpleDB is that I can completely skip a lot of steps in replication/distributed services as it is all handled already. And one can always take one set of api calls and substitute another for a different notification system, distributed database, and cloud file storage. From tss at iki.fi Thu Jun 28 21:04:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:04:55 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: Message-ID: On 28.6.2012, at 20.55, Gary Mort wrote: >> The indexes have to be in primary storage. >> > True, but the data they are based on I'm assuming does not include the full > email message, just a few key pieces: > uniqueid, subject, from, to, etc. > > For an always running server, the indexes are always up to date in primary. > > For a server starting up with no index data, it will need to rebuild the > index information[or for a second server running when new email has been > delivered]. > As such, rather then download every single email message just for a few > bits of key info, I can run a re-index process to pull just the meta > information and grab the data from there. With sdbox you can't lose index files without also losing all message flags. And in general sdbox assumes that indexes are always up to date. >>> When a client attempts to retrieve an email message, Dovecot would check >>> primary storage as it does now, if the message is not found than it will >>> retrieve it from the alternate storage system AND store a copy in the >>> primary storage. >> >> I think the storing wouldn't be very useful. Most clients download the >> message once. There's no reason to cache it if it doesn't get downloaded >> again. The way it should work that new mails are immediately delivered to >> both primary and alt storage. >> >> > I've got tons of space - so I don't mind having 750MB or so for primary > email message storage. If I can track how many times a message was > actually read, over time I can get an idea of how I use it and setup the > primary storage purge rules accordingly. I'd be interested in knowing what those statistics will end up looking like. My guess is that it's not worth coding such feature, but of course some real world data would be better than my guesses :) >>> Secondly, I'd like to replace the Mysql database usage with a simpleDB >>> database. While simpleDB lacks much of MySQL's sophistication, it >> doesn't >>> seem that Dovecot is really using any of that, so simpleDB can be >>> functionally equivalent. >> >> Dovecot will probably get Redis and/or memcache backend for passdb+userdb. >> If simpledb is similar key-value database I guess the same code could be >> used partially. >> >> > simpleDB is more like SQLLITE: .. > You query the data like an SQL table: > http://docs.amazonwebservices.com/AmazonSimpleDB/latest/DeveloperGuide/UsingSelect.html OK, so that would mean implementing lib-sql driver for SimpleDB and use sql passdb/userdb. From garyamort at gmail.com Thu Jun 28 21:04:51 2012 From: garyamort at gmail.com (Gary Mort) Date: Thu, 28 Jun 2012 14:04:51 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On Thu, Jun 28, 2012 at 1:21 PM, Timo Sirainen wrote: > On 28.6.2012, at 20.14, Timo Sirainen wrote: > > >> "An upshot of the way alternate storage works is that any given storage > >> file (mailboxes//dbox-Mails/u.* (sdbox) or storage/m.* (mdbox)) > can > >> only appear *either* in the primary storage area *or* the alternate > storage > >> area but not both ? if the corresponding file appears in both areas then > >> there is an inconsistency." > > > > Whoever wrote that wasn't exactly correct (or clear). There's no problem > having the same file in both primary and alt storage. Only if the files are > different there's a problem, but that shouldn't happen.. > > Hmm. Although looking at the mdbox index rebuilding code: > > /* duplicate file. either readdir() returned it twice > (unlikely) or it exists in both alt and primary storage. > to make sure we don't lose any mails from either of the > files, give this file a new ID and rename it. */ > > It probably shouldn't be doing that. sdbox isn't doing that: > > /* we were supposed to open the file in alt storage, but it > exists in primary storage as well. skip it to avoid > adding > it twice. */ > > That's probably due to the different structures they use. sdbox can safely use either because each email message has a unique filename, and if it exists in both places it doesn't matter. mdbox though is different, multiple messages are stored in a single file. The index indicates in which file each message is located. When the data is moved to alt storage, the filename can change in which case the index is updated. IE: Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 along comes archiving and the new format is: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Since the archive rules can be based on a lot of different scenarios[and a message can even be archived from the command line], the filenames between Primary and Alternate are not the same - and in fact the same filename in each place could have different messages. For example: if messages are archived when a user sets an imap flag on them. So with the way it's written now, it's not possible to have a simple fallback by filename. It would be possible if the naming convention was strictly enforced, ie after archiving you have: Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 Primary/Msg06282012 -- contains Msg007, Msg009 Primary/Msg06272012 -- contains Msg004, Msg006 Primary/Msg06262012 -- contains Msg003 Alt/Msg06282012 -- contains Msg008 Alt/Msg06272012 -- contains Msg005 Alt/Msg06262012 -- contains Msg001, Msg002 Now the index can simply say what file a message is in and doesn't have to specify primary or secondary, and the primary file with that name can be checked first, and then if it is not there check the alternate. From tss at iki.fi Thu Jun 28 21:12:30 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Jun 2012 21:12:30 +0300 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: On 28.6.2012, at 21.04, Gary Mort wrote: > mdbox though is different, multiple messages are stored in a single file. > The index indicates in which file each message is located. When the data > is moved to alt storage, the filename can change in which case the index is > updated. > IE: > Primary/Msg06282012 -- contains Msg007, Msg008, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg005, Msg006 > Primary/Msg06262012 -- contains Msg001, Msg002, Msg003 > > along comes archiving and the new format is: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06292012 00 contains Msg001, Msg002, Msg005, Msg008 Yes, doveadm altmove works like this now. > Since the archive rules can be based on a lot of different scenarios[and a > message can even be archived from the command line], the filenames between > Primary and Alternate are not the same - and in fact the same filename in > each place could have different messages. For example: if messages are > archived when a user sets an imap flag on them. There shouldn't normally ever be a situation where the same filename is used in both storages, because every time a new file is created to either of the storages a new unique number is used. > So with the way it's written now, it's not possible to have a simple > fallback by filename. > > It would be possible if the naming convention was strictly enforced, ie > after archiving you have: > Primary/Msg06292012 -- contains Msg010, Msg011, Msg012 > Primary/Msg06282012 -- contains Msg007, Msg009 > Primary/Msg06272012 -- contains Msg004, Msg006 > Primary/Msg06262012 -- contains Msg003 > Alt/Msg06282012 -- contains Msg008 > Alt/Msg06272012 -- contains Msg005 > Alt/Msg06262012 -- contains Msg001, Msg002 > > Now the index can simply say what file a message is in and doesn't have to > specify primary or secondary, and the primary file with that name can be > checked first, and then if it is not there check the alternate. This already works like that in the reading side. If you did altmoving by "mv m.123 /altstorage/..." instead of doveadm it would work. From jeep at rahul.net Thu Jun 28 21:15:20 2012 From: jeep at rahul.net (Jeff Lacki) Date: Thu, 28 Jun 2012 11:15:20 -0700 Subject: [Dovecot] Setting up mixed mbox and maildir In-Reply-To: <1340840055.2391.26.camel@amito> References: <1340742900.2495.14.camel@amito> <1340745560.2495.27.camel@amito> <5B14BB9D-490F-49F6-B647-D69F26DAE888@iki.fi> <1340840055.2391.26.camel@amito> Message-ID: <20120628181520.311C116D3CF@maya.rahul.net> Jonathan Ryshpan wrote: > Quite right; this comes from a reading of pages in both wiki1 and wiki2. > I now surmise that this isn't a good idea since wiki1 describes v1.x > and wiki2 describes v2.x, which have different syntaxes (syntaces?). Is > all this correct? I too had a very hard time figuring out what was what in the new wiki for 2.1.7 and still havent figured it out and gave up since Ive had no time to get back into it. I had already spent 2-3 full days (in my spare time) trying to figure out the permissions nightmare in the logs. I was only able to get mbox working so I gave up and went on to my next issue, getting it to work with my iphone. My iphone 4 is not even connecting to dovecot imap/imaps on 993 when I tried to set that up. Nothing in the logs, such frustration across the board. Jeff /mf/home/jeep/shell/.signature From CMarcus at Media-Brokers.com Thu Jun 28 22:28:08 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 15:28:08 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> Message-ID: <4FECB048.9070205@Media-Brokers.com> On 2012-06-28 2:04 PM, Gary Mort wrote: > That's probably due to the different structures they use. sdbox > can safely use either because each email message has a unique > filename, and if it exists in both places it doesn't matter. Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT like maildir (one email = one file). > mdbox though is different, multiple messages are stored in a single > file. The diff between mdbox and sdbox is sdbox puts all messages for any given mailbox/folder in one sdbox file (just like mbox). Sdbox has a setting for the max filesize of the dbox file, and once an mdbox file exceeds that size, it creates a new mdbox file to start adding messages to. -- Best regards, Charles From acrow at integrafin.co.uk Thu Jun 28 23:22:09 2012 From: acrow at integrafin.co.uk (Alex Crow) Date: Thu, 28 Jun 2012 21:22:09 +0100 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECB048.9070205@Media-Brokers.com> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> Message-ID: <4FECBCF1.1050108@integrafin.co.uk> On 28/06/12 20:28, Charles Marcus wrote: > On 2012-06-28 2:04 PM, Gary Mort wrote: >> That's probably due to the different structures they use. sdbox >> can safely use either because each email message has a unique >> filename, and if it exists in both places it doesn't matter. > > Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT > like maildir (one email = one file). > Not according to the wiki: http://wiki2.dovecot.org/MailboxFormat/dbox dbox can be used in two ways: single-dbox (sdbox in mail location): One message per file, similar to Maildir. For backwards compatibility, dbox is an alias to sdbox in mail_location. multi-dbox (mdbox in mail location): Multiple messages per file, but unlike mbox multiple files per mailbox. So the parent appears to be right. Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. "Transact" is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 5300 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) From lists at wildgooses.com Thu Jun 28 23:35:40 2012 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Jun 2012 21:35:40 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC8C4E.1020209@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> Message-ID: <4FECC01C.90303@wildgooses.com> On 28/06/2012 17:54, Charles Marcus wrote: > On 2012-06-28 12:20 PM, Ed W wrote: >> Bad things are going to happen if you loose a complete chunk of your >> filesystem. I think the current state of the world is that you should >> assume that realistically you will be looking to your backups if you >> loose the wrong 2 disks in a raid1 or raid10 array. > > Which is a very good reason to have at least one hot spare in any RAID > setup, if not 2. > > RAID10 also statistically has a much better chance of surviving a > multi drive failure than RAID5 or 6, because it will only die if two > drives in the same pair fail, and only then if the second one fails > before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Search google for a recent very helpful expose on this. Basically RAID10 can sometimes tolerate multi-drive failure, but on average raid6 appears less likely to trash your data, plus under some circumstances it better survives recovering from a single failed disk in practice The executive summary is something like: when raid5 fails, because at that point you effectively do a raid "scrub" you tend to suddenly notice a bunch of other hidden problems which were lurking and your rebuild fails (this happened to me...). RAID1 has no better bad block detection than assuming the non bad disk is perfect (so won't spot latent unscrubbed errors), and again if you hit a bad block during the rebuild you loose the whole of your mirrored pair. So the vulnerability is not the first failed disk, but discovering subsequent problems during the rebuild. This certainly correlates with my (admittedly limited) experiences. Disk array scrubbing on a regular basis seems like a mandatory requirement (but how many people do..?) to have any chance of actually repairing a failing raid1/5 array Digressing, but it occurs there would be a potentially large performance improvement if spinning disks could do a read/rewrite cycle with the disk only moving a minimal distance (my understanding is this can't happen at present without a full revolution of the disk). Then you could rewrite parity blocks extremely quickly without re-reading a full stripe... Anyway, challenging problem and basically the observation is that large disk arrays are going to have a moderate tail risk of failure whether you use raid10 or raid5 (raid6 giving a decent practical improvement in real reliability, but at a cost in write performance). Cheers Ed W From CMarcus at Media-Brokers.com Fri Jun 29 00:06:37 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 28 Jun 2012 17:06:37 -0400 Subject: [Dovecot] Integrating Dovecot with Amazon Web Services In-Reply-To: <4FECBCF1.1050108@integrafin.co.uk> References: <3FE12DB2-33DF-4D84-86F0-BDCF3A25A5BB@iki.fi> <4FECB048.9070205@Media-Brokers.com> <4FECBCF1.1050108@integrafin.co.uk> Message-ID: <4FECC75D.4000209@Media-Brokers.com> On 2012-06-28 4:22 PM, Alex Crow wrote: > On 28/06/12 20:28, Charles Marcus wrote: >> On 2012-06-28 2:04 PM, Gary Mort wrote: >>> That's probably due to the different structures they use. sdbox >>> can safely use either because each email message has a unique >>> filename, and if it exists in both places it doesn't matter. >> Eh?? Sdbox is like mbox - one file per mailbox/folder... it is NOT >> like maildir (one email = one file). > Not according to the wiki: > > http://wiki2.dovecot.org/MailboxFormat/dbox > > dbox can be used in two ways: > > single-dbox (sdbox in mail location): One message per file, > similar to Maildir. For backwards compatibility, dbox is an alias to > sdbox in mail_location. Now how the heck did I remember that so wrong?? Oh well, thanks for the correction... Sorry, OP... -- Best regards, Charles From kgc at corp.sonic.net Fri Jun 29 01:45:23 2012 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Thu, 28 Jun 2012 15:45:23 -0700 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC548E.4030405@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> Message-ID: <4FECDE83.4090007@corp.sonic.net> On 06/28/12 05:56, Ed W wrote: > So given the statistics show us that 2 disk failures are much more > common than we expect, and that "silent corruption" is likely occurring > within (larger) real world file stores, there really aren't many battle > tested options that can protect against this - really only RAID6 right > now and that has significant limitations... Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for spools? Sorry if I've missed it and this has already come up. We're using Netapp/NFS, and are likely to continue to do so but still curious. -K From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 04:39:38 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 03:39:38 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FEC020E.9020802@um.es> References: <4FEAEA11.1070900@um.es> <771798ED-3DAF-4C23-937C-FD9B775B8972@iki.fi> <4FEC020E.9020802@um.es> Message-ID: <20120629013938.GA8957@daniel.localdomain> Angel L. Mateo wrote: > El 27/06/12 14:24, Timo Sirainen escribi?: > >On 27.6.2012, at 14.10, Angel L. Mateo wrote: > >>We have dovecot configured with auth cache. > >> Is there any way to remove a specific entry (not all) from this cache? > > Nope. What do you need it for? > Because information for users sometimes changes. We for example, define the per-user quota via mysql userdb and it needs to be updated in a timely manner, after it has been changed in the database via a web interface. Since we are using a pre-fetch userdb from mysql (which uses the same mysql database as the passdb), we were required to reduce the auth cache ttl to one minute in order to ensure timely quota updates. It would be good if there was some mechanism to detect or force such changes without having to reduce caching time to one minute. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 05:01:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 05:01:53 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <1340865829.25551.64.camel@innu> References: <1340865829.25551.64.camel@innu> Message-ID: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> On 28.6.2012, at 9.43, Timo Sirainen wrote: > It would be possible to add a doveadm command for this.. I think the > main reason why I already didn't do it last time I was asked this was > because I wanted to use "doveadm auth cache flush" or something similar > as the command, but there already exists "doveadm auth" command and > "cache flush" would be treated as username=cache password=flush :( > > Anyone have thoughts on a better doveadm command name? Or should I just > break it and have v2.2 use "doveadm auth check" or something for the old > "doveadm auth" command? Perhaps for v2.2: doveadm auth test [] doveadm auth cache flush [] doveadm auth cache stats and for v2.1 a bit kludgy way: doveadm auth [] doveadm auth cache flush [] so you couldn't test authentication against "cache" user, but that's probably not a problem. From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 05:18:26 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 04:18:26 +0200 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> Message-ID: <20120629021826.GA10148@daniel.localdomain> Timo Sirainen wrote: > On 28.6.2012, at 9.43, Timo Sirainen wrote: > Perhaps for v2.2: > > doveadm auth test [] > doveadm auth cache flush [] > doveadm auth cache stats > > and for v2.1 a bit kludgy way: > > doveadm auth [] > doveadm auth cache flush [] > > so you couldn't test authentication against "cache" user, but that's probably not a problem. Hi there, wouldn't it be better to use a syntax similar to other doveadm commands, with labels for all arguments? doveadm auth test -u -p [] doveadm auth cache flush -u [] doveadm auth cache stats This will allow you to syntactically distinguish "commands" from "arguments". Otherwise you might run into the same "kludgy" syntax problem again, as soon as the number of subcommands changes. Regards Daniel -- https://plus.google.com/103021802792276734820 From tss at iki.fi Fri Jun 29 08:32:41 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 08:32:41 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <20120629021826.GA10148@daniel.localdomain> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> Message-ID: <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> On 29.6.2012, at 5.18, Daniel Parthey wrote: > wouldn't it be better to use a syntax similar to other doveadm commands, > with labels for all arguments? > > doveadm auth test -u -p [] > doveadm auth cache flush -u [] > doveadm auth cache stats > > This will allow you to syntactically distinguish "commands" from "arguments". > Otherwise you might run into the same "kludgy" syntax problem again, as soon > as the number of subcommands changes. The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:18:53 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:18:53 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: > The executive summary is something like: when raid5 fails, because at that > point you effectively do a raid "scrub" you tend to suddenly notice a bunch > of other hidden problems which were lurking and your rebuild fails (this and no raid will protect you from every failure. You have to do backups. EOT From wojtek at wojtek.tensor.gdynia.pl Fri Jun 29 09:19:23 2012 From: wojtek at wojtek.tensor.gdynia.pl (Wojciech Puchar) Date: Fri, 29 Jun 2012 08:19:23 +0200 (CEST) Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECDE83.4090007@corp.sonic.net> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for yes. long time ago. ZFS isn't useful for anything more than a toy. I/O performance is just bad. From lists at svrinformatica.it Fri Jun 29 09:35:12 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 08:35:12 +0200 Subject: [Dovecot] auth service: out of memory Message-ID: <4FED4CA0.4010303@svrinformatica.it> Hi, I have some out of memory errors in my logs (file errors.txt attached) I'm using dovecot 2.0.19, I can see some memory leaks fix in hg after the 2.0.19 release but they seem related to imap-login service, I attached my config too, is something wrong there? Should I really increase the limit based on my settings? Can these commits fix the reported leak? http://hg.dovecot.org/dovecot-2.0/rev/6299dfb73732 http://hg.dovecot.org/dovecot-2.0/rev/67f1cef07427 Please note that the auth service is restarted when it reach the limit so no real issues, please advice thanks Nicola -------------- next part -------------- cat /var/log/mail.log | grep "Out of memory" Jun 28 11:48:24 server1 dovecot: master: Error: service(auth): child 31301 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:50:18 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:50:18 server1 dovecot: master: Error: service(auth): child 10782 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:52:43 server1 dovecot: master: Error: service(auth): child 16854 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:54:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:54:01 server1 dovecot: master: Error: service(auth): child 23378 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:55:09 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 11:55:09 server1 dovecot: master: Error: service(auth): child 28203 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:56:07 server1 dovecot: master: Error: service(auth): child 32570 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:01 server1 dovecot: auth: Fatal: block_alloc(4096): Out of memory Jun 28 11:57:01 server1 dovecot: master: Error: service(auth): child 5136 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:57:57 server1 dovecot: master: Error: service(auth): child 9245 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:58:52 server1 dovecot: master: Error: service(auth): child 13779 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 11:59:49 server1 dovecot: master: Error: service(auth): child 18260 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:01:03 server1 dovecot: auth: Fatal: pool_system_realloc(8192): Out of memory Jun 28 12:01:03 server1 dovecot: master: Error: service(auth): child 22181 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) Jun 28 12:03:24 server1 dovecot: auth: Fatal: pool_system_malloc(3144): Out of memory Jun 28 12:03:24 server1 dovecot: master: Error: service(auth): child 27253 returned error 83 (Out of memory (service auth { vsz_limit=128 MB }, you may need to increase it)) -------------- next part -------------- # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-25-generic x86_64 Ubuntu 12.04 LTS ext4 auth_cache_size = 10 M auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_worker_max_count = 128 base_dir = /var/run/dovecot/ default_process_limit = 200 default_vsz_limit = 128 M disable_plaintext_auth = no first_valid_gid = 2000 first_valid_uid = 2000 hostname = mail.example.com last_valid_gid = 2000 last_valid_uid = 2000 listen = * login_greeting = SVR ready. mail_location = maildir:/srv/panel/mail/%d/%t/Maildir mail_plugins = " quota trash autocreate" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Trash autocreate2 = Junk autocreate3 = Drafts autocreate4 = Sent autosubscribe = Trash autosubscribe2 = Junk autosubscribe3 = Drafts autosubscribe4 = Sent quota = maildir:User quota quota_rule = *:storage=300MB quota_rule2 = Trash:ignore quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/move-spam.sieve sieve_dir = ~/sieve sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M sieve_quota_max_scripts = 10 sieve_quota_max_storage = 2M trash = /etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at example.com protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = vmail mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /srv/panel/django/systemcp/systemutils/mail/quota-warning.py unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> Message-ID: <4FED55B6.1020902@um.es> El 29/06/12 07:32, Timo Sirainen escribi?: > On 29.6.2012, at 5.18, Daniel Parthey wrote: > >> wouldn't it be better to use a syntax similar to other doveadm commands, >> with labels for all arguments? >> >> doveadm auth test -u -p [] >> doveadm auth cache flush -u [] >> doveadm auth cache stats >> >> This will allow you to syntactically distinguish "commands" from "arguments". >> Otherwise you might run into the same "kludgy" syntax problem again, as soon >> as the number of subcommands changes. > > The problem was with the "auth" toplevel command not having subcommands. I don't think there are going to be any problems with subcommands. Also there are many commands already that take without the -u parameter. Actually it's only the "mail commands" that take -u parameter at all. > > Another potential problem is "doveadm user" command. I'm wondering if it might be a good idea to move it to "doveadm auth user" or "doveadm auth userdb" command. There should be also a similar "doveadm auth passdb" command that does a passdb lookup without authentication. > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From tss at iki.fi Fri Jun 29 10:19:59 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:19:59 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED4CA0.4010303@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> Message-ID: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> On 29.6.2012, at 9.35, Mailing List SVR wrote: > I have some out of memory errors in my logs (file errors.txt attached) How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. From tss at iki.fi Fri Jun 29 10:20:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:20:58 +0300 Subject: [Dovecot] Removing specific entry in user/auth cache In-Reply-To: <4FED55B6.1020902@um.es> References: <1340865829.25551.64.camel@innu> <42916718-6B7E-4632-8C61-AA8FE64D850E@iki.fi> <20120629021826.GA10148@daniel.localdomain> <774D4F65-4C61-4610-8F42-5D96172DD111@iki.fi> <4FED55B6.1020902@um.es> Message-ID: On 29.6.2012, at 10.13, Angel L. Mateo wrote: > Other command it could be usefull is to remove a temporal user-server association in director. For example, I had a downtime in one server, so users normally directed to this server is now been directed to other. Now I want a user to get back to his normal server (force it, I know we willl get back after a timeout), but I don't want to flush all user connections to the backup server. There's already doveadm director move command. From lists at svrinformatica.it Fri Jun 29 10:39:25 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:39:25 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> Message-ID: <4FED5BAD.9060605@svrinformatica.it> Il 29/06/2012 09:19, Timo Sirainen ha scritto: > On 29.6.2012, at 9.35, Mailing List SVR wrote: > >> I have some out of memory errors in my logs (file errors.txt attached) > How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. > > ps aux report this: dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth thanks Nicola From tss at iki.fi Fri Jun 29 10:45:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Jun 2012 10:45:00 +0300 Subject: [Dovecot] auth service: out of memory In-Reply-To: <4FED5BAD.9060605@svrinformatica.it> References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: On 29.6.2012, at 10.39, Mailing List SVR wrote: > Il 29/06/2012 09:19, Timo Sirainen ha scritto: >> On 29.6.2012, at 9.35, Mailing List SVR wrote: >> >>> I have some out of memory errors in my logs (file errors.txt attached) >> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >> >> > ps aux report this: > > dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth > > before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux > > dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. If you want to, you could also test with valgrind if there's a leak: service auth { executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth } You'd then need to restart the auth process to make valgrind output the leaks. From lists at svrinformatica.it Fri Jun 29 10:51:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Fri, 29 Jun 2012 09:51:42 +0200 Subject: [Dovecot] auth service: out of memory In-Reply-To: References: <4FED4CA0.4010303@svrinformatica.it> <2E07737B-D28E-486B-AD35-E86E2E12890F@iki.fi> <4FED5BAD.9060605@svrinformatica.it> Message-ID: <4FED5E8E.8070301@svrinformatica.it> Il 29/06/2012 09:45, Timo Sirainen ha scritto: > On 29.6.2012, at 10.39, Mailing List SVR wrote: > >> Il 29/06/2012 09:19, Timo Sirainen ha scritto: >>> On 29.6.2012, at 9.35, Mailing List SVR wrote: >>> >>>> I have some out of memory errors in my logs (file errors.txt attached) >>> How large is your auth process's VSZ when it starts up and has handled a couple of logins? It's possible that it's not leaking at all, you're just not giving enough memory for its normal operation. Some Linux distros nowadays build binaries that eat up a lot of VSZ immediately when they start up. >>> >>> >> ps aux report this: >> >> dovecot 7454 0.0 0.0 85980 3776 ? S 09:36 0:00 dovecot/auth >> >> before restarting dovecot the auth process was running since about 1 hour and this is the output from ps aux >> >> dovecot 25002 0.0 0.0 86112 3780 ? S 08:24 0:00 dovecot/auth > So you have 44 MB of VSZ available after startup. You also have 10 MB of auth cache, which could in reality take somewhat more than 10 MB. It doesn't leave a whole lot available for regular use. I'd increase the auth process's VSZ limit and see if it still crashes. I increased the limit to 192MB or should I set the limit to 256MB or more? I'll wait some days to see if still crash > > If you want to, you could also test with valgrind if there's a leak: > > service auth { > executable = /usr/bin/valgrind --leak-check=full -q /usr/libexec/dovecot/auth > } > > You'd then need to restart the auth process to make valgrind output the leaks. for now I prefer to avoid valgrind on a production server if the crash persist with the new limit I'll setup a test environment and I'll run valgrind there, thanks Nicola From ef at math.uni-bonn.de Fri Jun 29 12:43:31 2012 From: ef at math.uni-bonn.de (Edgar =?iso-8859-1?B?RnXf?=) Date: Fri, 29 Jun 2012 11:43:31 +0200 Subject: [Dovecot] Preferred LDAP Attribute for home/mail location Message-ID: <20120629094330.GJ58060@trav.math.uni-bonn.de> Is there, among the dovocot community, any preferred LDAP schema and attribute to use for setting the home/mail storage location? Some people seem to use the qmail schema, some a Jamm schema (whatever that is), and Markus Effinger has even created a dovecot schema (https://www.effinger.org/blog/2009/01/11/eigenes-ldap-schema-erstellen/). There may be more. I could even create my own given we have been assigned an official OID a decade ago anyway. However, sometimes I prefer to use what most other people do. I would effectively only need to store the name of the relevant NFS server. From amateo at um.es Fri Jun 29 14:02:26 2012 From: amateo at um.es (Angel L. Mateo) Date: Fri, 29 Jun 2012 13:02:26 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) Message-ID: <4FED8B42.5010701@um.es> Hello, I have discovered a strange behaviour with director proxying... I have a user, its assigned server is 155.54.211.164. The problem is that I don't know why director sent him yesterday to a different server, because my server was up all the time. Moreover, I'm using poolmon in director servers to check availability of final servers and it didn't report any problem with the server. I have two load balanced director servers. Logs at these servers are: * logs directing him to the correct backend server Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master in: PASS#0111#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=52255 Jun 28 08:38:18 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 08:38:18 myotis42 dovecot: auth: Debug: master out: PASS#0111#011user=#011proxy#011proxy_timeout=150 Jun 28 08:38:18 myotis42 dovecot: lmtp(15889): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master in: PASS#01118#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.166#011rport=40008 Jun 28 08:39:59 myotis42 dovecot: auth: Debug: static(,155.54.212.166): lookup Jun 28 08:39:59 myotis42 dovecot: auth: Debug: master out: PASS#01118#011user=#011proxy#011proxy_timeout=150 Jun 28 08:39:59 myotis42 dovecot: lmtp(15361): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.164 proxy_refresh=450 * now, the other director server sends him to an incorrect backend server Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01134556#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:12 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password Jun 28 09:01:12 myotis41 dovecot: auth: Debug: client out: OK#01152763#011user=#011proxy#011proxy_timeout=150#011pass= Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:12 myotis41 dovecot: imap-login: proxy(): started proxying to 155.54.211.162:143: user=<>, method=PLAIN, rip=155.54.66.38, lip=155.54.211.186 Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): lookup Jun 28 09:01:13 myotis41 dovecot: auth: Debug: static(,155.54.66.38): Allowing any password * Now, the first director sends him to the incorrect one too Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master in: PASS#01132#011@um.es#011service=lmtp#011lip=155.54.211.185#011lport=24#011rip=155.54.212.168#011rport=46830 Jun 28 09:33:50 myotis42 dovecot: auth: Debug: static(,155.54.212.168): lookup Jun 28 09:33:50 myotis42 dovecot: auth: Debug: master out: PASS#01132#011user=#011proxy#011proxy_timeout=150 Jun 28 09:33:50 myotis42 dovecot: lmtp(17284): Debug: auth input: user= proxy proxy_timeout=150 host=155.54.211.162 proxy_refresh=450 I haven't found any error log for the correct backend server between the correct redirection and the incorrect one. In fact, I have lot of logs of other users directed to it, and logs of the same director directing connections to the correct server. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 868887590 Fax: 868888337 From CMarcus at Media-Brokers.com Fri Jun 29 14:15:04 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:04 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FECC01C.90303@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> Message-ID: <4FED8E38.1020105@Media-Brokers.com> On 2012-06-28 4:35 PM, Ed W wrote: > On 28/06/2012 17:54, Charles Marcus wrote: >> RAID10 also statistically has a much better chance of surviving a >> multi drive failure than RAID5 or 6, because it will only die if two >> drives in the same pair fail, and only then if the second one fails >> before the hot spare is rebuilt. > Actually this turns out to be incorrect... Curious, but there you go! Depends on what you mean exactly by 'incorrect'... I'm fairly sure that you do not mean that my comment that 'having a hot spare is good' is incorrect, so that leaves my last comment above... I'm far from expert (Stan? Where are you? Am looking forward to your comments here), but... > Search google for a recent very helpful expose on this. Basically RAID10 > can sometimes tolerate multi-drive failure, but on average raid6 appears > less likely to trash your data, plus under some circumstances it better > survives recovering from a single failed disk in practice 'Sometimes'... '...under some circumstances...' - hey, it's all a crapshoot anyway, all you can do is try to make sure the dice aren't loaded against you. > The executive summary is something like: when raid5 fails, because at > that point you effectively do a raid "scrub" you tend to suddenly notice > a bunch of other hidden problems which were lurking and your rebuild > fails (this happened to me...). RAID1 has no better bad block detection > than assuming the non bad disk is perfect (so won't spot latent > unscrubbed errors), and again if you hit a bad block during the rebuild > you loose the whole of your mirrored pair. Not true (at least not for real hardware based RAID controllers that I have ever worked with)... yes, it may revert to degraded mode, but you don't just 'lose' the RAID if the rebuild fails. You can then run filesystem check tools on the system, hopefully find/fix the bad sectors, then rebuild the array - I have had to do/done this before myself, so I know that this is possible. Also, modern enterprise SAS drives and RAID controllers do have hardware based algorithms to protect data integrity (much better than consumer grade drives at least). > So the vulnerability is not the first failed disk, but discovering > subsequent problems during the rebuild. True, but this applies to every RAID mode (RAID6 included). Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes can take many hours, or even days depending on drive sizes) - it is the stress of the rebuild that often causes a second drive failure, thereby killing your RAID, and RAID10 rebuilds happen *much* faster that RAID5/6 rebuilds (and are less stressful), so there is much less chance of losing another disk during a rebuild. > This certainly correlates with my (admittedly limited) experiences. > Disk array scrubbing on a regular basis seems like a mandatory > requirement (but how many people do..?) to have any chance of > actually repairing a failing raid1/5 array Regular scrubbing is something I will give some thought to, but again, your remarks are not 100% accurate... RAID is not quite so fragile as you make it out to be. -- Best regards, Charles From CMarcus at Media-Brokers.com Fri Jun 29 14:15:10 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 07:15:10 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <4FECDE83.4090007@corp.sonic.net> Message-ID: <4FED8E3E.5050905@Media-Brokers.com> On 2012-06-29 2:19 AM, Wojciech Puchar wrote: >> Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store for > yes. long time ago. ZFS isn't useful for anything more than a toy. I/O > performance is just bad. Please stop with the FUD... 'long time ago'? No elaboration on what implementation/platform you 'played with'? With a proper implementation, ZFS is an excellent, mature, reliable option for storage... maybe not quite the fastest/highest performing screaming speed demon, but enterprises are concerned with more than just raw performance - in fact, data integrity tops the list. http://www.nexenta.com/corp/nexentastor http://www.freenas.org/ Yes, the LINUX version has a long way to go (due to stupid licensing restrictions it must be rewritten from scratch to get into the kernel), but personally I'm chomping at the bit for BTRFS, which looks like it is coming closer to usability for production systems (just got a basic fsck tool which now just needs to be perfected). -- Best regards, Charles From joe at tao.org.uk Fri Jun 29 08:02:16 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Fri, 29 Jun 2012 06:02:16 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage Message-ID: Kelsey Cummings wrote: > On 06/28/12 05:56, Ed W wrote: >> So given the statistics show us that 2 disk failures are much more >> common than we expect, and that "silent corruption" is likely occurring >> within (larger) real world file stores, there really aren't many battle >> tested options that can protect against this - really only RAID6 right >> now and that has significant limitations... > > Has anyone tried or benchmarked ZFS, perhaps ZFS+NFS as backing store > for spools? Sorry if I've missed it and this has already come up. > We're using Netapp/NFS, and are likely to continue to do so but still > curious. Hi Kelsey, We're running ZFS here, and have just started using dovecot on it. No stats yet to report, but you might be interested in this edge case. One of our server started behaving badly... the database would randomly crash and not restart due to corrupted indexed. It turns out that the memory had gone bad, and that it had been bad for a while. Disk blocks were getting corrupted on read, and some on write! Luckly because we were on ZFS, which checksums all data, we were able to detect and repair most of the data (some 80mb of bad blocks distributed evenly thoughout the entire file system!) automatically, and also know exactly which files were unrecoverable (in the end just two or three files!). Also, we have hourly snapshots of all the file systems, so we were able to recover older versions of those files with minimal loss. I will never rely on a non-checksumming file system for production use again, for data that is existed to persist over time. Joe From CMarcus at Media-Brokers.com Fri Jun 29 15:11:47 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Jun 2012 08:11:47 -0400 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: References: Message-ID: <4FED9B83.7070905@Media-Brokers.com> On 2012-06-29 1:02 AM, Dr Josef Karthauser wrote: > I will never rely on a non-checksumming file system for production > use again, for data that is existed to persist over time. Nice! I'm seriously considering buying a Nexenta Storage device if/when our storage needs require it... this just makes me want it more. :) Out of curiosity, were you using proper ECC memory? Ie, why did the bad memory go undetected for so long? -- Best regards, Charles From lists at wildgooses.com Fri Jun 29 19:07:56 2012 From: lists at wildgooses.com (Ed W) Date: Fri, 29 Jun 2012 17:07:56 +0100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FED8E38.1020105@Media-Brokers.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com><213B51F00051AE48A9F0E11288017717B8401E@Delta.sc.local> <4FEC548E.4030405@wildgooses.com> <213B51F00051AE48A9F0E11288017717B8401F@Delta.sc.local> <4FEC844A.9090302@wildgooses.com> <4FEC8C4E.1020209@Media-Brokers.com> <4FECC01C.90303@wildgooses.com> <4FED8E38.1020105@Media-Brokers.com> Message-ID: <4FEDD2DC.7080404@wildgooses.com> On 29/06/2012 12:15, Charles Marcus wrote: > On 2012-06-28 4:35 PM, Ed W wrote: >> On 28/06/2012 17:54, Charles Marcus wrote: >>> RAID10 also statistically has a much better chance of surviving a >>> multi drive failure than RAID5 or 6, because it will only die if two >>> drives in the same pair fail, and only then if the second one fails >>> before the hot spare is rebuilt. > >> Actually this turns out to be incorrect... Curious, but there you go! > > Depends on what you mean exactly by 'incorrect'... I'm sorry, this wasn't meant to be an attack on you, I thought I was pointing out what is now fairly obvious stuff, but it's only recently that the maths has been popularised by the common blogs on the interwebs. Whilst I guess not everyone read the flurry of blog articles about this last year, I think it's due to be repeated in increasing frequency as we go forward: The most recent article which prompted all of the above is I think this one: http://queue.acm.org/detail.cfm?id=1670144 More here (BARF = Battle Against Raid 5/4) http://www.miracleas.com/BAARF/ There are some badly phrased ZDnet articles also if you google "raid 5 stops working in 2009" Intel have a whitepaper which says: Intelligent RAID 6 Theory Overview And Implementation RAID 5 systems are commonly deployed for data protection in most business environments. However, RAID 5 systems only tolerate a single drive failure, and the probability of encountering latent defects [i.e. UREs, among other problems] of drives approaches 100 percent as disk capacity and array width increase. The upshot is that: - Drives often fail slowly rather than bang/dead - You will only scrub the array on a frequency F, which means that faults can develop since the last scrub (good on you if you actually remembered to set an automatic regular scrub...) - Once you decide to pull a disk for some reason to replace it, then with RAID1/5 (raid1 is a kind of degenerate form of raid5) you are exposed in that if a *second* error is detected during the rebuild then you are inconsistent and have no way to correctly rebuild your entire array - My experience is that linux-raid will stop the rebuild if a second error is detected during rebuild, but with some understanding it's possible to proceed (obviously understanding that data loss has therefore occurred). However, some hardware controllers will kick out the whole array if a rebuild error is discovered- some will not, but given the probability of a second error being discovered during rebuild is significantly non zero, it's worth worrying over this and figuring out what you do if it happens... > I'm fairly sure that you do not mean that my comment that 'having a > hot spare is good' is incorrect, Well, hotspare seems like a good idea, but the point is that the situation will be that you have lost parity protection. At that point you effectively run a disk scrub to rebuild the array. The probability of discovering a second error somewhere on your remaining array is non zero and hence your array has lost data. So it's not about how quickly you get the spare in, so much as the significant probability that you have two drives with errors, but only one drive of protection Raid6 increases this protection *quite substantially*, because if a second error is found on a stripe, then you still haven't lost data. However, a *third* error on a single stripe will lose data. The bad news: Estimates suggest that drive sizes will become large enough that RAID6 is insufficient to give a reasonable probability of successful repair of a single failed disk in around 7+ years time. So at that point there becomes a significant probability that the single failed disk cannot be successfully replaced in a RAID6 array because of the high probability of *two* additional defects becoming discovered on the same stripe of the remaining array. Therefore many folks are requesting 3 disk parity to be implemented (RAID7?) > 'Sometimes'... '...under some circumstances...' - hey, it's all a > crapshoot anyway, all you can do is try to make sure the dice aren't > loaded against you. And to be clear - RAID5/RAID1 has a very significant probability that once your first disk has failed, in the process of replacing that disk you will discover an unrecoverable error on your remaining drive and hence you have lost some data... > Also, modern enterprise SAS drives and RAID controllers do have > hardware based algorithms to protect data integrity (much better than > consumer grade drives at least). I can't categorically disagree, but I should check carefully your claims? My understanding is that there is minimal additional protection from "enterprise" stuff, and by that I'm thinking of quality gear that I can buy from the likes of newegg/ebuyer, not the custom SAN products from certain big name providers. It seems possible that the big name SAN providers implement additional protection, but at that point we are talking custom hardware and it's hard to analyse (or even get the full details) My limited understanding is that "enterprise" quality buys you only: - almost identical drives, but with a longer warranty and tighter quality control. We might hope for internal changes that improve longevity, but there is only minimal evidence of this - drives have certain firmware features which can be advantage, eg TLER type features - drives have (more) bad block reallocation sectors available, hence you won't get bad block warnings as quickly (which could be good or bad...) - controllers might have ECC ram in the cache ram However, whilst we might desire features which reduce the probability of failed block reads/writes, in practice I'm not aware that the common LSI controllers (et al) offer this and so in practice I don't think you get any useful additional protection from "enterprise" stuff? For example remember a few years back the google survey of drives from their data centers (and several others) where they observed that enterprise drives showed no real difference in failure characteristics from non enterprise drives. Also that SMART was a fairly poor predictor of failing drives... >> So the vulnerability is not the first failed disk, but discovering >> subsequent problems during the rebuild. > > True, but this applies to every RAID mode (RAID6 included). No, see RAID6 has a dramatically lower chance of this happening than RAID1/5. See this is the real insight and I think it's important that this fairly (obvious in retrospect) idea becomes widely known and understood to those who manage arrays. RAID6 needs a failed drive and *two* subsequent errors *per stripe* to lose data. RAID5/1 simply need one subsequent error *per array* to lose data. Quite a large difference! > Also, one big disadvantage of RAID5/6 is the rebuild times (sometimes > can take many hours, or even days depending on drive sizes) - it is > the stress of the rebuild that often causes a second drive failure, > thereby killing your RAID, and RAID10 rebuilds happen *much* faster > that RAID5/6 rebuilds (and are less stressful), so there is much less > chance of losing another disk during a rebuild. Hmm, at least theoretically both need a full linear read of the other disks. The time for an idle array should be similar in both cases. Agree though that for an active array the raid5/6 generally causes more drives to read/write, hence yes, the impact is probably greater. However, don't miss the big picture, your risk is a second error occurring anywhere on the array with raid1/5, but with raid 6 your risk is *two* errors per stripe, ie you can fail a whole second drive and still continue rebuilding with raid6 >> This certainly correlates with my (admittedly limited) experiences. >> Disk array scrubbing on a regular basis seems like a mandatory >> requirement (but how many people do..?) to have any chance of >> actually repairing a failing raid1/5 array > > Regular scrubbing is something I will give some thought to, but again, > your remarks are not 100% accurate... RAID is not quite so fragile as > you make it out to be. We humans are all far too shaped by our own limited experiences. I'm the same. I personally feel that raid arrays *are* very fragile. Backups are often the option when you get multi-drive failures (even if theoretically the array is repairable). However, it's about the best option we have right now, so all we can do is be aware of the limitations... Additionally I have very much suffered this situation of a failing RAID5 which was somehow hanging together with just the odd uncorrectable read error reported here and there (once a month say). I copied off all the data and then as an experiment replaced one disk in this otherwise working array, which then triggered a cascade of discovered errors all over the disk and rebuilding was basically impossible. I was expecting it to fail of course and had proactively copied off the data, but my point was at that point all I had were hints of failure and the odd UCE report. Presumably my data was being quietly corrupted in the background though, and the recovered data (low value) is likely peppered with read errors... Scary if it had been high value data... Remember, remember: Raid5/6/1 does NOT do parity checking on read... Only fancy filesystems like ZFS and perhaps btrfs do an end to end check which can spot a read error... If your write fails or a disk error corrupts a sector, then you will NOT find out about it until you scrub your array... Reading the corrupted sector will read the error and when you rewrite you will correct the parity and the original error will then be undetectable... Same effect actually if you just rewrite any block in the stripe containing a corrupted block, the parity gets updated to imply the corrupted block isn't corrupted anymore, now it's undetectable to a scrub... Roll on btrfs I say... Cheers Ed W From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 19:21:27 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 18:21:27 +0200 Subject: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users Message-ID: <20120629182127.653130ctu3bfqxaf@mail.tu-chemnitz.de> Hi, we have configured userdb and passdb in the director and try to iterate all users and pass the "purge" command via doveadm proxy to port 19000 on the correct director backend host. A single purge -u username at example.org via doveadm-proxy works correctly, but iterating over some users with -A fails. Note: users/domains have been anonymized in output: ------------------------------------------------------------------------ mail04:~# /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A 2>&1 doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(user01 at domain1.example.org): Debug: auth input: user=user01 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain1.example.org): Debug: auth input: user=user02 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user03 at domain1.example.org): Debug: auth input: user=user03 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user04 at domain1.example.org): Debug: auth input: user=user04 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user05 at domain1.example.org): Debug: auth input: user=user05 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user06 at domain1.example.org): Debug: auth input: user=user06 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user07 at domain1.example.org): Debug: auth input: user=user07 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user08 at domain1.example.org): Debug: auth input: user=user08 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain2.example.org): Debug: auth input: user=user01 at domain2.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user09 at domain1.example.org): Debug: auth input: user=user09 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 10 / 94doveadm(user10 at domain1.example.org): Debug: auth input: user=user10 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user11 at domain1.example.org): Debug: auth input: user=user11 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user12 at domain1.example.org): Debug: auth input: user=user12 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user13 at domain1.example.org): Debug: auth input: user=user13 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user14 at domain1.example.org): Debug: auth input: user=user14 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user15 at domain1.example.org): Debug: auth input: user=user15 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user16 at domain1.example.org): Debug: auth input: user=user16 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user17 at domain1.example.org): Debug: auth input: user=user17 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user18 at domain1.example.org): Debug: auth input: user=user18 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user19 at domain1.example.org): Debug: auth input: user=user19 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 20 / 94doveadm(user20 at domain1.example.org): Debug: auth input: user=user20 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user21 at domain1.example.org): Debug: auth input: user=user21 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user22 at domain1.example.org): Debug: auth input: user=user22 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user02 at domain2.example.org): Debug: auth input: user=user02 at domain2.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(user23 at domain1.example.org): Debug: auth input: user=user23 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user24 at domain1.example.org): Debug: auth input: user=user24 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user01 at domain3.example.org): Debug: auth input: user=user01 at domain3.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user25 at domain1.example.org): Debug: auth input: user=user25 at domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(user26 at domain1.example.org): Debug: auth input: user=user26 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user27 at domain1.example.org): Debug: auth input: user=user27 at domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 30 / 94doveadm(user28 at domain1.example.org): Debug: auth input: user=user28 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user29 at domain1.example.org): Debug: auth input: user=user29 at domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(user30 at domain1.example.org): Debug: auth input: user=user30 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Debug: auth input: user=user31 at domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(user31 at domain1.example.org): Error: doveadm server failure doveadm: Error: Failed to iterate through some users ------------------------------------------------------------------------ The user "user31 at domain1.example.org" is proxied to the correct backend host according to director status, but the dovecot.log on the doveadm service backend host shows the following error: Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: user user31 at domain1.example.org: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(user31 at domain1.example.org): Error: purge: User lookup failed: Internal error occurred. Refer to server log for more information. The wiki http://wiki2.dovecot.org/Services#doveadm states that the privileges are (temporarily) dropped to the mail user's privileges after userdb lookup. It seems that from the second purge on which is passed over a single doveadm connection, the user lookup fails. It also seems a bit strange, that the "-A" parameter can be observed in the doveadm tcp stream to the backend, since iteration should be already done in the director and the backend should purge only a single user: D username at example.org purge -A Is there a bug or have I misconfigured/overlooked something? Configs of mailbox backend and director are attached. Kind regards Daniel -------------- next part -------------- # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes namespace { hidden = yes list = no location = pop3c: prefix = POP3-MIGRATION-NS/ } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot mode = 0660 user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } protocol doveadm { mail_plugins = quota pop3_migration } -------------- next part -------------- # 2.1.7: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_doveadm_port = 20000 director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_user_expire = 2 days disable_plaintext_auth = no doveadm_password = xxx doveadm_proxy_port = 19000 instance_name = dovecot-director lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = /etc/dovecot-director/conf.d/dovecot-sql.conf.ext driver = sql } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service doveadm { executable = doveadm-server director inet_listener doveadm-server { port = 20000 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { executable = managesieve-login director inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = References: <20120629094330.GJ58060@trav.math.uni-bonn.de> Message-ID: <20120629184635.GB19203@state-of-mind.de> * Edgar Fu? : > Is there, among the dovocot community, any preferred LDAP schema and > attribute to use for setting the home/mail storage location? There are many. Here's another one: -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From daniel.parthey at informatik.tu-chemnitz.de Fri Jun 29 23:33:34 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Jun 2012 22:33:34 +0200 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <1335833212.21461.82.camel@innu> References: <20120428110023.GA9236@daniel.localdomain> <1335833212.21461.82.camel@innu> Message-ID: <20120629203334.GA7718@daniel.localdomain> Timo Sirainen wrote: > On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > > > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > > at least once a week. Some mails get temporarily deferred in the > > postfix queue since dovecot director lmtp refuses them and the > > mails are delivered at a later time. > > What isn't in v2.0 is the larger rewrite of the LMTP proxying > code in v2.1, which I hope fixes also this timeout problem. Same problem persists after update to 2.1.7, especially for distribution lists which contain several target email addresses which are then pipelined by postfix through a single lmtp proxy connection: Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Jun 29 10:14:03 10.129.3.233 postfix/lmtp[29674]: 00318C090: to=, orig_to=, relay=127.0.0.1[127.0.0.1]:20024, delay=31, delays=1/0.16/0.01/30, dsn=4.4.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.4.0 Remote server not answering (timeout while waiting for reply to DATA reply) (in reply to end of DATA command)) Please tell me If I can do something to find out the cause of the problem. Kind regards Daniel -- https://plus.google.com/103021802792276734820 From zac.israel at gmail.com Sat Jun 30 00:41:02 2012 From: zac.israel at gmail.com (Zac Israel) Date: Fri, 29 Jun 2012 16:41:02 -0500 Subject: [Dovecot] Proxy config help please Message-ID: Hello, I am new to dovecot and I am initially trying to setup a basic imap proxy with password forwarding, I can start the dovecot service, connect and give it my password, and that is where I hang. My config is: root at imap-test:/etc/dovecot# doveconf -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_debug = yes auth_verbose = yes debug_log_path = syslog first_valid_uid = 100 imap_capability = CAPABILITY IMAP4rev1 ACL BINARY CATENATE CHILDREN CONDSTORE ENABLE ESEARCH ESORT I18NLEVEL=1 ID IDLE LIST-EXTENDED LIST-STATUS LITERAL+ LOGIN-REFERRALS MULTIAPPEND NAMESPACE QRESYNC QUOTA RIGHTS=ektx SASL-IR SEARCHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST last_valid_uid = 200 mail_debug = yes mail_gid = 107 mail_uid = 107 passdb { args = proxy=proxy_always nopassword=y host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert driver = static } protocols = imap service imap-login { inet_listener imap { address = * port = 143 } } ssl = required ssl_cert = Message-ID: Jonathan Ryshpan schrieb: > It appears from the wiki that the word following the namespace > declarator (if this is the right word) should be either "public", > "shared", or "private", and describes a property of the namespace being > declared. AFAIS the word following the keyword "namespace" is the name (of the namespace). The type ("public", "shared" or "private") is declared by using a type definition. > So what does: > namespace inbox {... > mean? That is a definition of a namespace named "inbox". -thh From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 04:51:50 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 03:51:50 +0200 Subject: [Dovecot] director directing to wrong server (sometimes) In-Reply-To: <4FED8B42.5010701@um.es> References: <4FED8B42.5010701@um.es> Message-ID: <20120630015150.GA12291@daniel.localdomain> Hi Angel, Angel L. Mateo wrote: > I have a user, its assigned server is 155.54.211.164. The problem > is that I don't know why director sent him yesterday to a different > server, because my server was up all the time. Moreover, I'm using > poolmon in director servers to check availability of final servers > and it didn't report any problem with the server. Which version of dovecot are you using? "doveconf -n" of director and mailbox instance? You should monitor the output of doveadm director status username at example.org doveadm director ring status on each of the directors over time with a timestamp. This might shed some light on where the user is directed and why, and ring status will tell which directors can see each other. doveadm director move can also influence where a user is sent, but this will be reflected by "Current:" entry of director status, there you can also find the time when the entry in hashtable will expire. Regards Daniel -- https://plus.google.com/103021802792276734820 From stan at hardwarefreak.com Sat Jun 30 08:23:58 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 30 Jun 2012 00:23:58 -0500 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEC4ACD.20104@wildgooses.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local> <4FEC4ACD.20104@wildgooses.com> Message-ID: <4FEE8D6E.3030703@hardwarefreak.com> On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From CMarcus at Media-Brokers.com Sat Jun 30 12:52:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 30 Jun 2012 05:52:09 -0400 Subject: [Dovecot] Proxy config help please In-Reply-To: References: Message-ID: <4FEECC49.8000601@Media-Brokers.com> On 2012-06-29 5:41 PM, Zac Israel wrote: > The system at 172.16.0.13 is a zimbra proxy. I can see in the logs > that it initially complains about my ssl cert, and if I remove > ssl=any-cert it fails because my cert is self signed, so I know it is > talking to the proxy and doing starttls which is a requirement of > zimbra. Unfortunately I have not found a way to see the full exchange > between dovecot and my zimbra proxy other than tcp dump, which just > shows a small packet exchange. And unfortunately you failed to provide critical evidence - in this case the actual logs (and the tcpdump since you already have it) of a failed session, rather than your interpretation of it. But at least you provided your config (Timo is so good that often that is enough by itself, but even his crystal ball sometimes has problems). I have found over the years that if you are having a problem to the point that you need to ask for help, it is time to step back and take a fresh look at *everything* - including having other eyes looking at *all* of the evidence. -- Best regards, Charles From =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= Sat Jun 30 14:17:09 2012 From: =?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?= (=?utf-8?B?0JrQvtGB0YLRi9GA0LXQsiDQkNC70LXQutGB0LDQvdC00YAg0JDQu9C10LrRgQ==?=) Date: Sat, 30 Jun 2012 22:17:09 +1100 Subject: [Dovecot] RAID1+md concat+XFS as mailstorage In-Reply-To: <4FEE8D6E.3030703@hardwarefreak.com> References: <213B51F00051AE48A9F0E11288017717B8401D@Delta.sc.local><4FEC4ACD.20104@wildgooses.com> <4FEE8D6E.3030703@hardwarefreak.com> Message-ID: <213B51F00051AE48A9F0E11288017717B84022@Delta.sc.local> So, you say that one should use this configuration in production with hope that such failure would never happen? -----Original Message----- From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On Behalf Of Stan Hoeppner Sent: Saturday, June 30, 2012 4:24 PM To: dovecot at dovecot.org Subject: Re: [Dovecot] RAID1+md concat+XFS as mailstorage On 6/28/2012 7:15 AM, Ed W wrote: > On 28/06/2012 13:01, ???????? ????????? ?????????? wrote: >> somewhere in maillist I've seen RAID1+md concat+XFS being promoted as >> mailstorage. >> Does anybody in here actually use this setup? >> >> I've decided to give it a try, >> but ended up with not being able to recover any data off survived >> pairs from linear array when _the_first of raid1 pairs got down. The failure of the RAID1 pair was due to an intentional breakage test. Your testing methodology was severely flawed. The result is the correct expected behavior of your test methodology. Proper testing will yield a different result. One should not be surprised that something breaks when he intentionally attempts to break it. > This is the configuration endorsed by Stan Hoeppner. Yes. It works very well for metadata heavy workloads, i.e. maildir. -- Stan From oooo1 at front.ru Sat Jun 30 14:19:53 2012 From: oooo1 at front.ru (Oooo1) Date: Sat, 30 Jun 2012 15:19:53 +0400 Subject: [Dovecot] Adding IMAP SORT and THREAD Extensions but THREAD=ORDEREDSUBJECT functionality to Dovecot 2.x.y ! Message-ID: <000001cd56b2$472ecfb0$d58c6f10$@front.ru> Hi. Can somebody add IMAP SORT and THREAD Extensions THREAD=ORDEREDSUBJECT function to the just next version of Dovecot ? It is necessary to GroupWare server. At the moment I have made it workable together, but there is one unstable point, as I have understood SOGo needs THREAD=ORDEREDSUBJECT sorting functions and if it not to get it, GroupWare server makes unworkable some of its component. If it needs additional info, you are welcome. From zac.israel at gmail.com Sat Jun 30 17:58:11 2012 From: zac.israel at gmail.com (Zac Israel) Date: Sat, 30 Jun 2012 09:58:11 -0500 Subject: [Dovecot] Proxy config help please In-Reply-To: <4FEECC49.8000601@Media-Brokers.com> References: <4FEECC49.8000601@Media-Brokers.com> Message-ID: On Sat, Jun 30, 2012 at 4:52 AM, Charles Marcus wrote: > On 2012-06-29 5:41 PM, Zac Israel wrote: >> >> The system at 172.16.0.13 is a zimbra proxy. ?I can see in the logs >> that it initially complains about my ssl cert, and if I remove >> ssl=any-cert it fails because my cert is self signed, so I know it is >> talking to the proxy and doing starttls which is a requirement of >> zimbra. ?Unfortunately I have not found a way to see the full exchange >> between dovecot and my zimbra proxy other than tcp dump, which just >> shows a small packet exchange. > > > And unfortunately you failed to provide critical evidence - in this case the > actual logs (and the tcpdump since you already have it) of a failed session, > rather than your interpretation of it. But at least you provided your config > (Timo is so good that often that is enough by itself, but even his crystal > ball sometimes has problems). > > I have found over the years that if you are having a problem to the point > that you need to ask for help, it is time to step back and take a fresh look > at *everything* - including having other eyes looking at *all* of the > evidence. > > -- > > Best regards, > > Charles Very sorry for the omission, please find the dovecot logs and tcpdump session attached. Please let me know if I can provide any other information and thank you again for your time. Zac -------------- next part -------------- Jun 29 17:00:57 imap-test dovecot: master: Dovecot v2.0.19 starting up (core dumps disabled) Jun 29 17:00:58 imap-test dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Jun 29 17:00:58 imap-test dovecot: auth: Debug: auth client connected (pid=31182) Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:00:58 imap-test dovecot: imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=49940 resp= Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): lookup Jun 29 17:01:10 imap-test dovecot: auth: Debug: static(zac.israel at domain.com,127.0.0.1): Allowing any password Jun 29 17:01:10 imap-test dovecot: auth: Debug: client out: OK 1 user=zac.israel at domain.com proxy host=172.16.0.13 port=143 proxy_timeout=5 starttls=y ssl=any-cert pass= Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: before/connect initialization [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: unknown state [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server hello A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: self signed certificate in certificate chain: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unsupported certificate purpose: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Invalid certificate: unable to get certificate CRL: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=COMPANY CA/emailAddress=it at domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Valid certificate: /C=US/ST=State/L=City/O=COMPANY/OU=IT/CN=mail.int.domain.com Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server certificate A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server done A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write client key exchange A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write change cipher spec A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 write finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 flush data [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=-1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read server session ticket A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1001, ret=1: SSLv3 read finished A [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:10 imap-test dovecot: imap-login: Warning: SSL: where=0x1002, ret=1: SSL negotiation finished successfully [127.0.0.1] Jun 29 17:01:44 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] Jun 29 17:03:58 imap-test dovecot: imap-login: Disconnected: Inactivity (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS: Disconnected Jun 29 17:03:58 imap-test dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] -------------- next part -------------- root at imap-test:~# tcpdump -n -i eth0 host 172.16.0.13 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 09:36:00.886811 ARP, Request who-has 172.16.0.13 tell 172.16.0.66, length 28 09:36:00.888071 ARP, Reply 172.16.0.13 is-at 00:50:56:b5:81:76, length 46 09:36:00.888088 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [S], seq 2509538212, win 14600, options [mss 1460,sackOK,TS val 41913867 ecr 0,nop,wscale 2], length 0 09:36:00.888456 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [S.], seq 703703456, ack 2509538213, win 14480, options [mss 1460,sackOK,TS val 3304080992 ecr 41913867,nop,wscale 7], length 0 09:36:00.888493 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 1, win 3650, options [nop,nop,TS val 41913867 ecr 3304080992], length 0 09:36:00.889084 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 1:19, ack 1, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 18 09:36:00.889107 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 0 09:36:00.889372 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 1:13, ack 19, win 3650, options [nop,nop,TS val 41913867 ecr 3304080993], length 12 09:36:00.889716 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [.], ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 0 09:36:00.889805 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 19:35, ack 13, win 114, options [nop,nop,TS val 3304080993 ecr 41913867], length 16 09:36:00.890583 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 13:239, ack 35, win 3650, options [nop,nop,TS val 41913868 ecr 3304080993], length 226 09:36:00.896904 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 35:2546, ack 239, win 122, options [nop,nop,TS val 3304081000 ecr 41913868], length 2511 09:36:00.896929 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 2546, win 4374, options [nop,nop,TS val 41913869 ecr 3304081000], length 0 09:36:00.902988 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 239:437, ack 2546, win 4374, options [nop,nop,TS val 41913871 ecr 3304081000], length 198 09:36:00.907031 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2546:2780, ack 437, win 130, options [nop,nop,TS val 3304081011 ecr 41913871], length 234 09:36:00.908024 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 437:554, ack 2780, win 5098, options [nop,nop,TS val 41913872 ecr 3304081011], length 117 09:36:00.908429 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 2780:3089, ack 554, win 130, options [nop,nop,TS val 3304081012 ecr 41913872], length 309 09:36:00.946464 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [.], ack 3089, win 5822, options [nop,nop,TS val 41913882 ecr 3304081012], length 0 09:38:45.491173 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [P.], seq 554:591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 37 09:38:45.491251 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [F.], seq 591, ack 3089, win 5822, options [nop,nop,TS val 41955018 ecr 3304081012], length 0 09:38:45.494136 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [P.], seq 3089:3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 85 09:38:45.494169 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:45.494176 IP 172.16.0.13.143 > 172.16.0.66.35641: Flags [F.], seq 3174, ack 592, win 130, options [nop,nop,TS val 3304245600 ecr 41955018], length 0 09:38:45.494221 IP 172.16.0.66.35641 > 172.16.0.13.143: Flags [R], seq 2509538804, win 0, length 0 09:38:50.493026 ARP, Request who-has 172.16.0.66 tell 172.16.0.13, length 46 09:38:50.493057 ARP, Reply 172.16.0.66 is-at 00:50:56:b5:81:b0, length 28 From toml at engr.orst.edu Sat Jun 30 19:07:58 2012 From: toml at engr.orst.edu (Tom Lieuallen) Date: Sat, 30 Jun 2012 09:07:58 -0700 Subject: [Dovecot] how to announce shared folders to clients using non-default mail prefix In-Reply-To: References: <4FD14895.8040707@engr.orst.edu> <63F00218-4FBE-418F-9477-CBEA8E7A35B9@iki.fi> <4FD78794.1030905@engr.orst.edu> <1339594723.25551.8.camel@innu> <4FD8C6AB.6040909@engr.orst.edu> Message-ID: <4FEF245E.30105@engr.orst.edu> On 6/13/12 10:07 AM, Timo Sirainen wrote: > On 13.6.2012, at 19.58, Tom Lieuallen wrote: > >>> type=public and same for the other shared namespace. The type=shared >>> namespaces are for mailboxes shared between users. >> >> Unfortunately, it still isn't working. > .. >> It seems to me like the logic for deciding which namespaces to follow is something like this: >> >> * If mail prefix = "", inspect and potentially use all namespaces >> >> * else look in default namespace for subdirectories matching prefix listed _AND_ look for namespaces that are exact matches for the prefix passed. >> >> In that 'else' case, it does not appear to look for namespaces where the mail prefix is a subset. > > No. I tried with your exact config, except changed namespace types to public, and it works fine in my tests.. You're trying with v2.1.7, right? Yes, 2.1.7 in solaris 10, compiled with gcc. I tried this on a linux box and got the same behavior. I tried compiling it with the Sun compilers; no change. I'm at a loss of what else to check or try. thank you Tom Lieuallen From daniel.parthey at informatik.tu-chemnitz.de Sat Jun 30 21:03:09 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 30 Jun 2012 20:03:09 +0200 Subject: [Dovecot] started with dovecot sieve In-Reply-To: References: <20120625215914.GA7831@daniel.localdomain> <20120626201036.GA6929@daniel.localdomain> <20120627184736.GA7546@daniel.localdomain> Message-ID: <20120630180308.GA7417@daniel.localdomain> Rolf wrote: > Am 2012-06-27 20:47, schrieb Daniel Parthey: > >I encourage you to read this HOWTO: > >http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > > I understand that LMTP is an alternative to SMTP when it comes to > mail communication inside a server or a local network. > I understand that LMTP is newer. But if you look at incoming mail > via SMTP on socket 25 and than look at the mail via roundcoube > (communicating with dovecot) what is the difference and why should I > care? Delivery via lda: SMTP -> postfix:25 -> EXEC -> lda executed by postfix -> filesystem -> dovecot imap Delivery via lmtp: SMTP -> postfix:25 -> TCP -> dovecot:24 -> filesystem -> dovecot imap The difference is that postfix communicates to dovecot lmtp port 24 and the actual delivery to the filesystem will be done by dovecot itself. Therefore you only need to ensure read/write access for dovecot to the mail filesystem. > That is - if I introduce LMTP - postfix will talk to dovecot by a > different protocol. Correct? Yes, postfix will talk LMTP dovecot, either via a UNIX socket in the filesystem, or via local TCP network communication to a TCP Socket in dovecot. > Will dovecot change its behavior? No. The imap/pop3 service of dovecot will work as usual. The delivery is a bit different, before being delivered to the filesystem, the message will pass the LMTP service with quota enforcement, sieve filtering, depending on which mail modules you have enabled in dovecot. > As I am not an SMTP insider (never did SMTP using telnet) I hardly > understand what this change could do to my problem. By using LMTP via TCP, you will avoid permission problems where postfix cannot access sockets/files/mails from dovecot, since postfix will communicate via network with dovecot and dovecot will handle the delivery itself. > Wouldn't dovecot LDA "deliver" still try to change the INBOX and > will have access problems that I do not understand? Delivery will be done by the dovecot lmtp service http://wiki2.dovecot.org/Services#lmtp it will not be executed by postfix. > Do you have a link for me, explaining what "deliver" does with a > mail that is not subject to any of the "fileinto" of a sieve filter? I assume it writes the message to INBOX (e.g. /var/mail/rolf), which is often at a different location and possibly has other permissions than your mailboxes in your home directory where SIEVE sorts your mail into. > What user accounts are involved in that function? Currently, dovecot lda/deliver is executed by postfix, which I see as a possible reason for the permission problems. After switching to LMTP via TCP, only dovecot should be involved with delivery, and drop privileges to the mailbox owner after userdb lookup according to http://wiki2.dovecot.org/Services#lmtp Regards, Daniel -- https://plus.google.com/103021802792276734820 From spamvoll at googlemail.com Sat Jun 30 23:19:49 2012 From: spamvoll at googlemail.com (spamvoll at googlemail.com) Date: Sat, 30 Jun 2012 22:19:49 +0200 Subject: [Dovecot] moving from BSD to Ubuntu Message-ID: hi.. im planning to move my Mailserver from an FreeBSD Box to an Ubuntu 12.04 LTS Box. Both Boxes run Dovecot 2.0 Does anyone did this before and experienced any problems ? Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and copy all Mailbox files to the Uuntu system and start dovecot. Regards Hans From lists at svrinformatica.it Sat Jun 30 23:33:42 2012 From: lists at svrinformatica.it (Mailing List SVR) Date: Sat, 30 Jun 2012 22:33:42 +0200 Subject: [Dovecot] moving from BSD to Ubuntu In-Reply-To: References: Message-ID: <4FEF62A6.1040305@svrinformatica.it> Il 30/06/2012 22:19, spamvoll at googlemail.com ha scritto: > hi.. > > im planning to move my Mailserver from an FreeBSD Box to an Ubuntu > 12.04 LTS Box. Hi, I recently migrated to ubuntu 12.04 (not from freebsd) the only problem was this: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1016905 solved patching openssl ubuntu package, Nicola > Both Boxes run Dovecot 2.0 > > Does anyone did this before and experienced any problems ? > Downtime is no problem, my plan is to stop Dovecot on the Bsd Box and > copy all Mailbox files to the Uuntu system and start dovecot. > > Regards > Hans >