From tss at iki.fi Tue May 1 03:21:42 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:21:42 +0300 Subject: [Dovecot] Shared INBOX change in v2.1.6? Message-ID: <1335831702.21461.60.camel@innu> Previously Dovecot has shown shared INBOX like: * LIST (\HasChildren) "/" "shared/tss2" * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" * LIST (\HasNoChildren) "/" "shared/tss2/foo" The last change in hg makes it return simply (same as with Cyrus): * LIST (\HasChildren) "/" "shared/tss2" * LIST (\HasNoChildren) "/" "shared/tss2/foo" This behavior could be made optional, but does anyone actually want it to work the old way (and why)? I'd rather not add an option that isn't useful to anyone. I think older Dovecot versions have allowed opening both shared/tss2 and shared/tss2/INBOX, but at least in v2.1 that code was broken. With the last change it's still possible to open both of them, the shared/tss2/INBOX just isn't visible in LIST output. From tss at iki.fi Tue May 1 03:23:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:23:11 +0300 Subject: [Dovecot] mdbox packing In-Reply-To: References: Message-ID: <1335831791.21461.61.camel@innu> On Mon, 2012-04-30 at 12:43 -0700, Daniel L. Miller wrote: > Is there a way to manually force an mdbox storage to be rebuilt into new > files? Particularly files of the maximum size? You could do it with dsync. From tss at iki.fi Tue May 1 03:23:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:23:43 +0300 Subject: [Dovecot] Single Instance Storage management In-Reply-To: References: Message-ID: <1335831823.21461.62.camel@innu> On Mon, 2012-04-30 at 12:42 -0700, Daniel L. Miller wrote: > Was there a doveadm command that checks the SIS files and removes any > not referenced? Will the "doveadm purge -A" catch that? Nope. From tss at iki.fi Tue May 1 03:29:51 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:29:51 +0300 Subject: [Dovecot] question dovecot Inheritance global acl vs userfolder acl In-Reply-To: <4F9EE00F.5050308@schetterer.org> References: <4F9EE00F.5050308@schetterer.org> Message-ID: <1335832191.21461.68.camel@innu> On Mon, 2012-04-30 at 20:55 +0200, Robert Schetterer wrote: > Hi Timo > my tests resulted in > inheritance is given if a userfolder has set some acl to its new created > subfolder , which is nice > > if some userfolder has its acl from global acl > there is no inheritance to its new created subfolders, > that subfolders will always created with full owner rights > > i am not really sure if its a good idea > to have inheritance from global acl and > if its hackabel what is your idea to this ? There is no ACL inheritance feature in Dovecot at all. The only thing that kind of appears as being inheritance is that when you create a new mailbox, its ACLs are copied from the parent's (but any future changes to parent ACLs won't change the child's.) I've been planning on changing how global ACLs work though. The idea would be that you'd have a single dovecot-global-acl file that has fields: So for example you could say: foo user=tss lrw This would work the same way as now. But you could also add: foo/* user=admin lrwstipekxa This would also apply to the children. Still, none of this is really "inheritance". From tss at iki.fi Tue May 1 03:35:45 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:35:45 +0300 Subject: [Dovecot] Dovecot dsync mail replication issues In-Reply-To: References: <4F9E6CBE.4070609@reub.net> Message-ID: <1335832545.21461.73.camel@innu> On Mon, 2012-04-30 at 12:25 -0400, Michescu Andrei wrote: > > tornado Maildir # doveadm sync -u lyn remote:root at dustbowl.reub.net > > dsync-local(lyn): Error: Can't rename mailbox > > INBOX_7a86a62d465a974fb92f00003b258734 to INBOX: Target mailbox already > > exists > The setup will run fine as long as you only update 1 server and the other > one is backup. The current release does not handle well the master-master > model (you'll endup with emails like the folders above: duplicated, with > GUID appended to them etc etc)... It does work, as long as you get the initial configuration to work properly without adding the _GUIDs. The _GUIDs shouldn't be added if you do the initial replication to the other side (to nonexistent Maildir!) via dsync. I guess some plugins might also break this. > Unfortunately the dsync is not working for the moment. Timo is in the > process of redesigning it. So once it is release will know about it. But yeah, the redesign is supposed to make all of this a lot easier and more reliable. :) The new code can almost do the basics now, but still needs some time.. I'm giving a talk about it in 3 weeks though, so I'm planning on it being at least somewhat usable by then. :) From tss at iki.fi Tue May 1 03:39:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:39:11 +0300 Subject: [Dovecot] restoring mails and directories In-Reply-To: <20120430085932.267600@gmx.net> References: <20120430085932.267600@gmx.net> Message-ID: <1335832751.21461.76.camel@innu> On Mon, 2012-04-30 at 10:59 +0200, oni-neko at gmx.net wrote: > Good day! > > is there an easy way to restore e.g. deleted mails and/or mail directories? > let me specify: I'm running dovecot 1.2.9 on a current ubuntu lts. It is set to Maildir and I backup the folder with the users maildata nightly via rsync. > > now, when someone deletes a mail that they still need, and I copy it back from the backup, it will not be visible to mail clients. When I change the mailfile by a letter or so, it shows. that's easy enough, if not exactly awesome ;-) Sounds like the message gets its old IMAP UID back, but since IMAP isn't designed for that, the clients don't realize it. By changing the filename the message gets a new UID. Although typically Dovecot should notice that and log an error and fix the situation, except if you've disabled index files. So..: Don't put the messages back to where you got them with the same names. From tss at iki.fi Tue May 1 03:42:39 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:42:39 +0300 Subject: [Dovecot] Log messages In-Reply-To: <201204301038.37694.sdavies@sdc.com.au> References: <201204301038.37694.sdavies@sdc.com.au> Message-ID: <1335832959.21461.78.camel@innu> On Mon, 2012-04-30 at 10:38 +0930, Stephen Davies wrote: > I asked about log synch error back in March and have (repeatedly) deleted all > .imap files but the errors continue. .. > Apr 30 09:00:12 server dovecot: imap(john): Error: Log synchronization error > at seq=2,offset=929952 for /home/john/Mail/INBOX/.imap/Archive/dovecot.index: > Extension header update points outside header size You also deleted ~/Mail/INBOX/.imap/, not simply ~/Mail/.imap/? And there weren't any imap sessions open at that time (which would recreate them)? The index file deletion should work. Also this has been fixed in v2.1.2 and newer. From tss at iki.fi Tue May 1 03:46:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:46:52 +0300 Subject: [Dovecot] lmtp proxy timeout while waiting for reply to DATA reply In-Reply-To: <20120428110023.GA9236@daniel.localdomain> References: <20120428110023.GA9236@daniel.localdomain> Message-ID: <1335833212.21461.82.camel@innu> On Sat, 2012-04-28 at 13:00 +0200, Daniel Parthey wrote: > we are experiencing similar sporadic data timeout issues with dovecot 2.0.20 > as in http://dovecot.org/pipermail/dovecot/2011-June/059807.html > at least once a week. Some mails get temporarily deferred in the > postfix queue since dovecot director lmtp refuses them and the > mails are delivered at a later time. .. > Shall I apply the following patches from > http://dovecot.org/pipermail/dovecot/2011-June/059987.html > or are they already included with version 2.0.20? Those patches are already in v2.0.20. But what isn't in v2.0 is the larger rewrite of the LMTP proxying code in v2.1, which I hope fixes also this timeout problem. From tss at iki.fi Tue May 1 03:49:53 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:49:53 +0300 Subject: [Dovecot] [PATCH] Dovecot 2.1 compiling fix for AIX In-Reply-To: <87sjfpfwbk.wl%fumiyas@osstech.jp> References: <87vcklfxoj.wl%fumiyas@osstech.jp> <87sjfpfwbk.wl%fumiyas@osstech.jp> Message-ID: <1335833393.21461.83.camel@innu> Committed: http://dovecot.org/pipermail/dovecot/2011-June/059987.html On Fri, 2012-04-27 at 16:49 +0900, SATOH Fumiyasu wrote: > Revised patch. Sorry. > > At Fri, 27 Apr 2012 16:20:28 +0900, > SATOH Fumiyasu wrote: > > I'm trying to build Dovecot 2.1.5 on AIX 6.1 and got the following > > build error: > > > > $ ./configure > > ... > > $ make > > ... > > In file included from stats-connection.c:9: > > stats-plugin.h:14: error: field 'user_cpu' has incomplete type > > stats-plugin.h:14: error: field 'sys_cpu' has incomplete type > > ... > > > > The attached patch fixes this problem. > From tss at iki.fi Tue May 1 03:53:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:53:34 +0300 Subject: [Dovecot] 2.1.5: Panic: file mailbox-list-fs.c: line 156 (fs_list_get_path): assertion failed: (mailbox_list_is_valid_pattern(_list, name)) In-Reply-To: <20120427063431.GA12180@nick.optusnet.com.au> References: <20120427063431.GA12180@nick.optusnet.com.au> Message-ID: <1335833614.21461.86.camel@innu> On Fri, 2012-04-27 at 16:34 +1000, Nick Urbanik wrote: > I upgraded to 2.1.5, and we have the same assertion failure, on the > same mailbox: > > Apr 27 16:02:03 imap(nu-imaptest00258 at example.com): Panic: file mailbox-list-fs.c: line 156 (fs_list_get_path): assertion failed: (mailbox_list_is_valid_pattern(_list, name)) .. > Any suggestions welcome. > > I guess enabling core dumps is a good start, I'll do that, but has > anyone seen this before? 1) doveconf -n output 2) Can you show the list of all mailbox names? Or especially the one that is causing this crash? (The raw backtrace indicates it happens during quota recalculation, which gets a list of all mailboxes, so it might not really be the same mailbox as what appears to be broken.) From tss at iki.fi Tue May 1 03:56:12 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 01 May 2012 03:56:12 +0300 Subject: [Dovecot] SETANNOTATION for Dovecot In-Reply-To: References: Message-ID: <1335833772.21461.87.camel@innu> On Sat, 2012-04-28 at 18:09 +0200, Dieter Knopf wrote: > i'm using kmail2 and for Folder Settings the SETANNOATION command is needed. > > Is there any way to add this command to Dovecot? > > I already found a dovecot-metadata-plugin That might do it, but it's not fully finished yet. > but there is no Package available for Debian. Nope. From djonas at vitalwerks.com Tue May 1 05:28:28 2012 From: djonas at vitalwerks.com (David Jonas) Date: Mon, 30 Apr 2012 19:28:28 -0700 Subject: [Dovecot] dovecot sasl with postfix: SASL LOGIN authentication failed: Connection lost to authentication server Message-ID: <4F9F4A4C.3050005@vitalwerks.com> When using dovecot (2.1.5) sasl with postfix (2.8.4) behind nginx smtp proxy I am seeing a ton of errors of the form: postfix/smtpd[7731]: warning: unknown[192.168.0.6]: SASL LOGIN authentication failed: Connection lost to authentication server Nothing is printed by dovecot in the logs regarding the error. It seems that dovecot just hung up on postfix. (side note: no, can't use xclient in nginx/postfix. But perhaps soon.) After much digging I thought I solved it with: login_trusted_networks = 172.20.20.0/24 mail_max_userip_connections = 0 This seems safe enough because dovecot is only providing sasl to postfix, no connections to the outside world. But the error is still happening. # doveadm penalty IP penalty last_penalty last_update 172.20.20.61 1 2012-04-30 19:15:56 19:15:56 strace on the anvil process shows a lot of GETs and INCs: 18:54:06 read(14, "PENALTY-GET\t172.20.20.61\n", 397) = 25 <0.000016> 18:54:06 write(14, "1 1335837245\n", 13) = 13 <0.000029> A two minute survey showed penalty distribution: 0: 60% 1: 15% 2: 18% 3: 8% Finally I just disabled penalties with the info from http://www.dovecot.org/list/dovecot/2011-December/062631.html and that seemed to do it. Is there a better way? This took me a long time to run down so I tried to make this message detailed enough that others with similar problems will stumble upon it. From dmiller at amfes.com Tue May 1 06:26:54 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 30 Apr 2012 20:26:54 -0700 Subject: [Dovecot] Dovecot/doveadm crash In-Reply-To: <4F9EF301.8030105@amfes.com> References: <4F9EF301.8030105@amfes.com> Message-ID: On 4/30/2012 1:16 PM, Daniel L. Miller wrote: > Having a problem with a mailbox. I've been trying to rebuild - but > doveadm force-resync crashes. This is mdbox with sis. > Here's a backtrace - gdb --args doveadm force-resync -u msiegel at amfes.com Sent GNU gdb (Ubuntu/Linaro 7.2-1ubuntu11) 7.2 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/local/bin/doveadm...done. (gdb) run Starting program: /usr/local/bin/doveadm force-resync -u msiegel at amfes.com Sent [Thread debugging using libthread_db enabled] doveadm(msiegel at amfes.com): Warning: mdbox /var/mail/amfes.com/msiegel/mdbox/storage: rebuilding indexes doveadm(msiegel at amfes.com): Panic: file istream.c: line 466 (i_stream_grow_buffer): assertion failed: (stream->max_buffer_size > 0) doveadm(msiegel at amfes.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x4167a) [0x7ffff765467a] -> /usr/local/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x32) [0x7ffff7654762] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7ffff762c2a0] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x4949b) [0x7ffff765c49b] -> /usr/local/lib/dovecot/libdovecot.so.0(i_stream_get_buffer_space+0x82) [0x7ffff765c522] -> /usr/local/lib/dovecot/libdovecot.so.0(+0x4b1c8) [0x7ffff765e1c8] -> /usr/local/lib/dovecot/libdovecot.so.0(i_stream_read+0x69) [0x7ffff765bb69] -> /usr/local/lib/dovecot/libdovecot.so.0(i_stream_read_next_line+0x1d) [0x7ffff765c04d] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(dbox_file_metadata_read+0xd0) [0x7ffff78dd870] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(+0x3b958) [0x7ffff78da958] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild_in_context+0x2a9) [0x7ffff78daff9] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mdbox_sync_begin+0x6b4) [0x7ffff78d97a4] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mdbox_sync+0x34) [0x7ffff78d98d4] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_sync_init+0x87) [0x7ffff78d99b7] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x31) [0x7ffff7918871] -> /usr/local/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x27) [0x7ffff7918987] -> /usr/local/bin/doveadm() [0x40e2ff] -> /usr/local/bin/doveadm() [0x40e018] -> /usr/local/bin/doveadm() [0x40ea83] -> /usr/local/bin/doveadm(doveadm_mail_try_run+0x141) [0x40eef1] -> /usr/local/bin/doveadm(main+0x3c1) [0x415911] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xff) [0x7ffff729deff] -> /usr/local/bin/doveadm() [0x40de39] Program received signal SIGABRT, Aborted. 0x00007ffff72b2d05 in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) bt full #0 0x00007ffff72b2d05 in raise () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #1 0x00007ffff72b6ab6 in abort () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #2 0x00007ffff7654688 in default_fatal_finish (type=, status=0) at failures.c:191 backtrace = 0x648140 "/usr/local/lib/dovecot/libdovecot.so.0(+0x4167a) [0x7ffff765467a] -> /usr/local/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x32) [0x7ffff7654762] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fat"... #3 0x00007ffff7654762 in default_fatal_handler (ctx=0x7fffffffdc80, format=, args=) at failures.c:205 status = 0 #4 0x00007ffff762c2a0 in i_panic (format=0x62b6
) at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fffffffdd50, reg_save_area = 0x7fffffffdc90}} #5 0x00007ffff765c49b in i_stream_grow_buffer (stream=0x6c7590, bytes=) at istream.c:466 old_size = __FUNCTION__ = "i_stream_grow_buffer" #6 0x00007ffff765c522 in i_stream_get_buffer_space (stream=0x6c7590, wanted_size=, size_r=) at istream.c:500 __FUNCTION__ = "i_stream_get_buffer_space" #7 0x00007ffff765e1c8 in i_stream_file_read (stream=0x6c7590) at istream-file.c:58 fstream = 0x6c7590 size = ret = __FUNCTION__ = "i_stream_file_read" #8 0x00007ffff765bb69 in i_stream_read (stream=0x6c75f0) at istream.c:130 _stream = 0x6c7590 old_size = 8192 ret = __FUNCTION__ = "i_stream_read" #9 0x00007ffff765c04d in i_stream_read_next_line (stream=0x6c75f0) at istream.c:382 line = #10 0x00007ffff78dd870 in dbox_file_metadata_read_at (file=0x6c74a0) at dbox-file.c:661 line = 0x6c98d0 "BSent" buf_size = 8192 ret = 0 #11 dbox_file_metadata_read (file=0x6c74a0) at dbox-file.c:688 metadata_offset = ret = 0 __FUNCTION__ = "dbox_file_metadata_read" ---Type to continue, or q to quit--- #12 0x00007ffff78da958 in rebuild_file_mails (ctx=0x6b6b90, storage_dir=0x674420 "/var/mail/amfes.com/msiegel/mdbox/storage", alt=) at mdbox-storage-rebuild.c:139 offset = 16 last = false fixed = false first = guid = prev_offset = 0 ret = rec = 0x7ffff7f99210 old_rec = #13 rebuild_add_file (ctx=0x6b6b90, storage_dir=0x674420 "/var/mail/amfes.com/msiegel/mdbox/storage", alt=) at mdbox-storage-rebuild.c:269 file = 0x6c74a0 ext = deleted = false ret = file_id = 558 id_str = #14 mdbox_storage_rebuild_scan_dir (ctx=0x6b6b90, storage_dir=0x674420 "/var/mail/amfes.com/msiegel/mdbox/storage", alt=) at mdbox-storage-rebuild.c:807 _data_stack_cur_id = 4 dir = d = ret = 0 #15 0x00007ffff78daff9 in mdbox_storage_rebuild_scan (storage=0x674200, atomic=) at mdbox-storage-rebuild.c:855 data = 0x6baed0 data_size = 8 #16 mdbox_storage_rebuild_in_context (storage=0x674200, atomic=) at mdbox-storage-rebuild.c:888 ctx = 0x6b6b90 ret = 0 #17 0x00007ffff78d97a4 in mdbox_sync_begin (mbox=0x6aec20, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD, atomic=0x6b6b60, ctx_r=0x7fffffffe1b8) at mdbox-sync.c:233 storage = 0x674200 ctx = sync_flags = ret = 4 rebuild = true storage_rebuilt = false ---Type to continue, or q to quit--- #18 0x00007ffff78d98d4 in mdbox_sync (mbox=0x6aec20, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD) at mdbox-sync.c:311 sync_ctx = 0x0 atomic = 0x6b6b60 ret = #19 0x00007ffff78d99b7 in mdbox_storage_sync_init (box=0x6aec20, flags=320) at mdbox-sync.c:341 mbox = 0x6aec20 mdbox_sync_flags = ret = #20 0x00007ffff7918871 in mailbox_sync_init (box=0x6aec20, flags=320) at mail-storage.c:1298 _data_stack_cur_id = 3 ctx = #21 0x00007ffff7918987 in mailbox_sync (box=, flags=) at mail-storage.c:1344 ctx = status = {sync_delayed_expunges = 1} #22 0x000000000040e2ff in cmd_force_resync_box (ctx=0x65e000, user=) at doveadm-mail.c:211 box = 0x6aec20 ret = 0 #23 cmd_force_resync_run (ctx=0x65e000, user=) at doveadm-mail.c:240 _data_stack_cur_id = 2 iter = 0x6ad8c0 info = 0x6add38 ret = 0 #24 0x000000000040e018 in doveadm_mail_next_user (ctx=0x65e000, input=, error_r=0x7fffffffe300) at doveadm-mail.c:311 error = ret = 0 __FUNCTION__ = "doveadm_mail_next_user" #25 0x000000000040ea83 in doveadm_mail_cmd (cmd=0x6550e0, argc=4, argv=0x64f390) at doveadm-mail.c:518 input = {module = 0x0, service = 0x433222 "doveadm", username = 0x64f3c7 "msiegel at amfes.com", session_id = 0x0, local_ip = { family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = { s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x65e000 getopt_args = 0x43147d "AS:u:" wildcard_user = 0x0 error = ret = c = ---Type to continue, or q to quit--- #26 0x000000000040eef1 in doveadm_mail_try_run (cmd_name=0x64f3b7 "force-resync", argc=4, argv=0x64f378) at doveadm-mail.c:577 cmd__foreach_end = 0x655380 cmd = 0x6550e0 cmd_name_len = 12 __FUNCTION__ = "doveadm_mail_try_run" #27 0x0000000000415911 in main (argc=4, argv=0x64f378) at doveadm.c:374 cmd_name = 0x64f3b7 "force-resync" i = quick_init = false c = -- Daniel From robert at schetterer.org Tue May 1 09:16:47 2012 From: robert at schetterer.org (Robert Schetterer) Date: Tue, 01 May 2012 08:16:47 +0200 Subject: [Dovecot] question dovecot Inheritance global acl vs userfolder acl In-Reply-To: <1335832191.21461.68.camel@innu> References: <4F9EE00F.5050308@schetterer.org> <1335832191.21461.68.camel@innu> Message-ID: <4F9F7FCF.6020008@schetterer.org> Am 01.05.2012 02:29, schrieb Timo Sirainen: > On Mon, 2012-04-30 at 20:55 +0200, Robert Schetterer wrote: >> Hi Timo >> my tests resulted in >> inheritance is given if a userfolder has set some acl to its new created >> subfolder , which is nice >> >> if some userfolder has its acl from global acl >> there is no inheritance to its new created subfolders, >> that subfolders will always created with full owner rights >> >> i am not really sure if its a good idea >> to have inheritance from global acl and >> if its hackabel what is your idea to this ? > > There is no ACL inheritance feature in Dovecot at all. The only thing > that kind of appears as being inheritance is that when you create a new > mailbox, its ACLs are copied from the parent's (but any future changes > to parent ACLs won't change the child's.) > > I've been planning on changing how global ACLs work though. The idea > would be that you'd have a single dovecot-global-acl file that has > fields: > > > > So for example you could say: > > foo user=tss lrw > > This would work the same way as now. But you could also add: > > foo/* user=admin lrwstipekxa > > This would also apply to the children. Still, none of this is really > "inheritance". > Hi Timo, i would say this would be "good enough" for new handling global acls , however if its not really inheritance -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From robert at schetterer.org Tue May 1 09:22:37 2012 From: robert at schetterer.org (Robert Schetterer) Date: Tue, 01 May 2012 08:22:37 +0200 Subject: [Dovecot] Shared INBOX change in v2.1.6? In-Reply-To: <1335831702.21461.60.camel@innu> References: <1335831702.21461.60.camel@innu> Message-ID: <4F9F812D.8050804@schetterer.org> Am 01.05.2012 02:21, schrieb Timo Sirainen: > Previously Dovecot has shown shared INBOX like: > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > The last change in hg makes it return simply (same as with Cyrus): > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > This behavior could be made optional, but does anyone actually want it > to work the old way (and why)? I'd rather not add an option that isn't > useful to anyone. > > I think older Dovecot versions have allowed opening both shared/tss2 and > shared/tss2/INBOX, but at least in v2.1 that code was broken. With the > last change it's still possible to open both of them, the > shared/tss2/INBOX just isn't visible in LIST output. > > what ever get patched, it should not brake existing installs in the same version tree, unless there are urgent reasons for to do so ( security , bugfixes etc ), i am not sure what to decide in this case at current i have it shown as * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" and it looks ok to me -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From dovecot at tengu.ch Tue May 1 11:33:21 2012 From: dovecot at tengu.ch (=?UTF-8?Q?C=C3=A9dric_Jeanneret?=) Date: Tue, 01 May 2012 10:33:21 +0200 Subject: [Dovecot] =?utf-8?q?dovecot=2C_ldap_and_multiple_auth=5Fbind=5Fus?= =?utf-8?q?erdn?= Message-ID: <6604d861936080caf13b83303441401b@webmail.tengu.ch> Hello List! I'm having some troubles for a client of mine: he has two ldap branches which may contain valid users for imap login... For now, dovecot is configured so that it uses the auth_bind: ======== uris = ldap://localhost:389/ auth_bind = yes auth_bind_userdn = uid=%u,ou=user,dc=org ldap_version = 3 base = dc=artemis user_attrs = user_global_uid = 8 user_global_gid = 8 pass_attrs = uid=user ## other options user_filter = (uid=%u) pass_filter = (uid=%u) default_pass_scheme = CRYPT ======== Unfortunately, I cannot manage to tell him "hey guy, uses those two branches": uid=%u,ou=user,dc=org and uid=%u,ou=external,dc=org Is there a special way to do that ? Is it even possible ? I cannot modify the ldap tree, so this option is out, unfortunately :(. My dovecot version: dovecot --version 1.2.15 Thanks in advance for your answers. Cheers, C. From tss at iki.fi Tue May 1 17:26:54 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 1 May 2012 17:26:54 +0300 Subject: [Dovecot] dovecot, ldap and multiple auth_bind_userdn In-Reply-To: <6604d861936080caf13b83303441401b@webmail.tengu.ch> References: <6604d861936080caf13b83303441401b@webmail.tengu.ch> Message-ID: <01FF975C-2D6E-468A-A312-2083F9383831@iki.fi> On 1.5.2012, at 11.33, C?dric Jeanneret wrote: > Unfortunately, I cannot manage to tell him "hey guy, uses those two branches": > uid=%u,ou=user,dc=org and uid=%u,ou=external,dc=org > > Is there a special way to do that ? Is it even possible ? > I cannot modify the ldap tree, so this option is out, unfortunately :(. Create two passdb ldap {} sections with different config files using different auth_bind_userdns. From markus at mpetri.org Tue May 1 23:51:43 2012 From: markus at mpetri.org (Markus Petri) Date: Tue, 1 May 2012 22:51:43 +0200 Subject: [Dovecot] Shared INBOX change in v2.1.6? In-Reply-To: <1335831702.21461.60.camel@innu> References: <1335831702.21461.60.camel@innu> Message-ID: <20120501225143.085a8685@legolas.home.ceotex.de> On Tue, 01 May 2012 03:21:42 +0300, Timo Sirainen wrote: > Previously Dovecot has shown shared INBOX like: > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > The last change in hg makes it return simply (same as with Cyrus): > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > This behavior could be made optional, but does anyone actually want it > to work the old way (and why)? I'd rather not add an option that isn't > useful to anyone. That change would brake my installations badly, since I have a fair amount of users working with shared folders. They (and I myself) currently only use the old way. Personally I like the old way better, but that is a matter of personal taste, nothing more. So an option to keep the old behaviour would be greatly appreciated. From c at roessner-network-solutions.com Tue May 1 23:57:34 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Tue, 1 May 2012 22:57:34 +0200 Subject: [Dovecot] Shared INBOX change in v2.1.6? In-Reply-To: <1335831702.21461.60.camel@innu> References: <1335831702.21461.60.camel@innu> Message-ID: Hi, > * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" I only use these ones. So it would break my setup either. -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From sdavies at sdc.com.au Wed May 2 06:36:22 2012 From: sdavies at sdc.com.au (Stephen Davies) Date: Wed, 2 May 2012 13:06:22 +0930 Subject: [Dovecot] Log messages In-Reply-To: <1335832959.21461.78.camel@innu> References: <201204301038.37694.sdavies@sdc.com.au> <1335832959.21461.78.camel@innu> Message-ID: <201205021306.22538.sdavies@sdc.com.au> I have downloaded dovecot 2.1.5 and successfully built it. However, when I install it and try to start dovecot, I get: Starting IMAP daemon (dovecot): doveconf: Error: Module is for different version 2.1.1: /usr/lib/dovecot/settings/libmanagesieve_login_settings.so doveconf: Error: Module is for different version 2.1.1: /usr/lib/dovecot/settings/libmanagesieve_settings.so doveconf: Fatal: Error in configuration file /usr/etc/dovecot/dovecot.conf: protocols: Unknown protocol: sieve My guess is that I need to recompile and reinstall dovecot pidgeon (dovecot-2.1-pigeonhole-0.3.0) as well as dovecot but cannot find any documentation on this. Is my gues correct? Is there anything else that is needed to upgrade from 2.1.1 to 2.1.5? Cheers and thanks, Stephen On Tuesday, May 01, 2012 10:12:39 AM Timo Sirainen wrote: > On Mon, 2012-04-30 at 10:38 +0930, Stephen Davies wrote: > > I asked about log synch error back in March and have (repeatedly) deleted > > all .imap files but the errors continue. > > .. > > > Apr 30 09:00:12 server dovecot: imap(john): Error: Log synchronization > > error at seq=2,offset=929952 for > > /home/john/Mail/INBOX/.imap/Archive/dovecot.index: Extension header > > update points outside header size > > You also deleted ~/Mail/INBOX/.imap/, not simply ~/Mail/.imap/? And > there weren't any imap sessions open at that time (which would recreate > them)? > > The index file deletion should work. Also this has been fixed in v2.1.2 > and newer. -- ============================================================================= Stephen Davies Consulting P/L Voice: 08-8177 1595 Adelaide, South Australia. Fax : 08-8177 0133 Records & Collections Management. Mobile:040 304 0583 From cor at xs4all.nl Wed May 2 10:00:38 2012 From: cor at xs4all.nl (Cor Bosman) Date: Wed, 2 May 2012 09:00:38 +0200 Subject: [Dovecot] Log messages In-Reply-To: <201205021306.22538.sdavies@sdc.com.au> References: <201204301038.37694.sdavies@sdc.com.au> <1335832959.21461.78.camel@innu> <201205021306.22538.sdavies@sdc.com.au> Message-ID: <0FFA6F1A-4A0B-4281-899B-2B6A4C52C2FC@xs4all.nl> > > My guess is that I need to recompile and reinstall dovecot pidgeon > (dovecot-2.1-pigeonhole-0.3.0) as well as dovecot but cannot find any > documentation on this. > > Is my gues correct? > Is there anything else that is needed to upgrade from 2.1.1 to 2.1.5? Your guess is correct, always recompile sieve plugin when you upgrade dovecot. Cor From gilles.albusac at wanadoo.fr Wed May 2 16:41:00 2012 From: gilles.albusac at wanadoo.fr (Gilles Albusac) Date: Wed, 2 May 2012 15:41:00 +0200 Subject: [Dovecot] Dovecot for POP3S proxying Message-ID: <860142E12E7E49EB9B8698B22F373BDC@CESAR> I would like to configure Dovecot for POP3S proxying all users from the Internet to the internal Exchange Mail Server. Dovecot proxy have to authenticate the POP3S user (with ldap database) and redirect to exchange server. Is it possible ? Could you give me a dovecot.conf example file ? Regards From dmiller at amfes.com Wed May 2 20:27:05 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Wed, 02 May 2012 10:27:05 -0700 Subject: [Dovecot] mdbox corruption Message-ID: I have isolated the corruption in a mailbox to 4 mdbox files. Two of these (smaller) files cause the force-resync to report a breakage and save the file as m.XX.broken. The other two (larger) files cause a crash. Is there a way I can fix these files and recover the mails? -- Daniel From tss at iki.fi Wed May 2 21:01:24 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 2 May 2012 21:01:24 +0300 Subject: [Dovecot] mdbox corruption In-Reply-To: References: Message-ID: On 2.5.2012, at 20.27, Daniel L. Miller wrote: > I have isolated the corruption in a mailbox to 4 mdbox files. Two of these (smaller) files cause the force-resync to report a breakage and save the file as m.XX.broken. The other two (larger) files cause a crash. > > Is there a way I can fix these files and recover the mails? Well, you do have the option of extracting the mails with a text editor until I get around to fixing the crash. From djonas at vitalwerks.com Wed May 2 23:29:44 2012 From: djonas at vitalwerks.com (David Jonas) Date: Wed, 02 May 2012 13:29:44 -0700 Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: <860142E12E7E49EB9B8698B22F373BDC@CESAR> References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> Message-ID: <4FA19938.5050900@vitalwerks.com> On Wed May 2 06:41:00 2012, Gilles Albusac wrote: > I would like to configure Dovecot for POP3S proxying all users from the Internet to the internal Exchange Mail Server. Unless I'm missing something with your request, you don't need dovecot. Any ssl proxy can do that for you, such as stunnel (http://www.stunnel.org/). We use the hardware ssl termination on our load balancers for pop3s, imaps, and smtps. From victormanuelo at gmail.com Thu May 3 00:54:25 2012 From: victormanuelo at gmail.com (=?UTF-8?Q?Victor_O=C3=B1ate?=) Date: Wed, 2 May 2012 17:24:25 -0430 Subject: [Dovecot] Sieve script does not run in dovecot 2.0 on squeeze Message-ID: Hi, I want to use Sieve filtering with my Dovecot 2.0.20 installation on Debian squeeze. ManageSieve works fine so far, I can edit and activate/deactive scripts (using Thunderbird + Plugin) and they show up in the filesystem where I expect them to be, see below. # ls -la /home/k2009999/ total 16 drwxr-xr-x 4 k2009999 mail 4096 Apr 30 10:46 . drwxr-xr-x 4 root root 4096 Apr 24 17:04 .. drwx------ 7 k2009999 Domain Users 4096 Apr 30 10:56 Maildir lrwxrwxrwx 1 k2009999 Domain Users 21 Apr 30 10:46 currently-active-script.sieve -> sieve/outoffice.sieve drwxr-xr-x 3 k2009999 mail 4096 May 2 16:44 sieve ls -la /home/k2009999/sieve/ total 16 drwxr-xr-x 3 k2009999 mail 4096 May 2 16:44 . drwxr-xr-x 4 k2009999 mail 4096 Apr 30 10:46 .. -rw-r--r-- 1 k2009999 mail 36 Apr 26 17:21 outoffice.sieve drwxr-xr-x 2 k2009999 Domain Users 4096 May 2 16:44 tmp #less outoffice.sieve redirect "user at dominio.uk"; In dovecot.conf I have mail_location = maildir:~/Maildir plugin { quota = dirsize sieve=~/currently-active-script.sieve sieve_dir=~/sieve sieve_storage=~/sieve } protocols = imap sieve protocol sieve { managesieve_logout_format = bytes ( in=%i : out=%o ) } service managesieve-login { user = dovecot inet_listener sieve { port = 4190 } process_limit = 2000 } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } In postfix I have home_mailbox = Maildir/ the problem is that the script does not run and so the mail is delivered the initial recipient. I use LDAP to delivery the mail. any idea. Thank you. Th. Victor O?ate From sdavies at sdc.com.au Thu May 3 02:53:02 2012 From: sdavies at sdc.com.au (Stephen Davies) Date: Thu, 3 May 2012 09:23:02 +0930 Subject: [Dovecot] Log messages In-Reply-To: <1335832959.21461.78.camel@innu> References: <201204301038.37694.sdavies@sdc.com.au> <1335832959.21461.78.camel@innu> Message-ID: <201205030923.02366.sdavies@sdc.com.au> I upgraded to dovecot 2.1.5 yesterday and deleted ALL .imap directories. Both the log sync and fsck errors seem to have stopped. Cheers and thanks, Stephen On Tuesday, May 01, 2012 10:12:39 AM Timo Sirainen wrote: > On Mon, 2012-04-30 at 10:38 +0930, Stephen Davies wrote: > > I asked about log synch error back in March and have (repeatedly) deleted > > all .imap files but the errors continue. > > .. > > > Apr 30 09:00:12 server dovecot: imap(john): Error: Log synchronization > > error at seq=2,offset=929952 for > > /home/john/Mail/INBOX/.imap/Archive/dovecot.index: Extension header > > update points outside header size > > You also deleted ~/Mail/INBOX/.imap/, not simply ~/Mail/.imap/? And > there weren't any imap sessions open at that time (which would recreate > them)? > > The index file deletion should work. Also this has been fixed in v2.1.2 > and newer. -- ============================================================================= Stephen Davies Consulting P/L Voice: 08-8177 1595 Adelaide, South Australia. Fax : 08-8177 0133 Records & Collections Management. Mobile:040 304 0583 From snabb at epipe.com Thu May 3 10:42:51 2012 From: snabb at epipe.com (Janne Snabb) Date: Thu, 03 May 2012 14:42:51 +0700 Subject: [Dovecot] Sieve script does not run in dovecot 2.0 on squeeze In-Reply-To: References: Message-ID: <4FA236FB.9040003@epipe.com> On 05/03/2012 04:54 AM, Victor O?ate wrote: > In dovecot.conf I have > > > mail_location = maildir:~/Maildir > > plugin { > quota = dirsize > sieve=~/currently-active-script.sieve > sieve_dir=~/sieve > sieve_storage=~/sieve > } > > protocols = imap sieve > > protocol sieve { > managesieve_logout_format = bytes ( in=%i : out=%o ) > } > > service managesieve-login { > user = dovecot > inet_listener sieve { > port = 4190 > } > process_limit = 2000 > } > > > userdb { > args = /etc/dovecot/dovecot-ldap.conf > driver = ldap > } After you have fixed your Postfix configuration (see below), you probably need to add: protocol lda { mail_plugins = $mail_plugins sieve } > In postfix I have > > > home_mailbox = Maildir/ You need to configure Postfix to use local delivery agent (LDA) which supports sieve, such as Dovecot's LDA with sieve plugin. Have a look at: http://wiki.dovecot.org/LDA/Postfix > the problem is that the script does not run and so the mail is delivered > the initial recipient. > > I use LDAP to delivery the mail. > > any idea. Thank you. Hope this helps. -- Janne Snabb / EPIPE Communications snabb at epipe.com - http://epipe.com/ From gilles.albusac at wanadoo.fr Thu May 3 15:14:40 2012 From: gilles.albusac at wanadoo.fr (Gilles Albusac) Date: Thu, 3 May 2012 14:14:40 +0200 Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: <4FA19938.5050900@vitalwerks.com> References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> Message-ID: <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> Thanks a lot for your answer. Dovecot is already installed in my architecture and I just would like to know how to configure Dovecot for POP3S proxying with authentication. For security reasons I prefer to install as little as possible binary (see vulnerability 2011 - remote exploit - STUNNEL). Regards. -----Message d'origine----- From: David Jonas Sent: Wednesday, May 02, 2012 10:29 PM To: Gilles Albusac Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Dovecot for POP3S proxying On Wed May 2 06:41:00 2012, Gilles Albusac wrote: > I would like to configure Dovecot for POP3S proxying all users from the > Internet to the internal Exchange Mail Server. Unless I'm missing something with your request, you don't need dovecot. Any ssl proxy can do that for you, such as stunnel (http://www.stunnel.org/). We use the hardware ssl termination on our load balancers for pop3s, imaps, and smtps. From victormanuelo at gmail.com Thu May 3 17:10:47 2012 From: victormanuelo at gmail.com (=?UTF-8?Q?Victor_O=C3=B1ate?=) Date: Thu, 3 May 2012 09:40:47 -0430 Subject: [Dovecot] Sieve script does not run in dovecot 2.0 on squeeze In-Reply-To: <4FA236FB.9040003@epipe.com> References: <4FA236FB.9040003@epipe.com> Message-ID: Hi. thanks.. I fixed my Postfix configuration, this are a lines add in my main.cf # Configuraci?n LDAP dovecot_destination_recipient_limit = 1 virtual_transport = dovecot virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cfg ldap:/etc/postfix/ldap-aliases.cfg.ext virtual_alias_recursion_limit = 10000 virtual_alias_expansion_limit = 10000 transport_maps = ldap:/etc/postfix/ldap-transport.cfg and my master.cf add dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient} and my dovecot.conf add protocol lda { mail_plugins = $mail_plugins sieve } but the script still does not run. see the logs May 3 09:27:41 correo-s postfix/tlsmgr[16984]: warning: request to update table btree:/var/spool/postfix/smtpd_scache in non-postfix directory /var/spool/postfix May 3 09:27:41 correo-s postfix/tlsmgr[16984]: warning: redirecting the request to postfix-owned data_directory /var/lib/postfix May 3 09:27:41 correo-s postfix/tlsmgr[16984]: warning: request to update table btree:/var/spool/postfix/smtp_scache in non-postfix directory /var/spool/postfix May 3 09:27:41 correo-s postfix/tlsmgr[16984]: warning: redirecting the request to postfix-owned data_directory /var/lib/postfix May 3 09:27:41 correo-s postfix/smtpd[16982]: connect from server[X.X.X.X] May 3 09:27:41 correo-s postfix/smtpd[16982]: 5B38216EE: client=cliente[X.X.X.x] May 3 09:27:41 correo-s postfix/cleanup[16986]: 5B38216EE: message-id=<4FA28EDD.90702 at dominio.uk> May 3 09:27:41 correo-s postfix/smtpd[16982]: disconnect from server[X.X.X.X] May 3 09:27:41 correo-s postfix/qmgr[16893]: 5B38216EE: from=, size=846, nrcpt=1 (queue active) May 3 09:27:41 correo-s postfix/local[16987]: 5B38216EE: to=, relay=local, delay=0.04, delays=0.02/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir) May 3 09:27:41 correo-s postfix/qmgr[16893]: 5B38216EE: removed 2012-05-03 09:27:45 auth: Warning: userdb(k2009999,10.40.21.50): Multiple values found for 'Maildir', using value 'user2 at dominio.uk' As you can see the mail is delivered correctly to the destination without taking intoaccount the sieve script I use ldap as a backend user then I think we should do something in the file . transport_maps = ldap:/etc/postfix/ldap-transport.cfg this is my dap-transport.cfg file: bind = no version = 3 timeout = 20 start_tls = no tls_require_cert = no server_host = ldap://server-ldap.uk scope = sub search_base = dc=domain,dc=uk query_filter = (&(mail=%s)(!(maildrop=mail-squeeze.dominio.uk))) result_format = smtp:[%s] result_attribute = maildrop debuglevel = 0 dereference = 3 Any idea. Thank you. Victor O?ate 2012/5/3 Janne Snabb : > On 05/03/2012 04:54 AM, Victor O?ate wrote: > >> In dovecot.conf I have >> >> >> mail_location = maildir:~/Maildir >> >> plugin { >> ? quota = dirsize >> ? sieve=~/currently-active-script.sieve >> ? sieve_dir=~/sieve >> ? sieve_storage=~/sieve >> } >> >> protocols = imap sieve >> >> protocol sieve { >> ? managesieve_logout_format = bytes ( in=%i : out=%o ) >> } >> >> service managesieve-login { >> ? ?user = dovecot >> ? ?inet_listener sieve { >> ? ? ?port = 4190 >> ? ?} >> ? ?process_limit = 2000 >> } >> >> >> userdb { >> ? args = /etc/dovecot/dovecot-ldap.conf >> ? driver = ldap >> } > > After you have fixed your Postfix configuration (see below), you > probably need to add: > > protocol lda { > ?mail_plugins = $mail_plugins sieve > } > >> In postfix I have >> >> >> home_mailbox ?= Maildir/ > > You need to configure Postfix to use local delivery agent (LDA) which > supports sieve, such as Dovecot's LDA with sieve plugin. Have a look at: > http://wiki.dovecot.org/LDA/Postfix > >> the problem is that the script does not run and so the mail is delivered >> the initial recipient. >> >> I use LDAP to delivery the mail. >> >> any idea. Thank you. > > Hope this helps. > > -- > Janne Snabb / EPIPE Communications > snabb at epipe.com - http://epipe.com/ From silverdog at gmail.com Fri May 4 02:43:10 2012 From: silverdog at gmail.com (Carlos Alberto) Date: Thu, 3 May 2012 19:13:10 -0430 Subject: [Dovecot] non-ascii password Message-ID: Hi guys, sorry for bother i'am looking how to fix the passwords with non-ascii characters (like ?). i'am using dovecot version 1.2.15 on debian. Thanks in advance. From patrickdk at patrickdk.com Fri May 4 04:47:32 2012 From: patrickdk at patrickdk.com (Patrick Domack) Date: Thu, 03 May 2012 21:47:32 -0400 Subject: [Dovecot] non-ascii password In-Reply-To: References: Message-ID: <20120503214732.Horde.gR_UG5LnE6FPozU0H3Di4PA@mail.patrickdk.com> Quoting Carlos Alberto : > Hi guys, sorry for bother > i'am looking how to fix the passwords with non-ascii characters (like ?). > i'am using dovecot version 1.2.15 on debian. > > Thanks in advance. This has been tested many times, dovecot isn't the issue. More likely your backend is causing a problem, be it sql, ldap, pam, or however your storing them. I know I have personally tested ? against Windows LDAP and openldap using dovecot. From gilles.albusac at wanadoo.fr Fri May 4 09:33:50 2012 From: gilles.albusac at wanadoo.fr (Gilles Albusac) Date: Fri, 4 May 2012 08:33:50 +0200 Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: <4FA2C890.70603@vitalwerks.com> References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> <4FA2C890.70603@vitalwerks.com> Message-ID: <516239F4D08B4FE784F7745A92121ECB@CESAR> Dovecot is installed but actually I just use auth module (for postfix authentication). In your dovecot.conf example, I don't see the "proxy" command ? Could you give me a few more details on the "proxy" command usage (ExtraFields/Proxy is not clear for me)? Regards -----Message d'origine----- From: David Jonas Sent: Thursday, May 03, 2012 8:04 PM To: Gilles Albusac Subject: Re: [Dovecot] Dovecot for POP3S proxying On Thu May 3 05:14:40 2012, Gilles Albusac wrote: > Dovecot is already installed in my architecture and I just would like > to know how to configure Dovecot for POP3S proxying with authentication. > > For security reasons I prefer to install as little as possible binary > (see vulnerability 2011 - remote exploit - STUNNEL). If you already have dovecot running in proxy mode it's easy to add pop3s. If not, see http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy See http://wiki2.dovecot.org/Services search the page for pop3s. A simple example: ssl = yes ssl_cert = -----Message d'origine----- From: David Jonas > Sent: Wednesday, May 02, 2012 10:29 PM > To: Gilles Albusac > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Dovecot for POP3S proxying > > On Wed May 2 06:41:00 2012, Gilles Albusac wrote: >> I would like to configure Dovecot for POP3S proxying all users from >> the Internet to the internal Exchange Mail Server. > > Unless I'm missing something with your request, you don't need dovecot. > Any ssl proxy can do that for you, such as stunnel > (http://www.stunnel.org/). We use the hardware ssl termination on our > load balancers for pop3s, imaps, and smtps. From stephan at rename-it.nl Fri May 4 10:02:30 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 04 May 2012 09:02:30 +0200 Subject: [Dovecot] per user sieve after filters In-Reply-To: <20120409162650.GA29690@london.sagso.home> References: <20120409162650.GA29690@london.sagso.home> Message-ID: <4FA37F06.2030101@rename-it.nl> On 4/9/2012 6:26 PM, Andre Rodier wrote: > Hello, > > Thanks for dovecot, as it's still the best mail server. > > I'd like to use per users sieve_after scripts. > > Can I put in my dovecot config file, something like that: > > sieve_after = %h/Mails/Sieve/After/ > > It would be very useful for me, as I'd like to add vacation script to be > executed from this place. I've tested this recently and it works for the above example. Additionally, I've extended multiscript support with the possibility to specify multiple sieve_before and sieve_after scripts: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b2ff597c2279 So, you can now (once released) have a configuration like: sieve_after = %h/Mails/Sieve/After sieve_after2 = /usr/lib/dovecot/sieve-after.d And I changed the implementation to accept ~/ substitutions, so it is now also possible to do the following: sieve_after = ~/Mails/Sieve/After Turns out more people need/use a solution similar to yours and that is the reason I made it more flexible. Regards, Stephan. From info at simonecaruso.com Fri May 4 12:20:22 2012 From: info at simonecaruso.com (Simone Caruso) Date: Fri, 04 May 2012 11:20:22 +0200 Subject: [Dovecot] Strange behaviour for sieve_before Message-ID: <4FA39F56.5040609@simonecaruso.com> Hi all, i moved from dovecot 2.0.15 (lda) to 2.1.5 with lmtp transport, all works well with the same configuration directives. But sieve_before stopped working with mail_debug=no. The weird thing is that, with mail_debug=yes the sieve_before script starts working. Any idea? Thanks (my conf attacched, for the new install i used prebuild packages) -- Simone Caruso IT Consultant +39 349 65 90 805 -------------- next part -------------- # 2.1.5 (d5bbb1d203c5): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 6.0.4 ext3 auth_cache_size = 5 M auth_master_user_separator = * auth_mechanisms = plain login auth_worker_max_count = 15 base_dir = /var/run/dovecot/ dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf } disable_plaintext_auth = no first_valid_gid = 8 first_valid_uid = 8 hostname = mail.ardeek.com listen = * mail_home = /var/dovecot-homes/%d/%n/home mail_location = maildir:/var/mail/%d/%n:INDEX=/var/dovecot-index/%d/%n mail_plugins = quota autocreate mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes list = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/conf.d/auth-master.conf.ext driver = sql master = yes pass = yes } passdb { args = /etc/dovecot/conf.d/auth-sql.conf.ext driver = sql } plugin { autocreate = INBOX.Trash autocreate2 = INBOX.Sent autocreate3 = INBOX.Drafts autocreate4 = INBOX.Spam autosubscribe = INBOX.Trash autosubscribe2 = INBOX.Sent autosubscribe3 = INBOX.Drafts autosubscribe4 = INBOX.Spam quota = dict:User quota::proxy::quotadict quota_rule2 = INBOX.Trash:storage=+55M quota_warning = storage=90%% /usr/sbin/quota-warning.sh 90 %u sieve = /var/mail/%d/%n/sieve/.default.sieve sieve_before = /etc/dovecot/sieve/dovecot.sieve sieve_dir = /var/mail/%d/%n/sieve sieve_storage = /var/mail/%d/%n/sieve } postmaster_address = postmaster at ardeek.com protocols = " imap lmtp sieve pop3" service auth { unix_listener auth-userdb { mode = 0666 user = mail } } service dict { unix_listener dict { mode = 0600 user = mail } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 3 service_count = 0 vsz_limit = 128 M } service imap { client_limit = 25 process_limit = 10 process_min_avail = 2 service_count = 0 } service lmtp { inet_listener lmtp { address = * port = 24 } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } process_min_avail = 1 vsz_limit = 128 M } service pop3-login { client_limit = 5 inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } process_limit = 6 process_min_avail = 3 service_count = 0 } service pop3 { client_limit = 25 process_limit = 10 process_min_avail = 2 service_count = 0 } ssl_cert = Hi all, I use "doveadm mailbox mutf7 -7 $folder" to convert imap foldernames to UTF-8. If $foldername is not mUTF-7 encoded, doveadm returns "doveadm(root): Error: Mailbox name not valid mUTF-7: $folder" This errormessage is printed on stderr but the returncode of doveadm is zero. I tested with dovecot-2.0.* and dovecot-2.1.* # all right: $ doveadm mailbox mutf7 -7 'gr&APw-n'; echo $? gr?n 0 # also all right, no mUTF-7 encoded folder: $ doveadm mailbox mutf7 -7 'gruen'; echo $? gruen 0 # wrong $ doveadm mailbox mutf7 -7 'gr?n'; echo $? doveadm(root): Error: Mailbox name not valid mUTF-7: gr?n 0 Would be nice if doveadm exit with an errorcode != 0 in that case. Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From stephan at rename-it.nl Fri May 4 12:42:41 2012 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 04 May 2012 11:42:41 +0200 Subject: [Dovecot] Strange behaviour for sieve_before In-Reply-To: <4FA39F56.5040609@simonecaruso.com> References: <4FA39F56.5040609@simonecaruso.com> Message-ID: <4FA3A491.9040801@rename-it.nl> On 5/4/2012 11:20 AM, Simone Caruso wrote: > Hi all, > i moved from dovecot 2.0.15 (lda) to 2.1.5 with lmtp transport, all works well > with the same configuration directives. > > But sieve_before stopped working with mail_debug=no. > The weird thing is that, with mail_debug=yes the sieve_before script starts working. > > Any idea? Thanks This is an interesting bug that scores high on the stupidity scale. It was introduced by this change: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b2ff597c2279 I wonder why I only broke this for sieve_before. Fixed: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/aa611f912da6 Regards, Stephan. From info at simonecaruso.com Fri May 4 13:26:42 2012 From: info at simonecaruso.com (Simone Caruso) Date: Fri, 04 May 2012 12:26:42 +0200 Subject: [Dovecot] Strange behaviour for sieve_before In-Reply-To: <4FA3A491.9040801@rename-it.nl> References: <4FA39F56.5040609@simonecaruso.com> <4FA3A491.9040801@rename-it.nl> Message-ID: <4FA3AEE2.60203@simonecaruso.com> On 04/05/2012 11:42, Stephan Bosch wrote: > On 5/4/2012 11:20 AM, Simone Caruso wrote: >> Hi all, >> i moved from dovecot 2.0.15 (lda) to 2.1.5 with lmtp transport, all works well >> with the same configuration directives. >> >> But sieve_before stopped working with mail_debug=no. >> The weird thing is that, with mail_debug=yes the sieve_before script starts >> working. >> >> Any idea? Thanks > > This is an interesting bug that scores high on the stupidity scale. We are humans :) Thank you! -- Simone Caruso IT Consultant +39 349 65 90 805 From agnello.dsouza at gmail.com Fri May 4 16:48:55 2012 From: agnello.dsouza at gmail.com (Agnello George) Date: Fri, 4 May 2012 19:18:55 +0530 Subject: [Dovecot] smtp -auth with using clear text password Message-ID: Hi I am setting up a mailserver .. where clients need to authenticate to the mail server . The mta i am using is postfix . It is possible to use a file like this : ---------------------------------- cat /etc/postfix/dovecote_passwd agnello:123456 --------------------------------- where user is agnello and password is 123456 If you can please send me some reference links thanks a ton -- Regards Agnello D'souza From e-frog at gmx.de Fri May 4 17:46:11 2012 From: e-frog at gmx.de (e-frog) Date: Fri, 04 May 2012 16:46:11 +0200 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: Message-ID: <4FA3EBB3.4040908@gmx.de> On 04.05.2012 15:48, wrote Agnello George: > Hi > > I am setting up a mailserver .. where clients need to authenticate to the > mail server . The mta i am using is postfix . It is possible to use a file > like this : > > ---------------------------------- > cat /etc/postfix/dovecote_passwd > agnello:123456 > > --------------------------------- > > where user is agnello and password is 123456 > > If you can please send me some reference links > > thanks a ton > PasswdFile seems what you want: http://wiki2.dovecot.org/AuthDatabase/PasswdFile From agnello.dsouza at gmail.com Fri May 4 17:51:24 2012 From: agnello.dsouza at gmail.com (Agnello George) Date: Fri, 4 May 2012 20:21:24 +0530 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: <4FA3EBB3.4040908@gmx.de> References: <4FA3EBB3.4040908@gmx.de> Message-ID: thanks a ton > >> > PasswdFile seems what you want: > http://wiki2.dovecot.org/**AuthDatabase/PasswdFile > > Actually i did try this , i created a file called cat /etc/dovecot/passwd agnello:123456 i also added in dovecot passdb { driver = passwd-file args = /etc/dovecot/passwd} But still its gives me a relay access denied . -- Regards Agnello D'souza From e-frog at gmx.de Fri May 4 18:13:34 2012 From: e-frog at gmx.de (e-frog) Date: Fri, 04 May 2012 17:13:34 +0200 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> Message-ID: <4FA3F21E.5030905@gmx.de> On 04.05.2012 16:51, wrote Agnello George: > thanks a ton > >> >>> >> PasswdFile seems what you want: >> http://wiki2.dovecot.org/**AuthDatabase/PasswdFile >> >> > > Actually i did try this , i created a file called > > cat /etc/dovecot/passwd > agnello:123456 > > i also added in dovecot > > passdb { driver = passwd-file args = /etc/dovecot/passwd} > > But still its gives me a relay access denied . > You need to configure Postfix to use dovecot as SASL provider. There are some Howto's in the wiki. http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix If you cannot solve it with this please provide dovecot -n, postfix -n and logs with auth_debug=yes. From tss at iki.fi Fri May 4 18:40:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 18:40:34 +0300 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> Message-ID: <89301D9D-B2B2-4F34-A8E6-27C8078ABC75@iki.fi> On 4.5.2012, at 17.51, Agnello George wrote: > cat /etc/dovecot/passwd > agnello:123456 > > i also added in dovecot > > passdb { driver = passwd-file args = /etc/dovecot/passwd} > > But still its gives me a relay access denied . The default password scheme is CRYPT, but you apparently want plaintext passwords. So either prefix the password with {plain} or add: args = scheme=plain /etc/dovecot/passwd From tss at iki.fi Fri May 4 18:42:22 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 18:42:22 +0300 Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: <516239F4D08B4FE784F7745A92121ECB@CESAR> References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> <4FA2C890.70603@vitalwerks.com> <516239F4D08B4FE784F7745A92121ECB@CESAR> Message-ID: On 4.5.2012, at 9.33, Gilles Albusac wrote: > Dovecot is installed but actually I just use auth module (for postfix authentication). > > In your dovecot.conf example, I don't see the "proxy" command ? The proxying is enabled by having the passdb lookup return a "proxy" extra field. What passdb are you planning on using? From tss at iki.fi Fri May 4 20:07:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 20:07:28 +0300 Subject: [Dovecot] doveadm mailbox: rc=0 on error In-Reply-To: <20120504094311.GA13638@spider.services.datevnet.de> References: <20120504094311.GA13638@spider.services.datevnet.de> Message-ID: On 4.5.2012, at 12.43, Andreas Schulze wrote: > I use "doveadm mailbox mutf7 -7 $folder" to convert imap foldernames to UTF-8. > If $foldername is not mUTF-7 encoded, doveadm returns > "doveadm(root): Error: Mailbox name not valid mUTF-7: $folder" > This errormessage is printed on stderr but the returncode of doveadm is zero. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/3689eced9381 From tss at iki.fi Fri May 4 20:14:48 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 20:14:48 +0300 Subject: [Dovecot] Dovecot/doveadm crash In-Reply-To: References: Message-ID: <7F9323D3-2561-4721-A47D-61605B4888AD@iki.fi> On 30.4.2012, at 23.16, Daniel L. Miller wrote: > Having a problem with a mailbox. I've been trying to rebuild - but doveadm force-resync crashes. This is mdbox with sis. > > doveadm purge -u dmiller at amfes.com > doveadm(dmiller at amfes.com): Panic: file istream.c: line 466 (i_stream_grow_buffer): assertion failed: (stream->max_buffer_size > 0) http://hg.dovecot.org/dovecot-2.1/rev/fa6662ab4df3 should fix this. From tss at iki.fi Fri May 4 20:18:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 20:18:58 +0300 Subject: [Dovecot] dovecot sasl with postfix: SASL LOGIN authentication failed: Connection lost to authentication server In-Reply-To: <4F9F4A4C.3050005@vitalwerks.com> References: <4F9F4A4C.3050005@vitalwerks.com> Message-ID: <7DA2E47A-E0A5-4078-B362-A7AF74FCA39D@iki.fi> On 1.5.2012, at 5.28, David Jonas wrote: > When using dovecot (2.1.5) sasl with postfix (2.8.4) behind nginx smtp > proxy I am seeing a ton of errors of the form: .. > Nothing is printed by dovecot in the logs regarding the error. It seems > that dovecot just hung up on postfix. (side note: no, can't use xclient > in nginx/postfix. But perhaps soon.) So nginx hides the client's IP. > Finally I just disabled penalties with the info from > > http://www.dovecot.org/list/dovecot/2011-December/062631.html > > and that seemed to do it. Is there a better way? Nope, other than enabling XCLIENT so Dovecot sees the clients' real IPs instead of nginx's. From tss at iki.fi Fri May 4 21:42:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 21:42:02 +0300 Subject: [Dovecot] Shared INBOX change in v2.1.6? In-Reply-To: <1335831702.21461.60.camel@innu> References: <1335831702.21461.60.camel@innu> Message-ID: On 1.5.2012, at 3.21, Timo Sirainen wrote: > Previously Dovecot has shown shared INBOX like: > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/INBOX" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > The last change in hg makes it return simply (same as with Cyrus): > > * LIST (\HasChildren) "/" "shared/tss2" > * LIST (\HasNoChildren) "/" "shared/tss2/foo" > > This behavior could be made optional, but does anyone actually want it > to work the old way (and why)? I'd rather not add an option that isn't > useful to anyone. Well, I guess it has to be optional then: http://hg.dovecot.org/dovecot-2.1/rev/40a544fc4778 I might change the default in v2.2 though. From tss at iki.fi Fri May 4 21:54:25 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 4 May 2012 21:54:25 +0300 Subject: [Dovecot] dovecot and systemd In-Reply-To: <4F8BEC90.8060504@redhat.com> References: <4F61EFE8.1000901@redhat.com> <1331820329.10319.32.camel@innu> <4F8BEC90.8060504@redhat.com> Message-ID: On 16.4.2012, at 12.55, Michal Hlavinka wrote: > I wrote simple patch that close the extra sockets. It's tested and works fine. You'll maybe want to move that function to different place and/or change wording of error messages. I committed it to v2.1 now with a couple of changes. One is that it doesn't actually close the fd, but instead puts /dev/null into it. I think otherwise Dovecot might use that fd to something else and the check would later fail again and close the wrong fd. http://hg.dovecot.org/dovecot-2.1/rev/4a3bf567da54 From agnello.dsouza at gmail.com Sat May 5 09:14:02 2012 From: agnello.dsouza at gmail.com (Agnello George) Date: Sat, 5 May 2012 11:44:02 +0530 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: <4FA3F21E.5030905@gmx.de> References: <4FA3EBB3.4040908@gmx.de> <4FA3F21E.5030905@gmx.de> Message-ID: > > You need to configure Postfix to use dovecot as SASL provider. There are > some Howto's in the wiki. > > http://wiki2.dovecot.org/**HowTo/PostfixAndDovecotSASL > http://wiki2.dovecot.org/**HowTo/**VirtualUserFlatFilesPostfix > > If you cannot solve it with this please provide dovecot -n, postfix -n and > logs with auth_debug=yes. > I had followed the documentation as per . however in the i get the following error . [root at test /]# telnet 192.168.77.36 110 Trying 192.168.77.36... Connected to mail.server.co.in (192.168.77.36). Escape character is '^]'. +OK Dovecot ready. user agnello +OK pass 123456 Connection closed by foreign host. in the maillog i get the following error : May 5 11:30:43 mail dovecot: imap-login: Disconnected (no auth attempts): rip=192.168.70.12, lip=192.168.77.36 May 5 11:30:55 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.70.12, lip=192.168.77.36, mpid=30400 May 5 11:30:55 mail dovecot: pop3(agnello): Error: user agnello: Couldn't drop privileges: User is missing UID (see mail_uid setting) May 5 11:30:55 mail dovecot: pop3(agnello): Error: Internal error occurred. Refer to server log for more information. ----------------------------------------------------- my confi file details is as follows : cat /etc/dovecot/passwd agnello:{plain}123456 [root at mail ~]# cat /etc/dovecot/dovecot.conf # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_verbose = yes disable_plaintext_auth = no passdb { args = scheme=plain /etc/dovecot/passwd driver = passwd-file } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } ssl = no userdb { driver = static } ---------------------------------------------------------------- [root at mail ~]# cat /etc/postfix/main.cf alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination ---------------------------------------------------------------------------------------------------------------------------------- these are my configuration files .. Can someone help me here thanks :) -- Regards Agnello D'souza From agnello.dsouza at gmail.com Sat May 5 09:47:35 2012 From: agnello.dsouza at gmail.com (Agnello George) Date: Sat, 5 May 2012 12:17:35 +0530 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> <4FA3F21E.5030905@gmx.de> Message-ID: On Sat, May 5, 2012 at 11:44 AM, Agnello George wrote: > > >> You need to configure Postfix to use dovecot as SASL provider. There are >> some Howto's in the wiki. >> >> http://wiki2.dovecot.org/**HowTo/PostfixAndDovecotSASL >> http://wiki2.dovecot.org/**HowTo/**VirtualUserFlatFilesPostfix >> >> If you cannot solve it with this please provide dovecot -n, postfix -n >> and logs with auth_debug=yes. >> > > > I had followed the documentation as per . however in the i get the > following error . > > [root at test /]# telnet 192.168.77.36 110 > Trying 192.168.77.36... > Connected to mail.server.co.in (192.168.77.36). > Escape character is '^]'. > +OK Dovecot ready. > user agnello > +OK > pass 123456 > Connection closed by foreign host. > > in the maillog i get the following error : > > May 5 11:30:43 mail dovecot: imap-login: Disconnected (no auth attempts): > rip=192.168.70.12, lip=192.168.77.36 > May 5 11:30:55 mail dovecot: pop3-login: Login: user=, > method=PLAIN, rip=192.168.70.12, lip=192.168.77.36, mpid=30400 > May 5 11:30:55 mail dovecot: pop3(agnello): Error: user agnello: Couldn't > drop privileges: User is missing UID (see mail_uid setting) > May 5 11:30:55 mail dovecot: pop3(agnello): Error: Internal error > occurred. Refer to server log for more information. > > > ----------------------------------------------------- > > my confi file details is as follows : > > cat /etc/dovecot/passwd > agnello:{plain}123456 > > > [root at mail ~]# cat /etc/dovecot/dovecot.conf > # 2.0.9: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) > auth_verbose = yes > disable_plaintext_auth = no > passdb { > args = scheme=plain /etc/dovecot/passwd > driver = passwd-file > } > protocols = imap pop3 > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > } > ssl = no > userdb { > driver = static > } > > > ---------------------------------------------------------------- > > > [root at mail ~]# cat /etc/postfix/main.cf > alias_database = hash:/etc/aliases > > these are my configuration files .. > > Can someone help me here > > > thanks :) > > > > > > > > > > > > -- > Regards > Agnello D'souza > > > Ok am sorry was not testing it correctly . Form a remote server i tested the same smtp-auth test [root at test /]# perl -MMIME::Base64 -e 'print encode_base64("\000agnello\000123456")' AGFnbmVsbG8AMTIzNDU2 [root at test /]# telnet 192.168.77.36 25 Trying 192.168.77.36... Connected to mail.ddde.co.in (192.168.77.36). Escape character is '^]'. 220 mail.ddde.co.in ESMTP Postfix 500 5.5.2 Error: bad syntax ehlo testing 250-mail.ddde.co.in 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN 250-AUTH=PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AGFnbmVsbG8AMTIzNDU2 235 2.7.0 Authentication successful 421 4.4.2 mail.ddde.co.in Error: timeout exceeded Connection closed by foreign host. -- Regards Agnello D'souza From tlx at leuxner.net Sat May 5 10:12:18 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Sat, 5 May 2012 09:12:18 +0200 Subject: [Dovecot] HG 3d8a25a4394d Patch breaks UserDB Lookups Message-ID: Patch http://hg.dovecot.org/dovecot-2.1/rev/3d8a25a4394d breaks auth May 5 09:01:52 spectre dovecot: lmtp(24442): Connect from local May 5 09:01:52 spectre dovecot: lmtp(24442): Error: userdb lookup(tlx at leuxner.net): Disconnected unexpectedly May 5 09:01:52 spectre dovecot: auth: Fatal: master: service(auth): child 24443 killed with signal 11 (core not dumped) May 5 09:01:52 spectre dovecot: lmtp(24442): Disconnect from local: Client quit (in reset) Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From andre.rodier at gmail.com Sat May 5 11:07:42 2012 From: andre.rodier at gmail.com (Andre Rodier) Date: Sat, 05 May 2012 09:07:42 +0100 Subject: [Dovecot] per user sieve after filters In-Reply-To: <4FA37F06.2030101@rename-it.nl> References: <20120409162650.GA29690@london.sagso.home> <4FA37F06.2030101@rename-it.nl> Message-ID: <4FA4DFCE.9060404@gmail.com> On 04/05/12 08:02, Stephan Bosch wrote: > On 4/9/2012 6:26 PM, Andre Rodier wrote: >> Hello, >> >> Thanks for dovecot, as it's still the best mail server. >> >> I'd like to use per users sieve_after scripts. >> >> Can I put in my dovecot config file, something like that: >> >> sieve_after = %h/Mails/Sieve/After/ >> >> It would be very useful for me, as I'd like to add vacation script to be >> executed from this place. > > I've tested this recently and it works for the above example. > > Additionally, I've extended multiscript support with the possibility > to specify multiple sieve_before and sieve_after scripts: > > http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b2ff597c2279 > > So, you can now (once released) have a configuration like: > > sieve_after = %h/Mails/Sieve/After > sieve_after2 = /usr/lib/dovecot/sieve-after.d > > And I changed the implementation to accept ~/ substitutions, so it is > now also possible to do the following: > > sieve_after = ~/Mails/Sieve/After > > Turns out more people need/use a solution similar to yours and that is > the reason I made it more flexible. > > Regards, > > Stephan. > > Thank you Stephan. I have started a small vacation plugin for roundcube, that uses this feature. (https://github.com/arodier/Roundcube-Plugins) By using sieve filters that way, I can create complex filters with templates, that does not interfering with "normal" sieve filter scripts. Kind regards, Andr? From gilles.albusac at wanadoo.fr Sat May 5 11:51:39 2012 From: gilles.albusac at wanadoo.fr (Gilles ALBUSAC) Date: Sat, 5 May 2012 10:51:39 +0200 (CEST) Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> <4FA2C890.70603@vitalwerks.com> <516239F4D08B4FE784F7745A92121ECB@CESAR> Message-ID: <629855521.91358.1336207899681.JavaMail.www@wwinf1g24> LDAP passdb lookup > Message du 04/05/12 17:42 > De : "Timo Sirainen" > A : "Gilles Albusac" > Copie ? : "Dovecot Mailing List" > Objet : Re: [Dovecot] Dovecot for POP3S proxying > > On 4.5.2012, at 9.33, Gilles Albusac wrote: > > > Dovecot is installed but actually I just use auth module (for postfix authentication). > > > > In your dovecot.conf example, I don't see the "proxy" command ? > > The proxying is enabled by having the passdb lookup return a "proxy" extra field. What passdb are you planning on using? > > From jerry at seibercom.net Sat May 5 15:03:57 2012 From: jerry at seibercom.net (Jerry) Date: Sat, 5 May 2012 08:03:57 -0400 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> <4FA3F21E.5030905@gmx.de> Message-ID: <20120505080357.1ec5fa23@scorpio> On Sat, 5 May 2012 11:44:02 +0530 Agnello George articulated: >> You need to configure Postfix to use dovecot as SASL provider. There >> are some Howto's in the wiki. >> >> http://wiki2.dovecot.org/**HowTo/PostfixAndDovecotSASL >> http://wiki2.dovecot.org/**HowTo/**VirtualUserFlatFilesPostfix >> >> If you cannot solve it with this please provide dovecot -n, postfix >> -n and logs with auth_debug=yes. > >I had followed the documentation as per . however in the i get the >following error . > >[root at test /]# telnet 192.168.77.36 110 >Trying 192.168.77.36... >Connected to mail.server.co.in (192.168.77.36). >Escape character is '^]'. >+OK Dovecot ready. >user agnello >+OK >pass 123456 >Connection closed by foreign host. > >in the maillog i get the following error : > >May 5 11:30:43 mail dovecot: imap-login: Disconnected (no auth >attempts): rip=192.168.70.12, lip=192.168.77.36 >May 5 11:30:55 mail dovecot: pop3-login: Login: user=, >method=PLAIN, rip=192.168.70.12, lip=192.168.77.36, mpid=30400 >May 5 11:30:55 mail dovecot: pop3(agnello): Error: user agnello: >Couldn't drop privileges: User is missing UID (see mail_uid setting) >May 5 11:30:55 mail dovecot: pop3(agnello): Error: Internal error >occurred. Refer to server log for more information. > >my confi file details is as follows : > >cat /etc/dovecot/passwd >agnello:{plain}123456 > >[root at mail ~]# cat /etc/dovecot/dovecot.conf use: "dovecot -n" and post output >[root at mail ~]# cat /etc/postfix/main.cf use: "postconf -n" and post output For Postfix, you could read the documentation at: http://www.postfix.com/DEBUG_README.html#mail Pay attention to these entries: Output from "postconf -n". Please do not send your main.cf file, or 500+ lines of postconf output. Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. If the problem is SASL related, consider including the output from the saslfinger tool. This can be found at http://postfix.state-of-mind.de/patrick.koetter/saslfinger/. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. From dmiller at amfes.com Sat May 5 19:28:20 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sat, 05 May 2012 09:28:20 -0700 Subject: [Dovecot] Dovecot/doveadm crash In-Reply-To: <7F9323D3-2561-4721-A47D-61605B4888AD@iki.fi> References: <4F9EF301.8030105@amfes.com> <7F9323D3-2561-4721-A47D-61605B4888AD@iki.fi> Message-ID: On 5/4/2012 10:14 AM, Timo Sirainen wrote: > On 30.4.2012, at 23.16, Daniel L. Miller wrote: > >> Having a problem with a mailbox. I've been trying to rebuild - but doveadm force-resync crashes. This is mdbox with sis. >> >> doveadm purge -u dmiller at amfes.com >> doveadm(dmiller at amfes.com): Panic: file istream.c: line 466 (i_stream_grow_buffer): assertion failed: (stream->max_buffer_size> 0) > http://hg.dovecot.org/dovecot-2.1/rev/fa6662ab4df3 should fix this. > > Thank you - that worked. -- Daniel From dmiller at amfes.com Sat May 5 19:29:55 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sat, 05 May 2012 09:29:55 -0700 Subject: [Dovecot] Corrupted mdbox file Message-ID: With an error like this: doveadm(dmiller at amfes.com): Error: Corrupted dbox file /var/mail/amfes.com/dmiller/mdbox/storage/m.20 (around offset=74408): Unexpected EOF while reading metadata header What can be done? -- Daniel From tss at iki.fi Sat May 5 21:49:34 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 5 May 2012 21:49:34 +0300 Subject: [Dovecot] Corrupted mdbox file In-Reply-To: References: Message-ID: <4273AB79-A692-4657-8697-A3C909ACEE87@iki.fi> On 5.5.2012, at 19.29, Daniel L. Miller wrote: > With an error like this: > > doveadm(dmiller at amfes.com): Error: Corrupted dbox file /var/mail/amfes.com/dmiller/mdbox/storage/m.20 (around offset=74408): Unexpected EOF while reading metadata header > > What can be done? So force-resync doesn't fix it? Could you put the file through http://dovecot.org/tools/mdbox-obfuscate.pl and send it to me? From markus.fritz at opsys.de Sat May 5 22:06:11 2012 From: markus.fritz at opsys.de (Markus Fritz) Date: Sat, 05 May 2012 21:06:11 +0200 Subject: [Dovecot] IMAP STARTTLS Problem Message-ID: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> Hello, I have this problem: May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth attempts): rip=84.150.52.31, lip=78.46.216.126 Connecting via Thunderbird to STARTTLS won't work, but with a website from the same server it works for tls://opsys.de. So why is the port closed for external ip's? IPTABLES entry for imap is this: fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps Key files are correct TLS is working from localhost. System is Debian squeeze -- Markus Fritz Administration opsys.de From gedalya at gedalya.net Sat May 5 22:41:12 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 05 May 2012 15:41:12 -0400 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> Message-ID: <4FA58258.10307@gedalya.net> Hi, STARTTTLS refers to a client connecting on the normal. plaintext IMAP port, 143, and then issuing a STARTTLS command, starting a TLS session. I am able to connect from my computer to your IMAP server using STARTTLS using this command: openssl s_client -starttls imap -connect 78.46.216.126:143 Your server seems to not be listening on ports 993 and 995 for imaps and pop3s, respectively, where a TLS session is started immediately when the connection is initiated. If you are using dovecot 2, you need to have something like the following in your config service imap-login { inet_listener imap { #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } } service pop3-login { inet_listener pop3 { #port = 110 } inet_listener pop3s { #port = 995 #ssl = yes } } (The commented out lines represent the defaults, you uncomment them only if you want to change them) For dovecot 1.2, you need a line like this: protocols = imap imaps pop3 pop3s On 5/5/2012 3:06 PM, Markus Fritz wrote: > Hello, > > I have this problem: > May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=84.150.52.31, lip=78.46.216.126 > > Connecting via Thunderbird to STARTTLS won't work, but with a website > from the same server it works for tls://opsys.de. > So why is the port closed for external ip's? > IPTABLES entry for imap is this: > fail2ban-dovecot-pop3imap tcp -- anywhere > anywhere multiport dports pop3,pop3s,imap2,imaps > > Key files are correct TLS is working from localhost. > > System is Debian squeeze > From markus.fritz at opsys.de Sat May 5 22:49:03 2012 From: markus.fritz at opsys.de (Markus Fritz) Date: Sat, 05 May 2012 21:49:03 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> Message-ID: <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> Am 05.05.2012 21:06, schrieb Markus Fritz: > Hello, > > I have this problem: > May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=84.150.52.31, lip=78.46.216.126 > > Connecting via Thunderbird to STARTTLS won't work, but with a website > from the same server it works for tls://opsys.de. > So why is the port closed for external ip's? > IPTABLES entry for imap is this: > fail2ban-dovecot-pop3imap tcp -- anywhere anywhere > multiport dports pop3,pop3s,imap2,imaps > > Key files are correct TLS is working from localhost. > > System is Debian squeeze Thunderbird says 'tls not available due temporary reason' now. Dovecot.conf: http://pastie.org/private/64sbirlohqnflz74isf4a -- Markus Fritz Administration opsys.de From gedalya at gedalya.net Sat May 5 23:23:31 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 05 May 2012 16:23:31 -0400 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> Message-ID: <4FA58C43.5040904@gedalya.net> On 5/5/2012 3:49 PM, Markus Fritz wrote: > Thunderbird says 'tls not available due temporary reason' now. Let's take a more detailed look at this. Are you telling Thunderbird to connect on STARTTLS on port 143, or SSL/TLS on port 993? From here I still see no difference. I'm able to connect to you on port 143 and do STARTTLS, port 993 says connection refused. If you don't have a firewall causing this, it means your server is not listening on this port. From p at state-of-mind.de Sat May 5 23:44:46 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sat, 5 May 2012 22:44:46 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> Message-ID: <20120505204445.GA2585@state-of-mind.de> * Markus Fritz : > Am 05.05.2012 21:06, schrieb Markus Fritz: > >Hello, > > > >I have this problem: > >May 5 21:02:35 opsys dovecot: imap-login: Disconnected (no auth > >attempts): rip=84.150.52.31, lip=78.46.216.126 > > > >Connecting via Thunderbird to STARTTLS won't work, but with a website > >from the same server it works for tls://opsys.de. > >So why is the port closed for external ip's? > >IPTABLES entry for imap is this: > >fail2ban-dovecot-pop3imap tcp -- anywhere anywhere > > multiport dports pop3,pop3s,imap2,imaps > > > >Key files are correct TLS is working from localhost. > > > >System is Debian squeeze > > Thunderbird says 'tls not available due temporary reason' now. Assuming your server cert is located in /etc/ssl/certs/ca-certificates.crt try this on your server: openssl s_client -starttls imap -CAfile /etc/ssl/certs/ca-certificates.crt -connect localhost:143 Use "2 logout" to get out of the session. If it works, try the same from your client host. Does it work both times? p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From tss at iki.fi Sun May 6 06:44:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 6 May 2012 06:44:33 +0300 Subject: [Dovecot] HG 3d8a25a4394d Patch breaks UserDB Lookups In-Reply-To: References: Message-ID: <8A3CC88C-0E16-460F-A664-138E35B510F9@iki.fi> On 5.5.2012, at 10.12, Thomas Leuxner wrote: > Patch http://hg.dovecot.org/dovecot-2.1/rev/3d8a25a4394d breaks auth > > May 5 09:01:52 spectre dovecot: lmtp(24442): Connect from local > May 5 09:01:52 spectre dovecot: lmtp(24442): Error: userdb lookup(tlx at leuxner.net): Disconnected unexpectedly > May 5 09:01:52 spectre dovecot: auth: Fatal: master: service(auth): child 24443 killed with signal 11 (core not dumped) > May 5 09:01:52 spectre dovecot: lmtp(24442): Disconnect from local: Client quit (in reset) Thanks, fixed: http://hg.dovecot.org/dovecot-2.1/rev/9da556b9a902 From tss at iki.fi Sun May 6 06:46:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 6 May 2012 06:46:03 +0300 Subject: [Dovecot] Dovecot for POP3S proxying In-Reply-To: <629855521.91358.1336207899681.JavaMail.www@wwinf1g24> References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> <4FA2C890.70603@vitalwerks.com> <516239F4D08B4FE784F7745A92121ECB@CESAR> <629855521.91358.1336207899681.JavaMail.www@wwinf1g24> Message-ID: So, what you need is to first make authentication with LDAP work, and then add the proxying fields: pass_attrs = \ =proxy=y, =host=exchange-ip, ..any other fields required for auth.. On 5.5.2012, at 11.51, Gilles ALBUSAC wrote: > LDAP passdb lookup > > >> Message du 04/05/12 17:42 >> De : "Timo Sirainen" >> A : "Gilles Albusac" >> Copie ? : "Dovecot Mailing List" >> Objet : Re: [Dovecot] Dovecot for POP3S proxying >> >> On 4.5.2012, at 9.33, Gilles Albusac wrote: >> >>> Dovecot is installed but actually I just use auth module (for postfix authentication). >>> >>> In your dovecot.conf example, I don't see the "proxy" command ? >> >> The proxying is enabled by having the passdb lookup return a "proxy" extra field. What passdb are you planning on using? >> From tss at iki.fi Sun May 6 06:47:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 6 May 2012 06:47:10 +0300 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> <4FA3F21E.5030905@gmx.de> Message-ID: <89401853-3595-4597-B4A3-07A68112E642@iki.fi> On 5.5.2012, at 9.47, Agnello George wrote: > 235 2.7.0 Authentication successful Looks to me like authentication works just fine. > 421 4.4.2 mail.ddde.co.in Error: timeout exceeded You're just not doing anything after authentication. From tlx at leuxner.net Sun May 6 10:33:48 2012 From: tlx at leuxner.net (Thomas Leuxner) Date: Sun, 6 May 2012 09:33:48 +0200 Subject: [Dovecot] HG 3d8a25a4394d Patch breaks UserDB Lookups In-Reply-To: <8A3CC88C-0E16-460F-A664-138E35B510F9@iki.fi> References: <8A3CC88C-0E16-460F-A664-138E35B510F9@iki.fi> Message-ID: Am 06.05.2012 um 05:44 schrieb Timo Sirainen: > Thanks, fixed: http://hg.dovecot.org/dovecot-2.1/rev/9da556b9a902 Works. Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: From p at state-of-mind.de Sun May 6 10:51:07 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sun, 6 May 2012 09:51:07 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <37b0888294b9fb15e162389b207b2d1c@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> Message-ID: <20120506075107.GA6656@state-of-mind.de> * markus at opsys.de : > Am 05.05.2012 22:44, schrieb Patrick Ben Koetter: > >* Markus Fritz : > >>Am 05.05.2012 21:06, schrieb Markus Fritz: > >Assuming your server cert is located in > >/etc/ssl/certs/ca-certificates.crt try > >this on your server: > > > >openssl s_client -starttls imap -CAfile > >/etc/ssl/certs/ca-certificates.crt -connect localhost:143 > > > >Use "2 logout" to get out of the session. > > > >If it works, try the same from your client host. > > > >Does it work both times? > > yes: > > Verify return code: 0 (ok) > --- > . OK Capability completed. > > it works. But I cannot login with Thunderbird. I imported the cert > in Thunderbird, too. IIRC it is not enough to import the cert. You also need to set a policy i.e. allow the cert to be used for e-mail. p at rick -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From me at junc.org Sun May 6 17:19:39 2012 From: me at junc.org (Benny Pedersen) Date: Sun, 06 May 2012 16:19:39 +0200 Subject: [Dovecot] smtp -auth with using clear text password In-Reply-To: References: <4FA3EBB3.4040908@gmx.de> Message-ID: <2a27a9035ecb66fab0446aad32146777@junc.org> Den 2012-05-04 16:51, Agnello George skrev: > But still its gives me a relay access denied . this error is postfix not dovecot From rendszergazda at grafibit.hu Sun May 6 21:18:28 2012 From: rendszergazda at grafibit.hu (Grafibit Rendszergazda) Date: Sun, 06 May 2012 20:18:28 +0200 Subject: [Dovecot] courier to dovecot Message-ID: <4FA6C074.3080508@grafibit.hu> Dear All, I know there were many threads on this topic. I was searching the archive and the net also, but did not find a solution on my problem. I hope you can help me. I am migrating from an old server using courier to a new server with dovecot and i can not manage to have the same uids after the migration. After copying the message files from the old server to the new, and executing the script from the wiki page the messages are still re-downloaded by the mail clients. After telnet and logging in to the old server port 110, I got the following on the command *uidl*: 1 UID377-1278276092 2 UID387-1278276092 3 UID394-1278276092 4 UID498-1278276092 5 UID499-1278276092 6 UID564-1278276092 On the new server i set up the *pop3_uidl_format = UID%u-%v* because it seems for me that the old server is using the same uidl format. Either if i execute the /./courier-dovecot-migrate.pl --to-dovecot --recursive --convert /command or i don't the uidls on the new server won't be the same. Both the %u and %v numbers are differ. Please give me any hints how to continue the investigation to have a successful migration. Thank you in advance, Tam?s * dovecot -n* # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-0.bpo.2-amd64 x86_64 Debian 6.0.4 protocols: imap imaps pop3 pop3s managesieve ssl_cert_file: /var/lib/dtc/etc/ssl/dovecot/new.cert.cert ssl_key_file: /var/lib/dtc/etc/ssl/dovecot/new.cert.key disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login mail_location: maildir:%h/Maildir mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve pop3_uidl_format: UID%u-%v managesieve_logout_format(default): bytes=%i/%o managesieve_logout_format(imap): bytes=%i/%o managesieve_logout_format(pop3): bytes=%i/%o managesieve_logout_format(managesieve): bytes ( in=%i : out=%o ) namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: mail at exemple.com mail_plugin_dir: /usr/lib/dovecot/modules/lda auth_socket_path: /var/run/dovecot-auth-master log_path: /var/log/sieve.log info_log_path: /var/log/sieve.info mail_plugins: sieve quota auth default: passdb: driver: sql args: /var/lib/dtc/etc/dovecot-mysql.conf userdb: driver: prefetch userdb: driver: sql args: /var/lib/dtc/etc/dovecot-mysql.conf socket: type: listen client: path: /var/run/dovecot/dovecot-auth-client mode: 438 master: path: /var/run/dovecot-auth-master mode: 384 user: dtc plugin: sieve: ~/.dovecot.sieve sieve_dir: ~/sieve quota: maildir From p at state-of-mind.de Sun May 6 21:57:17 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Sun, 6 May 2012 20:57:17 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> Message-ID: <20120506185716.GA14475@state-of-mind.de> * markus at opsys.de : > Yep, I set the rights for the cert in Thunderbird. With this CERT > SSL is working in Thunderbird but not with STARTTLS. > > 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 > BAD TLS not available due to temporary reason Your server responds it has a temporary problem. Set the server verbose to get more useful log output. p at rick P.S. And please keep this thread onlist. > That's the message I get from Thunderbird. > > And that's the hole log: > > 4440[af7d580]: ImapThreadMainLoop entering [this=bcde800] > 0[c0f140]: bcde800:mail.opsys.de:NA:SetupWithUrl: clearing > IMAP_CONNECTION_IS_OPEN > 4440[af7d580]: bcde800:mail.opsys.de:NA:ProcessCurrentURL: entering > 4440[af7d580]: bcde800:mail.opsys.de:NA:ProcessCurrentURL:imap://markus%40opsys%2Ede at mail.opsys.de:143/select%3E.INBOX: > = currentUrl > 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=118 needmore=0] > 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: * > OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > > 4440[af7d580]: bcde800:mail.opsys.de:NA:SendData: 1 STARTTLS > > 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=49 needmore=0] > 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 > BAD TLS not available due to temporary reason > > 4440[af7d580]: try to log in > 4440[af7d580]: IMAP auth: server caps 0x4405427, pref 0x1006, failed > 0x0, avail caps 0x1006 > 4440[af7d580]: (GSSAPI = 0x1000000, CRAM = 0x20000, NTLM = 0x100000, > MSN = 0x200000, PLAIN = 0x1000, LOGIN = 0x2, old-style IMAP login = > 0x4)auth external IMAP login = 0x20000000 > 4440[af7d580]: trying auth method 0x1000 > 4440[af7d580]: got new password > 4440[af7d580]: IMAP: trying auth method 0x1000 > 4440[af7d580]: PLAIN auth > 4440[af7d580]: bcde800:mail.opsys.de:NA:SendData: 2 authenticate plain > > 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=4294967295 needmore=0] > 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: > clearing IMAP_CONNECTION_IS_OPEN - rv = 80470002 > 4440[af7d580]: bcde800:mail.opsys.de:NA:TellThreadToDie: close > socket connection > 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: (null) > 4440[af7d580]: authlogin failed > 4440[af7d580]: marking auth method 0x1000 failed > 4440[af7d580]: IMAP auth: server caps 0x4405427, pref 0x1006, failed > 0x1000, avail caps 0x6 > 4440[af7d580]: (GSSAPI = 0x1000000, CRAM = 0x20000, NTLM = 0x100000, > MSN = 0x200000, PLAIN = 0x1000, LOGIN = 0x2, old-style IMAP login = > 0x4)auth external IMAP login = 0x20000000 > 4440[af7d580]: trying auth method 0x2 > 4440[af7d580]: login failed entirely -- state of mind () http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From ken at allenmyland.com Mon May 7 01:15:53 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Sun, 06 May 2012 18:15:53 -0400 Subject: [Dovecot] dsync with virtual users Message-ID: I'm using dovecot v2.0.16 From gbarnett at atlassian.com Mon May 7 03:53:53 2012 From: gbarnett at atlassian.com (George Barnett) Date: Mon, 7 May 2012 10:53:53 +1000 Subject: [Dovecot] Authentication process holding open filehandles Message-ID: Hi, We're using dovecot to provide pop3 for a number of mailboxes. The setup is pretty simple: Each user / domain has a mailstore in /data/mailstore///Maildir (backed by NFS). Passwords are in simple passwd-file format in the top level domain directory eg: # cat /data/mailstore/foo.com/.passwd user:{plain}password The passdb setup looks like this. passdb { args = username_format=%n /data/mailstore/%d/.passwd driver = passwd-file } The problem we're having is that when we want to remove a domain from the system and we go to rm -rf /data/mailstore// we are unable to because the auth process is still holding onto the file handles for the password file. Can somebody suggest an alternative pattern that I could use for storing password files? Ideally, we'd avoid one large file to prevent locking issues and would also keep the passwd-file setup since it's simple. It would be possible to have the password files in a separate dir, but over time I'm guessing that would lead to nfs turds? Easy to clean up I suppose, but maybe there's a simpler solution I'm missing? George From rob0 at gmx.co.uk Mon May 7 04:09:15 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Sun, 6 May 2012 20:09:15 -0500 Subject: [Dovecot] Authentication process holding open filehandles In-Reply-To: References: Message-ID: <20120507010914.GM3502@harrier.slackbuilds.org> On Mon, May 07, 2012 at 10:53:53AM +1000, George Barnett wrote: > We're using dovecot to provide pop3 for a number of mailboxes. > The setup is pretty simple: I would suggest trying to educate your users to move off of POP3. > Each user / domain has a mailstore in > /data/mailstore///Maildir (backed by NFS). > > Passwords are in simple passwd-file format in the top level domain > directory eg: > > # cat /data/mailstore/foo.com/.passwd > user:{plain}password > > The passdb setup looks like this. > > passdb { > args = username_format=%n /data/mailstore/%d/.passwd > driver = passwd-file > } > > The problem we're having is that when we want to remove a domain > from the system and we go to rm -rf /data/mailstore// we > are unable to because the auth process is still holding onto the > file handles for the password file. > > Can somebody suggest an alternative pattern that I could use for > storing password files? Ideally, we'd avoid one large file to > prevent locking issues and would also keep the passwd-file setup > since it's simple. SQLite. Learn a bit of SQL, which is not difficult, and it is not hard to manage. My own little howto, including the schema and a complete explanation of everything is here: http://rob0.nodns4.us/howto/ > It would be possible to have the password files in a separate dir, > but over time I'm guessing that would lead to nfs turds? Easy to > clean up I suppose, but maybe there's a simpler solution I'm > missing? -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From markus at opsys.de Sun May 6 23:42:12 2012 From: markus at opsys.de (Markus Fritz) Date: Sun, 06 May 2012 22:42:12 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <20120506185716.GA14475@state-of-mind.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> <20120506185716.GA14475@state-of-mind.de> Message-ID: <4FA6E224.4030803@opsys.de> Am 06.05.2012 20:57, schrieb Patrick Ben Koetter: > * markus at opsys.de: >> Yep, I set the rights for the cert in Thunderbird. With this CERT >> SSL is working in Thunderbird but not with STARTTLS. >> >> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 >> BAD TLS not available due to temporary reason > Your server responds it has a temporary problem. Set the server verbose to get > more useful log output. > > p at rick > > P.S. > And please keep this thread onlist. > > >> That's the message I get from Thunderbird. >> >> And that's the hole log: >> >> 4440[af7d580]: ImapThreadMainLoop entering [this=bcde800] >> 0[c0f140]: bcde800:mail.opsys.de:NA:SetupWithUrl: clearing >> IMAP_CONNECTION_IS_OPEN >> 4440[af7d580]: bcde800:mail.opsys.de:NA:ProcessCurrentURL: entering >> 4440[af7d580]: bcde800:mail.opsys.de:NA:ProcessCurrentURL:imap://markus%40opsys%2Ede at mail.opsys.de:143/select%3E.INBOX: >> = currentUrl >> 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=118 needmore=0] >> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: * >> OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. >> >> 4440[af7d580]: bcde800:mail.opsys.de:NA:SendData: 1 STARTTLS >> >> 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=49 needmore=0] >> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 >> BAD TLS not available due to temporary reason >> >> 4440[af7d580]: try to log in >> 4440[af7d580]: IMAP auth: server caps 0x4405427, pref 0x1006, failed >> 0x0, avail caps 0x1006 >> 4440[af7d580]: (GSSAPI = 0x1000000, CRAM = 0x20000, NTLM = 0x100000, >> MSN = 0x200000, PLAIN = 0x1000, LOGIN = 0x2, old-style IMAP login = >> 0x4)auth external IMAP login = 0x20000000 >> 4440[af7d580]: trying auth method 0x1000 >> 4440[af7d580]: got new password >> 4440[af7d580]: IMAP: trying auth method 0x1000 >> 4440[af7d580]: PLAIN auth >> 4440[af7d580]: bcde800:mail.opsys.de:NA:SendData: 2 authenticate plain >> >> 4440[af7d580]: ReadNextLine [stream=bc59ca8 nb=4294967295 needmore=0] >> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: >> clearing IMAP_CONNECTION_IS_OPEN - rv = 80470002 >> 4440[af7d580]: bcde800:mail.opsys.de:NA:TellThreadToDie: close >> socket connection >> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: (null) >> 4440[af7d580]: authlogin failed >> 4440[af7d580]: marking auth method 0x1000 failed >> 4440[af7d580]: IMAP auth: server caps 0x4405427, pref 0x1006, failed >> 0x1000, avail caps 0x6 >> 4440[af7d580]: (GSSAPI = 0x1000000, CRAM = 0x20000, NTLM = 0x100000, >> MSN = 0x200000, PLAIN = 0x1000, LOGIN = 0x2, old-style IMAP login = >> 0x4)auth external IMAP login = 0x20000000 >> 4440[af7d580]: trying auth method 0x2 >> 4440[af7d580]: login failed entirely Now I got this: May 6 22:38:35 opsys dovecot: imap-login: Disconnected (no auth attempts): rip=84.150.37.251, lip=78.46.216.126, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca What have I to do now? The cert is signed by myself. From jeep at rahul.net Mon May 7 05:43:27 2012 From: jeep at rahul.net (Jeff Lacki) Date: Sun, 06 May 2012 19:43:27 -0700 Subject: [Dovecot] This binary should probably be called with process group set to (vmail) instead of (userid) Message-ID: <20120507024328.50E4E1298EE@aqua.rahul.net> Im sorry to ask another basic question, but Ive tried to find this answer for several hours now and it eludes me. Im getting the following when dovecot tries to deliver an email: May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff)) I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at? AFAIK Ive set everything up to use/deliver as 'vmail'. 'jeff' is the only person on this box with a unix account which is uid 500, but how do I make it use vmail instead? Thanks for the help! Jeff postfix master.cf: virtual_transport = vmail mailbox_command=/opt/dovecot/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" dovecot -n: # 2.1.5: /opt/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.14-106.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) ext4 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_socket_path = /opt/dovecot215/var/run/dovecot/auth-userdb auth_verbose = yes auth_verbose_passwords = plain default_client_limit = 225 default_internal_user = vmail disable_plaintext_auth = no first_valid_gid = 999 first_valid_uid = 999 listen = * lock_method = flock mail_debug = yes mail_gid = vmail mail_home = /opt/imapdata/vmailhome mail_location = mbox:/opt/imapdata/%1n/%n:INDEX=/opt/imapdata/%1n/%n mail_privileged_group = vmail mail_uid = vmail mbox_lock_timeout = 1 mins mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /opt/dovecot/etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size } protocols = imap service auth { inet_listener { port = 12345 } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } service_count = 1 } ssl_cert = References: <4F9EEB5A.3090404@amfes.com> <1335831791.21461.61.camel@innu> Message-ID: On 4/30/2012 5:23 PM, Timo Sirainen wrote: > On Mon, 2012-04-30 at 12:43 -0700, Daniel L. Miller wrote: >> Is there a way to manually force an mdbox storage to be rebuilt into new >> files? Particularly files of the maximum size? > You could do it with dsync. > > dsync seems to do a marvelous job - new question.? Given a mailbox with a larger number of older mails - assuming any new mails will have later dates - will the new mail storage files be identical? I'm probably not saying the right - let me try this: 1. "dsync backup mdbox" (with appropriate args) is run for a given user. 2. "dsync mirror mdbox" is done just to catch up. 3. Old mailstore moved off. 4. New mailstore moved to active location. I'm sure there's a safer way to do the above - but I've got a low-traffic site and I can just shut down mail service altogether for a few minutes if I want during this. Now - repeat the above four steps. Will mail files m.1 through m.(n-1) be identical to the last run? Is this a valid packing strategy prior to performing an rsync type backup - assuming no changes are being made to the archived mails between pack runs? -- Daniel From dmiller at amfes.com Mon May 7 06:12:21 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 06 May 2012 20:12:21 -0700 Subject: [Dovecot] mdbox packing In-Reply-To: <4FA73CD7.4030004@amfes.com> References: <4F9EEB5A.3090404@amfes.com> <1335831791.21461.61.camel@innu> <4FA73CD7.4030004@amfes.com> Message-ID: On 5/6/2012 8:09 PM, Daniel L. Miller wrote: > On 4/30/2012 5:23 PM, Timo Sirainen wrote: >> On Mon, 2012-04-30 at 12:43 -0700, Daniel L. Miller wrote: >>> Is there a way to manually force an mdbox storage to be rebuilt into >>> new >>> files? Particularly files of the maximum size? >> You could do it with dsync. >> >> > dsync seems to do a marvelous job - new question.? > > Given a mailbox with a larger number of older mails - assuming any new > mails will have later dates - will the new mail storage files be > identical? I'm probably not saying the right - let me try this: > > 1. "dsync backup mdbox" (with appropriate args) is run for a given user. > 2. "dsync mirror mdbox" is done just to catch up. > 3. Old mailstore moved off. > 4. New mailstore moved to active location. > > I'm sure there's a safer way to do the above - but I've got a > low-traffic site and I can just shut down mail service altogether for > a few minutes if I want during this. > > Now - repeat the above four steps. Will mail files m.1 through > m.(n-1) be identical to the last run? Is this a valid packing > strategy prior to performing an rsync type backup - assuming no > changes are being made to the archived mails between pack runs? Given the above, and SIS - if the backup is performed in the same spool, i.e. original is /var/mail/domain/user, backup is /var/mail/domain/user-new - will this result in any problems with SIS? If after the pack and rename operation, the old mail tree is simply deleted - will that leave SIS files unreferenced if the user later deletes the messages from their active store? -- Daniel From dmiller at amfes.com Mon May 7 06:22:02 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 06 May 2012 20:22:02 -0700 Subject: [Dovecot] mdbox packing In-Reply-To: <4FA73D95.9050008@amfes.com> References: <4F9EEB5A.3090404@amfes.com> <1335831791.21461.61.camel@innu> <4FA73CD7.4030004@amfes.com> <4FA73D95.9050008@amfes.com> Message-ID: On 5/6/2012 8:12 PM, Daniel L. Miller wrote: > On 5/6/2012 8:09 PM, Daniel L. Miller wrote: >> On 4/30/2012 5:23 PM, Timo Sirainen wrote: >>> On Mon, 2012-04-30 at 12:43 -0700, Daniel L. Miller wrote: >>>> Is there a way to manually force an mdbox storage to be rebuilt >>>> into new >>>> files? Particularly files of the maximum size? >>> You could do it with dsync. >>> >>> >> dsync seems to do a marvelous job - new question.? >> >> Given a mailbox with a larger number of older mails - assuming any >> new mails will have later dates - will the new mail storage files be >> identical? I'm probably not saying the right - let me try this: >> >> 1. "dsync backup mdbox" (with appropriate args) is run for a given >> user. >> 2. "dsync mirror mdbox" is done just to catch up. >> 3. Old mailstore moved off. >> 4. New mailstore moved to active location. >> >> I'm sure there's a safer way to do the above - but I've got a >> low-traffic site and I can just shut down mail service altogether for >> a few minutes if I want during this. >> >> Now - repeat the above four steps. Will mail files m.1 through >> m.(n-1) be identical to the last run? Is this a valid packing >> strategy prior to performing an rsync type backup - assuming no >> changes are being made to the archived mails between pack runs? > > Given the above, and SIS - if the backup is performed in the same > spool, i.e. original is /var/mail/domain/user, backup is > /var/mail/domain/user-new - will this result in any problems with > SIS? If after the pack and rename operation, the old mail tree is > simply deleted - will that leave SIS files unreferenced if the user > later deletes the messages from their active store? > And yet another one - dsync does not APPEAR to be copying ACL's in this process. -- Daniel From dmiller at amfes.com Mon May 7 06:34:59 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Sun, 06 May 2012 20:34:59 -0700 Subject: [Dovecot] Shared namespace Message-ID: I'm not sure what's triggered it - I THINK it has something to do with a force-resync, but not sure. I'm no longer viewing my full list of shared mailboxes. I used to have a number of users shown - they had all had their ACL's set individually and were shown in the list. "doveadm acl debug" shows they SHOULD be shown - at least I think so, as the output for the mailboxes that DO appear is identical for those that don't. Where should I look for breakage? -- Daniel From tss at iki.fi Mon May 7 08:44:19 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 08:44:19 +0300 Subject: [Dovecot] v2.1.6 released Message-ID: <59E3CE01-A29E-41B5-881F-E5DA11CFA903@iki.fi> http://dovecot.org/releases/2.1/dovecot-2.1.6.tar.gz http://dovecot.org/releases/2.1/dovecot-2.1.6.tar.gz.sig * Session ID is now included by default in auth and login process log lines. It can be added to mail processes also by adding %{session} to mail_log_prefix. + Added ssl_require_crl setting, which specifies if CRL check must be successful when verifying client certificates. + Added mail_shared_explicit_inbox setting to specify if a shared INBOX should be accessible as "shared/$user" or "shared/$user/INBOX". - v2.1.5: Using "~/" as mail_location or elsewhere failed to actually expand it to home directory. - dbox: Fixed potential assert-crash when reading dbox files. - trash plugin: Fixed behavior when quota is already over limit. - mail_log plugin: Logging "copy" event didn't work. - Proxying to backend server with SSL: Verifying server certificate name always failed, because it was compared to an IP address. From p at state-of-mind.de Mon May 7 10:56:41 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Mon, 7 May 2012 09:56:41 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <4FA6E224.4030803@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> <20120506185716.GA14475@state-of-mind.de> <4FA6E224.4030803@opsys.de> Message-ID: <20120507075640.GA3005@state-of-mind.de> * Markus Fritz : > Am 06.05.2012 20:57, schrieb Patrick Ben Koetter: > >* markus at opsys.de: > >>Yep, I set the rights for the cert in Thunderbird. With this CERT > >>SSL is working in Thunderbird but not with STARTTLS. > >> > >>4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 > >>BAD TLS not available due to temporary reason > >Your server responds it has a temporary problem. Set the server verbose to get > >more useful log output. > > > > Now I got this: > May 6 22:38:35 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=84.150.37.251, lip=78.46.216.126, TLS: SSL_read() > failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert > unknown ca > > What have I to do now? The cert is signed by myself. You need to import your CAs certificate into TB. p at rick -- state of mind () Digitale Kommunikation http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From markus at opsys.de Mon May 7 11:02:51 2012 From: markus at opsys.de (Markus Fritz) Date: Mon, 07 May 2012 10:02:51 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <20120507075640.GA3005@state-of-mind.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> <20120506185716.GA14475@state-of-mind.de> <4FA6E224.4030803@opsys.de> <20120507075640.GA3005@state-of-mind.de> Message-ID: <4FA781AB.2050809@opsys.de> Am 07.05.2012 09:56, schrieb Patrick Ben Koetter: > * Markus Fritz: >> Am 06.05.2012 20:57, schrieb Patrick Ben Koetter: >>> * markus at opsys.de: >>>> Yep, I set the rights for the cert in Thunderbird. With this CERT >>>> SSL is working in Thunderbird but not with STARTTLS. >>>> >>>> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 >>>> BAD TLS not available due to temporary reason >>> Your server responds it has a temporary problem. Set the server verbose to get >>> more useful log output. >>> >> Now I got this: >> May 6 22:38:35 opsys dovecot: imap-login: Disconnected (no auth >> attempts): rip=84.150.37.251, lip=78.46.216.126, TLS: SSL_read() >> failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert >> unknown ca >> >> What have I to do now? The cert is signed by myself. > You need to import your CAs certificate into TB. > > p at rick > I imported the .pem public file, it's there and I set the trust status in Thunderbird. It still won't work. Screenshot: http://snpr.cm/hLClYx.png From p at state-of-mind.de Mon May 7 11:16:16 2012 From: p at state-of-mind.de (Patrick Ben Koetter) Date: Mon, 7 May 2012 10:16:16 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <4FA781AB.2050809@opsys.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> <20120506185716.GA14475@state-of-mind.de> <4FA6E224.4030803@opsys.de> <20120507075640.GA3005@state-of-mind.de> <4FA781AB.2050809@opsys.de> Message-ID: <20120507081616.GC3005@state-of-mind.de> * Markus Fritz : > Am 07.05.2012 09:56, schrieb Patrick Ben Koetter: > >* Markus Fritz: > >>Am 06.05.2012 20:57, schrieb Patrick Ben Koetter: > >>>* markus at opsys.de: > >>>>Yep, I set the rights for the cert in Thunderbird. With this CERT > >>>>SSL is working in Thunderbird but not with STARTTLS. > >>>> > >>>>4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 > >>>>BAD TLS not available due to temporary reason > >>>Your server responds it has a temporary problem. Set the server verbose to get > >>>more useful log output. > >>> > >>Now I got this: > >>May 6 22:38:35 opsys dovecot: imap-login: Disconnected (no auth > >>attempts): rip=84.150.37.251, lip=78.46.216.126, TLS: SSL_read() > >>failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert > >>unknown ca > >> > >>What have I to do now? The cert is signed by myself. > >You need to import your CAs certificate into TB. > > > >p at rick > > > > I imported the .pem public file, it's there and I set the trust > status in Thunderbird. It still won't work. > Screenshot: http://snpr.cm/hLClYx.png This looks like your server certificate and not like your CA certificate. p at rick -- state of mind () Digitale Kommunikation http://www.state-of-mind.de Franziskanerstra?e 15 Telefon +49 89 3090 4664 81669 M?nchen Telefax +49 89 3090 4666 Amtsgericht M?nchen Partnerschaftsregister PR 563 From markus at opsys.de Mon May 7 14:40:58 2012 From: markus at opsys.de (Markus Fritz) Date: Mon, 07 May 2012 13:40:58 +0200 Subject: [Dovecot] IMAP STARTTLS Problem In-Reply-To: <20120507081616.GC3005@state-of-mind.de> References: <8a69182a8e5fa5e2b585955b90095d84@opsys.de> <8c6307de2f3bbb9ea8f65bd700b4a862@opsys.de> <20120505204445.GA2585@state-of-mind.de> <37b0888294b9fb15e162389b207b2d1c@opsys.de> <20120506075107.GA6656@state-of-mind.de> <4c5ef67f2800cf80053f9a61d9a3dd2f@opsys.de> <20120506185716.GA14475@state-of-mind.de> <4FA6E224.4030803@opsys.de> <20120507075640.GA3005@state-of-mind.de> <4FA781AB.2050809@opsys.de> <20120507081616.GC3005@state-of-mind.de> Message-ID: <4FA7B4CA.9000201@opsys.de> Am 07.05.2012 10:16, schrieb Patrick Ben Koetter: > * Markus Fritz: >> Am 07.05.2012 09:56, schrieb Patrick Ben Koetter: >>> * Markus Fritz: >>>> Am 06.05.2012 20:57, schrieb Patrick Ben Koetter: >>>>> * markus at opsys.de: >>>>>> Yep, I set the rights for the cert in Thunderbird. With this CERT >>>>>> SSL is working in Thunderbird but not with STARTTLS. >>>>>> >>>>>> 4440[af7d580]: bcde800:mail.opsys.de:NA:CreateNewLineFromSocket: 1 >>>>>> BAD TLS not available due to temporary reason >>>>> Your server responds it has a temporary problem. Set the server verbose to get >>>>> more useful log output. >>>>> >>>> Now I got this: >>>> May 6 22:38:35 opsys dovecot: imap-login: Disconnected (no auth >>>> attempts): rip=84.150.37.251, lip=78.46.216.126, TLS: SSL_read() >>>> failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert >>>> unknown ca >>>> >>>> What have I to do now? The cert is signed by myself. >>> You need to import your CAs certificate into TB. >>> >>> p at rick >>> >> I imported the .pem public file, it's there and I set the trust >> status in Thunderbird. It still won't work. >> Screenshot: http://snpr.cm/hLClYx.png > This looks like your server certificate and not like your CA certificate. > > p at rick > > Okay, I resolved the error. I had to change the protocols setting in dovecot.conf. It was: protocols = imap imaps pop3 pop3s changed to: protocols = imaps pop3s Now everything works fine and who will use his Mail unencrypted? From CMarcus at Media-Brokers.com Mon May 7 14:45:46 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 07 May 2012 07:45:46 -0400 Subject: [Dovecot] dsync with virtual users In-Reply-To: References: Message-ID: <4FA7B5EA.6090402@Media-Brokers.com> On 2012-05-06 6:15 PM, Ken Stevenson wrote: > I'm using dovecot v2.0.16 Is there a question in there somewhere? -- Best regards, Charles From dmiller at amfes.com Mon May 7 16:46:37 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 07 May 2012 06:46:37 -0700 Subject: [Dovecot] Shared namespace In-Reply-To: <4FA742E3.4090000@amfes.com> References: <4FA742E3.4090000@amfes.com> Message-ID: On 5/6/2012 8:34 PM, Daniel L. Miller wrote: > I'm not sure what's triggered it - I THINK it has something to do with > a force-resync, but not sure. > > I'm no longer viewing my full list of shared mailboxes. I used to > have a number of users shown - they had all had their ACL's set > individually and were shown in the list. "doveadm acl debug" shows > they SHOULD be shown - at least I think so, as the output for the > mailboxes that DO appear is identical for those that don't. > > Where should I look for breakage? After upgrading to 2.1.6 - mailboxes are back. Not sure I want to TRY to break it again... -- Daniel From dmiller at amfes.com Mon May 7 16:52:49 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 07 May 2012 06:52:49 -0700 Subject: [Dovecot] Shared namespace In-Reply-To: <4FA7D23D.6020408@amfes.com> References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> Message-ID: On 5/7/2012 6:46 AM, Daniel L. Miller wrote: > On 5/6/2012 8:34 PM, Daniel L. Miller wrote: >> I'm not sure what's triggered it - I THINK it has something to do >> with a force-resync, but not sure. >> >> I'm no longer viewing my full list of shared mailboxes. I used to >> have a number of users shown - they had all had their ACL's set >> individually and were shown in the list. "doveadm acl debug" shows >> they SHOULD be shown - at least I think so, as the output for the >> mailboxes that DO appear is identical for those that don't. >> >> Where should I look for breakage? > > After upgrading to 2.1.6 - mailboxes are back. Not sure I want to TRY > to break it again... > Ok - I broke it again. Tried changing mail_shared_explicit_inbox to no - problem mailboxes disappeared again. Changed back to yes - they came back. Problem with both Thunderbird and Roundcube as clients. -- Daniel From tss at iki.fi Mon May 7 21:02:38 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 21:02:38 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> Message-ID: <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> On 7.5.2012, at 16.52, Daniel L. Miller wrote: > Ok - I broke it again. Tried changing mail_shared_explicit_inbox to no - problem mailboxes disappeared again. Changed back to yes - they came back. > > Problem with both Thunderbird and Roundcube as clients. Try talking IMAP protocol manually: a login user pass b list "" * c lsub "" * Are you only talking about shared INBOXes or also other shared mailboxes? mail_shared_explicit_inbox=yes is the default and the same behavior as in previous versions. I don't think that change should be breaking anything.. Changing it to "no" could break your INBOX subscriptions, but other mailboxes should be visible. From jeep at rahul.net Mon May 7 22:11:28 2012 From: jeep at rahul.net (Jeff Lacki) Date: Mon, 07 May 2012 12:11:28 -0700 Subject: [Dovecot] This binary should probably be called with process group set to (vmail) instead of (userid) In-Reply-To: <20120507024328.50E4E1298EE@aqua.rahul.net> References: <20120507024328.50E4E1298EE@aqua.rahul.net> Message-ID: <20120507191128.7F9AD16D336@maya.rahul.net> > > Im sorry to ask another basic question, but Ive tried to find this > answer for several hours now and it eludes me. Im getting the following > when dovecot tries to deliver an email: > > May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 > May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff)) > > I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at? > AFAIK Ive set everything up to use/deliver as 'vmail'. 'jeff' is the only person on this > box with a unix account which is uid 500, but how do I make it use vmail instead? > I forgot to show my dovecot-lda, it seems correct and its setuid as well: -rwsr-x--x 1 vmail vmail 75789 Apr 28 08:15 dovecot-lda* Anyone? I seem to be in permissions hell trying to set things up. Thank you /mf/home/jeep/shell/.signature From dmiller at amfes.com Mon May 7 22:13:56 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 07 May 2012 12:13:56 -0700 Subject: [Dovecot] Shared namespace In-Reply-To: <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> Message-ID: On 5/7/2012 11:02 AM, Timo Sirainen wrote: > On 7.5.2012, at 16.52, Daniel L. Miller wrote: > >> Ok - I broke it again. Tried changing mail_shared_explicit_inbox to no - problem mailboxes disappeared again. Changed back to yes - they came back. >> >> Problem with both Thunderbird and Roundcube as clients. > Try talking IMAP protocol manually: > > a login user pass > b list "" * > c lsub "" * > > Are you only talking about shared INBOXes or also other shared mailboxes? mail_shared_explicit_inbox=yes is the default and the same behavior as in previous versions. I don't think that change should be breaking anything.. Changing it to "no" could break your INBOX subscriptions, but other mailboxes should be visible. > Ok - that gives us a clue. With "yes", the output from list & lsub is basically the same. With "no" - I see a truncated list (missing mailboxes), but lsub still shows them all. -- Daniel From joe at tao.org.uk Mon May 7 22:21:13 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Mon, 7 May 2012 20:21:13 +0100 Subject: [Dovecot] Proxying for some users and having the rest local? Message-ID: <035E0AC8-65C4-4C53-AFE6-0E1958BA8E45@tao.org.uk> I'm migrating a load of mailboxes from cyrus to a new dovecot server. What I'd like to do is to switch the DNS to dovecot, and set things up so that all old imap mailboxes are accessed through the dovecot proxy. That way I can migrate them one at a time independent of DNS issues. I've got a load of users specified in mysql, and that configuration works well for local mailboxes. How do I configure things so that I can switch proxy access on and off? What's I've got so far is: password_query = SELECT user, domain, password, "masteruser" as master, "masterpass" as pass, proxy, "remoteimap.server" as host FROM mailboxes \ WHERE user = '%n' AND isMailbox AND active AND domain = '%d' I imagined that I could switch the proxy per user by setting proxy='n' or proxy=null for any users that want to be local, and proxy='y' for any users that I want to forward on to the original server. It doesn't appear to work that way though. Irrespective of the proxy value dovecot appears to try and proxy all users. What am I doing wrong? I can't work it out from the docs, and the source will take quite a bit of studying to get to the bottom of it all. Thanks :), Joe From tss at iki.fi Mon May 7 22:24:39 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 22:24:39 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> Message-ID: <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> On 7.5.2012, at 22.13, Daniel L. Miller wrote: > On 5/7/2012 11:02 AM, Timo Sirainen wrote: >> On 7.5.2012, at 16.52, Daniel L. Miller wrote: >> >>> Ok - I broke it again. Tried changing mail_shared_explicit_inbox to no - problem mailboxes disappeared again. Changed back to yes - they came back. >>> >>> Problem with both Thunderbird and Roundcube as clients. >> Try talking IMAP protocol manually: >> >> a login user pass >> b list "" * >> c lsub "" * >> >> Are you only talking about shared INBOXes or also other shared mailboxes? mail_shared_explicit_inbox=yes is the default and the same behavior as in previous versions. I don't think that change should be breaking anything.. Changing it to "no" could break your INBOX subscriptions, but other mailboxes should be visible. >> > Ok - that gives us a clue. With "yes", the output from list & lsub is basically the same. With "no" - I see a truncated list (missing mailboxes), but lsub still shows them all. By missing mailboxes I guess you mean the INBOXes aren't anymore in the LIST output, which is exactly what the setting is supposed to do? From tss at iki.fi Mon May 7 22:28:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 22:28:14 +0300 Subject: [Dovecot] Proxying for some users and having the rest local? In-Reply-To: <035E0AC8-65C4-4C53-AFE6-0E1958BA8E45@tao.org.uk> References: <035E0AC8-65C4-4C53-AFE6-0E1958BA8E45@tao.org.uk> Message-ID: <8F3DD822-6508-43A5-A5EE-F76A7B1EB78B@iki.fi> On 7.5.2012, at 22.21, Dr Josef Karthauser wrote: > password_query = SELECT user, domain, password, "masteruser" as master, "masterpass" as pass, proxy, "remoteimap.server" as host FROM mailboxes \ > WHERE user = '%n' AND isMailbox AND active AND domain = '%d' > > I imagined that I could switch the proxy per user by setting proxy='n' or proxy=null for any users that want to be local, and proxy='y' for any users that I want to forward on to the original server. > > It doesn't appear to work that way though. Irrespective of the proxy value dovecot appears to try and proxy all users. If you return a host setting, Dovecot handles it as login referral: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Host So you need to return proxy=null and host=null. If that doesn't seem to help, set auth_debug=yes and verify from the logs that neither of them are returned by auth process. From tss at iki.fi Mon May 7 22:33:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 22:33:07 +0300 Subject: [Dovecot] This binary should probably be called with process group set to (vmail) instead of (userid) In-Reply-To: <20120507191128.7F9AD16D336@maya.rahul.net> References: <20120507024328.50E4E1298EE@aqua.rahul.net> <20120507191128.7F9AD16D336@maya.rahul.net> Message-ID: On 7.5.2012, at 22.11, Jeff Lacki wrote: >> Im sorry to ask another basic question, but Ive tried to find this >> answer for several hours now and it eludes me. Im getting the following >> when dovecot tries to deliver an email: >> >> May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 >> May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff)) >> >> I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at? Postfix is calling dovecot-lda as jeff. > I forgot to show my dovecot-lda, it seems correct and its setuid as well: > > -rwsr-x--x 1 vmail vmail 75789 Apr 28 08:15 dovecot-lda* You shouldn't make it setuid in a vmail setup. And by removing the suid bit from it I'm guessing the error message will also change to say that euid=jeff. > postfix master.cf: > > virtual_transport = vmail > mailbox_command=/opt/dovecot/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" mailbox_command shouldn't be used to deliver mails to virtual users. Use http://wiki2.dovecot.org/LDA/Postfix#Virtual_users instead. From tss at iki.fi Mon May 7 22:37:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 22:37:43 +0300 Subject: [Dovecot] mdbox packing In-Reply-To: References: <4F9EEB5A.3090404@amfes.com> <1335831791.21461.61.camel@innu> <4FA73CD7.4030004@amfes.com> <4FA73D95.9050008@amfes.com> Message-ID: <01358FB1-E4F3-4B19-B29B-2481B05B779A@iki.fi> On 7.5.2012, at 6.22, Daniel L. Miller wrote: >>> Given a mailbox with a larger number of older mails - assuming any new mails will have later dates - will the new mail storage files be identical? I'm probably not saying the right - let me try this: >>> >>> 1. "dsync backup mdbox" (with appropriate args) is run for a given user. >>> 2. "dsync mirror mdbox" is done just to catch up. >>> 3. Old mailstore moved off. >>> 4. New mailstore moved to active location. >>> >>> I'm sure there's a safer way to do the above - but I've got a low-traffic site and I can just shut down mail service altogether for a few minutes if I want during this. >>> >>> Now - repeat the above four steps. Will mail files m.1 through m.(n-1) be identical to the last run? Is this a valid packing strategy prior to performing an rsync type backup - assuming no changes are being made to the archived mails between pack runs? If you stop mail delivery and kill any imap/pop3 processes before running 2 (or alternatively run dsync mirror once more as step 5) then they should have identical mails, but the m.* files most likely won't be identical. dsync doesn't sync files, it syncs mails, and it doesn't care how the mails get stored. >> Given the above, and SIS - if the backup is performed in the same spool, i.e. original is /var/mail/domain/user, backup is /var/mail/domain/user-new - will this result in any problems with SIS? If after the pack and rename operation, the old mail tree is simply deleted - will that leave SIS files unreferenced if the user later deletes the messages from their active store? Yes. Don't just rm -rf the old tree, use doveadm expunge to expunge all mails so they get unreferenced. > And yet another one - dsync does not APPEAR to be copying ACL's in this process. Yeah, it doesn't currently copy ACLs or Sieve scripts. From tss at iki.fi Mon May 7 22:39:27 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 22:39:27 +0300 Subject: [Dovecot] courier to dovecot In-Reply-To: <4FA6C074.3080508@grafibit.hu> References: <4FA6C074.3080508@grafibit.hu> Message-ID: On 6.5.2012, at 21.18, Grafibit Rendszergazda wrote: > I know there were many threads on this topic. I was searching the archive and the net also, but did not find a solution on my problem. I hope you can help me. > > I am migrating from an old server using courier to a new server with dovecot and i can not manage to have the same uids after the migration. .. > # 1.2.15: /etc/dovecot/dovecot.conf The simplest solution would be to use Dovecot v2.x and the new v2.x migration script. From joe at tao.org.uk Mon May 7 22:41:32 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Mon, 7 May 2012 20:41:32 +0100 Subject: [Dovecot] Proxying for some users and having the rest local? In-Reply-To: <8F3DD822-6508-43A5-A5EE-F76A7B1EB78B@iki.fi> References: <035E0AC8-65C4-4C53-AFE6-0E1958BA8E45@tao.org.uk> <8F3DD822-6508-43A5-A5EE-F76A7B1EB78B@iki.fi> Message-ID: <4CD9B8B2-0CCA-47DA-9E57-0E8F19911314@tao.org.uk> On 7 May 2012, at 20:28, Timo Sirainen wrote: > On 7.5.2012, at 22.21, Dr Josef Karthauser wrote: > >> password_query = SELECT user, domain, password, "masteruser" as master, "masterpass" as pass, proxy, "remoteimap.server" as host FROM mailboxes \ >> WHERE user = '%n' AND isMailbox AND active AND domain = '%d' >> >> I imagined that I could switch the proxy per user by setting proxy='n' or proxy=null for any users that want to be local, and proxy='y' for any users that I want to forward on to the original server. >> >> It doesn't appear to work that way though. Irrespective of the proxy value dovecot appears to try and proxy all users. > > If you return a host setting, Dovecot handles it as login referral: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Host > > So you need to return proxy=null and host=null. > > If that doesn't seem to help, set auth_debug=yes and verify from the logs that neither of them are returned by auth process. Perfect, thanks for the quick feedback. (Would it be possible to fix the docs a tweak; it's exactly this kind of information that would be useful to know :). Thanks, Joe From joe at tao.org.uk Mon May 7 22:52:43 2012 From: joe at tao.org.uk (Dr Josef Karthauser) Date: Mon, 7 May 2012 20:52:43 +0100 Subject: [Dovecot] Proxying for some users and having the rest local? In-Reply-To: <8F3DD822-6508-43A5-A5EE-F76A7B1EB78B@iki.fi> References: <035E0AC8-65C4-4C53-AFE6-0E1958BA8E45@tao.org.uk> <8F3DD822-6508-43A5-A5EE-F76A7B1EB78B@iki.fi> Message-ID: <81ADD465-FE1C-47B9-B7F2-64CA5CB47121@tao.org.uk> On 7 May 2012, at 20:28, Timo Sirainen wrote: > If you return a host setting, Dovecot handles it as login referral: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Host > > So you need to return proxy=null and host=null. > > If that doesn't seem to help, set auth_debug=yes and verify from the logs that neither of them are returned by auth process. Ok, setting proxy and host to null is having the desired behaviour. Thanks :). Joe From dmiller at amfes.com Mon May 7 23:03:49 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 07 May 2012 13:03:49 -0700 Subject: [Dovecot] Shared namespace In-Reply-To: <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> Message-ID: On 5/7/2012 12:24 PM, Timo Sirainen wrote: > On 7.5.2012, at 22.13, Daniel L. Miller wrote: > >> On 5/7/2012 11:02 AM, Timo Sirainen wrote: >>> On 7.5.2012, at 16.52, Daniel L. Miller wrote: >>> >>>> Ok - I broke it again. Tried changing mail_shared_explicit_inbox to no - problem mailboxes disappeared again. Changed back to yes - they came back. >>>> >>>> Problem with both Thunderbird and Roundcube as clients. >>> Try talking IMAP protocol manually: >>> >>> a login user pass >>> b list "" * >>> c lsub "" * >>> >>> Are you only talking about shared INBOXes or also other shared mailboxes? mail_shared_explicit_inbox=yes is the default and the same behavior as in previous versions. I don't think that change should be breaking anything.. Changing it to "no" could break your INBOX subscriptions, but other mailboxes should be visible. >>> >> Ok - that gives us a clue. With "yes", the output from list& lsub is basically the same. With "no" - I see a truncated list (missing mailboxes), but lsub still shows them all. > By missing mailboxes I guess you mean the INBOXes aren't anymore in the LIST output, which is exactly what the setting is supposed to do? Not exactly. Using the old style, I'd see something like: shared\ user1\ inbox user2\ inbox user3\ inbox user4\ inbox When it breaks, for whatever reason (whether it's the new setting or something I do), I get: shared\ user2\ user4\ So user1 & user3 are missing entirely. If it "breaks" using the old style, then I would see user 2 & 4 inboxes - but not user 1 & 3. I also have other folders shared from each user. The breakage is that for some reason certain users' mailboxes are simply invisible. As I said, using list vs lsub (and I don't know how those commands are used by clients), lsub will show mailboxes where list doesn't. -- Daniel From tss at iki.fi Mon May 7 23:15:41 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:15:41 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> Message-ID: On 7.5.2012, at 23.03, Daniel L. Miller wrote: > Not exactly. Using the old style, I'd see something like: > > shared\ > user1\ > inbox > user2\ > inbox > user3\ > inbox > user4\ > inbox > > When it breaks, for whatever reason (whether it's the new setting or something I do), I get: > > shared\ > user2\ > user4\ > > So user1 & user3 are missing entirely. If it "breaks" using the old style, then I would see user 2 & 4 inboxes - but not user 1 & 3. I also have other folders shared from each user. Ah, I see. Could you try if the attached patch fixes it? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 466 bytes Desc: not available URL: From feltrin at gmail.com Mon May 7 23:21:35 2012 From: feltrin at gmail.com (Jean Michel) Date: Mon, 7 May 2012 17:21:35 -0300 Subject: [Dovecot] Upgrading known problems (2.0 to 2.1) ? Message-ID: Is there any known/possible problem while upgrading from dovecot 2.0 to 2.1 ? Did anybody had any trouble with this ? ------------------------------ Jean Michel Feltrin From tss at iki.fi Mon May 7 23:27:36 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:27:36 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> Message-ID: <427DB655-3309-44F4-B6D7-352E3D1213E3@iki.fi> On 7.5.2012, at 23.15, Timo Sirainen wrote: >> So user1 & user3 are missing entirely. If it "breaks" using the old style, then I would see user 2 & 4 inboxes - but not user 1 & 3. I also have other folders shared from each user. > > Ah, I see. Could you try if the attached patch fixes it? No, it doesn't. I'll do some more tests. From l.messner at physik.tu-berlin.de Mon May 7 23:40:33 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 7 May 2012 22:40:33 +0200 Subject: [Dovecot] Panic in index-sync.c: line 25 on dovecot-1.2.17 Message-ID: <20120507204033.GA40594@emmi.physik-pool.tu-berlin.de> Hi, with dovecot-1.2.17 (yes i know it's old) i'm getting the folowing error after doing a system upgrade. May 7 22:04:26 mail dovecot: deliver(elon): Panic: file index-sync.c: line 25 (index_mailbox_set_recent_uid): assertion failed: (seq_range_exists(&ibox->recent_flags, uid)) May 7 22:04:27 mail kernel: pid 79989 (deliver), uid 4873: exited on signal 6 (core dumped) this only happens to one user and only with mail from one mailinglist (this one). Mails do get filtered by sieve. After some delivery attempts the mail finaly gets stored alright in the maildir. May 7 22:23:27 mail dovecot: deliver(elon): sieve: msgid=: stored mail into mailbox 'dovecot' May 7 22:23:27 mail postfix/local[82289]: 7DED511402: to=, orig_to=, relay=local, delay=1141, delays=1141/0.01/0/0.26, dsn=2.0.0, status=sent (delivered to command: /usr/local/libexec/dovecot/deliver) May 7 22:23:27 mail postfix/qmgr[1303]: 7DED511402: removed After that a new mail does the same dance (perhaps until the next one to this ML arrives). The maildirs are on NFS and in this case only beeing used with my instance of mutt and two other postfix+dovecot servers which are quite idle. Whats the way to debug this ? Thanks, Leon From tss at iki.fi Mon May 7 23:42:23 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:42:23 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: <427DB655-3309-44F4-B6D7-352E3D1213E3@iki.fi> References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> <427DB655-3309-44F4-B6D7-352E3D1213E3@iki.fi> Message-ID: <6F00836D-9EB2-4672-AC31-49912B0A40B1@iki.fi> On 7.5.2012, at 23.27, Timo Sirainen wrote: > On 7.5.2012, at 23.15, Timo Sirainen wrote: > >>> So user1 & user3 are missing entirely. If it "breaks" using the old style, then I would see user 2 & 4 inboxes - but not user 1 & 3. I also have other folders shared from each user. >> >> Ah, I see. Could you try if the attached patch fixes it? > > No, it doesn't. I'll do some more tests. OK, these should do it: http://hg.dovecot.org/dovecot-2.1/rev/20c9446e537e http://hg.dovecot.org/dovecot-2.1/rev/41f2bcb43dad From ken at allenmyland.com Mon May 7 23:44:49 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Mon, 07 May 2012 16:44:49 -0400 Subject: [Dovecot] dsync with virtual users In-Reply-To: <4FA7B5EA.6090402@Media-Brokers.com> References: <4FA7B5EA.6090402@Media-Brokers.com> Message-ID: <555743c621472ef66ee4ae30457ba051@allenmyland.com> On 2012-05-07 07:45, Charles Marcus wrote: > Is there a question in there somewhere? Sorry about that. I'm trying to understand the syntax of the dsync command. I have two servers with almost identical mail setups using dovecot 2.13. Here's the source side: $ doveadm user ken at allenmyland.com userdb: ken at allenmyland.com home : /var/vmail/ken at allenmyland.com uid : 5000 gid : 5000 Here's the destination side: root at abbott4 ~ # doveadm user ken at allenmyland.com userdb: ken at allenmyland.com home : /zdata/vmail/ken at allenmyland.com uid : 5000 gid : 5000 What is the correct syntax of the dsync command to backup email from the first server to the second? If I su to vmail then use $ dsync -u ken at allenmyland.com backup ken at abbott4.allenmyland.com I get : dsync-local(ken at allenmyland.com): Error: remote: doveadm(ken): Fatal: User doesn't exist dsync-local(ken at allenmyland.com): Error: read() from worker server failed: EOF I presume that's because it's doing a user lookup on the remote side for ken instead of using my email address. How do I specify the username for the remote side? Any help would be appreciated. From tss at iki.fi Mon May 7 23:45:52 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:45:52 +0300 Subject: [Dovecot] Panic in index-sync.c: line 25 on dovecot-1.2.17 In-Reply-To: <20120507204033.GA40594@emmi.physik-pool.tu-berlin.de> References: <20120507204033.GA40594@emmi.physik-pool.tu-berlin.de> Message-ID: <37CE1BDC-C95B-4F85-997D-81410C086BDB@iki.fi> On 7.5.2012, at 23.40, Leon Me?ner wrote: > with dovecot-1.2.17 (yes i know it's old) i'm getting the folowing error > after doing a system upgrade. > > May 7 22:04:26 mail dovecot: deliver(elon): Panic: file index-sync.c: line 25 (index_mailbox_set_recent_uid): > assertion failed: (seq_range_exists(&ibox->recent_flags, uid)) This is a bug, and in v2.x the assert has been replaced with a non-fatal error message. Although I haven't recently heard of people reporting this error, so perhaps it has been fully fixed already. > After that a new mail does the same dance (perhaps until the next one to > this ML arrives). The maildirs are on NFS and in this case only beeing > used with my instance of mutt and two other postfix+dovecot servers > which are quite idle. Whats the way to debug this ? I don't know why it happens in v1.2 and I don't know if there's a way to fix it other than upgrading. From l.messner at physik.tu-berlin.de Mon May 7 23:49:54 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Mon, 7 May 2012 22:49:54 +0200 Subject: [Dovecot] Panic in index-sync.c: line 25 on dovecot-1.2.17 In-Reply-To: <37CE1BDC-C95B-4F85-997D-81410C086BDB@iki.fi> References: <20120507204033.GA40594@emmi.physik-pool.tu-berlin.de> <37CE1BDC-C95B-4F85-997D-81410C086BDB@iki.fi> Message-ID: <20120507204954.GB40594@emmi.physik-pool.tu-berlin.de> On Mon, May 07, 2012 at 11:45:52PM +0300, Timo Sirainen wrote: > On 7.5.2012, at 23.40, Leon Me?ner wrote: > > > with dovecot-1.2.17 (yes i know it's old) i'm getting the folowing error > > after doing a system upgrade. > > > > May 7 22:04:26 mail dovecot: deliver(elon): Panic: file index-sync.c: line 25 (index_mailbox_set_recent_uid): > > assertion failed: (seq_range_exists(&ibox->recent_flags, uid)) > > This is a bug, and in v2.x the assert has been replaced with a non-fatal error message. Although I haven't recently heard of people reporting this error, so perhaps it has been fully fixed already. > > > After that a new mail does the same dance (perhaps until the next one to > > this ML arrives). The maildirs are on NFS and in this case only beeing > > used with my instance of mutt and two other postfix+dovecot servers > > which are quite idle. Whats the way to debug this ? > > I don't know why it happens in v1.2 and I don't know if there's a way to fix it other than upgrading. > Alright, i'm already planning to upgrade this machine. Seems like i do have one more good reason. thanks Timo, Leon From tss at iki.fi Mon May 7 23:51:58 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:51:58 +0300 Subject: [Dovecot] dsync with virtual users In-Reply-To: <555743c621472ef66ee4ae30457ba051@allenmyland.com> References: <4FA7B5EA.6090402@Media-Brokers.com> <555743c621472ef66ee4ae30457ba051@allenmyland.com> Message-ID: <41C198AE-7395-47B8-8783-CCEAFAC09600@iki.fi> On 7.5.2012, at 23.44, Ken Stevenson wrote: > I have two servers with almost identical mail setups using dovecot 2.13. .. > $ dsync -u ken at allenmyland.com backup ken at abbott4.allenmyland.com Might as well move to the new dsync syntax. I really should update the man and wiki pages for this..: doveadm backup -u ken at allenmyland.com abbott4.allenmyland.com From tss at iki.fi Mon May 7 23:53:26 2012 From: tss at iki.fi (Timo Sirainen) Date: Mon, 7 May 2012 23:53:26 +0300 Subject: [Dovecot] Upgrading known problems (2.0 to 2.1) ? In-Reply-To: References: Message-ID: <57A14720-DEF4-480E-BC11-1DB7C7C41963@iki.fi> On 7.5.2012, at 23.21, Jean Michel wrote: > Is there any known/possible problem while upgrading from dovecot 2.0 to 2.1 > ? > Did anybody had any trouble with this ? http://wiki2.dovecot.org/Upgrading/2.1 lists all known problems. From rendszergazda at grafibit.hu Tue May 8 00:27:59 2012 From: rendszergazda at grafibit.hu (=?ISO-8859-1?Q?Grafibit_Admin_-_Tam=E1s_Tiboldi?=) Date: Mon, 07 May 2012 23:27:59 +0200 Subject: [Dovecot] courier to dovecot In-Reply-To: References: <4FA6C074.3080508@grafibit.hu> Message-ID: <4FA83E5F.4030009@grafibit.hu> Hi, Thanks, i'll try. I figured out that the old Courier server has different uids for IMAP and for POP3 Is there a way to handle this in Dovecot? (Or i have to update the courier impa file to have the pop3 UIDs in that as well, then do the migration?) Thanks, Tamas On 2012.05.07. 21:39, Timo Sirainen wrote: > On 6.5.2012, at 21.18, Grafibit Rendszergazda wrote: > >> I know there were many threads on this topic. I was searching the archive and the net also, but did not find a solution on my problem. I hope you can help me. >> >> I am migrating from an old server using courier to a new server with dovecot and i can not manage to have the same uids after the migration. > .. >> # 1.2.15: /etc/dovecot/dovecot.conf > The simplest solution would be to use Dovecot v2.x and the new v2.x migration script. > > From tss at iki.fi Tue May 8 00:36:10 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 8 May 2012 00:36:10 +0300 Subject: [Dovecot] Upgrading known problems (2.0 to 2.1) ? In-Reply-To: References: <57A14720-DEF4-480E-BC11-1DB7C7C41963@iki.fi> Message-ID: Yes, that's possible. The IMAP/POP3 servers behind Dovecot director wouldn't even need to be Dovecots at all. Although you really want to use v2.1 director since it has a lot of fixes compared to v2.0. On 8.5.2012, at 0.02, Jean Michel wrote: > Thanks, an other thing is that I didnt saw anything about a cenario like this, its possible to have a director working on 2.0 and a backend with 2.1 simultaneously and vice-versa? > > 2012/5/7 Timo Sirainen > On 7.5.2012, at 23.21, Jean Michel wrote: > > > Is there any known/possible problem while upgrading from dovecot 2.0 to 2.1 > > ? > > Did anybody had any trouble with this ? > > http://wiki2.dovecot.org/Upgrading/2.1 lists all known problems. > > > > > -- > ------------------------------ > Jean Michel Feltrin > From tss at iki.fi Tue May 8 00:38:29 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 8 May 2012 00:38:29 +0300 Subject: [Dovecot] courier to dovecot In-Reply-To: <4FA83E5F.4030009@grafibit.hu> References: <4FA6C074.3080508@grafibit.hu> <4FA83E5F.4030009@grafibit.hu> Message-ID: <4E50F4E6-99FA-48FA-A673-7AAB9DD96C2B@iki.fi> IMAP and POP3 always have different looking UIDs, but with Courier it is often possible to generate POP3 UIDs from IMAP UIDs. Dovecot v1.x migration script relies on this. Dovecot v2.x migration script can handle completely different IMAP vs POP3 UIDs. On 8.5.2012, at 0.27, Grafibit Admin - Tam?s Tiboldi wrote: > Hi, > > Thanks, i'll try. > I figured out that the old Courier server has different uids for IMAP and for POP3 Is there a way to handle this in Dovecot? > (Or i have to update the courier impa file to have the pop3 UIDs in that as well, then do the migration?) > > Thanks, > Tamas > > On 2012.05.07. 21:39, Timo Sirainen wrote: >> On 6.5.2012, at 21.18, Grafibit Rendszergazda wrote: >> >>> I know there were many threads on this topic. I was searching the archive and the net also, but did not find a solution on my problem. I hope you can help me. >>> >>> I am migrating from an old server using courier to a new server with dovecot and i can not manage to have the same uids after the migration. >> .. >>> # 1.2.15: /etc/dovecot/dovecot.conf >> The simplest solution would be to use Dovecot v2.x and the new v2.x migration script. >> >> From dmiller at amfes.com Tue May 8 00:46:24 2012 From: dmiller at amfes.com (Daniel L. Miller) Date: Mon, 07 May 2012 14:46:24 -0700 Subject: [Dovecot] Shared namespace In-Reply-To: <6F00836D-9EB2-4672-AC31-49912B0A40B1@iki.fi> References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> <427DB655-3309-44F4-B6D7-352E3D1213E3@iki.fi> <6F00836D-9EB2-4672-AC31-49912B0A40B1@iki.fi> Message-ID: On 5/7/2012 1:42 PM, Timo Sirainen wrote: > On 7.5.2012, at 23.27, Timo Sirainen wrote: > >> On 7.5.2012, at 23.15, Timo Sirainen wrote: >> >>>> So user1& user3 are missing entirely. If it "breaks" using the old style, then I would see user 2& 4 inboxes - but not user 1& 3. I also have other folders shared from each user. >>> Ah, I see. Could you try if the attached patch fixes it? >> No, it doesn't. I'll do some more tests. > OK, these should do it: > > http://hg.dovecot.org/dovecot-2.1/rev/20c9446e537e > http://hg.dovecot.org/dovecot-2.1/rev/41f2bcb43dad > Ok - new problem. Now the user mailboxes DO appear - however that's ALL I see. The Sent/Trash/whatever folders, that were previously shared & visible - gone. Changing back to "yes" brings them back. -- Daniel From tss at iki.fi Tue May 8 01:44:33 2012 From: tss at iki.fi (Timo Sirainen) Date: Tue, 8 May 2012 01:44:33 +0300 Subject: [Dovecot] Shared namespace In-Reply-To: References: <4FA742E3.4090000@amfes.com> <4FA7D23D.6020408@amfes.com> <4FA7D3B1.5080005@amfes.com> <7E809BBD-8D10-444A-AF1B-C7ECEE8906E3@iki.fi> <4FA81EF4.6050405@amfes.com> <99903373-C6A9-44E0-B6A8-1B06EFB5F3F9@iki.fi> <427DB655-3309-44F4-B6D7-352E3D1213E3@iki.fi> <6F00836D-9EB2-4672-AC31-49912B0A40B1@iki.fi> Message-ID: <6DED6381-A71B-4A96-99D2-7DA058AB0169@iki.fi> On 8.5.2012, at 0.46, Daniel L. Miller wrote: > Ok - new problem. Now the user mailboxes DO appear - however that's ALL I see. The Sent/Trash/whatever folders, that were previously shared & visible - gone. > > Changing back to "yes" brings them back. Hmm. Fixed in hg, but now I'm wondering about the \HasChildren vs. \HasNoChildren flags. I think the whole approach I was using can't work 100% reliably here.. From almarzuki2001 at hotmail.com Tue May 8 04:11:49 2012 From: almarzuki2001 at hotmail.com (Hadi Salem) Date: Tue, 8 May 2012 04:11:49 +0300 Subject: [Dovecot] dovecot smtp authentication with sendmail Message-ID: Hi, It?s possible to use sasl dovecot smtp authentication with sendmail ? Hadi.Salem From jdonovan at beth.k12.pa.us Tue May 8 05:04:02 2012 From: jdonovan at beth.k12.pa.us (jeff donovan) Date: Mon, 7 May 2012 22:04:02 -0400 Subject: [Dovecot] dovecot smtp authentication with sendmail In-Reply-To: References: Message-ID: <9D00B19F-14A6-452D-81D1-2B2DAE00DFDD@beth.k12.pa.us> On May 7, 2012, at 9:11 PM, Hadi Salem wrote: > > > > > > Hi, > > It?s possible to use sasl dovecot smtp authentication with > sendmail ? > > > Hadi.Salem yes via postfix. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2497 bytes Desc: not available URL: From f.bonnet at esiee.fr Tue May 8 10:16:35 2012 From: f.bonnet at esiee.fr (Frank Bonnet) Date: Tue, 08 May 2012 09:16:35 +0200 Subject: [Dovecot] mixed MBOX and Maildir format ? Message-ID: <4FA8C853.6010305@esiee.fr> Hello would it be possible to have mixed formats in Dovecot 2.1.x userland ? I mean MBOX format for INBOXes Maildir format for IMAP folders ( to let users create subfolders ) Thank you From tcsmith1978 at googlemail.com Tue May 8 11:59:38 2012 From: tcsmith1978 at googlemail.com (tcsmith1978) Date: Tue, 8 May 2012 01:59:38 -0700 (PDT) Subject: [Dovecot] Enforcing Dovecot Quotas Message-ID: <33763561.post@talk.nabble.com> Hello, I have been looking at enforcing quotas for users of my mail system (postfix and Dovecot v1.2). Have tried to follow a few tuts on the web but its not having the desired effect. Essentially I can still send and receive mail on an account that I believe has had its quota exceeded. In my main.cf, I have: userdb sql { args = /etc/dovecot/mysql/dovecot-mysql.conf } passdb sql { args = /etc/dovecot/mysql/dovecot-mysql.conf } and... protocol lda { mail_plugins = quota } protocol imap { mail_plugins = quota imap_quota } plugin { quota_exceeded_message = You have exceeded the maximum quota for your mailbox } the dovecot sql (mysql) file has the following query for pulling out user ids and quotas etc: user_query = SELECT maildir, mymailuser as uid, mymailgroup as gid,concat('maildir:storage=',quota) as quota FROM virtual_mailbox WHERE username = '%u' I have set one of my users to have a quota of 1 (so one byte I believe) so it should be over the limit pretty much immediately. Looking at the logs I can see that the system is picking up on the quota limit but doesn't seem to enforce it. Apr 27 10:29:02 deliver(test at testdomain.com): Info: auth input: quota=maildir:storage=1 Apr 27 10:29:02 deliver(test at testdomain.com): Info: Quota root: name=storage=1 backend=maildir args= Any ideas? Am i missing something? -- View this message in context: http://old.nabble.com/Enforcing-Dovecot-Quotas-tp33763561p33763561.html Sent from the Dovecot mailing list archive at Nabble.com. From rob0 at gmx.co.uk Tue May 8 15:34:45 2012 From: rob0 at gmx.co.uk (/dev/rob0) Date: Tue, 8 May 2012 07:34:45 -0500 Subject: [Dovecot] dovecot smtp authentication with sendmail In-Reply-To: <9D00B19F-14A6-452D-81D1-2B2DAE00DFDD@beth.k12.pa.us> References: <9D00B19F-14A6-452D-81D1-2B2DAE00DFDD@beth.k12.pa.us> Message-ID: <20120508123445.GN3502@harrier.slackbuilds.org> On Mon, May 07, 2012 at 10:04:02PM -0400, jeff donovan wrote: > On May 7, 2012, at 9:11 PM, Hadi Salem wrote: > > It?s possible to use sasl dovecot smtp authentication with > > sendmail ? > > yes via postfix. Which is to say: no. Sendmail MTA has not implemented Dovecot SASL. Postfix's sendmail(1) binary receives mail via stdin, and does not authenticate. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From frank at moltke28.B.Shuttle.DE Tue May 8 16:22:11 2012 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Tue, 8 May 2012 15:22:11 +0200 Subject: [Dovecot] Exim / Dovecot and AUTH LOGIN Message-ID: (auto-added) Hi to both adressed mailing lists, I followed the instructions in http://wiki2.dovecot.org/HowTo/EximAndDovecotSASL exim.conf: | plain: | driver = dovecot | public_name = PLAIN | server_socket = /var/run/dovecot/auth-client | server_set_id = $auth1 | | login: | driver = dovecot | public_name = LOGIN | server_socket = /var/run/dovecot/auth-client | server_set_id = $auth1 10-master.conf for dovecot: | service auth { | # auth_socket_path points to this userdb socket by default. It's typically | # used by dovecot-lda, doveadm, possibly imap process, etc. Its default | # permissions make it readable only by root, but you may need to relax these | # permissions. Users that have access to this socket are able to get a list | # of all usernames and get results of everyone's userdb lookups. | # unix_listener auth-userdb { | #mode = 0600 | #user = | #group = | # } | | # Exim SMTP AUTH | unix_listener auth-client { | mode = 0660 | user = exim | group = exim | } PLAIN Authentication works perfect, LOGIN gives 2012-05-08 15:08:43 login authenticator failed for xxxxxx.tu-berlin.de [130.149.X.YY]: 435 Unable to authenticate at present: authentication socket protocol error Where is the problem? Kind regards, Frank Elsner From thierry at odry.net Tue May 8 16:29:01 2012 From: thierry at odry.net (Thierry de Montaudry) Date: Tue, 8 May 2012 15:29:01 +0200 Subject: [Dovecot] dovecot smtp authentication with sendmail In-Reply-To: <20120508123445.GN3502@harrier.slackbuilds.org> References: <9D00B19F-14A6-452D-81D1-2B2DAE00DFDD@beth.k12.pa.us> <20120508123445.GN3502@harrier.slackbuilds.org> Message-ID: <9F8755AC-FE26-46A3-BEB6-D4B727844BF4@odry.net> On 8 May 2012, at 14:34, /dev/rob0 wrote: > On Mon, May 07, 2012 at 10:04:02PM -0400, jeff donovan wrote: >> On May 7, 2012, at 9:11 PM, Hadi Salem wrote: >>> It?s possible to use sasl dovecot smtp authentication with >>> sendmail ? >> >> yes via postfix. > > Which is to say: no. Sendmail MTA has not implemented Dovecot SASL. > Postfix's sendmail(1) binary receives mail via stdin, and does not > authenticate. > -- > http://rob0.nodns4.us/ -- system administration and consulting > Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: Hi, I do have a system that uses sendmail and SMTP authentication, which is done through the saslauthd daemon (comes as cyrus-sasl-* RPMs in RedHat/CentOS). The sasl daemon uses a tcpip imap connection to another machine which runs dovecot 2.1.5 (was working previously with 1.2). The options to set in sendmail.mc (you might want different mechanisms): define(`confAUTH_OPTIONS', `A p') TRUST_AUTH_MECH(`LOGIN PLAIN') define(`confAUTH_MECHANISMS', `LOGIN PLAIN') and then configure saslauthd to connect to your imap server. Thierry From frank at moltke28.B.Shuttle.DE Tue May 8 16:34:26 2012 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Tue, 8 May 2012 15:34:26 +0200 Subject: [Dovecot] [+]: Exim / Dovecot and AUTH LOGIN Message-ID: (auto-added) On Tue, 8 May 2012 15:22:11 +0200 Frank Elsner wrote: > > Hi to both adressed mailing lists, > > I followed the instructions in http://wiki2.dovecot.org/HowTo/EximAndDovecotSASL Forgot to mention the versions :-( exim 4.77 dovecot 2.1.6 self compiled under Fedora 14. --Frank Elsner From delrio at mie.utoronto.ca Tue May 8 20:36:02 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Tue, 08 May 2012 13:36:02 -0400 Subject: [Dovecot] lmtp_save_to_detail_mailbox not working? Message-ID: <4FA95982.1080208@mie.utoronto.ca> Dovecot 2.1.6, with lmtp_save_to_detail_mailbox=yes recipient_delimiter=+ messages addressed to "user+detail at domain" are always delivered to INBOX regardless if "detail" mailbox already exists or lda_mailbox_autocreate=yes. Anything else needed to enable lmtp_save_to_detail_mailbox feature? Thanks, Oscar From markus at opsys.de Tue May 8 21:17:18 2012 From: markus at opsys.de (Markus Fritz) Date: Tue, 08 May 2012 20:17:18 +0200 Subject: [Dovecot] Thunderbird STARTTLS error Message-ID: <4FA9632E.3030609@opsys.de> Hello, the error is still present: May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth attempts): rip=82.113.119.140, lip=78.46.216.126 Whenever I start a session with openssl to STARTTTL (Server: mail.opsys.de) the handshake is successfull. Also I am able to login to my account via 1 login. In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on port 143 isn't working properly. The cert is Class 1 and signed by StartCom Ltd.. Dovecot.conf (for viewable reasons of this mail pasted): http://pastie.org/private/bmrymyuo16ohzxdahf0nq And here openssl output: http://pastie.org/private/3rpgll2s7hblev9ozpcq8w Note the 'Verify return code: 21 (unable to verify the first certificate)' in the output... Thanks for helping, I am working on this problem since 3 days. Kind regards Markus Fritz From frank at moltke28.B.Shuttle.DE Tue May 8 21:51:49 2012 From: frank at moltke28.B.Shuttle.DE (Frank Elsner) Date: Tue, 8 May 2012 20:51:49 +0200 Subject: [Dovecot] [exim] Exim / Dovecot and AUTH LOGIN In-Reply-To: <4FA95C3B.2040707@truls.org> References: <4FA95C3B.2040707@truls.org> Message-ID: On Tue, 08 May 2012 19:47:39 +0200 Jonas Eckerman wrote: > On 2012-05-08 15:22, Frank Elsner wrote: > > [About exim authenticating PLAIN and LOGIN against dovecot auth socket] > > > PLAIN Authentication works perfect, LOGIN gives > > > 2012-05-08 15:08:43 login authenticator failed for xxxxxx.tu-berlin.de [130.149.X.YY]: 435 Unable to authenticate at present: authentication socket protocol error > > This is just a guess since I'm not too good at dovecot, but could it be > that you need to set at least "auth_mechanisms = plain login" your in > dovecot config? Yeah, that was it! You made my day! --Frank Elsner From fxmulder at gmail.com Tue May 8 21:55:19 2012 From: fxmulder at gmail.com (James Devine) Date: Tue, 8 May 2012 12:55:19 -0600 Subject: [Dovecot] Director and backend on the same server Message-ID: I have setup director and a backend dovecot service on the same machine using different ports. The backend service is listening on the default 24, 110 and 143 for lmtp, pop3 and imap respectively. Director is listening on 10024, 10110 and 10143 for the same respective services. I can get this setup to work if I have one backend server on a different IP listening on 10024, it seems director tries to use the same port it is listening on when making backend connections. If I point it to the local backend server, it tries to connect to itself which fails. Is there a way to specify the backend ports that director tries to connect to? I see there is a way to specify the port in director_servers but I'm not sure how I would specify the different ports for the different backend services, if this is even possible. From ken at allenmyland.com Tue May 8 21:58:15 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Tue, 08 May 2012 14:58:15 -0400 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FA9632E.3030609@opsys.de> References: <4FA9632E.3030609@opsys.de> Message-ID: I'm just learning about this, but I was able to get it working recently. Also I haven't read your earlier posts. Did you receive intermediate certificates from StartCom? When I got my certificate, I had to concatenate together the contents of the domain_name.crt file and the gd_bundle.crt file. That concatenated file is the one I specify for ssl_cert_file. It has 4 certificates in it. I ask because when I run the openssl command, my certificate chain has 4 sections where yours only has one. Does your ssl.cert have the intermediate certificates in it? On 2012-05-08 14:17, Markus Fritz wrote: > Hello, > > the error is still present: > May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=82.113.119.140, lip=78.46.216.126 > > Whenever I start a session with openssl to STARTTTL (Server: > mail.opsys.de) the handshake is successfull. Also I am able to login > to my account via 1 login. > In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on > port 143 isn't working properly. > The cert is Class 1 and signed by StartCom Ltd.. > Dovecot.conf (for viewable reasons of this mail pasted): > http://pastie.org/private/bmrymyuo16ohzxdahf0nq > And here openssl output: > http://pastie.org/private/3rpgll2s7hblev9ozpcq8w > Note the 'Verify return code: 21 (unable to verify the first > certificate)' in the output... > > Thanks for helping, I am working on this problem since 3 days. > > Kind regards > > Markus Fritz From l.messner at physik.tu-berlin.de Tue May 8 23:12:49 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Tue, 8 May 2012 22:12:49 +0200 Subject: [Dovecot] Enforcing Dovecot Quotas In-Reply-To: <33763561.post@talk.nabble.com> References: <33763561.post@talk.nabble.com> Message-ID: <20120508201249.GC40594@emmi.physik-pool.tu-berlin.de> On Tue, May 08, 2012 at 01:59:38AM -0700, tcsmith1978 wrote: > > Hello, > > I have been looking at enforcing quotas for users of my mail system (postfix > and Dovecot v1.2). Have tried to follow a few tuts on the web but its not > having the desired effect. Essentially I can still send and receive mail on > an account that I believe has had its quota exceeded. > > In my main.cf, I have: > > userdb sql { > args = /etc/dovecot/mysql/dovecot-mysql.conf > } > passdb sql { > args = /etc/dovecot/mysql/dovecot-mysql.conf > } > > and... > > protocol lda { > mail_plugins = quota > } > > protocol imap { > mail_plugins = quota imap_quota > } > > plugin { > quota_exceeded_message = You have exceeded the maximum quota for > your mailbox > } > > the dovecot sql (mysql) file has the following query for pulling out user > ids and quotas etc: > > user_query = SELECT maildir, mymailuser as uid, mymailgroup as > gid,concat('maildir:storage=',quota) as quota FROM virtual_mailbox WHERE > username = '%u' > > I have set one of my users to have a quota of 1 (so one byte I believe) so > it should be over the limit pretty much immediately. > > Looking at the logs I can see that the system is picking up on the quota > limit but doesn't seem to enforce it. > > Apr 27 10:29:02 deliver(test at testdomain.com): Info: auth input: > quota=maildir:storage=1 > Apr 27 10:29:02 deliver(test at testdomain.com): Info: Quota root: > name=storage=1 backend=maildir args= > > Any ideas? Am i missing something? i would try something like in the wiki: plugin { quota = maildir:User quota quota_exceeded_message = You have exceeded } Never used mysql for userdb or passdb though. Perhaps this would work: user_query = SELECT maildir, mymailuser as uid, mymailgroup as gid,concat('*:storage=',quota) as quota_rule FROM virtual_mailbox WHERE username = '%u > -- > View this message in context: http://old.nabble.com/Enforcing-Dovecot-Quotas-tp33763561p33763561.html > Sent from the Dovecot mailing list archive at Nabble.com. > From tss at iki.fi Wed May 9 03:20:28 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 09 May 2012 03:20:28 +0300 Subject: [Dovecot] mixed MBOX and Maildir format ? In-Reply-To: <4FA8C853.6010305@esiee.fr> References: <4FA8C853.6010305@esiee.fr> Message-ID: <1336522828.4782.12.camel@innu> On Tue, 2012-05-08 at 09:16 +0200, Frank Bonnet wrote: > Hello > > would it be possible to have mixed formats in Dovecot 2.1.x userland ? > > I mean > > MBOX format for INBOXes > Maildir format for IMAP folders ( to let users create subfolders ) You could, although I think it's a bad idea (more complex, mbox breaks easlier, etc.) http://wiki2.dovecot.org/Namespaces#Examples From tss at iki.fi Wed May 9 03:25:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 09 May 2012 03:25:09 +0300 Subject: [Dovecot] Director and backend on the same server In-Reply-To: References: Message-ID: <1336523109.4782.15.camel@innu> On Tue, 2012-05-08 at 12:55 -0600, James Devine wrote: > I have setup director and a backend dovecot service on the same machine > using different ports. The backend service is listening on the default 24, > 110 and 143 for lmtp, pop3 and imap respectively. Director is listening on > 10024, 10110 and 10143 for the same respective services. I'd make director listen on 24/110/143, so you don't accidentally connect there when you intended to connect to director, and end up accessing mails via wrong server. > I can get this setup to work if I have one backend server on a different IP > listening on 10024, it seems director tries to use the same port it is > listening on when making backend connections. > > If I point it to the local backend server, it tries to connect to itself > which fails. Is there a way to specify the backend ports that director > tries to connect to? I see there is a way to specify the port > in director_servers but I'm not sure how I would specify the different > ports for the different backend services, if this is even possible. The passdb lookup can return which port to connect to. Director only sets the destination IP, everything else happens the same as with non-director proxying: http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy From tss at iki.fi Wed May 9 03:30:03 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 09 May 2012 03:30:03 +0300 Subject: [Dovecot] lmtp_save_to_detail_mailbox not working? In-Reply-To: <4FA95982.1080208@mie.utoronto.ca> References: <4FA95982.1080208@mie.utoronto.ca> Message-ID: <1336523403.4782.16.camel@innu> On Tue, 2012-05-08 at 13:36 -0400, Oscar del Rio wrote: > Dovecot 2.1.6, with > lmtp_save_to_detail_mailbox=yes > recipient_delimiter=+ > > messages addressed to "user+detail at domain" are always delivered to INBOX > regardless if "detail" mailbox already exists or lda_mailbox_autocreate=yes. > > Anything else needed to enable lmtp_save_to_detail_mailbox feature? Works fine with me. Do you have Sieve enabled? Set mail_debug=yes, what does it log when delivering a mail? From ashley.github at gmail.com Wed May 9 05:17:33 2012 From: ashley.github at gmail.com (ashley willis) Date: Tue, 08 May 2012 21:17:33 -0500 Subject: [Dovecot] IMAP NOTIFY extension Message-ID: your work on NOTIFY was brought to my attention, and I see it hasn't been changed in two months, a week after you announced it. a few users and some mail admins have been wanting something like this for k9 mail, which I help develop. what is the current status? is it worth installing and starting work in getting k9 to support it yet? I'd offer help on your end, but I just know java and perl. c code usually confuses me (i keep meaning to learn, but...). thanks! -ashley -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. From tss at iki.fi Wed May 9 05:46:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 09 May 2012 05:46:02 +0300 Subject: [Dovecot] IMAP NOTIFY extension In-Reply-To: References: Message-ID: <1336531562.4782.23.camel@innu> On Tue, 2012-05-08 at 21:17 -0500, ashley willis wrote: > your work on NOTIFY was brought to my attention, and I see it hasn't > been changed in two months, a week after you announced it. a few users > and some mail admins have been wanting something like this for k9 > mail, which I help develop. what is the current status? is it worth > installing and starting work in getting k9 to support it yet? I'd > offer help on your end, but I just know java and perl. c code usually > confuses me (i keep meaning to learn, but...). thanks! I'm planning on continuing it, but first I'll need to get dsync rewrite finished. It's getting close.. I think you should be able to already test the NOTIFY code, at least if your main purpose is to see when non-selected mailboxes change. My TODO list says: - check how FlagChange handles HIGHESTMODSEQ when it hasn't previously been enabled - fetch-att for NOTIFY and for SEARCH UPDATE - implement MailboxName, SubscriptionChange Also I think you must have mailbox_list_indexes=yes for NOTIFY to see any changes. The "fetch-att" means that you can't tell Dovecot to push FETCH fields for new messages. From lori.seda at gmail.com Wed May 9 09:49:38 2012 From: lori.seda at gmail.com (Lori Seda) Date: Wed, 9 May 2012 14:49:38 +0800 Subject: [Dovecot] Client got empty email from dovecot Message-ID: Hi, I built a mail server with qmail + vpopmail + dovecot , the qmail and vpopmail worked well, until the dovecot was installed. Client always get empty email, I have try some solutions from google, neither of then can solve the problem. Here is the detailed information of logs, version, and output of 'dovecot -n', please help, thanks. Lori *Log:* May 9 14:16:23 mail dovecot: pop3-login: Login: user=, method=PLAIN, rip=111.14.98.135, lip=10.247.108.189, mpid=23467, session= May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Cached message size larger than expected (575 > 61) May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Maildir filename has wrong S value, renamed the file from /home/vpopmail/domain_dir/ site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=575:2, to /home/vpopmail/domain_dir/ site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=61:2, May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Corrupted index cache file /home/vpopmail/domain_dir/ site1.com/sunl/Maildir/dovecot.index.cache: Broken physical size for mail UID 1 May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Cached message size larger than expected (575 > 61) May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Corrupted index cache file /home/vpopmail/domain_dir/ site1.com/sunl/Maildir/dovecot.index.cache: Broken physical size for mail UID 1 May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: read(/home/vpopmail/domain_dir/ site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=575:2,) failed: Input/output error (uid=1) May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Disconnected: Logged out top=0/0, retr=1/78, del=0/1, size=63 *Version:* [root]vpopmail# dovecot --version *2.1.6* dovecot -n: [root]vpopmail# dovecot -n # 2.1.6: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.18-164.el5 x86_64 Red Hat Enterprise Linux Server release 5.4 (Tikanga) ext3 auth_cache_size = 10 M auth_default_realm = site1.com auth_mechanisms = plain login cram-md5 auth_socket_path = /usr/local/var/run/dovecot/auth-userdb default_internal_user = vpopmail default_login_user = vpopmail disable_plaintext_auth = no first_valid_uid = 516 hostname = mail.site1.com last_valid_uid = 516 listen = * mail_access_groups = 516 mail_gid = 513 mail_location = maildir:/home/vpopmail/domain_dir/%d/%n/Maildir/ mail_privileged_group = 513 mail_uid = 516 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = cache_key=%u webmail=127.0.0.1 driver = vpopmail } postmaster_address = postmaster at site1.com protocols = imap pop3 sendmail_path = /var/qmail/bin/sendmail service auth-worker { user = $default_internal_user } service auth { unix_listener auth-userdb { group = vchkpw mode = 0666 user = vpopmail } user = $default_internal_user } service imap-login { inet_listener imaps { ssl = yes } } service pop3-login { inet_listener pop3s { ssl = yes } } ssl_cert = References: <860142E12E7E49EB9B8698B22F373BDC@CESAR> <4FA19938.5050900@vitalwerks.com> <16C60C5ADB024684AB6C6E434A9B49C1@CESAR> <4FA2C890.70603@vitalwerks.com> <516239F4D08B4FE784F7745A92121ECB@CESAR> <629855521.91358.1336207899681.JavaMail.www@wwinf1g24> Message-ID: It works. Thanks a lot. Regards -----Message d'origine----- From: Timo Sirainen Sent: Sunday, May 06, 2012 5:46 AM To: Gilles ALBUSAC Cc: Dovecot Mailing List Subject: Re: [Dovecot] Dovecot for POP3S proxying So, what you need is to first make authentication with LDAP work, and then add the proxying fields: pass_attrs = \ =proxy=y, =host=exchange-ip, ..any other fields required for auth.. On 5.5.2012, at 11.51, Gilles ALBUSAC wrote: > LDAP passdb lookup > > >> Message du 04/05/12 17:42 >> De : "Timo Sirainen" >> A : "Gilles Albusac" >> Copie ? : "Dovecot Mailing List" >> Objet : Re: [Dovecot] Dovecot for POP3S proxying >> >> On 4.5.2012, at 9.33, Gilles Albusac wrote: >> >>> Dovecot is installed but actually I just use auth module (for postfix >>> authentication). >>> >>> In your dovecot.conf example, I don't see the "proxy" command ? >> >> The proxying is enabled by having the passdb lookup return a "proxy" >> extra field. What passdb are you planning on using? >> From f.bonnet at esiee.fr Wed May 9 10:24:29 2012 From: f.bonnet at esiee.fr (Frank Bonnet) Date: Wed, 09 May 2012 09:24:29 +0200 Subject: [Dovecot] mixed MBOX and Maildir format ? In-Reply-To: <1336522828.4782.12.camel@innu> References: <4FA8C853.6010305@esiee.fr> <1336522828.4782.12.camel@innu> Message-ID: <4FAA1BAD.9020505@esiee.fr> On 05/09/2012 02:20 AM, Timo Sirainen wrote: > On Tue, 2012-05-08 at 09:16 +0200, Frank Bonnet wrote: >> Hello >> >> would it be possible to have mixed formats in Dovecot 2.1.x userland ? >> >> I mean >> >> MBOX format for INBOXes >> Maildir format for IMAP folders ( to let users create subfolders ) > You could, although I think it's a bad idea (more complex, mbox breaks > easlier, etc.) http://wiki2.dovecot.org/Namespaces#Examples > > Hello Yes I know it is far from the best solution , but this will be temporary my final goal is to convert all users's email space to maildir but I cannot do it all at once because of time it will take. I cannot stop my production server 24 hours to convert all mailboxes from MBOX to Maildir or I would have to face at a users's riot !!! From f.bonnet at esiee.fr Wed May 9 10:28:22 2012 From: f.bonnet at esiee.fr (Frank Bonnet) Date: Wed, 09 May 2012 09:28:22 +0200 Subject: [Dovecot] mixed MBOX and Maildir format ? In-Reply-To: <4FAA1BAD.9020505@esiee.fr> References: <4FA8C853.6010305@esiee.fr> <1336522828.4782.12.camel@innu> <4FAA1BAD.9020505@esiee.fr> Message-ID: <4FAA1C96.6050807@esiee.fr> On 05/09/2012 09:24 AM, Frank Bonnet wrote: > On 05/09/2012 02:20 AM, Timo Sirainen wrote: >> On Tue, 2012-05-08 at 09:16 +0200, Frank Bonnet wrote: >>> Hello >>> >>> would it be possible to have mixed formats in Dovecot 2.1.x userland ? >>> >>> I mean >>> >>> MBOX format for INBOXes >>> Maildir format for IMAP folders ( to let users create subfolders ) >> You could, although I think it's a bad idea (more complex, mbox breaks >> easlier, etc.) http://wiki2.dovecot.org/Namespaces#Examples >> >> > > Hello > > Yes I know it is far from the best solution , but this will be temporary > my final goal is to convert all users's email space to maildir but > I cannot do it all at once because of time it will take. > > I cannot stop my production server 24 hours to convert all mailboxes > from MBOX to Maildir or I would have to face at a users's riot !!! > > BTW would it be possible to run 2 Dovecot instances on the same server ? one running on std ports numbers and one running on customs ports numbers thank you From nmilas at noa.gr Wed May 9 10:28:41 2012 From: nmilas at noa.gr (Nikolaos Milas) Date: Wed, 09 May 2012 10:28:41 +0300 Subject: [Dovecot] default mail quota when using per user quota (news1204: message 6 of 20) In-Reply-To: References: <553C5242-5931-47B1-9FA9-0B64A7216197@iki.fi> <4F91D980.8070307@spamgourmet.com> <4F9291B9.4080701@noa.gr> Message-ID: <4FAA1CA9.6030900@noa.gr> On 23/4/2012 1:34 ??, Timo Sirainen wrote: > What do you get in logs with auth_debug=yes? Sorry for being late in responding. When I run: # doveadm quota get -u tester1 Quota name Type Value Limit % User quota STORAGE 0 - 0 User quota MESSAGE 1 - 0 # doveadm quota get -u tester2 Quota name Type Value Limit % User quota STORAGE 0 20480 0 User quota MESSAGE 1 - 0 Then in the logs: --------------------------------------------------------------- May 9 10:01:16 vdev dovecot: auth: Debug: master in: USER 1 tester1 service=doveadm May 9 10:01:16 vdev dovecot: auth: Debug: ldap(tester1): user search: base=ou=people, dc=noa, dc=gr scope=onelevel filter=(uid=tester1) fields=roomNumber,uid May 9 10:01:16 vdev dovecot: auth: Debug: ldap(tester1): result: uid=tester1; roomNumber missing May 9 10:01:16 vdev dovecot: auth: Debug: master out: USER 1 tester1 quota_rule=*:bytes= home=/home/vmail/tester1 May 9 10:01:29 vdev dovecot: auth: Debug: master in: USER 1 tester2 service=doveadm May 9 10:01:29 vdev dovecot: auth: Debug: ldap(tester2): user search: base=ou=people, dc=noa, dc=gr scope=onelevel filter=(uid=tester2) fields=roomNumber,uid May 9 10:01:29 vdev dovecot: auth: Debug: ldap(tester2): result: uid=tester2 roomNumber=20M May 9 10:01:29 vdev dovecot: auth: Debug: master out: USER 1 tester quota_rule=*:bytes=20M home=/home/vmail/tester2 --------------------------------------------------------------- So, in essence, when there is an explicitly defined quota for an account (as with tester2 above), doveadm returns the limit correctly; if not (as with tester1), it should get the default quota value, but it doesn't. Nick From f.bonnet at esiee.fr Wed May 9 12:19:18 2012 From: f.bonnet at esiee.fr (Frank Bonnet) Date: Wed, 09 May 2012 11:19:18 +0200 Subject: [Dovecot] mixed MBOX and Maildir format ? In-Reply-To: <1336522828.4782.12.camel@innu> References: <4FA8C853.6010305@esiee.fr> <1336522828.4782.12.camel@innu> Message-ID: <4FAA3696.3090406@esiee.fr> On 05/09/2012 02:20 AM, Timo Sirainen wrote: > On Tue, 2012-05-08 at 09:16 +0200, Frank Bonnet wrote: >> Hello >> >> would it be possible to have mixed formats in Dovecot 2.1.x userland ? >> >> I mean >> >> MBOX format for INBOXes >> Maildir format for IMAP folders ( to let users create subfolders ) > You could, although I think it's a bad idea (more complex, mbox breaks > easlier, etc.) http://wiki2.dovecot.org/Namespaces#Examples > > And ... ( at last I promise ) would it be possible to convert some IMAP folders during the transfert WITHOUT stopping the production ? I mean , actually all mailboxes are in MBOX format ( INBOX and IMAP folders ) what I would like to do is : When a user is not connected I transfert his/her IMAP folders from the server's local disk to a NFS mounted bigger and expendable partition ( NetAPP filer's volume ) During this transfert I also would like to convert the IMAP folders format from MBOX to Maildir Is it possible ? thank you From lori.seda at gmail.com Wed May 9 12:27:07 2012 From: lori.seda at gmail.com (Lori Seda) Date: Wed, 9 May 2012 17:27:07 +0800 Subject: [Dovecot] Client got empty email from dovecot In-Reply-To: References: Message-ID: It's not dovecot's problem, it's about the vpopmail spam options. I finilly resolved this problem by rebuilding vpopmail with spam options removed. Sorry for botherred everybody. On Wed, May 9, 2012 at 2:49 PM, Lori Seda wrote: > Hi, > > I built a mail server with qmail + vpopmail + dovecot , the qmail and > vpopmail worked well, until the dovecot was installed. > Client always get empty email, I have try some solutions from > google, neither of then can solve the problem. > Here is the detailed information of logs, version, and output of > 'dovecot -n', please help, thanks. > > Lori > > *Log:* > > May 9 14:16:23 mail dovecot: pop3-login: Login: user=, > method=PLAIN, rip=111.14.98.135, lip=10.247.108.189, mpid=23467, > session= > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Cached > message > size larger than expected (575 > 61) > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Maildir > filename has wrong S value, renamed the file from > /home/vpopmail/domain_dir/ > site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=575:2, to > /home/vpopmail/domain_dir/ > site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=61:2, > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Corrupted > index cache file /home/vpopmail/domain_dir/ > site1.com/sunl/Maildir/dovecot.index.cache: Broken physical size for mail > UID 1 > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Cached > message > size larger than expected (575 > 61) > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: Corrupted > index > cache file /home/vpopmail/domain_dir/ > site1.com/sunl/Maildir/dovecot.index.cache: Broken physical size for mail > UID 1 > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Error: > read(/home/vpopmail/domain_dir/ > site1.com/sunl/Maildir/cur/1336544158.23459.mail.site1.com,S=575:2,) > failed: Input/output error (uid=1) > May 9 14:16:25 mail dovecot: pop3(user1 at site1.com): Disconnected: Logged > out top=0/0, retr=1/78, del=0/1, size=63 > > > *Version:* > > [root]vpopmail# dovecot --version > *2.1.6* > > dovecot -n: > > [root]vpopmail# dovecot -n > # 2.1.6: /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-164.el5 x86_64 Red Hat Enterprise Linux Server release > 5.4 (Tikanga) ext3 > auth_cache_size = 10 M > auth_default_realm = site1.com > auth_mechanisms = plain login cram-md5 > auth_socket_path = /usr/local/var/run/dovecot/auth-userdb > default_internal_user = vpopmail > default_login_user = vpopmail > disable_plaintext_auth = no > first_valid_uid = 516 > hostname = mail.site1.com > last_valid_uid = 516 > listen = * > mail_access_groups = 516 > mail_gid = 513 > mail_location = maildir:/home/vpopmail/domain_dir/%d/%n/Maildir/ > mail_privileged_group = 513 > mail_uid = 516 > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > args = cache_key=%u webmail=127.0.0.1 > driver = vpopmail > } > postmaster_address = postmaster at site1.com > protocols = imap pop3 > sendmail_path = /var/qmail/bin/sendmail > service auth-worker { > user = $default_internal_user > } > service auth { > unix_listener auth-userdb { > group = vchkpw > mode = 0666 > user = vpopmail > } > user = $default_internal_user > } > service imap-login { > inet_listener imaps { > ssl = yes > } > } > service pop3-login { > inet_listener pop3s { > ssl = yes > } > } > ssl_cert = ssl_key = userdb { > args = quota_template=quota_rule=*:backend=%q > driver = vpopmail > } > protocol lda { > mail_plugins = > } > protocol imap { > mail_plugins = > } > protocol pop3 { > mail_plugins = > } > From markus at opsys.de Wed May 9 12:32:18 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 11:32:18 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: References: <4FA9632E.3030609@opsys.de> Message-ID: <4FAA39A2.5020309@opsys.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 08.05.2012 20:58, schrieb Ken Stevenson: > I'm just learning about this, but I was able to get it working recently. Also I haven't read your earlier posts. > > Did you receive intermediate certificates from StartCom? When I got my certificate, I had to concatenate together the contents of the domain_name.crt file and the gd_bundle.crt file. That concatenated file is the one I specify for ssl_cert_file. It has 4 certificates in it. I ask because when I run the openssl command, my certificate chain has 4 sections where yours only has one. > > Does your ssl.cert have the intermediate certificates in it? > > On 2012-05-08 14:17, Markus Fritz wrote: >> Hello, >> >> the error is still present: >> May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth >> attempts): rip=82.113.119.140, lip=78.46.216.126 >> >> Whenever I start a session with openssl to STARTTTL (Server: >> mail.opsys.de) the handshake is successfull. Also I am able to login >> to my account via 1 login. >> In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on >> port 143 isn't working properly. >> The cert is Class 1 and signed by StartCom Ltd.. >> Dovecot.conf (for viewable reasons of this mail pasted): >> http://pastie.org/private/bmrymyuo16ohzxdahf0nq >> And here openssl output: http://pastie.org/private/3rpgll2s7hblev9ozpcq8w >> Note the 'Verify return code: 21 (unable to verify the first >> certificate)' in the output... >> >> Thanks for helping, I am working on this problem since 3 days. >> >> Kind regards >> >> Markus Fritz > I got only this keys. Can you explain me what exactly you mean with adding chains? And I wonder why this error only occurs in Thunderbird, not in openssl. - -- Markus Fritz Administration -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPqjmiAAoJEINBXoxEgR1s+moIAJMfHRtIRC1JrBno8bbRxVuR Yc1xx196N80DFzzMD9+G77SXO0gJqmbzD5KjFwllt3JxtTr3XFIjKhutW8mEcLh2 EU65CH9TCWByXkzQSoFGTGKwdX7OKG4doSm7MZuQtpV6jVmZrIOs6GEFD+cApWy/ I1aWfKqK7b6S8bYRqw57hlNsuYxv6kB4w1t+IC9wMHbx5ULNWmZwxL2O/TWBnv2c qEbu8bkHIhebNq9NdEGGWZnAd36Kv3Ji231HjgD/WhQjcnF2LNzHIQ4B11xRiOBC LzYN8RLi4iOuloSHLlylNmob/bgAwxL8AdESo5n+1SwYDBcRy1CllEbD+QYSUoc= =Cjg6 -----END PGP SIGNATURE----- From ah-news-1204 at freenet.de Wed May 9 13:31:35 2012 From: ah-news-1204 at freenet.de (Andreas Helmcke) Date: Wed, 09 May 2012 12:31:35 +0200 Subject: [Dovecot] acls not copied when creating subfolder of private INBOX In-Reply-To: <06DE7611-7783-4E5A-B58A-1448115802F5@iki.fi> References: <4F96B436.9090402@freenet.de> <06DE7611-7783-4E5A-B58A-1448115802F5@iki.fi> Message-ID: <4FAA4787.6070002@freenet.de> Am 25.04.2012 23:27, schrieb Timo Sirainen: > On 24.4.2012, at 17.09, Andreas Helmcke wrote: > >> Using brand new dovecot 2.1.5 I still have a problem with the inheritance of acls. > > Maybe http://hg.dovecot.org/dovecot-2.1/rev/e8b80e0767ac fixes this as well? > I am not sure if this change is part of the 2.1.6 release but I just checked again with release 2.1.6. Still the same problem. From robert at schetterer.org Wed May 9 13:52:28 2012 From: robert at schetterer.org (Robert Schetterer) Date: Wed, 09 May 2012 12:52:28 +0200 Subject: [Dovecot] acls not copied when creating subfolder of private INBOX In-Reply-To: <4FAA4787.6070002@freenet.de> References: <4F96B436.9090402@freenet.de> <06DE7611-7783-4E5A-B58A-1448115802F5@iki.fi> <4FAA4787.6070002@freenet.de> Message-ID: <4FAA4C6C.20707@schetterer.org> Am 09.05.2012 12:31, schrieb Andreas Helmcke: > Am 25.04.2012 23:27, schrieb Timo Sirainen: >> On 24.4.2012, at 17.09, Andreas Helmcke wrote: >> >>> Using brand new dovecot 2.1.5 I still have a problem with the inheritance of acls. >> >> Maybe http://hg.dovecot.org/dovecot-2.1/rev/e8b80e0767ac fixes this as well? >> > I am not sure if this change is part of the 2.1.6 release but I just checked again with release 2.1.6. Still the same > problem. if i create a folder , set acls to it ( by manual i.e edit dovecot-acl) same acl are copied to its subfolders if the folder gets its acls from global-acl the acls arent copied to its subfolders As far i remember Timo is thinking about redesign acl config , check the list archives -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria From mhlavink at redhat.com Wed May 9 14:49:03 2012 From: mhlavink at redhat.com (Michal Hlavinka) Date: Wed, 09 May 2012 13:49:03 +0200 Subject: [Dovecot] dovecot and systemd In-Reply-To: References: <4F61EFE8.1000901@redhat.com> <1331820329.10319.32.camel@innu> <4F8BEC90.8060504@redhat.com> Message-ID: <4FAA59AF.9080206@redhat.com> On 05/04/2012 08:54 PM, Timo Sirainen wrote: > On 16.4.2012, at 12.55, Michal Hlavinka wrote: > >> I wrote simple patch that close the extra sockets. It's tested and works fine. You'll maybe want to move that function to different place and/or change wording of error messages. > > I committed it to v2.1 now with a couple of changes. One is that it doesn't actually close the fd, but instead puts /dev/null into it. I think otherwise Dovecot might use that fd to something else and the check would later fail again and close the wrong fd. > > http://hg.dovecot.org/dovecot-2.1/rev/4a3bf567da54 Thanks. I tested it, but it does not work because of the ret == 0 check before services_verify_systemd. ret is usually 1 Michal From tss at iki.fi Wed May 9 15:03:07 2012 From: tss at iki.fi (Timo Sirainen) Date: Wed, 9 May 2012 15:03:07 +0300 Subject: [Dovecot] dovecot and systemd In-Reply-To: <4FAA59AF.9080206@redhat.com> References: <4F61EFE8.1000901@redhat.com> <1331820329.10319.32.camel@innu> <4F8BEC90.8060504@redhat.com> <4FAA59AF.9080206@redhat.com> Message-ID: On 9.5.2012, at 14.49, Michal Hlavinka wrote: > On 05/04/2012 08:54 PM, Timo Sirainen wrote: >> On 16.4.2012, at 12.55, Michal Hlavinka wrote: >> >>> I wrote simple patch that close the extra sockets. It's tested and works fine. You'll maybe want to move that function to different place and/or change wording of error messages. >> >> I committed it to v2.1 now with a couple of changes. One is that it doesn't actually close the fd, but instead puts /dev/null into it. I think otherwise Dovecot might use that fd to something else and the check would later fail again and close the wrong fd. >> >> http://hg.dovecot.org/dovecot-2.1/rev/4a3bf567da54 > > Thanks. I tested it, but it does not work because of the ret == 0 check before services_verify_systemd. ret is usually 1 Oh, right. Fixed: http://hg.dovecot.org/dovecot-2.1/rev/17b20880453c From ken at allenmyland.com Wed May 9 15:32:52 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Wed, 09 May 2012 08:32:52 -0400 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAA39A2.5020309@opsys.de> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> Message-ID: <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> > > I got only this keys. Can you explain me what exactly you mean with > adding chains? > And I wonder why this error only occurs in Thunderbird, not in > openssl. > Never mind, I don't think my first guess was correct. I wonder if it has to do with the error 27 reported in the verify by openssl. According to the manual, an error 27 means: "the root CA is not marked as trusted for the specified purpose." It looks like the certificate is valid cryptographically, but that it wasn't certified for how you're using it. If I run: openssl x509 -in ssl.crt -noout -text The output includes the following: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment Does yours look different? From markus at opsys.de Wed May 9 16:05:20 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 15:05:20 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> Message-ID: <4FAA6B90.9040804@opsys.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 09.05.2012 14:32, schrieb Ken Stevenson: >> >> I got only this keys. Can you explain me what exactly you mean with >> adding chains? >> And I wonder why this error only occurs in Thunderbird, not in openssl. >> > > Never mind, I don't think my first guess was correct. I wonder if it has to do with the error 27 reported in the verify by openssl. According to the manual, an error 27 means: > > "the root CA is not marked as trusted for the specified purpose." > > It looks like the certificate is valid cryptographically, but that it wasn't certified for how you're using it. > > If I run: > > openssl x509 -in ssl.crt -noout -text > > The output includes the following: > > X509v3 Extended Key Usage: > TLS Web Server Authentication, TLS Web Client Authentication > X509v3 Key Usage: critical > Digital Signature, Key Encipherment > > Does yours look different? Mine looks like this: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Key Encipherment, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication - -- Markus Fritz Administration -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPqmuQAAoJEINBXoxEgR1sshwIALPRc0ozkTms2z9q+wLo8nP4 ELA7OsIUYiRUbhO1WOvfUQ+Ltssw5WcmvDQdpiAEZBL92s3hLvGqiJxc4TjoF3Fd lfar4OIQ/G2GMgzA9QeJu/EVMks29031RifSo2zkXnmTJMoTVAtsnRMc3UwIOTPV 0yDAXMZN7Ph4t5TbjJRk6Dox2PZj9qsixsOXb82ErE9TyaKT/p+Qdk2U/gvKWMUM Himz4q6bWIpc5D+h1KKes27+HIHPWjFLE2OPKfF58vw1ws1dmYvwM14v3RRW9e1X UYBZXcv5dIJHNXhkANgY/reWQjl3QU5JIalyU4S8MaF1OTr4Gr4SzsBBzY5eCd0= =j6Vx -----END PGP SIGNATURE----- From dnl555 at gmail.com Wed May 9 16:17:12 2012 From: dnl555 at gmail.com (Danilo Acquaviva) Date: Wed, 9 May 2012 10:17:12 -0300 Subject: [Dovecot] mailbox_check_mismatching_separators Message-ID: I using dovecot with mdbox and in one account i get this error: doveadm(xxx): Panic: file mail-storage.c: line 787 (mailbox_check_mismatching_separators): assertion failed: (strncmp(vname, ns->prefix, ns->prefix_len-1) == 0) doveadm(xxx): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4472a) [0x7fd429a4172a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x32) [0x7fd429a41812] -> /usr/lib/dovecot/libdovecot.so.0(i_error+0) [0x7fd429a185bf] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_open_stream+0) [0x7fd429d05bb0] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_open+0xf) [0x7fd429d05bcf] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_rebuild_in_context+0xb2b) [0x7fd429cc7e1b] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_sync_begin+0x7ec) [0x7fd429cc5dec] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_sync+0x46) [0x7fd429cc5e56] -> /usr/lib/dovecot/libdovecot-storage.so.0(mdbox_storage_sync_init+0x87) [0x7fd429cc5f37] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x31) [0x7fd429d04781] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x27) [0x7fd429d05297] -> doveadm() [0x4104c7] -> doveadm() [0x40f988] -> doveadm() [0x40fce4] -> doveadm(doveadm_mail_try_run+0x141) [0x410161] -> doveadm(main+0x3a1) [0x416f01] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7fd4296b9c8d] -> doveadm() [0x40f2b9] The error also occurs with force-resync . The dovecot director version is 2.1.5 . ____________________________________ Danilo Acquaviva From dovecot-20110531 at billmail.scconsult.com Wed May 9 16:42:55 2012 From: dovecot-20110531 at billmail.scconsult.com (Bill Cole) Date: Wed, 09 May 2012 09:42:55 -0400 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAA6B90.9040804@opsys.de> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> Message-ID: On 9 May 2012, at 9:05, Markus Fritz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Am 09.05.2012 14:32, schrieb Ken Stevenson: >>> >>> I got only this keys. Can you explain me what exactly you mean with >>> adding chains? >>> And I wonder why this error only occurs in Thunderbird, not in >>> openssl. >>> >> >> Never mind, I don't think my first guess was correct. I wonder if it > has to do with the error 27 reported in the verify by openssl. > According > to the manual, an error 27 means: >> >> "the root CA is not marked as trusted for the specified purpose." >> >> It looks like the certificate is valid cryptographically, but that it > wasn't certified for how you're using it. >> >> If I run: >> >> openssl x509 -in ssl.crt -noout -text >> >> The output includes the following: >> >> X509v3 Extended Key Usage: >> TLS Web Server Authentication, TLS Web Client Authentication >> X509v3 Key Usage: critical >> Digital Signature, Key Encipherment >> >> Does yours look different? > > Mine looks like this: > > X509v3 Basic Constraints: > CA:FALSE There's your problem. If you use a root CA in any X.509 trust chain (even one consisting of a single self-signed certificate) that declares itself to not be legitimate for use as a CA, you will have any signed certificates treated as bogus by any proper X.509v3 implementation. Most tools that create certificates do so with assumptions suited to the external CA model, and set options like the Basic Constraints extension flags that are not fit for a self-signed certificate. From markus at opsys.de Wed May 9 16:51:36 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 15:51:36 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> Message-ID: <4FAA7668.40304@opsys.de> Am 09.05.2012 15:42, schrieb Bill Cole: > On 9 May 2012, at 9:05, Markus Fritz wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Am 09.05.2012 14:32, schrieb Ken Stevenson: >>>> >>>> I got only this keys. Can you explain me what exactly you mean with >>>> adding chains? >>>> And I wonder why this error only occurs in Thunderbird, not in >>>> openssl. >>>> >>> >>> Never mind, I don't think my first guess was correct. I wonder if it >> has to do with the error 27 reported in the verify by openssl. According >> to the manual, an error 27 means: >>> >>> "the root CA is not marked as trusted for the specified purpose." >>> >>> It looks like the certificate is valid cryptographically, but that it >> wasn't certified for how you're using it. >>> >>> If I run: >>> >>> openssl x509 -in ssl.crt -noout -text >>> >>> The output includes the following: >>> >>> X509v3 Extended Key Usage: >>> TLS Web Server Authentication, TLS Web Client Authentication >>> X509v3 Key Usage: critical >>> Digital Signature, Key Encipherment >>> >>> Does yours look different? >> >> Mine looks like this: >> >> X509v3 Basic Constraints: >> CA:FALSE > > There's your problem. > > If you use a root CA in any X.509 trust chain (even one consisting of > a single self-signed certificate) that declares itself to not be > legitimate for use as a CA, you will have any signed certificates > treated as bogus by any proper X.509v3 implementation. Most tools that > create certificates do so with assumptions suited to the external CA > model, and set options like the Basic Constraints extension flags that > are not fit for a self-signed certificate. > Sorry for my stupid question, but how I can resolve this with a SartSSL signed cert? There I am able to generate a WEB or MIME cert. Thanks for help! -- Markus Fritz Administration From dovecot-20110531 at billmail.scconsult.com Wed May 9 18:07:31 2012 From: dovecot-20110531 at billmail.scconsult.com (Bill Cole) Date: Wed, 09 May 2012 11:07:31 -0400 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAA7668.40304@opsys.de> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> <4FAA7668.40304@opsys.de> Message-ID: On 9 May 2012, at 9:51, Markus Fritz wrote: > Am 09.05.2012 15:42, schrieb Bill Cole: >> On 9 May 2012, at 9:05, Markus Fritz wrote: >> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Am 09.05.2012 14:32, schrieb Ken Stevenson: >>>>> >>>>> I got only this keys. Can you explain me what exactly you mean >>>>> with >>>>> adding chains? >>>>> And I wonder why this error only occurs in Thunderbird, not in >>>>> openssl. >>>>> >>>> >>>> Never mind, I don't think my first guess was correct. I wonder if >>>> it >>> has to do with the error 27 reported in the verify by openssl. >>> According >>> to the manual, an error 27 means: >>>> >>>> "the root CA is not marked as trusted for the specified purpose." >>>> >>>> It looks like the certificate is valid cryptographically, but that >>>> it >>> wasn't certified for how you're using it. >>>> >>>> If I run: >>>> >>>> openssl x509 -in ssl.crt -noout -text >>>> >>>> The output includes the following: >>>> >>>> X509v3 Extended Key Usage: >>>> TLS Web Server Authentication, TLS Web Client Authentication >>>> X509v3 Key Usage: critical >>>> Digital Signature, Key Encipherment >>>> >>>> Does yours look different? >>> >>> Mine looks like this: >>> >>> X509v3 Basic Constraints: >>> CA:FALSE >> >> There's your problem. >> >> If you use a root CA in any X.509 trust chain (even one consisting of >> a single self-signed certificate) that declares itself to not be >> legitimate for use as a CA, you will have any signed certificates >> treated as bogus by any proper X.509v3 implementation. Most tools >> that >> create certificates do so with assumptions suited to the external CA >> model, and set options like the Basic Constraints extension flags >> that >> are not fit for a self-signed certificate. >> > Sorry for my stupid question, but how I can resolve this with a > SartSSL > signed cert? There I am able to generate a WEB or MIME cert. Thanks > for > help! I apologize: I misunderstood which certificate you were looking at with openssl. Having re-read the whole thread and after reading at the pastebin items you posted, I believe the problem you are having is a result of the fact that your certificate is not directly signed by the StartSSL root CA, but is "chained" with an intermediate certificate. This is a common situation, and it means that a client needs some way to get a copy of the intermediate certificate that was used to sign the server certificate. The normal way to do that is to put all of the certificates in the chain into the certificate file so that the server using that file sends them all to clients. This is documented at http://wiki.dovecot.org/SSL/DovecotConfiguration#Chained_SSL_certificates The intermediate certificate that you need can be retrieved from http://aia.startssl.com/certs/sub.class1.server.ca.crt in DER format. You need to convert that to PEM format ('openssl x509 -inform DER < sub.class1.server.ca.crt' will put out the certificate in PEM form) and add it to your certificate file (based on your pastebin: /etc/ssl/opsys/startssl/ssl.crt). You may also want to add the actual StartSSL root certificate as well, but that is unlikely to be necessary. A failure of a certificate to verify in some clients and not others or for some users and not others is usually do to a server not including intermediate CA certificates. Some clients and users may have a store of certificates that includes a widely-used intermediate CA cert provide by some other server in the past, so they will be able to verify the chain, while others won't have the cert and may have no persistent cert store. From delrio at mie.utoronto.ca Wed May 9 18:25:35 2012 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 09 May 2012 11:25:35 -0400 Subject: [Dovecot] lmtp_save_to_detail_mailbox not working? In-Reply-To: <1336523403.4782.16.camel@innu> References: <4FA95982.1080208@mie.utoronto.ca> <1336523403.4782.16.camel@innu> Message-ID: <4FAA8C6F.7020901@mie.utoronto.ca> On 05/ 8/12 08:30 PM, Timo Sirainen wrote: > On Tue, 2012-05-08 at 13:36 -0400, Oscar del Rio wrote: >> Dovecot 2.1.6, with >> lmtp_save_to_detail_mailbox=yes >> recipient_delimiter=+ >> >> messages addressed to "user+detail at domain" are always delivered to INBOX >> regardless if "detail" mailbox already exists or lda_mailbox_autocreate=yes. >> >> Anything else needed to enable lmtp_save_to_detail_mailbox feature? > Works fine with me. Do you have Sieve enabled? Set mail_debug=yes, what > does it log when delivering a mail? > After some more debugging, my problem seems to be sendmail not passing +detail and not a dovecot problem. I will check what's needed to work with sendmail. Thanks for the prompt reply and sorry for the noise. From markus at opsys.de Wed May 9 18:48:59 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 17:48:59 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> <4FAA7668.40304@opsys.de> Message-ID: <4FAA91EB.9000201@opsys.de> Am 09.05.2012 17:07, schrieb Bill Cole: > On 9 May 2012, at 9:51, Markus Fritz wrote: > >> Am 09.05.2012 15:42, schrieb Bill Cole: >>> On 9 May 2012, at 9:05, Markus Fritz wrote: >>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Am 09.05.2012 14:32, schrieb Ken Stevenson: >>>>>> >>>>>> I got only this keys. Can you explain me what exactly you mean with >>>>>> adding chains? >>>>>> And I wonder why this error only occurs in Thunderbird, not in >>>>>> openssl. >>>>>> >>>>> >>>>> Never mind, I don't think my first guess was correct. I wonder if it >>>> has to do with the error 27 reported in the verify by openssl. >>>> According >>>> to the manual, an error 27 means: >>>>> >>>>> "the root CA is not marked as trusted for the specified purpose." >>>>> >>>>> It looks like the certificate is valid cryptographically, but that it >>>> wasn't certified for how you're using it. >>>>> >>>>> If I run: >>>>> >>>>> openssl x509 -in ssl.crt -noout -text >>>>> >>>>> The output includes the following: >>>>> >>>>> X509v3 Extended Key Usage: >>>>> TLS Web Server Authentication, TLS Web Client Authentication >>>>> X509v3 Key Usage: critical >>>>> Digital Signature, Key Encipherment >>>>> >>>>> Does yours look different? >>>> >>>> Mine looks like this: >>>> >>>> X509v3 Basic Constraints: >>>> CA:FALSE >>> >>> There's your problem. >>> >>> If you use a root CA in any X.509 trust chain (even one consisting of >>> a single self-signed certificate) that declares itself to not be >>> legitimate for use as a CA, you will have any signed certificates >>> treated as bogus by any proper X.509v3 implementation. Most tools that >>> create certificates do so with assumptions suited to the external CA >>> model, and set options like the Basic Constraints extension flags that >>> are not fit for a self-signed certificate. >>> >> Sorry for my stupid question, but how I can resolve this with a SartSSL >> signed cert? There I am able to generate a WEB or MIME cert. Thanks for >> help! > > I apologize: I misunderstood which certificate you were looking at > with openssl. > > Having re-read the whole thread and after reading at the pastebin > items you posted, I believe the problem you are having is a result of > the fact that your certificate is not directly signed by the StartSSL > root CA, but is "chained" with an intermediate certificate. This is a > common situation, and it means that a client needs some way to get a > copy of the intermediate certificate that was used to sign the server > certificate. The normal way to do that is to put all of the > certificates in the chain into the certificate file so that the server > using that file sends them all to clients. This is documented at > http://wiki.dovecot.org/SSL/DovecotConfiguration#Chained_SSL_certificates > > The intermediate certificate that you need can be retrieved from > http://aia.startssl.com/certs/sub.class1.server.ca.crt in DER format. > You need to convert that to PEM format ('openssl x509 -inform DER < > sub.class1.server.ca.crt' will put out the certificate in PEM form) > and add it to your certificate file (based on your pastebin: > /etc/ssl/opsys/startssl/ssl.crt). You may also want to add the actual > StartSSL root certificate as well, but that is unlikely to be necessary. > > A failure of a certificate to verify in some clients and not others or > for some users and not others is usually do to a server not including > intermediate CA certificates. Some clients and users may have a store > of certificates that includes a widely-used intermediate CA cert > provide by some other server in the past, so they will be able to > verify the chain, while others won't have the cert and may have no > persistent cert store. > > > > Thanks! That might help, yes I got the sub.class1.server.ca.pem file. How I include this to my ssl.crt file now? This cert terms are so confusing and I recognize that I am still standing at the beginning. But it's really interesting. Thanks for help! -- Markus Fritz Administration From snabb at epipe.com Wed May 9 19:50:34 2012 From: snabb at epipe.com (Janne Snabb) Date: Wed, 09 May 2012 23:50:34 +0700 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAA91EB.9000201@opsys.de> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> <4FAA7668.40304@opsys.de> <4FAA91EB.9000201@opsys.de> Message-ID: <4FAAA05A.5040807@epipe.com> On 2012-05-09 22:48, Markus Fritz wrote: > Thanks! That might help, yes I got the sub.class1.server.ca.pem file. > How I include this to my ssl.crt file now? Just append the intermediate CA certificate in the same file AFTER your own certificate. As in: # cat sub.class1.server.ca.pem >> ssl.crt As a result you should have a file ssl.crt which consists of the following: -----BEGIN CERTIFICATE----- [several lines of your own certificate] -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- [several lines of the intermediary certificate] -----END CERTIFICATE----- ...and nothing else. -- Janne Snabb / EPIPE Communications snabb at epipe.com - http://epipe.com/ From daniel.parthey at informatik.tu-chemnitz.de Wed May 9 23:22:47 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 9 May 2012 22:22:47 +0200 Subject: [Dovecot] mixed MBOX and Maildir format ? In-Reply-To: <4FAA1C96.6050807@esiee.fr> References: <4FA8C853.6010305@esiee.fr> <1336522828.4782.12.camel@innu> <4FAA1BAD.9020505@esiee.fr> <4FAA1C96.6050807@esiee.fr> Message-ID: <20120509202247.GA6150@daniel.localdomain> Hi Frank, Frank Bonnet wrote: > would it be possible to run 2 Dovecot instances on the same server? > one running on std ports numbers and one running on customs ports numbers > thank you http://wiki2.dovecot.org/RunningDovecot Section "Running Multiple Invocations of Dovecot" describes exactly what is needed to run two instances. Kind regards Daniel From markus at opsys.de Wed May 9 23:29:11 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 22:29:11 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAAA05A.5040807@epipe.com> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> <4FAA7668.40304@opsys.de> <4FAA91EB.9000201@opsys.de> <4FAAA05A.5040807@epipe.com> Message-ID: <4FAAD397.8050604@opsys.de> Am 09.05.2012 18:50, schrieb Janne Snabb: > On 2012-05-09 22:48, Markus Fritz wrote: >> Thanks! That might help, yes I got the sub.class1.server.ca.pem file. >> How I include this to my ssl.crt file now? > Just append the intermediate CA certificate in the same file AFTER your > own certificate. As in: > > # cat sub.class1.server.ca.pem >> ssl.crt > > As a result you should have a file ssl.crt which consists of the following: > > -----BEGIN CERTIFICATE----- > [several lines of your own certificate] > -----END CERTIFICATE----- > -----BEGIN CERTIFICATE----- > [several lines of the intermediary certificate] > -----END CERTIFICATE----- > > ...and nothing else. > Thanks, I've done that. But it didn't help. Thunderbird still has the error 'TLS not aviable due tempoary reason'. The key still has (when I do openssl x509 -in ssl.crt -noout -text) X509v3 Basic Constraints: CA:FALSE Remember: IMAP with SSL/TLS on port 993 is running well. STARTTLS on port 143 not. -- Markus Fritz Administration From snabb at epipe.com Wed May 9 23:34:03 2012 From: snabb at epipe.com (Janne Snabb) Date: Thu, 10 May 2012 03:34:03 +0700 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FAAD397.8050604@opsys.de> References: <4FA9632E.3030609@opsys.de> <4FAA39A2.5020309@opsys.de> <02b42d98df6a57c8e81a4874888f9b43@allenmyland.com> <4FAA6B90.9040804@opsys.de> <4FAA7668.40304@opsys.de> <4FAA91EB.9000201@opsys.de> <4FAAA05A.5040807@epipe.com> <4FAAD397.8050604@opsys.de> Message-ID: <4FAAD4BB.10305@epipe.com> On 2012-05-10 03:29, Markus Fritz wrote: > The key still has (when I do openssl x509 -in ssl.crt -noout -text) > X509v3 Basic Constraints: > CA:FALSE I believe this only means that you can not use the certificate as a CA certificate and issue sub-certificates of that certificate. IMHO this is not an issue, it is how it should be. The problem is somewhere else. -- Janne Snabb / EPIPE Communications snabb at epipe.com - http://epipe.com/ From ken at allenmyland.com Wed May 9 23:40:55 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Wed, 09 May 2012 16:40:55 -0400 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <4FA9632E.3030609@opsys.de> References: <4FA9632E.3030609@opsys.de> Message-ID: <3700bbc2b41a4ac359fda167122cce73@allenmyland.com> On 2012-05-08 14:17, Markus Fritz wrote: > Hello, > > the error is still present: > May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth > attempts): rip=82.113.119.140, lip=78.46.216.126 > > Whenever I start a session with openssl to STARTTTL (Server: > mail.opsys.de) the handshake is successfull. Also I am able to login > to my account via 1 login. > In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on > port 143 isn't working properly. > The cert is Class 1 and signed by StartCom Ltd.. > Dovecot.conf (for viewable reasons of this mail pasted): > http://pastie.org/private/bmrymyuo16ohzxdahf0nq > And here openssl output: > http://pastie.org/private/3rpgll2s7hblev9ozpcq8w > Note the 'Verify return code: 21 (unable to verify the first > certificate)' in the output... > > Thanks for helping, I am working on this problem since 3 days. > > Kind regards > > Markus Fritz How about this: Note: If you receive an error that looks like: 454 TLS not available due to temporary reason', Port: 25, Secure(SSL): Yes, Server Error: 455, Error Number: 0x800CCC7F or anything similar, it is because your Norton AntiVirus Email Scanning or other Anti-Virus software is scanning your outgoing email. Shut off the 'Scan outgoing Email' option and it should work. It came from here: https://cs.stanford.edu/computing-guide/email/client-settings From markus at opsys.de Wed May 9 23:44:13 2012 From: markus at opsys.de (Markus Fritz) Date: Wed, 09 May 2012 22:44:13 +0200 Subject: [Dovecot] Thunderbird STARTTLS error In-Reply-To: <3700bbc2b41a4ac359fda167122cce73@allenmyland.com> References: <4FA9632E.3030609@opsys.de> <3700bbc2b41a4ac359fda167122cce73@allenmyland.com> Message-ID: <4FAAD71D.5000803@opsys.de> Am 09.05.2012 22:40, schrieb Ken Stevenson: > On 2012-05-08 14:17, Markus Fritz wrote: >> Hello, >> >> the error is still present: >> May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth >> attempts): rip=82.113.119.140, lip=78.46.216.126 >> >> Whenever I start a session with openssl to STARTTTL (Server: >> mail.opsys.de) the handshake is successfull. Also I am able to login >> to my account via 1 login. >> In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on >> port 143 isn't working properly. >> The cert is Class 1 and signed by StartCom Ltd.. >> Dovecot.conf (for viewable reasons of this mail pasted): >> http://pastie.org/private/bmrymyuo16ohzxdahf0nq >> And here openssl output: >> http://pastie.org/private/3rpgll2s7hblev9ozpcq8w >> Note the 'Verify return code: 21 (unable to verify the first >> certificate)' in the output... >> >> Thanks for helping, I am working on this problem since 3 days. >> >> Kind regards >> >> Markus Fritz > > How about this: > > Note: If you receive an error that looks like: > > 454 TLS not available due to temporary reason', Port: 25, > Secure(SSL): Yes, Server Error: 455, Error Number: 0x800CCC7F > > or anything similar, it is because your Norton AntiVirus Email > Scanning or other Anti-Virus software is scanning your outgoing email. > Shut off the 'Scan outgoing Email' option and it should work. > > It came from here: > > https://cs.stanford.edu/computing-guide/email/client-settings Sorry but: oh my god Thanks, really. Days of working and this simple resolution. I am running Avira and EMail scanning was turned on. Now it's working perfectly. That made my day. -- Markus Fritz Administration From tcsmith1978 at googlemail.com Thu May 10 00:39:17 2012 From: tcsmith1978 at googlemail.com (Tim) Date: Wed, 09 May 2012 22:39:17 +0100 Subject: [Dovecot] Enforcing Dovecot Quotas In-Reply-To: <20120508201249.GC40594@emmi.physik-pool.tu-berlin.de> References: <33763561.post@talk.nabble.com> <20120508201249.GC40594@emmi.physik-pool.tu-berlin.de> Message-ID: <1336599557.5542.7.camel@tim-laptop> Thanks Leon I changed my SQL to the following after trying a few combinations: user_query = SELECT maildir, 5000 as uid, 5000 as gid,concat('maildir:bytes=',quota) as quota FROM virtual_mailbox WHERE username = '%u' It seems that Dovecot didn't understand the * backend for some reason (even though it's mentioned in the documentation) and my logs now seem to picking up on this May 09 22:29:09 IMAP(test at example.com): Info: Effective uid=mailuser, gid=mailgroup, home=(none) May 09 22:29:09 IMAP(test at example.com): Info: Quota root: name=bytes=1 backend=maildir args= But the address in question is still receiving mail - should I be doing something additional to cease mail delivery? Thanks in advance! Tim On Tue, 2012-05-08 at 22:12 +0200, Leon Me?ner wrote: > On Tue, May 08, 2012 at 01:59:38AM -0700, tcsmith1978 wrote: > > > > Hello, > > > > I have been looking at enforcing quotas for users of my mail system (postfix > > and Dovecot v1.2). Have tried to follow a few tuts on the web but its not > > having the desired effect. Essentially I can still send and receive mail on > > an account that I believe has had its quota exceeded. > > > > In my main.cf, I have: > > > > userdb sql { > > args = /etc/dovecot/mysql/dovecot-mysql.conf > > } > > passdb sql { > > args = /etc/dovecot/mysql/dovecot-mysql.conf > > } > > > > and... > > > > protocol lda { > > mail_plugins = quota > > } > > > > protocol imap { > > mail_plugins = quota imap_quota > > } > > > > plugin { > > quota_exceeded_message = You have exceeded the maximum quota for > > your mailbox > > } > > > > the dovecot sql (mysql) file has the following query for pulling out user > > ids and quotas etc: > > > > user_query = SELECT maildir, mymailuser as uid, mymailgroup as > > gid,concat('maildir:storage=',quota) as quota FROM virtual_mailbox WHERE > > username = '%u' > > > > I have set one of my users to have a quota of 1 (so one byte I believe) so > > it should be over the limit pretty much immedisoemately. > > > > Looking at the logs I can see that the system is picking up on the quota > > limit but doesn't seem to enforce it. > > > > Apr 27 10:29:02 deliver(test at testdomain.com): Info: auth input: > > quota=maildir:storage=1 > > Apr 27 10:29:02 deliver(test at testdomain.com): Info: Quota root: > > name=storage=1 backend=maildir args= > > > > Any ideas? Am i missing something? > > i would try something like in the wiki: > plugin { > quota = maildir:User quota > quota_exceeded_message = You have exceeded > } > > Never used mysql for userdb or passdb though. Perhaps this would work: > > user_query = SELECT maildir, mymailuser as uid, mymailgroup as > gid,concat('*:storage=',quota) as quota_rule FROM virtual_mailbox > WHERE > username = '%u > > > > -- > > View this message in context: http://old.nabble.com/Enforcing-Dovecot-Quotas-tp33763561p33763561.html > > Sent from the Dovecot mailing list archive at Nabble.com. > > -- Tim From l.messner at physik.tu-berlin.de Thu May 10 02:24:15 2012 From: l.messner at physik.tu-berlin.de (Leon =?iso-8859-15?Q?Me=DFner?=) Date: Thu, 10 May 2012 01:24:15 +0200 Subject: [Dovecot] Enforcing Dovecot Quotas In-Reply-To: <1336599557.5542.7.camel@tim-laptop> References: <33763561.post@talk.nabble.com> <20120508201249.GC40594@emmi.physik-pool.tu-berlin.de> <1336599557.5542.7.camel@tim-laptop> Message-ID: <20120509232415.GE40594@emmi.physik-pool.tu-berlin.de> On Wed, May 09, 2012 at 10:39:17PM +0100, Tim wrote: > Thanks Leon > > I changed my SQL to the following after trying a few combinations: > > user_query = SELECT maildir, 5000 as uid, 5000 as > gid,concat('maildir:bytes=',quota) as quota FROM virtual_mailbox WHERE > username = '%u' Try the above but with quota changed to quota_rule: user_query = SELECT maildir, 5000 as uid, 5000 as gid,maildir:bytes=1 as quota_rule FROM virtual_mailbox WHERE username = '%u' And also have at least something like plugin { quota = maildir:User quota } You could also do plugin { quota = maildir:User quota quota_rule = *:storage=1 } to have the quota_rule fixed in dovecot.conf and then only user_query = SELECT maildir, 5000 as uid, 5000 as gid FROM virtual_mailbox WHERE username = '%u' as query. I don't have my users in mysql though so other will probably have more insights. HTH, Leon > > It seems that Dovecot didn't understand the * backend for some reason > (even though it's mentioned in the documentation) > > and my logs now seem to picking up on this > > May 09 22:29:09 IMAP(test at example.com): Info: Effective uid=mailuser, > gid=mailgroup, home=(none) > May 09 22:29:09 IMAP(test at example.com): Info: Quota root: name=bytes=1 > backend=maildir args= > > But the address in question is still receiving mail - should I be doing > something additional to cease mail delivery? > > Thanks in advance! > > Tim > > On Tue, 2012-05-08 at 22:12 +0200, Leon Me?ner wrote: > > > On Tue, May 08, 2012 at 01:59:38AM -0700, tcsmith1978 wrote: > > > > > > Hello, > > > > > > I have been looking at enforcing quotas for users of my mail system (postfix > > > and Dovecot v1.2). Have tried to follow a few tuts on the web but its not > > > having the desired effect. Essentially I can still send and receive mail on > > > an account that I believe has had its quota exceeded. > > > > > > In my main.cf, I have: > > > > > > userdb sql { > > > args = /etc/dovecot/mysql/dovecot-mysql.conf > > > } > > > passdb sql { > > > args = /etc/dovecot/mysql/dovecot-mysql.conf > > > } > > > > > > and... > > > > > > protocol lda { > > > mail_plugins = quota > > > } > > > > > > protocol imap { > > > mail_plugins = quota imap_quota > > > } > > > > > > plugin { > > > quota_exceeded_message = You have exceeded the maximum quota for > > > your mailbox > > > } > > > > > > the dovecot sql (mysql) file has the following query for pulling out user > > > ids and quotas etc: > > > > > > user_query = SELECT maildir, mymailuser as uid, mymailgroup as > > > gid,concat('maildir:storage=',quota) as quota FROM virtual_mailbox WHERE > > > username = '%u' > > > > > > I have set one of my users to have a quota of 1 (so one byte I believe) so > > > it should be over the limit pretty much immedisoemately. > > > > > > Looking at the logs I can see that the system is picking up on the quota > > > limit but doesn't seem to enforce it. > > > > > > Apr 27 10:29:02 deliver(test at testdomain.com): Info: auth input: > > > quota=maildir:storage=1 > > > Apr 27 10:29:02 deliver(test at testdomain.com): Info: Quota root: > > > name=storage=1 backend=maildir args= > > > > > > Any ideas? Am i missing something? > > > > i would try something like in the wiki: > > plugin { > > quota = maildir:User quota > > quota_exceeded_message = You have exceeded > > } > > > > Never used mysql for userdb or passdb though. Perhaps this would work: > > > > user_query = SELECT maildir, mymailuser as uid, mymailgroup as > > gid,concat('*:storage=',quota) as quota_rule FROM virtual_mailbox > > WHERE > > username = '%u > > > > > > > -- > > > View this message in context: http://old.nabble.com/Enforcing-Dovecot-Quotas-tp33763561p33763561.html > > > Sent from the Dovecot mailing list archive at Nabble.com. > > > > > > > -- > Tim From egburr at gmail.com Thu May 10 03:38:05 2012 From: egburr at gmail.com (Edward Burr) Date: Wed, 9 May 2012 20:38:05 -0400 Subject: [Dovecot] dovecot/auth killed with signal 6 Message-ID: I've had this working for over a month now with no problems. Then I suffered a power outage today, and now dovecot/auth dies as soon as I start dovecot. I've spent the past three hours searching google, but can't find even a hint at what's wrong with my server. As far as I can tell, this is the only thing that has failed after bringing the server back up when power was restored. Can anyone help me figure out what is wrong? The maillog records: May 9 20:27:37 box dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth May 9 20:27:37 box dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so May 9 20:27:37 box dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so May 9 20:27:37 box dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so May 9 20:27:37 box dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so May 9 20:27:37 box dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so May 9 20:27:37 box dovecot: auth: Panic: io_add(0x1) called twice fd=13, callback=0x3016833290 -> 0x3016836cd0 May 9 20:27:37 box dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0() [0x301683ca6a] -> /usr/lib64/dovecot/libdovecot.so.0() [0x301683ca b6] -> /usr/lib64/dovecot/libdovecot.so.0() [0x3016816dba] -> /usr/lib64/dovecot/libdovecot.so.0(ioloop_iolist_add+0x7f) [0x301684872f] -> /usr/lib64/dovecot/li bdovecot.so.0(io_loop_handle_add+0x39) [0x3016849149] -> /usr/lib64/dovecot/libdovecot.so.0(io_add+0xa3) [0x3016848593] -> /usr/lib64/dovecot/libdovecot.so.0(ma ster_service_io_listeners_add+0x68) [0x3016835b88] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_init_finish+0x192) [0x30168363c2] -> dovecot/auth(main+0 x207) [0x415567] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x3016c1ecdd] -> dovecot/auth() [0x409aa9] May 9 20:27:37 box dovecot: master: Error: service(auth): child 25615 killed with signal 6 (core dumped) May 9 20:27:37 box dovecot: master: Error: service(auth): command startup failed, throttling A core dump was produced. The backtrace shows: # gdb /usr/libexec/dovecot/auth coredump Core was generated by `dovecot/auth'. Program terminated with signal 6, Aborted. #0 0x0000003016c32885 in raise () from /lib64/libc.so.6 Missing separate debuginfos, use: debuginfo-install dovecot-2.0.9-2.el6_1.1.x86_64 (gdb) bt full #0 0x0000003016c32885 in raise () from /lib64/libc.so.6 #1 0x0000003016c34065 in abort () from /lib64/libc.so.6 #2 0x000000301683ca78 in ?? () from /usr/lib64/dovecot/libdovecot.so.0 #3 0x000000301683cab6 in ?? () from /usr/lib64/dovecot/libdovecot.so.0 #4 0x0000003016816dba in i_panic () from /usr/lib64/dovecot/libdovecot.so.0 #5 0x000000301684872f in ioloop_iolist_add () from /usr/lib64/dovecot/libdovecot.so.0 #6 0x0000003016849149 in io_loop_handle_add () from /usr/lib64/dovecot/libdovecot.so.0 #7 0x0000003016848593 in io_add () from /usr/lib64/dovecot/libdovecot.so.0 #8 0x0000003016835b88 in master_service_io_listeners_add () from /usr/lib64/dovecot/libdovecot.so.0 #9 0x00000030168363c2 in master_service_init_finish () from /usr/lib64/dovecot/libdovecot.so.0 #10 0x0000000000415567 in main () This is running on CentOS 6.2 # rpm -q dovecot dovecot-2.0.9-2.el6_1.1.x86_64 # dovecot --version 2.0.9 # dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.13.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) auth_debug = yes auth_mechanisms = plain login auth_verbose = yes listen = * mail_debug = yes mail_location = mbox:~/mail:INBOX=/var/mail/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { inet_listener { port = 12345 } unix_listener /var/spool/postfix/private/auth { mode = 0666 } user = $default_internal_user } ssl_cert = References: Message-ID: Okay, I figured out about installing debuginfo for a better backtrace, so here it is: #0 0x0000003016c32885 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 resultvar = 0 pid = 2598 selftid = 2598 #1 0x0000003016c34065 in abort () at abort.c:92 save_stage = 2 act = {__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1}, sa_mask = {__val = {206536311181, 35954576, 35955280, 0, 206536165913, 4281703, 206536010617, 206158430224, 140734171103856, 140734171103648, 7, 7, 35807776, 0, 16992, 6717507389398987896}}, sa_flags = 1768709983, sa_restorer = 0} sigs = {__val = {32, 0 }} #2 0x000000301683ca78 in default_fatal_finish (type=, status=0) at failures.c:187 backtrace = 0x2226220 "/usr/lib64/dovecot/libdovecot.so.0() [0x301683ca6a] -> /usr/lib64/dovecot/libdovecot.so.0() [0x301683cab6] -> /usr/lib64/dovecot/libdovecot.so.0() [0x3016816dba] -> /usr/lib64/dovecot/libdovecot.so.0("... #3 0x000000301683cab6 in i_internal_fatal_handler (ctx=0x7fff3a46c2e0, format=, args=) at failures.c:645 status = 0 #4 0x0000003016816dba in i_panic (format=0xa26
) at failures.c:259 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fff3a46c3b0, reg_save_area = 0x7fff3a46c2f0}} #5 0x000000301684872f in ioloop_iolist_add (list=, io=) at ioloop-iolist.c:26 i = idx = #6 0x0000003016849149 in io_loop_handle_add (io=0x224a250) at ioloop-epoll.c:104 ctx = 0x2243b20 list = 0x2249558 event = {events = 1, data = {ptr = 0x16836cd000000000, fd = 0, u32 = 0, u64 = 1622259931392507904}} op = first = #7 0x0000003016848593 in io_add (fd=13, condition=IO_READ, callback=0x3016836cd0 , context=0x2249f90) at ioloop.c:54 io = 0x224a250 __FUNCTION__ = "io_add" #8 0x0000003016835b88 in master_service_io_listeners_add (service=0x222e4d0) at master-service.c:777 l = 0x2249f90 i = #9 0x00000030168363c2 in master_service_init_finish (service=0x222e4d0) at master-service.c:385 st = {st_dev = 8, st_ino = 15492, st_nlink = 1, st_mode = 4480, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 0, st_blksize = 4096, st_blocks = 0, st_atim = { tv_sec = 1336599449, tv_nsec = 793902156}, st_mtim = {tv_sec = 1336599449, tv_nsec = 793902156}, st_ctim = {tv_sec = 1336599449, tv_nsec = 793902156}, __unused = {0, 0, 0}} value = count = 4096 __FUNCTION__ = "master_service_init_finish" #10 0x0000000000415567 in main (argc=1, argv=0x222e370) at main.c:293 c = From egburr at gmail.com Thu May 10 05:43:02 2012 From: egburr at gmail.com (Edward Burr) Date: Wed, 9 May 2012 22:43:02 -0400 Subject: [Dovecot] dovecot/auth killed with signal 6 In-Reply-To: References: Message-ID: Some more info... I finally got it working by commenting out the configuration under service auth { # inet_listener { # port = 12345 # } which I had in there for SASL with postfix, and which WAS working before the power outage. I guess now I need to figure out why it doesn't like that now, but at least dovecot is working again. From alec at alec.pl Thu May 10 11:54:28 2012 From: alec at alec.pl (A.L.E.C) Date: Thu, 10 May 2012 10:54:28 +0200 Subject: [Dovecot] BODYSTRUCTURE bug? Message-ID: <4FAB8244.7030509@alec.pl> Hi! I've found a bug in Content-Type parsing. It's old instance of dovecot 1.1. Maybe fixed in newer versions. I have a mail with header: Content-Type: multipart/signed; boundary="------------080705010808010608030700"; protocol="application/x-pkcs7-signature";micalg="SHA1" and it works, but when the boundary is in different order Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";micalg="SHA1"; boundary="------------080705010808010608030700" dovecot returns wrong BODYSTRUCTURE: ("text" "plain" ("charset" "us-ascii") NIL NIL "7bit" 226233 2955 NIL NIL NIL NIL) If this has been fixed, in which version? -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From tss at iki.fi Thu May 10 12:02:05 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 12:02:05 +0300 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <4FAB8244.7030509@alec.pl> References: <4FAB8244.7030509@alec.pl> Message-ID: <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> On 10.5.2012, at 11.54, A.L.E.C wrote: > Hi! I've found a bug in Content-Type parsing. It's old instance of > dovecot 1.1. Maybe fixed in newer versions. > > I have a mail with header: > > Content-Type: multipart/signed; > boundary="------------080705010808010608030700"; > protocol="application/x-pkcs7-signature";micalg="SHA1" > > and it works, but when the boundary is in different order > > Content-Type: multipart/signed; > protocol="application/x-pkcs7-signature";micalg="SHA1"; > boundary="------------080705010808010608030700" > > dovecot returns wrong BODYSTRUCTURE: > > ("text" "plain" ("charset" "us-ascii") NIL NIL "7bit" 226233 2955 NIL > NIL NIL NIL) > > If this has been fixed, in which version? This works fine in v1.0.15 and v1.1.20. Are you sure the problem is the order of the parameters, and not that the second one is broken in some other way? Or I guess it might be that in your specific version this is broken, but I don't remember such bug. From jacques at itopia-biz.info Thu May 10 12:03:25 2012 From: jacques at itopia-biz.info (jacques) Date: Thu, 10 May 2012 11:03:25 +0200 Subject: [Dovecot] Thunderbird log-in --->Authentication failed - password in uppercase in log files Message-ID: <4FAB845D.6030301@itopia-biz.info> Hi I use dovecot 2.1.5 with postfix, amavis, spamassasin, mysql, virtual domains only. Dovecot being used for SASL authentication, and delivery. When I connect via telnet to port 25 or with smtp and try to do auth plain with mmencode connection string authentication works fine. I can send and recieve messages, and relay works as well. Trying to set up thunderbird to connect to this server I get problems - seems as if the password is resolved proper from the database (use postfixadmin), but then compares an upper case version of my password in the MD5-CRYPT() call to the password string obtained from the database. I do see the base64 encoded connection string in dovecot log though. Any ideas? extract from /var/log/dovecot.log: 345 resp=AHRlc3RAZWF0cmlnaHQtYmVoZWFsdGh5LmNvbQBURVNURVI= 2012-05-09 09:55:03 auth-worker(19577): Debug: sql(test at eatright-behealthy.com,4 1.48.226.1): query: SELECT password FROM mailbox WHERE username = 'test at eatright -behealthy.com' 2012-05-09 09:55:03 auth-worker(19577): Info: sql(test at eatright-behealthy.com,41 .48.226.1): Password mismatch 2012-05-09 09:55:03 auth-worker(19577): Debug: sql(test at eatright-behealthy.com,4 1.48.226.1): MD5-CRYPT(TESTER) != '$1$5224e6b6$bmc53Tpz2h3nknBCq/emc/' 2012-05-09 09:55:05 auth: Debug: client out: FAIL 3 user=test at eatrig ht-behealthy.com 2012-05-09 09:55:05 imap-login: Info: Disconnected (auth failed, 3 attempts in 1 5 secs): user=, method=PLAIN, rip=41.48.226.1, lip= 216.144.nnn.125, TLS 2012-05-09 10:01:52 auth: Debug: Loading modules from directory: /usr/local/lib/ dovecot/auth 2012-05-09 10:01:52 auth: Debug: auth client connected (pid=31830) The password should be 'tester' - not 'TESTER' dovecot -n output: # 2.1.5: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.el5.028stab093.2 x86_64 Ubuntu 10.10 simfs auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes default_login_user = root first_valid_uid = 150 listen = * log_path = /var/log/dovecot.log log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Dovecot ready :-) mail_debug = yes mail_gid = vmail mail_location = maildir:/home/vmail/%d/%n/Maildir:INDEX=/home/vmail/%d/%n/Maildir/indexes mail_privileged_group = mail mail_uid = 150 passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } protocols = imap pop3 service auth { unix_listener /var/run/dovecot/auth-master { mode = 0600 user = vmail } unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } service imap-login { chroot = login user = dovecot } service pop3-login { chroot = login user = dovecot } ssl_cert = was automatically rejected:%n%r } protocol imap { mail_max_userip_connections = 10 } Please help if you can! From tss at iki.fi Thu May 10 12:16:09 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 12:16:09 +0300 Subject: [Dovecot] Thunderbird log-in --->Authentication failed - password in uppercase in log files In-Reply-To: <4FAB845D.6030301@itopia-biz.info> References: <4FAB845D.6030301@itopia-biz.info> Message-ID: <1336641369.15519.13.camel@innu> On Thu, 2012-05-10 at 11:03 +0200, jacques wrote: > Trying to set up thunderbird to connect to this server I get problems - > seems as if the password is resolved proper from the database (use > postfixadmin), but then compares an upper case version of my password > in the MD5-CRYPT() call to the password string obtained from the > database. I do see the base64 encoded connection string in dovecot log > though. Like the base64 string also says: the IMAP client sent the password uppercased.. Try manually: http://wiki2.dovecot.org/TestInstallation From alec at alec.pl Thu May 10 12:22:32 2012 From: alec at alec.pl (A.L.E.C) Date: Thu, 10 May 2012 11:22:32 +0200 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> Message-ID: <4FAB88D8.5010907@alec.pl> On 05/10/2012 11:02 AM, Timo Sirainen wrote: > This works fine in v1.0.15 and v1.1.20. Are you sure the problem is the order of the parameters, and not that the second one is broken in some other way? Or I guess it might be that in your specific version this is broken, but I don't remember such bug. Yes. I'm sure. Dovecot version is 1.1.19 on gentoo. I'm attaching the message source which works. The diff to non-working version is: @@ -2,8 +2,8 @@ MIME-Version: 1.0 Date: Thu, 10 May 2012 10:23:27 +0200 Content-Type: multipart/signed; - boundary=------------010606060406010200080606; - protocol=application/x-pkcs7-signature; micalg=sha1 + protocol=application/x-pkcs7-signature; micalg=sha1; + boundary=------------010606060406010200080606 Subject: Potwierdzenie wykonania przelewu From: kontakt at mbank.pl X-Priority: 3 (Normal) -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl -------------- next part -------------- Return-Path: MIME-Version: 1.0 Date: Thu, 10 May 2012 10:23:27 +0200 Content-Type: multipart/signed; boundary=------------010606060406010200080606; protocol=application/x-pkcs7-signature; micalg=sha1 Subject: Potwierdzenie wykonania przelewu From: kontakt at mbank.pl X-Priority: 3 (Normal) Message-ID: <6E4682DC0C45F52FCE2039AF613A6585C1C3A95B at hermes-4> X-Mailer: BRE MassMailer X-BRE-Ref: Q003745A6 Errors-To: errors at mbank.onet.pl This is a multi-part message in MIME format. --------------010606060406010200080606 Content-Type: multipart/mixed; boundary=------------060102040206060106000506 X-BRE-Ref: Q003745A6 Errors-To: errors at mbank.onet.pl This is a multi-part message in MIME format. --------------060102040206060106000506 Content-Type: multipart/alternative; boundary=------------030404070007060807080601 This is a multi-part message in MIME format. --------------030404070007060807080601 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-2; format=flowed text plain --------------030404070007060807080601 Content-Type: text/html; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable text html --------------030404070007060807080601-- --------------060102040206060106000506 Content-Type: application/pdf; name="Potwierdzenie wykonania przelewu.pdf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Potwierdzenie wykonania przelewu.pdf" --------------010606060406010200080606-- From tss at iki.fi Thu May 10 12:39:43 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 12:39:43 +0300 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <4FAB88D8.5010907@alec.pl> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> Message-ID: On 10.5.2012, at 12.22, A.L.E.C wrote: > On 05/10/2012 11:02 AM, Timo Sirainen wrote: > >> This works fine in v1.0.15 and v1.1.20. Are you sure the problem is the order of the parameters, and not that the second one is broken in some other way? Or I guess it might be that in your specific version this is broken, but I don't remember such bug. > > Yes. I'm sure. Dovecot version is 1.1.19 on gentoo. I'm attaching the > message source which works. The diff to non-working version is: > > - protocol=application/x-pkcs7-signature; micalg=sha1 The message is broken. If you look at RFC 2045, what it comes down to is that '/' character cannot be in the value unless the whole value is "quoted". So this isn't a Dovecot bug, but anyway Dovecot v1.2+ happens to parse this in the way you want because it uses a different RFC 2231 parser, which just happens to parse this in a more forgiving way. From alec at alec.pl Thu May 10 13:05:41 2012 From: alec at alec.pl (A.L.E.C) Date: Thu, 10 May 2012 12:05:41 +0200 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> Message-ID: <4FAB92F5.7020505@alec.pl> On 05/10/2012 11:39 AM, Timo Sirainen wrote: >> - protocol=application/x-pkcs7-signature; micalg=sha1 > > The message is broken. If you look at RFC 2045, what it comes down to is that '/' character cannot be in the value unless the whole value is "quoted". So this isn't a Dovecot bug, but anyway Dovecot v1.2+ happens to parse this in the way you want because it uses a different RFC 2231 parser, which just happens to parse this in a more forgiving way. Yes. However, changing to protocol="application/x-pkcs7-signature" doesn't fix the issue. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From tss at iki.fi Thu May 10 13:10:14 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 13:10:14 +0300 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <4FAB92F5.7020505@alec.pl> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> <4FAB92F5.7020505@alec.pl> Message-ID: On 10.5.2012, at 13.05, A.L.E.C wrote: > On 05/10/2012 11:39 AM, Timo Sirainen wrote: >>> - protocol=application/x-pkcs7-signature; micalg=sha1 >> >> The message is broken. If you look at RFC 2045, what it comes down to is that '/' character cannot be in the value unless the whole value is "quoted". So this isn't a Dovecot bug, but anyway Dovecot v1.2+ happens to parse this in the way you want because it uses a different RFC 2231 parser, which just happens to parse this in a more forgiving way. > > Yes. However, changing to protocol="application/x-pkcs7-signature" > doesn't fix the issue. If you delete dovecot.index.cache file, it should fix it. From alec at alec.pl Thu May 10 13:20:48 2012 From: alec at alec.pl (A.L.E.C) Date: Thu, 10 May 2012 12:20:48 +0200 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> <4FAB92F5.7020505@alec.pl> Message-ID: <4FAB9680.1080608@alec.pl> On 05/10/2012 12:10 PM, Timo Sirainen wrote: >> Yes. However, changing to protocol="application/x-pkcs7-signature" >> doesn't fix the issue. > > If you delete dovecot.index.cache file, it should fix it. No it doesn't fix. Besides that I'm testing every change by adding new modified file into folder, so I suppose cache is not the issue. If you say it works in 1.2+ it's all I want. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From tss at iki.fi Thu May 10 13:44:57 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 13:44:57 +0300 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <4FAB9680.1080608@alec.pl> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> <4FAB92F5.7020505@alec.pl> <4FAB9680.1080608@alec.pl> Message-ID: <1336646697.4384.4.camel@innu> On Thu, 2012-05-10 at 12:20 +0200, A.L.E.C wrote: > On 05/10/2012 12:10 PM, Timo Sirainen wrote: > > >> Yes. However, changing to protocol="application/x-pkcs7-signature" > >> doesn't fix the issue. > > > > If you delete dovecot.index.cache file, it should fix it. > > No it doesn't fix. Besides that I'm testing every change by adding new > modified file into folder, so I suppose cache is not the issue. > > If you say it works in 1.2+ it's all I want. Well, with quotes it works also in dovecot-1.1 hg, and I don't see why it wouldn't work in v1.1.19 as well: [tss at hurina] ~/cvs/dovecot-1.1/src/imap% export MAIL=~/Maildir [tss at hurina] ~/cvs/dovecot-1.1/src/imap% rm -f ~/Maildir/dovecot.index.cache;printf "1 select inbox\n2 fetch 1 body\n" | ./imap .. * 1 FETCH (BODY ("text" "plain" ("charset" "us-ascii") NIL NIL "7bit" 1025 42)) [tss at hurina] ~/cvs/dovecot-1.1/src/imap% perl -i -pe 's,protocol=application/x-pkcs7-signature,protocol="application/x-pkcs7-signature",' ~/Maildir/cur/test.txt [tss at hurina] ~/cvs/dovecot-1.1/src/imap% rm -f ~/Maildir/dovecot.index.cache;printf "1 select inbox\n2 fetch 1 body\n" | ./imap .. * 1 FETCH (BODY (((("text" "plain" ("charset" "iso-8859-2" "format" "flowed") NIL NIL "quoted-printable" 14 2)("text" "html" ("charset" "iso-8859-2") NIL NIL "quoted-printable" 11 1) "alternative")("application" "pdf" ("name" "Potwierdzenie wykonania przelewu.pdf") NIL NIL "base64" 0) "mixed") "signed")) From alec at alec.pl Thu May 10 14:03:39 2012 From: alec at alec.pl (A.L.E.C) Date: Thu, 10 May 2012 13:03:39 +0200 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <1336646697.4384.4.camel@innu> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> <4FAB92F5.7020505@alec.pl> <4FAB9680.1080608@alec.pl> <1336646697.4384.4.camel@innu> Message-ID: <4FABA08B.3090901@alec.pl> On 05/10/2012 12:44 PM, Timo Sirainen wrote: > Well, with quotes it works also in dovecot-1.1 hg, and I don't see why > it wouldn't work in v1.1.19 as well: But you're sure boundary is after protocol? Then it's strange I've got different result. -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From tss at iki.fi Thu May 10 14:14:54 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 14:14:54 +0300 Subject: [Dovecot] BODYSTRUCTURE bug? In-Reply-To: <4FABA08B.3090901@alec.pl> References: <4FAB8244.7030509@alec.pl> <813B2A11-E588-4974-AABD-8B13CC60A6BE@iki.fi> <4FAB88D8.5010907@alec.pl> <4FAB92F5.7020505@alec.pl> <4FAB9680.1080608@alec.pl> <1336646697.4384.4.camel@innu> <4FABA08B.3090901@alec.pl> Message-ID: <33C21B9F-0D65-4870-9F4B-2D7C109BA283@iki.fi> On 10.5.2012, at 14.03, A.L.E.C wrote: > On 05/10/2012 12:44 PM, Timo Sirainen wrote: > >> Well, with quotes it works also in dovecot-1.1 hg, and I don't see why >> it wouldn't work in v1.1.19 as well: > > But you're sure boundary is after protocol? Yes, it's the mail you sent with the patch (although looks like I had modified it a bit, tried again with the exact same mail and the result is the same). > Then it's strange I've got different result. Yes. :) From jacques at itopia-biz.info Thu May 10 17:31:40 2012 From: jacques at itopia-biz.info (jacques) Date: Thu, 10 May 2012 16:31:40 +0200 Subject: [Dovecot] Thunderbird log-in --->Authentication failed - password in uppercase in log files In-Reply-To: <1336641369.15519.13.camel@innu> References: <4FAB845D.6030301@itopia-biz.info> <1336641369.15519.13.camel@innu> Message-ID: <4FABD14C.8080604@itopia-biz.info> Thank Timo After connecting manually with telnet thunderbird can also connect. :-) J On 10/05/2012 11:16, Timo Sirainen wrote: > On Thu, 2012-05-10 at 11:03 +0200, jacques wrote: > >> Trying to set up thunderbird to connect to this server I get problems - >> seems as if the password is resolved proper from the database (use >> postfixadmin), but then compares an upper case version of my password >> in the MD5-CRYPT() call to the password string obtained from the >> database. I do see the base64 encoded connection string in dovecot log >> though. > > Like the base64 string also says: the IMAP client sent the password > uppercased.. > > Try manually: http://wiki2.dovecot.org/TestInstallation > > > From jacques at itopia-biz.info Thu May 10 17:37:56 2012 From: jacques at itopia-biz.info (jacques) Date: Thu, 10 May 2012 16:37:56 +0200 Subject: [Dovecot] /var/run/dovecot folder gets deleted on server reboot? ubuntu 10.10 Message-ID: <4FABD2C4.2070508@itopia-biz.info> Hi After rebooting my server connections to the mail system set up there failed - on closer inspection no dovecot process was running or got started. When running as root /usr/share/sbin/dovecot -c /etc/dovecot/dovecot.conf got error on console /var/run/dovecot/auth-master could not be opened and found no /var/run/dovecot folder!. Is there better script to place in /etc/init.c/ to start dovecot (which will not fail silently?) Any idea what would remove the folder on ubuntu 10.10, running dovecot 2.1.5 and postfix 2.1.7? Any suggestions? Jacques From tss at iki.fi Thu May 10 17:43:55 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 17:43:55 +0300 Subject: [Dovecot] /var/run/dovecot folder gets deleted on server reboot? ubuntu 10.10 In-Reply-To: <4FABD2C4.2070508@itopia-biz.info> References: <4FABD2C4.2070508@itopia-biz.info> Message-ID: On 10.5.2012, at 17.37, jacques wrote: > Hi > After rebooting my server connections to the mail system set up there > failed - on closer inspection no dovecot process was running or got > started. > When running as root /usr/share/sbin/dovecot -c > /etc/dovecot/dovecot.conf got error on console > /var/run/dovecot/auth-master could not be opened and found no > /var/run/dovecot folder!. > Is there better script to place in /etc/init.c/ to start dovecot (which > will not fail silently?) Any idea what would remove the folder on ubuntu > 10.10, running dovecot 2.1.5 and postfix 2.1.7? /var/run/dovecot/ and /var/run/dovecot/auth-master gets automatically created when dovecot starts up. Unless your base_dir setting is something else besides /var/run/dovecot in which case it doesn't matter anyway. So.. I don't really know what your real problem is. What error messages exactly do you see and when? From CMarcus at Media-Brokers.com Thu May 10 18:13:08 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 10 May 2012 11:13:08 -0400 Subject: [Dovecot] /var/run/dovecot folder gets deleted on server reboot? ubuntu 10.10 In-Reply-To: <4FABD2C4.2070508@itopia-biz.info> References: <4FABD2C4.2070508@itopia-biz.info> Message-ID: <4FABDB04.5020804@Media-Brokers.com> On 2012-05-10 10:37 AM, jacques wrote: > Hi > After rebooting my server connections to the mail system set up there > failed - on closer inspection no dovecot process was running or got > started. > When running as root /usr/share/sbin/dovecot -c > /etc/dovecot/dovecot.conf got error on console > /var/run/dovecot/auth-master could not be opened and found no > /var/run/dovecot folder!. > Is there better script to place in/etc/init.c/ to start dovecot (which > will not fail silently?) Any idea what would remove the folder on ubuntu > 10.10, running dovecot 2.1.5 and postfix 2.1.7? This question really should be asked on an Ubuntu support list, as each distro has its own way of doing things. But - are you sure you have postfix 2.1.7? That is so ancient I shudder at the thought - please upgrade asap... -- Best regards, Charles From redhat19 at gmail.com Thu May 10 18:40:50 2012 From: redhat19 at gmail.com (Femi Ajayi) Date: Thu, 10 May 2012 16:40:50 +0100 Subject: [Dovecot] Request for help with dovecot.conf file: configured to work with MySQL and Postfix. In-Reply-To: References: Message-ID: Greetings, I have CentOS 6.2 running on our server with a VPS provider (Linode.com). I need to configure Postfix, dovecot, MySQL to work for virtual domains (multiple domains on our server). The only instructions for setting up Email with Postfix, Dovecot and MySQL my host provides is for the configuration on CentOS 5 which is here: http://library.linode.com/email/postfix/dovecot-mysql-centos-5 , I followed it for the installation/configuration of Email with Postfix, Dovecot and MySQL on our CentOS 6.2 Everything seemed to work fine until I got to the editing of the dovecot.conf file. The guide on the Linode Library provides instructions for Dovecot 1.x, while the newer versions of CentOS (CentOS 6) , apparently use Dovecot 2.x. The config file format has changed, so the one in the guide is no longer applicable, and as a result, I got a errors.. I would therefore appreciate it greatly if someone with a copy of the Dovecot 2.x dovecot.conf file configured to work with MySQL and Postfix (for handling mails for multiple domains) could share it with me. You could get a better understanding of the problem if you take some time to look at the instructions I followed so far: http://library.linode.com/email/postfix/dovecot-mysql-centos-5 ..and also the forums where I had previously sought help: http://forum.linode.com/viewtopic.php?p=50603#50603 http://www.linuxquestions.org/questions/showthread.php?p=4672839#post4672839 Thanks in anticipation of your help. From markus at opsys.de Thu May 10 18:46:27 2012 From: markus at opsys.de (Markus Fritz) Date: Thu, 10 May 2012 17:46:27 +0200 Subject: [Dovecot] Request for help with dovecot.conf file: configured to work with MySQL and Postfix. In-Reply-To: References: Message-ID: <4FABE2D3.2080706@opsys.de> Am 10.05.2012 17:40, schrieb Femi Ajayi: > Greetings, > > I have CentOS 6.2 running on our server with a VPS provider (Linode.com). > > I need to configure Postfix, dovecot, MySQL to work for virtual domains > (multiple domains on our server). > The only instructions for setting up Email with Postfix, Dovecot and MySQL > my host provides is for the configuration on CentOS 5 which is here: > http://library.linode.com/email/postfix/dovecot-mysql-centos-5 , I followed > it for the installation/configuration of Email with Postfix, Dovecot and > MySQL on our CentOS 6.2 > > Everything seemed to work fine until I got to the editing of the > dovecot.conf file. The guide on the Linode Library provides instructions > for Dovecot 1.x, while the newer versions of CentOS (CentOS 6) , apparently > use Dovecot 2.x. The config file format has changed, so the one in the > guide is no longer applicable, and as a result, I got a errors.. > > I would therefore appreciate it greatly if someone with a copy of the > Dovecot 2.x dovecot.conf file configured to work with MySQL and Postfix > (for handling mails for multiple domains) could share it with me. > > You could get a better understanding of the problem if you take some time > to look at the instructions I followed so far: > > http://library.linode.com/email/postfix/dovecot-mysql-centos-5 > > ..and also the forums where I had previously sought help: > http://forum.linode.com/viewtopic.php?p=50603#50603 > http://www.linuxquestions.org/questions/showthread.php?p=4672839#post4672839 > > Thanks in anticipation of your help. > Test this: http://workaround.org/ispmail/squeeze Maybe it can help to understand the configurations. It's done with databases and postfix. I know it's debian, but configuration is nearly the same. -- Markus Fritz Administration From CMarcus at Media-Brokers.com Thu May 10 18:49:29 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 10 May 2012 11:49:29 -0400 Subject: [Dovecot] Request for help with dovecot.conf file: configured to work with MySQL and Postfix. In-Reply-To: References: Message-ID: <4FABE389.2060103@Media-Brokers.com> On 2012-05-10 11:40 AM, Femi Ajayi wrote: > I would therefore appreciate it greatly if someone with a copy of the > Dovecot 2.x dovecot.conf file configured to work with MySQL and Postfix > (for handling mails for multiple domains) could share it with me. > > You could get a better understanding of the problem if you take some time > to look at the instructions I followed so far: I have a better idea... why don't you use the *actual dovecot* documentation, instead of asking someone here to help you update *someone else's* tutorial... http://wiki2.dovecot.org/#Dovecot_configuration or maybe http://wiki2.dovecot.org/Upgrading -- Best regards, Charles From redhat19 at gmail.com Thu May 10 19:42:38 2012 From: redhat19 at gmail.com (Femi Ajayi) Date: Thu, 10 May 2012 17:42:38 +0100 Subject: [Dovecot] Converting Dovecot.conf file from Dovecot 1.x to Dovecot 2.x (Dovecot configured with work with MySQL and Postfix) Message-ID: Hi Freelancers, I want to convert this Dovecot configuration file for Dovecot 1.x to a dovecot file for Dovecot 2.x ============================= /etc/dovecot.conf ================================ protocols = imap imaps pop3 pop3s log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/home/vmail/%d/%n/Maildir ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem ssl_key_file = /etc/pki/dovecot/private/dovecot.pem namespace private { separator = . prefix = INBOX. inbox = yes } protocol lda { log_path = /home/vmail/dovecot-deliver.log auth_socket_path = /var/run/dovecot/auth-master postmaster_address = postmaster at example.com } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } auth default { user = root passdb sql { args = /etc/dovecot-sql.conf } userdb static { args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } =========================================================================== I run CentOS 6 on my server and I am trying to get my Dovecot to work with MySQL and Postfix to handle multiple virtual domains/users. I am currenty following the instructions here: http://library.linode.com/email/postfix/dovecot-mysql-centos-5 but the instructions are for Dovecot 1.x. Thanks in advance. From CMarcus at Media-Brokers.com Thu May 10 19:51:58 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 10 May 2012 12:51:58 -0400 Subject: [Dovecot] Converting Dovecot.conf file from Dovecot 1.x to Dovecot 2.x (Dovecot configured with work with MySQL and Postfix) In-Reply-To: References: Message-ID: <4FABF22E.9080907@Media-Brokers.com> On 2012-05-10 12:42 PM, Femi Ajayi wrote: > I am currenty following the instructions here: > http://library.linode.com/email/postfix/dovecot-mysql-centos-5 > but the instructions are for Dovecot 1.x. why two different posts on the same subject only an hour apart? I repeat: Why don't you use the *actual dovecot* documentation, instead of asking someone here to help you update *someone else's* tutorial... http://wiki2.dovecot.org/#Dovecot_configuration or maybe http://wiki2.dovecot.org/Upgrading -- Best regards, Charles From tss at iki.fi Thu May 10 19:53:11 2012 From: tss at iki.fi (Timo Sirainen) Date: Thu, 10 May 2012 19:53:11 +0300 Subject: [Dovecot] Converting Dovecot.conf file from Dovecot 1.x to Dovecot 2.x (Dovecot configured with work with MySQL and Postfix) In-Reply-To: References: Message-ID: <5730D972-6951-4902-85F1-31D0EF0A7AA4@iki.fi> On 10.5.2012, at 19.42, Femi Ajayi wrote: > I want to convert this Dovecot configuration file for Dovecot 1.x to a > dovecot file for Dovecot 2.x And it doesn't work? Why not? Works okay in v2.0.20 and newer at least. Of course, it complains about obsolete settings. But running it through doveconf like it suggests seems to give an equivalent config that would work fine without warnings. From vorgusa at gmail.com Thu May 10 21:43:04 2012 From: vorgusa at gmail.com (Chris Lasater) Date: Thu, 10 May 2012 14:43:04 -0400 Subject: [Dovecot] Log files Message-ID: Hi, I just started using Dovecot and was trying to create separate logs instead of using syslog. Is there a way to get the file permission to be something other then root? I have tried the below configuration and it does not seem to change anything. The log process does change to a new user, but it still creates and writes as root. Whenever I test a new setting I delete all the current logs so they will have to be recreated to make sure it does not just keep the previous permissions. I also dont see much documentation on the service log. according to dovecot -a there are a good number of options, but I dont see any information about them. Here are my logging settings below and I am running 2.1.6 and tried on 2.1.5. ### Logging info_log_path = /home/user/dovecot/logs/dovecot_info.log log_path = /home/user/dovecot/logs/dovecot.log debug_log_path = /home/user/dovecot/logs/debug.log service log { user = user unix_listener log-errors { group = user2 mode = 0620 user = user } } Thanks, Chris From tcsmith1978 at googlemail.com Fri May 11 00:13:37 2012 From: tcsmith1978 at googlemail.com (Tim) Date: Thu, 10 May 2012 22:13:37 +0100 Subject: [Dovecot] Postfix Query Message-ID: <1336684417.4383.27.camel@tim-laptop> Hello, Another question!! Was just trying to sort out mail delivery to subdomains. I set up my system so that I have a mail address of tim at subdomain.example.com. I've sorted out Postfix to correctly identify this and pass on to Dovecot for delivery but Dovecot doesn't seem to deliver where I want it to. Ideally I would like to have a structure so that mail is delivered to /var/mail/example.com/subdomain/user My users are stored in MySQL and they are being pulled out correctly, but dovecot is delivering to /var/mail/subdomain.example.com/tim Looking at my logs it seems that the mail location is being picked up not being acted on... May 10 21:51:20 auth(default): Info: master out: USER 1 tim at subdomain.example.com maildir=example.com/subdomain/tim uid=mailuser gid=mailgroup quota_rule=*:bytes=2147483647 ...a bit further down... May 10 21:51:20 deliver(tim at subdomain.example.com): Info: auth input: maildir=example.com/subdomain/tim ...then further down it seems to change all of a sudden... May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir: data=/var/mail/subdomain.example.com/tim/Maildir May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir++: root=/var/mail/subdomain.example.com/tim/Maildir, index=, control=, inbox=/var/mail/subdomain.example.com/tim/Maildir Bit confused! Any help would be appreciated! Cheers, Tim From ken at allenmyland.com Fri May 11 00:30:11 2012 From: ken at allenmyland.com (Ken Stevenson) Date: Thu, 10 May 2012 17:30:11 -0400 Subject: [Dovecot] Postfix Query In-Reply-To: <1336684417.4383.27.camel@tim-laptop> References: <1336684417.4383.27.camel@tim-laptop> Message-ID: What does your user_query look like in dovecot-sql.conf.ext? On 2012-05-10 17:13, Tim wrote: > Hello, > > Another question!! > > Was just trying to sort out mail delivery to subdomains. I set up my > system so that I have a mail address of tim at subdomain.example.com. > I've > sorted out Postfix to correctly identify this and pass on to Dovecot > for > delivery but Dovecot doesn't seem to deliver where I want it to. > Ideally > I would like to have a structure so that mail is delivered to > > /var/mail/example.com/subdomain/user > > My users are stored in MySQL and they are being pulled out correctly, > but dovecot is delivering to > > /var/mail/subdomain.example.com/tim > > Looking at my logs it seems that the mail location is being picked up > not being acted on... > > May 10 21:51:20 auth(default): Info: master out: USER 1 > > tim at subdomain.example.com maildir=example.com/subdomain/tim uid=mailuser > gid=mailgroup quota_rule=*:bytes=2147483647 > > ...a bit further down... > > May 10 21:51:20 deliver(tim at subdomain.example.com): Info: auth input: > maildir=example.com/subdomain/tim > > ...then further down it seems to change all of a sudden... > > May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir: > data=/var/mail/subdomain.example.com/tim/Maildir > May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir++: > root=/var/mail/subdomain.example.com/tim/Maildir, index=, control=, > inbox=/var/mail/subdomain.example.com/tim/Maildir > > Bit confused! Any help would be appreciated! > > Cheers, > > Tim From arequipeno at gmail.com Fri May 11 08:02:31 2012 From: arequipeno at gmail.com (Ian Pilcher) Date: Fri, 11 May 2012 00:02:31 -0500 Subject: [Dovecot] dovecot wants to access my music directory Message-ID: I am getting an SELinux error every time dovecot starts, because it is trying to access my music directory (/srv/music). I've read the doveadm-mount man page, and tried: doveadm mount add /srv/music ignore but it didn't make any difference. Now, I certainly didn't tell dovecot to access this directory, so how can I tell it *not* to do so. This is dovecot-2.1.6-2.fc17.x86_64 on Fedora 17 Beta, BTW. Thanks! -- ======================================================================== Ian Pilcher arequipeno at gmail.com "If you're going to shift my paradigm ... at least buy me dinner first." ======================================================================== From cor at xs4all.nl Fri May 11 09:41:13 2012 From: cor at xs4all.nl (Cor Bosman) Date: Fri, 11 May 2012 08:41:13 +0200 Subject: [Dovecot] index IO patterns Message-ID: Hey all, we're in the process of checking out alternatives to our index storage. We're currently storing indexes on a NetApp Metrocluster which works fine, but is very expensive. We're planning a few different setups and doing some actual performance tests on them. Does anyone know some of the IO patterns of the indexes? For instance: - mostly random reads or linear reads/writes? - average size of reads and writes? - how many read/writes on average for a specific mailbox size? Anyone do any measurements of this kind? Alternatively, does anyone have any experience with other redundant storage options? Im thinking things like MooseFS, DRBD, etc? regards, Cor From javierdemiguel at us.es Fri May 11 09:48:05 2012 From: javierdemiguel at us.es (=?UTF-8?Q?Javier_Miguel_Rodr=C3=ADguez?=) Date: Fri, 11 May 2012 08:48:05 +0200 Subject: [Dovecot] index IO patterns In-Reply-To: References: Message-ID: Indexes are very random, mostly read, some writes if using dovecot-lda (ej: dbox). The average size is rather small, maybe 5 KB in our setup. Bandwith is rather low, 20-30 MB/sec We are using HP LeftHand for our replicated storage needs. Regards Javier El 11/05/2012 08:41, Cor Bosman escribi?: > Hey all, we're in the process of checking out alternatives to our index storage. We're currently storing indexes on a NetApp Metrocluster which works fine, but is very expensive. We're planning a few different setups and doing some actual performance tests on them. > > Does anyone know some of the IO patterns of the indexes? For instance: > > - mostly random reads or linear reads/writes? > - average size of reads and writes? > - how many read/writes on average for a specific mailbox size? > > Anyone do any measurements of this kind? > > Alternatively, does anyone have any experience with other redundant storage options? Im thinking things like MooseFS, DRBD, etc? > > regards, > > Cor From cor at xs4all.nl Fri May 11 13:50:07 2012 From: cor at xs4all.nl (Cor Bosman) Date: Fri, 11 May 2012 12:50:07 +0200 Subject: [Dovecot] index IO patterns In-Reply-To: References: Message-ID: Hi javier, > > > Indexes are very random, mostly read, some writes if using > dovecot-lda (ej: dbox). The average size is rather small, maybe 5 KB in > our setup. Bandwith is rather low, 20-30 MB/sec Even without LDA/LMTP dovecot-imap needs to write right? It would need to update the index every time an imap connect happens and new mails are found in the mail store. Cor From javierdemiguel at us.es Fri May 11 13:56:23 2012 From: javierdemiguel at us.es (=?ISO-8859-1?Q?Javier_de_Miguel_Rodr=EDguez?=) Date: Fri, 11 May 2012 12:56:23 +0200 Subject: [Dovecot] index IO patterns In-Reply-To: References: Message-ID: <4FACF057.3040202@us.es> > Even without LDA/LMTP dovecot-imap needs to write right? It would > need to update the index every time an imap connect happens and > new mails are found in the mail store. Well of course. Indexes are also updated when flags are modified, moved a messages, delete a message, etc.. But in my setup there are 65% reads and the rest writes Regards Javier > > Cor > From CMarcus at Media-Brokers.com Fri May 11 14:19:09 2012 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 11 May 2012 07:19:09 -0400 Subject: [Dovecot] /var/run/dovecot folder gets deleted on server reboot? ubuntu 10.10 In-Reply-To: <4FABD2C4.2070508@itopia-biz.info> References: <4FABD2C4.2070508@itopia-biz.info> Message-ID: <4FACF5AD.3040605@Media-Brokers.com> On 2012-05-10 10:37 AM, jacques wrote: > Hi > After rebooting my server connections to the mail system set up there > failed - on closer inspection no dovecot process was running or got > started. > When running as root /usr/share/sbin/dovecot -c > /etc/dovecot/dovecot.conf got error on console > /var/run/dovecot/auth-master could not be opened and found no > /var/run/dovecot folder!. > Is there better script to place in/etc/init.c/ to start dovecot (which > will not fail silently?) Any idea what would remove the folder on ubuntu > 10.10, running dovecot 2.1.5 and postfix 2.1.7? This question really should be asked on an Ubuntu support list, as each distro has its own way of doing things. But - are you sure you have postfix 2.1.7? That is so ancient I shudder at the thought - please upgrade asap... -- Best regards, Charles From areyes at ibossmonitor.com Fri May 11 16:29:59 2012 From: areyes at ibossmonitor.com (Alfonso Alejandro Reyes Jimenez) Date: Fri, 11 May 2012 08:29:59 -0500 Subject: [Dovecot] ..::MBOX ISSUE::.. Message-ID: <4FAD1457.70701@ibossmonitor.com> Hi everyone. I have a postfix working with sasl auth and dovecot, everything works fine. I just have 2 issues, the first is that if you add the IMAP mail accounts you can import all the mboxes on the /var/spool/mail/ which we don't want. The second issue is that there's no sent, trash and draft folder, so if we have imap we are not able to store those emails. Basically I would like to know how to fix both but the first one is the most urgent. I thought it was a postfix issue, but it seems not to be. Any ideas? Thanks in advance for your help. Here's the posftix config: [root at mail ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 disable_dns_lookups = yes disable_vrfy_command = yes html_directory = no inet_interfaces = all mail_owner = postfix mailbox_size_limit = 524288000 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man masquerade_domains = mydomain.com message_size_limit = 5242880 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = mydomain.com myhostname = mydomain.com mynetworks = 127.0.0.0/8, 10.1.8.27/32, 10.1.8.23/32, 172.16.18.101/32 myorigin = mydomain.com newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_generic_maps = hash:/etc/postfix/generic smtp_host_lookup = native,dns smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_banner = $myhostname Microsoft ESMTP MAIL Service ready (NOT WINDOWS JUST A DECOY) smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = inet:127.0.0.1:12345 smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_login_maps = pcre:/etc/postfix/sender_login.pcre smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch,check_client_access hash:/etc/postfix/client_access smtpd_tls_CAfile = /etc/postfix/cert/cacert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/cert/smtpd.crt smtpd_tls_key_file = /etc/postfix/cert/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 And here's the dovecot: Version: [root at mail ~]# dovecot --version 2.0.9 Config: [root at mail ~]# dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.13.1.el6.i686 i686 CentOS release 6.2 (Final) ext4 auth_mechanisms = cram-md5 listen = * log_path = /var/log/dovecot/dovecot.log login_greeting = IMAP ready. mail_location = mbox:/var/spool/mail/:INBOX=/var/spool/mail/%u mail_privileged_group = mail mbox_write_locks = fcntl passdb { driver = pam } passdb { args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd driver = passwd-file } protocols = pop3 service auth { inet_listener { port = 12345 } user = $default_internal_user } service pop3-login { inet_listener pop3 { port = 110 ssl = yes } inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens: [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) I tried adding my mail_location setting as location to both of my legacy and default namespaces, but got the same error. I also tried adding the -a flag like so: doveadm user -a /var/run/dovecot/mailtest/auth-userdb -m warden doveadm(root): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Connection refused (the default instance is currently stopped) and combining -a and -i out of curiosity: [root at wardentest3 conf.d]# doveadm -i mailtest user -a /var/run/dovecot/mailtest/auth-userdb -m warden doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) I have 2 instances, default and mailtest: [root at wardentest3 conf.d]# doveadm instance list path name last used running /var/run/dovecot/mailtest mailtest 2012-05-11 10:57:16 yes /var/run/dovecot default 2012-05-11 10:54:09 no my doveconf -n for the mailtest instance: # 2.1.6: mailtest/dovecot.conf doveconf: Warning: service auth { client_limit=4096 } is lower than required under max. load (12288) doveconf: Warning: service anvil { client_limit=4096 } is lower than required under max. load (12291) # OS: Linux 2.6.32-220.13.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) nfs auth_cache_negative_ttl = 0 auth_cache_size = 16 M auth_gssapi_hostname = $ALL auth_krb5_keytab = /etc/dovecot/mailtest/mail.combined.keytab auth_master_user_separator = * auth_mechanisms = plain login gssapi auth_username_format = %Ln base_dir = /var/run/dovecot/mailtest/ default_client_limit = 4096 default_process_limit = 4096 deliver_log_format = msgid="%m" subject="%s" from="%f" size=%p result="%$" first_valid_uid = 0 hostname = mailtest.geneseo.edu instance_name = mailtest lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_log_format_elements = user=%u method=%m rip=%r lip=%l lport=%a mpid=%e encryption=%c mail_fsync = always mail_location = maildir:/Mail/mailhome/%Ln/mailtest/Maildir:CONTROL=/Mail/mailhome/%Ln/mailtest/.dovecot-control:INDEX=/Mail/mailhome/%Ln/mailtest/.dovecot-index mail_log_prefix = "service=%s user=%u rip=%r " mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = zlib quota mail_log notify fts fts_squat stats maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl mmap_disable = yes namespace default { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = no special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = . subscriptions = yes type = private } namespace legacy { alias_for = hidden = yes inbox = no list = no location = mailbox INBOX.Drafts { auto = no special_use = \Drafts } mailbox INBOX.Junk { auto = no special_use = \Junk } mailbox INBOX.Sent { auto = no special_use = \Sent } mailbox INBOX.Trash { auto = no special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = cache_key=%u dovecot driver = pam } plugin { fts = squat mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mail_log_fields = uid box msgid size from subject flags mail_log_group_events = yes quota = maildir:User quota quota_exceeded_message = Quota exceeded (mailbox for user is full). Please see http://go.geneseo.edu/emailoverquota for help deleting messages while over quota. quota_rule = *:storage=200M quota_rule2 = Trash:storage=+50M sieve = /Mail/mailhome/%Ln/mailtest/.filter.sieve sieve_dir = /Mail/mailhome/%Ln/mailtest/.sievedir sieve_max_redirects = 25 stats_memory_limit = 32 M stats_refresh = 30 secs stats_track_cmds = yes } postmaster_address = postmaster at geneseo.edu protocols = imap sieve lmtp quota_full_tempfail = yes service auth { unix_listener auth-exim { group = exim mode = 0660 } } service doveadm { inet_listener { port = 12345 } } service imap-login { inet_listener imap { port = 1143 } inet_listener imaps { port = 1993 } service_count = 0 vsz_limit = 256 M } service imap { process_limit = 4096 } service lmtp { inet_listener lmtp { port = 124 } } service managesieve-login { inet_listener sieve { port = 14190 } inet_listener sieve_deprecated { port = 12000 } inet_listener sieves { port = 14191 ssl = yes } } service pop3 { process_limit = 4096 } service stats { fifo_listener stats-mail { mode = 0666 } } ssl_ca = References: <7D5EC3A3-CD1C-4C50-B8D5-B737560235EC@geneseo.edu> Message-ID: <81679FF4-3FA8-4FF2-9051-A47C529C633F@geneseo.edu> Some more investigation yielded this solution: [root at wardentest3 conf.d]# doveadm -c /etc/dovecot/mailtest/dovecot.conf user -m warden field value uid 73464 gid 1000 home /home/warden mail maildir:/Mail/mailhome/warden/mailtest/Maildir:CONTROL=/Mail/mailhome/warden/mailtest/.dovecot-control:INDEX=/Mail/mailhome/warden/mailtest/.dovecot-index [root at wardentest3 conf.d]# doveadm -c /etc/dovecot/dovecot.conf user -m warden field value uid 73464 gid 1000 home /home/warden mail maildir:/Mail/mailhome/warden/Maildir:CONTROL=/Mail/mailhome/warden/.dovecot:INDEX=/var/cache/dovecot/mailtestindexes/warden/.dovecot-index So it seems to be a problem with the -i flag to doveadm. I should note that neither -c or -i show up in my man pages or in the wiki. I'm always nervous about making changes to the wiki (especially if I'm unsure if something is a 2.1+ feature), but it would be nice to see these flags documented somewhere? -David Warden On May 11, 2012, at 11:06 AM, David Warden wrote: > I'm having difficulty with the doveadm who command on a multi-instance setup of dovecot. When I run the who command on the non-standard instance with the -m flag (to see their mail location), this happens: > > [root at wardentest3 dovecot]# doveadm -i mailtest user -m warden > doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) > > I tried adding my mail_location setting as location to both of my legacy and default namespaces, but got the same error. > > I also tried adding the -a flag like so: > > doveadm user -a /var/run/dovecot/mailtest/auth-userdb -m warden > doveadm(root): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Connection refused > > (the default instance is currently stopped) > > and combining -a and -i out of curiosity: > > [root at wardentest3 conf.d]# doveadm -i mailtest user -a /var/run/dovecot/mailtest/auth-userdb -m warden > doveadm(root): Error: user warden: Initialization failed: Namespace 'INBOX.': Ambiguous mail location setting, don't know what to do with it: /var/spool/mail/root (try prefixing it with mbox: or maildir:) > > I have 2 instances, default and mailtest: > > [root at wardentest3 conf.d]# doveadm instance list > path name last used running > /var/run/dovecot/mailtest mailtest 2012-05-11 10:57:16 yes > /var/run/dovecot default 2012-05-11 10:54:09 no > > my doveconf -n for the mailtest instance: > > # 2.1.6: mailtest/dovecot.conf > doveconf: Warning: service auth { client_limit=4096 } is lower than required under max. load (12288) > doveconf: Warning: service anvil { client_limit=4096 } is lower than required under max. load (12291) > # OS: Linux 2.6.32-220.13.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) nfs > auth_cache_negative_ttl = 0 > auth_cache_size = 16 M > auth_gssapi_hostname = $ALL > auth_krb5_keytab = /etc/dovecot/mailtest/mail.combined.keytab > auth_master_user_separator = * > auth_mechanisms = plain login gssapi > auth_username_format = %Ln > base_dir = /var/run/dovecot/mailtest/ > default_client_limit = 4096 > default_process_limit = 4096 > deliver_log_format = msgid="%m" subject="%s" from="%f" size=%p result="%$" > first_valid_uid = 0 > hostname = mailtest.geneseo.edu > instance_name = mailtest > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > login_log_format_elements = user=%u method=%m rip=%r lip=%l lport=%a mpid=%e encryption=%c > mail_fsync = always > mail_location = maildir:/Mail/mailhome/%Ln/mailtest/Maildir:CONTROL=/Mail/mailhome/%Ln/mailtest/.dovecot-control:INDEX=/Mail/mailhome/%Ln/mailtest/.dovecot-index > mail_log_prefix = "service=%s user=%u rip=%r " > mail_nfs_index = yes > mail_nfs_storage = yes > mail_plugins = zlib quota mail_log notify fts fts_squat stats > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > mbox_write_locks = fcntl > mmap_disable = yes > namespace default { > inbox = yes > location = > mailbox Drafts { > auto = subscribe > special_use = \Drafts > } > mailbox Junk { > auto = no > special_use = \Junk > } > mailbox Sent { > auto = subscribe > special_use = \Sent > } > mailbox Trash { > auto = subscribe > special_use = \Trash > } > prefix = > separator = . > subscriptions = yes > type = private > } > namespace legacy { > alias_for = > hidden = yes > inbox = no > list = no > location = > mailbox INBOX.Drafts { > auto = no > special_use = \Drafts > } > mailbox INBOX.Junk { > auto = no > special_use = \Junk > } > mailbox INBOX.Sent { > auto = no > special_use = \Sent > } > mailbox INBOX.Trash { > auto = no > special_use = \Trash > } > prefix = INBOX. > separator = . > type = private > } > passdb { > args = /etc/dovecot/passwd.masterusers > driver = passwd-file > master = yes > } > passdb { > args = cache_key=%u dovecot > driver = pam > } > plugin { > fts = squat > mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append > mail_log_fields = uid box msgid size from subject flags > mail_log_group_events = yes > quota = maildir:User quota > quota_exceeded_message = Quota exceeded (mailbox for user is full). Please see http://go.geneseo.edu/emailoverquota for help deleting messages while over quota. > quota_rule = *:storage=200M > quota_rule2 = Trash:storage=+50M > sieve = /Mail/mailhome/%Ln/mailtest/.filter.sieve > sieve_dir = /Mail/mailhome/%Ln/mailtest/.sievedir > sieve_max_redirects = 25 > stats_memory_limit = 32 M > stats_refresh = 30 secs > stats_track_cmds = yes > } > postmaster_address = postmaster at geneseo.edu > protocols = imap sieve lmtp > quota_full_tempfail = yes > service auth { > unix_listener auth-exim { > group = exim > mode = 0660 > } > } > service doveadm { > inet_listener { > port = 12345 > } > } > service imap-login { > inet_listener imap { > port = 1143 > } > inet_listener imaps { > port = 1993 > } > service_count = 0 > vsz_limit = 256 M > } > service imap { > process_limit = 4096 > } > service lmtp { > inet_listener lmtp { > port = 124 > } > } > service managesieve-login { > inet_listener sieve { > port = 14190 > } > inet_listener sieve_deprecated { > port = 12000 > } > inet_listener sieves { > port = 14191 > ssl = yes > } > } > service pop3 { > process_limit = 4096 > } > service stats { > fifo_listener stats-mail { > mode = 0666 > } > } > ssl_ca = ssl_cert = ssl_key = userdb { > driver = passwd > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = zlib quota mail_log notify fts fts_squat stats sieve > } > protocol lda { > mail_location = maildir:/Mail/mailhome/%Ln/mailtest/Maildir:CONTROL=/Mail/mailhome/%Ln/mailtest/.dovecot-control:INDEX=/Mail/mailhome/%Ln/mailtest/.dovecot-index > mail_plugins = zlib quota mail_log notify fts fts_squat stats sieve > plugin { > quota = maildir:User quota > quota_rule = *:storage=200M > quota_rule2 = Trash:storage=+50M > zlib_save = gz > zlib_save_level = 6 > } > } > protocol imap { > imap_logout_format = bytes(in/out)=%i/%o > mail_max_userip_connections = 50 > mail_plugins = zlib quota mail_log notify fts fts_squat stats imap_quota imap_zlib imap_stats > } > protocol sieve { > managesieve_logout_format = bytes(in/out)=%i/%o > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_logout_format = bytes(in/out)=%i/%o, top=%t/%p, retr=%r/%b, del=%d/%m, mailbox-size=%s > pop3_uidl_format = UID%u-%v > } > remote 137.238.0.0/16/16 { > disable_plaintext_auth = no > } > local 137.238.2.0/24/24 { > doveadm_password = *scrub* > } > > ?and for the default instance: > > # 2.1.6: /etc/dovecot/dovecot.conf > doveconf: Warning: service auth { client_limit=4096 } is lower than required under max. load (12288) > doveconf: Warning: service anvil { client_limit=4096 } is lower than required under max. load (12291) > # OS: Linux 2.6.32-220.13.1.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.2 (Santiago) nfs > auth_cache_negative_ttl = 0 > auth_cache_size = 16 M > auth_gssapi_hostname = $ALL > auth_krb5_keytab = /etc/dovecot/mailtest.combined.keytab > auth_master_user_separator = * > auth_mechanisms = plain login > auth_username_format = %Ln > default_client_limit = 4096 > default_process_limit = 4096 > deliver_log_format = msgid="%m" subject="%s" from="%f" size=%p result="%$" > first_valid_uid = 0 > hostname = mail.geneseo.edu > instance_name = default > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > login_log_format_elements = user=%u method=%m rip=%r lip=%l lport=%a mpid=%e encryption=%c > mail_location = maildir:/Mail/mailhome/%Ln/Maildir:CONTROL=/Mail/mailhome/%Ln/.dovecot:INDEX=/var/cache/dovecot/mailtestindexes/%Ln/.dovecot-index > mail_log_prefix = "service=%s user=%u rip=%r " > mail_nfs_storage = yes > mail_plugins = zlib quota mail_log notify fts fts_squat stats > maildir_very_dirty_syncs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > mbox_write_locks = fcntl > namespace default { > inbox = yes > location = > mailbox Drafts { > auto = subscribe > special_use = \Drafts > } > mailbox Junk { > auto = no > special_use = \Junk > } > mailbox Sent { > auto = subscribe > special_use = \Sent > } > mailbox Trash { > auto = subscribe > special_use = \Trash > } > prefix = > separator = . > subscriptions = yes > type = private > } > namespace legacy { > alias_for = > hidden = yes > inbox = no > list = no > location = > mailbox INBOX.Drafts { > auto = no > special_use = \Drafts > } > mailbox INBOX.Junk { > auto = no > special_use = \Junk > } > mailbox INBOX.Sent { > auto = no > special_use = \Sent > } > mailbox INBOX.Trash { > auto = no > special_use = \Trash > } > prefix = INBOX. > separator = . > type = private > } > passdb { > args = /etc/dovecot/passwd.masterusers > driver = passwd-file > master = yes > } > passdb { > args = cache_key=%u dovecot > driver = pam > } > plugin { > fts = squat > mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append > mail_log_fields = uid box msgid size from subject flags > mail_log_group_events = yes > quota = fs:User quota > quota_exceeded_message = Quota exceeded (mailbox for user is full). Please see http://go.geneseo.edu/emailoverquota for help deleting messages while over quota. > sieve = /Mail/mailhome/%Ln/.filter.sieve > sieve_dir = /Mail/mailhome/%Ln/.sievedir > sieve_max_redirects = 25 > stats_memory_limit = 32 M > stats_refresh = 5 secs > stats_track_cmds = yes > } > postmaster_address = postmaster at geneseo.edu > protocols = imap sieve lmtp > quota_full_tempfail = yes > service auth { > unix_listener auth-exim { > group = exim > mode = 0660 > } > } > service imap-login { > inet_listener imap_mygeneseo { > port = 144 > } > service_count = 0 > vsz_limit = 256 M > } > service imap { > process_limit = 4096 > } > service lmtp { > inet_listener lmtp { > port = 24 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > inet_listener sieves { > port = 4191 > ssl = yes > } > } > service pop3 { > process_limit = 4096 > } > service stats { > fifo_listener stats-mail { > mode = 0666 > } > } > ssl_ca = ssl_cert = ssl_key = userdb { > driver = passwd > } > verbose_proctitle = yes > protocol lmtp { > mail_plugins = zlib quota mail_log notify fts fts_squat stats sieve > } > protocol lda { > mail_location = maildir:/Mail/mailhome/%Ln/Maildir:CONTROL=/Mail/mailhome/%Ln/.dovecot:INDEX=/var/cache/dovecot/mailtestindexes/%Ln/.dovecot-index > mail_plugins = zlib quota mail_log notify fts fts_squat stats sieve > plugin { > quota = fs:User quota > } > } > protocol imap { > imap_logout_format = bytes(in/out)=%i/%o > mail_max_userip_connections = 50 > mail_plugins = zlib quota mail_log notify fts fts_squat stats quota imap_quota imap_zlib fts imap_stats > } > protocol sieve { > managesieve_logout_format = bytes(in/out)=%i/%o > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_logout_format = bytes(in/out)=%i/%o, top=%t/%p, retr=%r/%b, del=%d/%m, mailbox-size=%s > pop3_uidl_format = UID%u-%v > } > remote 137.238.0.0/16/16 { > disable_plaintext_auth = no > } From karl.oulmi at ibl.fr Fri May 11 17:33:52 2012 From: karl.oulmi at ibl.fr (Karl Oulmi) Date: Fri, 11 May 2012 16:33:52 +0200 Subject: [Dovecot] namespace from snapshots Message-ID: <4FAD2350.905@ibl.fr> hi all, I'm trying to give access to snapshots taken from by dell iscsi MD3200i to my maildirs users. snapshot are mounted in read only mode from my FreeBSD box. In my /usr/local/etc/dovecot/conf.d/10-mail.conf, I have : namespace inbox { inbox = yes } namespace da1 { prefix = INBOX.backup.da1. hidden = no list = yes inbox = no location = maildir:/da1/%u/Maildir type = private } I have two problems : - In my log, dovecot complain about the fact that my snapshot filsystem is read only Error: open(/da1/test2 at toto.com/Maildir/.Trash/dovecot-uidlist) failed: Read-only file system The second problem is that through my thunderbird I can't see the Inbox saved in the snapshot (whereas I see Sent and Trash folders) If anyone could help me, It would be nice. Regard, Karl. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2879 bytes Desc: S/MIME Cryptographic Signature URL: From tss at iki.fi Fri May 11 19:27:00 2012 From: tss at iki.fi (Timo Sirainen) Date: Fri, 11 May 2012 19:27:00 +0300 Subject: [Dovecot] index IO patterns In-Reply-To: <4FACF057.3040202@us.es> References: <4FACF057.3040202@us.es> Message-ID: <6EFE0842-2DF7-4336-829F-9BF879E02B0D@iki.fi> On 11.5.2012, at 13.56, Javier de Miguel Rodr?guez wrote: >> Even without LDA/LMTP dovecot-imap needs to write right? It would >> need to update the index every time an imap connect happens and >> new mails are found in the mail store. > > Well of course. Indexes are also updated when flags are modified, moved a messages, delete a message, etc.. But in my setup there are 65% reads and the rest writes There are several hard coded values related to read/write percentages. If you're interested you could try if changing them increases the read%: mail-index-private.h: /* Write to main index file when bytes-to-be-read-from-log is between these values. */ #define MAIL_INDEX_MIN_WRITE_BYTES (1024*8) #define MAIL_INDEX_MAX_WRITE_BYTES (1024*128) mail-cache-private.h: /* Never compress the file if it's smaller than this */ #define MAIL_CACHE_COMPRESS_MIN_SIZE (1024*50) /* Compress the file when deleted space reaches n% of total size */ #define MAIL_CACHE_COMPRESS_PERCENTAGE 20 /* Compress the file when n% of rows contain continued rows. 200% means that there's 2 continued rows per record. */ #define MAIL_CACHE_COMPRESS_CONTINUED_PERCENTAGE 200 Increasing this might also improve read performance, compat.h: /* Try to keep IO operations at least this size */ #ifndef IO_BLOCK_SIZE # define IO_BLOCK_SIZE 8192 #endif All of these are just runtime checks (not saved anywhere), so there's no danger in changing them. From tcsmith1978 at googlemail.com Fri May 11 21:07:14 2012 From: tcsmith1978 at googlemail.com (Tim) Date: Fri, 11 May 2012 19:07:14 +0100 Subject: [Dovecot] Postfix Query Message-ID: <1336759634.8504.4.camel@tim-laptop> user_query = SELECT maildir, mailuser as uid, mailgroup as gid,concat('*:bytes=',quota) as quota_rule FROM virtual_mailbox WHERE username = '%u' and maildir should return example.com/subdomain/tim for this particular user >What does your user_query look like in dovecot-sql.conf.ext? > >On 2012-05-10 17:13, Tim wrote: >> Hello, >> >> Another question!! >> >> Was just trying to sort out mail delivery to subdomains. I set up my >> system so that I have a mail address of tim at subdomain.example.com. >> I've >> sorted out Postfix to correctly identify this and pass on to Dovecot >> for >> delivery but Dovecot doesn't seem to deliver where I want it to. >> Ideally >> I would like to have a structure so that mail is delivered to >> >> /var/mail/example.com/subdomain/user >> >> My users are stored in MySQL and they are being pulled out correctly, >> but dovecot is delivering to >> >> /var/mail/subdomain.example.com/tim >> >> Looking at my logs it seems that the mail location is being picked up >> not being acted on... >> >> May 10 21:51:20 auth(default): Info: master out: USER 1 >> >> tim at subdomain.example.com maildir=example.com/subdomain/tim uid=mailuser >> gid=mailgroup quota_rule=*:bytes=2147483647 >> >> ...a bit further down... >> >> May 10 21:51:20 deliver(tim at subdomain.example.com): Info: auth input: >> maildir=example.com/subdomain/tim >> >> ...then further down it seems to change all of a sudden... >> >> May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir: >> data=/var/mail/subdomain.example.com/tim/Maildir >> May 10 21:51:20 deliver(tim at subdomain.example.com): Info: maildir++: >> root=/var/mail/subdomain.example.com/tim/Maildir, index=, control=, >> inbox=/var/mail/subdomain.example.com/tim/Maildir >> >> Bit confused! Any help would be appreciated! >> >> Cheers, >> >> Tim From stan at hardwarefreak.com Sat May 12 04:33:18 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 11 May 2012 20:33:18 -0500 Subject: [Dovecot] index IO patterns In-Reply-To: References: Message-ID: <4FADBDDE.1040606@hardwarefreak.com> On 5/11/2012 1:41 AM, Cor Bosman wrote: > Hey all, we're in the process of checking out alternatives to our index storage. We're currently storing indexes on a NetApp Metrocluster which works fine, but is very expensive. We're planning a few different setups and doing some actual performance tests on them. Hi Cor, > Does anyone know some of the IO patterns of the indexes? For instance: > > - mostly random reads or linear reads/writes? > - average size of reads and writes? > - how many read/writes on average for a specific mailbox size? > > Anyone do any measurements of this kind? Mail is always a random IO workload, unless your mailbox count is 1, whether accessing indexes or mail files. Regarding the other two questions, you'll likely need to take your own measurements. > Alternatively, does anyone have any experience with other redundant storage options? Im thinking things like MooseFS, DRBD, etc? You seem to be interested in multi-site clustering/failover solutions, not simply redundant storage. These two are clustering software solutions but DRBD is not suitable for multi-site use, and MooseFS doesn't seem to be either. MooseFS is based heavily on FUSE, so performance will be far less than optimal. MooseFS is a distributed filesystem, and as with all other distributed/cluster filesystems its metadata performance will suffer, eliminating maildir as a mail store option. Can you provide more specifics on your actual storage architecture needs? -- Stan From cor at xs4all.nl Sat May 12 10:26:50 2012 From: cor at xs4all.nl (Cor Bosman) Date: Sat, 12 May 2012 09:26:50 +0200 Subject: [Dovecot] index IO patterns In-Reply-To: <4FADBDDE.1040606@hardwarefreak.com> References: <4FADBDDE.1040606@hardwarefreak.com> Message-ID: <24498C40-F1C2-459C-9FB0-B69E702B5D90@xs4all.nl> > >> Alternatively, does anyone have any experience with other redundant storage options? Im thinking things like MooseFS, DRBD, etc? > > You seem to be interested in multi-site clustering/failover solutions, > not simply redundant storage. These two are clustering software > solutions but DRBD is not suitable for multi-site use, and MooseFS > doesn't seem to be either. MooseFS is based heavily on FUSE, so > performance will be far less than optimal. MooseFS is a distributed > filesystem, and as with all other distributed/cluster filesystems its > metadata performance will suffer, eliminating maildir as a mail store > option. > > Can you provide more specifics on your actual storage architecture needs? There are some people in our company that like MooseFS, so i'll just include it in the tests and let that speak for itself :) We are not looking for multisite solutions. Then we may as well stay with the metrocluster. I dont even care if it has to be in the same rack. It's only for the indexes, not the mail store itself which will stay on the metrocluster. In the very worst case, when the whole site explodes, i can always tell dovecot to use memory for indexes temporarily :) The indexes are doing a lot of iops on the metrocluster, and it's a bit of an expensive option for something it's not even that good at. Im aiming for something with 2 servers, each with a 12 disk enclosure with SSD for fast random io with 10G network interfaces, 24 core, 48GB memory. I just want to test some io patterns on different hardware/software solutions, including the metrocluster itself, before we commit to a specific solution. Im slightly leaning towards DRBD right now. Cor From cor at xs4all.nl Sat May 12 10:32:10 2012 From: cor at xs4all.nl (Cor Bosman) Date: Sat, 12 May 2012 09:32:10 +0200 Subject: [Dovecot] index IO patterns In-Reply-To: <4FADBDDE.1040606@hardwarefreak.com> References: <4FADBDDE.1040606@hardwarefreak.com> Message-ID: > Mail is always a random IO workload, unless your mailbox count is 1, > whether accessing indexes or mail files. Regarding the other two > questions, you'll likely need to take your own measurements. Wait, maybe there is a misunderstanding. I mean the IO inside one index file, not across the different mailboxes. So within 1 index file that covers a mailbox with say 10.000 emails, how does the IO occur. I would guess pretty random as well, but on the other hand i guess in some ways it could be pretty linear too. If dovecot keeps most changes in memory and writes it all back in 1 go. Cor From tss at iki.fi Sat May 12 11:49:37 2012 From: tss at iki.fi (Timo Sirainen) Date: Sat, 12 May 2012 11:49:37 +0300 Subject: [Dovecot] index IO patterns In-Reply-To: References: <4FADBDDE.1040606@hardwarefreak.com> Message-ID: On 12.5.2012, at 10.32, Cor Bosman wrote: >> Mail is always a random IO workload, unless your mailbox count is 1, >> whether accessing indexes or mail files. Regarding the other two >> questions, you'll likely need to take your own measurements. > > Wait, maybe there is a misunderstanding. I mean the IO inside one > index file, not across the different mailboxes. So within 1 index > file that covers a mailbox with say 10.000 emails, how does the IO > occur. I would guess pretty random as well, but on the other hand > i guess in some ways it could be pretty linear too. If dovecot keeps > most changes in memory and writes it all back in 1 go. Usually the index files are small enough that I think OS reads the whole files into memory anyway. Anyway..: * dovecot.index: The header is always accessed first. After that it's accessed as necessary. Many IMAP clients fetch all message flags when selecting mailbox, so this causes a sequential read of the entire file. Also with mmap_disable=yes the whole file is always read into memory. * dovecot.index.log: Usually the last few kilobytes of the file are read into memory when mailbox is opened, and after that data is appended and read from it. In some situations the reader might seek to an older data (e.g. to beginning) and read the rest of the file sequentially. * dovecot.index.cache: Accessed randomly, depending on what data is needed to be looked up. Typically clients fetch only the last few messages, so the end of the file is accessed sequentially. Writes are typically appends + rewrites, but currently there are also a few more complex things which I want to get rid of (perhaps for v2.2). From dovecot at vosslamber.nl Sat May 12 11:50:11 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 10:50:11 +0200 Subject: [Dovecot] Quota, message is never send? Message-ID: <4FAE2443.1020909@vosslamber.nl> I think i have quota setup correctly, but finally time arrived to check that ;) opensuse:/etc/dovecot # doveadm quota get -u luuk Quota name Type Value Limit % User quota STORAGE 571973 716800 79 User quota MESSAGE 45555 - 0 It seems i am at 79% of my quota so, i added a line to conf.d/90-quota.conf, to get a wraning when quota exceeds 10%: .... plugin { quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 %u quota_warning2 = storage=90%% /usr/local/bin/quota-warning.sh 90 %u quota_warning3 = storage=10%% /usr/local/bin/quota-warning.sh 10 %u } .... But this message is never send, what am i missing (in my config)? Below is some info from a debug.log: 2012-05-12 10:40:51 imap(luuk): Debug: Effective uid=1000, gid=100, home=/home/luuk 2012-05-12 10:40:51 imap(luuk): Debug: Quota root: name=User quota backend=maildir args= 2012-05-12 10:40:51 imap(luuk): Debug: Quota rule: root=User quota mailbox=* bytes=734003200 messages=0 2012-05-12 10:40:51 imap(luuk): Debug: Quota warning: bytes=697303040 (95%) messages=0 reverse=no command=/usr/local/bin/quota-warning.sh 95 luuk 2012-05-12 10:40:51 imap(luuk): Debug: Quota warning: bytes=660602880 (90%) messages=0 reverse=no command=/usr/local/bin/quota-warning.sh 90 luuk 2012-05-12 10:40:51 imap(luuk): Debug: Quota warning: bytes=73400320 (10%) messages=0 reverse=no command=/usr/local/bin/quota-warning.sh 10 luuk 2012-05-12 10:40:51 imap(luuk): Debug: maildir++: root=/home/luuk/Maildir, index=, control=, inbox=/home/luuk/Maildir, alt= From dovecot at vosslamber.nl Sat May 12 15:37:25 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 14:37:25 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE2443.1020909@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> Message-ID: <4FAE5985.4060606@vosslamber.nl> On 12-05-2012 10:50, Luuk at dovecot wrote: > I think i have quota setup correctly, but finally time arrived to check > that ;) > ... > But this message is never send, what am i missing (in my config)? > dovecot -n: # 2.0.16: /etc/dovecot/dovecot.conf # OS: Linux 3.1.10-1.9-desktop x86_64 openSUSE 12.1 (x86_64) auth_debug = yes auth_mechanisms = plain login cram-md5 info_log_path = /var/log/dovecot/dovecot-debug.log log_path = /var/log/dovecot/dovecot.log log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = mail_log notify fts fts_squat quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = scheme=cram-md5 /etc/cram-md5.pwd driver = passwd-file } plugin { quota = maildir:User quota quota_rule = *:storage=700M quota_rule2 = *:messages=60000 quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 %u quota_warning2 = storage=90%% /usr/local/bin/quota-warning.sh 90 %u quota_warning3 = storage=10%% /usr/local/bin/quota-warning.sh 10 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap lmtp service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 1 } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = dovecot } user = dovecot } ssl_cert = References: <4FAE2443.1020909@vosslamber.nl> <4FAE5985.4060606@vosslamber.nl> Message-ID: <73712719.20120512133329@gmail.com> On Saturday, May 12, 2012 at 12:37:25 UTC, dovecot at vosslamber.nl confabulated: > On 12-05-2012 10:50, Luuk at dovecot wrote: >> I think i have quota setup correctly, but finally time arrived to check >> that ;) >> > ... >> But this message is never send, what am i missing (in my config)? >> > dovecot -n: > # 2.0.16: /etc/dovecot/dovecot.conf > # OS: Linux 3.1.10-1.9-desktop x86_64 openSUSE 12.1 (x86_64) > auth_debug = yes > auth_mechanisms = plain login cram-md5 > info_log_path = /var/log/dovecot/dovecot-debug.log > log_path = /var/log/dovecot/dovecot.log > log_timestamp = "%Y-%m-%d %H:%M:%S " > mail_debug = yes > mail_location = maildir:~/Maildir > mail_plugins = mail_log notify fts fts_squat quota > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > passdb { > args = scheme=cram-md5 /etc/cram-md5.pwd > driver = passwd-file > } > plugin { > quota = maildir:User quota > quota_rule = *:storage=700M > quota_rule2 = *:messages=60000 > quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 %u > quota_warning2 = storage=90%% /usr/local/bin/quota-warning.sh 90 %u > quota_warning3 = storage=10%% /usr/local/bin/quota-warning.sh 10 %u > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap lmtp > service imap-login { > inet_listener imap { > port = 143 > } > inet_listener imaps { > port = 993 > ssl = yes > } > process_min_avail = 0 > service_count = 1 > } > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = dovecot > } > user = dovecot > } > ssl_cert = ssl_key = userdb { > driver = passwd > } > verbose_proctitle = yes > protocol imap { > mail_plugins = mail_log notify fts fts_squat quota imap_quota > } Tell the quota warnings to use the quota-warning service you have defined: plugin { ... quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=10%% quota-warning 10 %u ... } That's the way it is demonstrated in the default configuration files. -- If at first you don't succeed... ...so much for skydiving. From gedalya at gedalya.net Sat May 12 16:55:06 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 12 May 2012 09:55:06 -0400 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE2443.1020909@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> Message-ID: <4FAE6BBA.7030500@gedalya.net> On 05/12/2012 04:50 AM, Luuk at dovecot wrote: > It seems i am at 79% of my quota > so, i added a line to conf.d/90-quota.conf, to get a wraning when quota > exceeds 10%: Quota warnings are only sent when you _cross_ the limit, they are not sent (again) when you are already over the limit. So, in your case you will get your next warnings at 90% and 95%. From dovecot at vosslamber.nl Sat May 12 18:42:39 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 17:42:39 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE6BBA.7030500@gedalya.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> Message-ID: <4FAE84EF.6040007@vosslamber.nl> On 12-05-2012 15:55, Gedalya wrote: > On 05/12/2012 04:50 AM, Luuk at dovecot wrote: >> It seems i am at 79% of my quota >> so, i added a line to conf.d/90-quota.conf, to get a wraning when quota >> exceeds 10%: > Quota warnings are only sent when you _cross_ the limit, they are not > sent (again) when you are already over the limit. > So, in your case you will get your next warnings at 90% and 95%. > OK, so i tweaked my rules a bit, and send meself a huge mail to make sure i cross a border. (I've overdone this, because the pdf got base64 encoded, and stored in Sent AND in INBOX ;) I also followed the suggestion form 'Duane Hill' and delete the path before the quota-warning.sh. I hope he did mean that when he was referring to the docs ;) In the log, the following message showed: 2012-05-12 17:11:43 imap(luuk): Error: quota: net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such file or directory I think i have to revert the changes, and retest..... ;) From dovecot at vosslamber.nl Sat May 12 18:59:05 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 17:59:05 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE84EF.6040007@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> Message-ID: <4FAE88C9.4060708@vosslamber.nl> On 12-05-2012 17:42, Luuk at dovecot wrote: > On 12-05-2012 15:55, Gedalya wrote: >> On 05/12/2012 04:50 AM, Luuk at dovecot wrote: >>> It seems i am at 79% of my quota >>> so, i added a line to conf.d/90-quota.conf, to get a wraning when quota >>> exceeds 10%: >> Quota warnings are only sent when you _cross_ the limit, they are not >> sent (again) when you are already over the limit. >> So, in your case you will get your next warnings at 90% and 95%. >> > > OK, so i tweaked my rules a bit, and send meself a huge mail to make > sure i cross a border. (I've overdone this, because the pdf got base64 > encoded, and stored in Sent AND in INBOX ;) > > > I also followed the suggestion form 'Duane Hill' and delete the path > before the quota-warning.sh. I hope he did mean that when he was > referring to the docs ;) > > In the log, the following message showed: > 2012-05-12 17:11:43 imap(luuk): Error: quota: > net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such file > or directory > > I think i have to revert the changes, and retest..... ;) > 2012-05-12 17:50:22 imap(luuk): Error: quota: net_connect_unix(/usr/local/bin/quota-warning.sh) failed: Permission denied (euid=1000(luuk) egid=100(users) missing +w perm: /usr/local/bin/quota-warning.sh, dir owned by 0:0 mode=0755) ^C opensuse:/etc/dovecot # ll /usr/local/bin/quota-warning.sh -rwxr-xr-x 1 root root 301 Apr 9 16:09 /usr/local/bin/quota-warning.sh Why does this script need +w ?? or am i misreading the error message? opensuse:/home/luuk # dovecot -n | grep -i quota mail_plugins = mail_log notify fts fts_squat quota quota = maildir:User quota quota_rule = *:storage=800M quota_rule2 = *:messages=60000 quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 %u quota_warning2 = storage=90%% /usr/local/bin/quota-warning.sh 90 %u quota_warning3 = storage=72%% /usr/local/bin/quota-warning.sh 72 %u service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mail_plugins = mail_log notify fts fts_squat quota imap_quota opensuse:/home/luuk # From gedalya at gedalya.net Sat May 12 19:00:01 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 12 May 2012 12:00:01 -0400 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE84EF.6040007@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> Message-ID: <4FAE8901.6070505@gedalya.net> On 5/12/2012 11:42 AM, Luuk at dovecot wrote: > In the log, the following message showed: > 2012-05-12 17:11:43 imap(luuk): Error: quota: > net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such file > or directory > > I think i have to revert the changes, and retest.....;) Wiki says: quota_warning = You define a listening socket in the unix_listener line in the service definition, and refer to that socket in your quota_warning plugin configuration. Duane wasn't saying to delete the path, he said to use the socket name. So, just quota-warning without the .sh plugin { quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=90%% quota-warning 90 %u quota_warning3 = storage=10%% quota-warning 10 %u } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = dovecot } user = dovecot } From gedalya at gedalya.net Sat May 12 19:02:00 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 12 May 2012 12:02:00 -0400 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE88C9.4060708@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE88C9.4060708@vosslamber.nl> Message-ID: <4FAE8978.7010405@gedalya.net> On 5/12/2012 11:59 AM, Luuk at dovecot wrote: > 2012-05-12 17:50:22 imap(luuk): Error: quota: > net_connect_unix(/usr/local/bin/quota-warning.sh) failed: Permission > denied (euid=1000(luuk) egid=100(users) missing +w perm: > /usr/local/bin/quota-warning.sh, dir owned by 0:0 mode=0755) This is net_connect_unix(), it's trying to write to a socket. But it ended up with a path to a script, not a socket. From dovecot at vosslamber.nl Sat May 12 19:04:35 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 18:04:35 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE8978.7010405@gedalya.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE88C9.4060708@vosslamber.nl> <4FAE8978.7010405@gedalya.net> Message-ID: <4FAE8A13.1020401@vosslamber.nl> On 12-05-2012 18:02, Gedalya wrote: > On 5/12/2012 11:59 AM, Luuk at dovecot wrote: >> 2012-05-12 17:50:22 imap(luuk): Error: quota: >> net_connect_unix(/usr/local/bin/quota-warning.sh) failed: Permission >> denied (euid=1000(luuk) egid=100(users) missing +w perm: >> /usr/local/bin/quota-warning.sh, dir owned by 0:0 mode=0755) > > This is net_connect_unix(), it's trying to write to a socket. But it > ended up with a path to a script, not a socket. > i just read you other post, and re-test.... ;) From dovecot at vosslamber.nl Sat May 12 19:21:25 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 18:21:25 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE8901.6070505@gedalya.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> Message-ID: <4FAE8E05.40500@vosslamber.nl> On 12-05-2012 18:00, Gedalya wrote: > On 5/12/2012 11:42 AM, Luuk at dovecot wrote: >> In the log, the following message showed: >> 2012-05-12 17:11:43 imap(luuk): Error: quota: >> net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such file >> or directory >> >> I think i have to revert the changes, and retest.....;) > > Wiki says: quota_warning = name> > > > You define a listening socket in the unix_listener line in the service > definition, and refer to that socket in your quota_warning plugin > configuration. > > Duane wasn't saying to delete the path, he said to use the socket name. > So, just quota-warning without the .sh > > plugin { > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=90%% quota-warning 90 %u > quota_warning3 = storage=10%% quota-warning 10 %u > } > > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = dovecot > } > user = dovecot > } > > ok, after this error, i must have seen them all: 2012-05-12 18:08:31 imap(luuk): Error: quota: net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission denied (euid=1000(luuk) egid=100(users) missing +r perm: /var/run/dovecot/quota-warning, dir owned by 0:0 mode=0755) opensuse:/var/run/dovecot # ls -l /var/run/dovecot/quota-warning srw------- 1 dovecot root 0 May 12 18:18 /var/run/dovecot/quota-warning opensuse:/var/run/dovecot # Changing the permissions using chmod +rw /var/run/dovecot/quota-warning is reset when dovecot is restarted..... From gedalya at gedalya.net Sat May 12 19:40:16 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 12 May 2012 12:40:16 -0400 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE8E05.40500@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> Message-ID: <4FAE9270.5050504@gedalya.net> On 5/12/2012 12:21 PM, Luuk at dovecot wrote: > On 12-05-2012 18:00, Gedalya wrote: >> On 5/12/2012 11:42 AM, Luuk at dovecot wrote: >>> In the log, the following message showed: >>> 2012-05-12 17:11:43 imap(luuk): Error: quota: >>> net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such file >>> or directory >>> >>> I think i have to revert the changes, and retest.....;) >> Wiki says: quota_warning = > name> >> >> >> You define a listening socket in the unix_listener line in the service >> definition, and refer to that socket in your quota_warning plugin >> configuration. >> >> Duane wasn't saying to delete the path, he said to use the socket name. >> So, just quota-warning without the .sh >> >> plugin { >> quota_warning = storage=95%% quota-warning 95 %u >> quota_warning2 = storage=90%% quota-warning 90 %u >> quota_warning3 = storage=10%% quota-warning 10 %u >> } >> >> service quota-warning { >> executable = script /usr/local/bin/quota-warning.sh >> unix_listener quota-warning { >> user = dovecot >> } >> user = dovecot >> } >> >> > ok, after this error, i must have seen them all: > 2012-05-12 18:08:31 imap(luuk): Error: quota: > net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission > denied (euid=1000(luuk) egid=100(users) missing +r perm: > /var/run/dovecot/quota-warning, dir owned by 0:0 mode=0755) > > opensuse:/var/run/dovecot # ls -l /var/run/dovecot/quota-warning > srw------- 1 dovecot root 0 May 12 18:18 /var/run/dovecot/quota-warning > opensuse:/var/run/dovecot # > > Changing the permissions using chmod +rw /var/run/dovecot/quota-warning > is reset when dovecot is restarted..... > You should probably add mode = 0666 like so: service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = dovecot mode = 0666 } user = dovecot } Indeed you can't use chmod from the command line because these sockets are created by dovecot when it starts up. From stan at hardwarefreak.com Sat May 12 19:51:32 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 12 May 2012 11:51:32 -0500 Subject: [Dovecot] index IO patterns In-Reply-To: <24498C40-F1C2-459C-9FB0-B69E702B5D90@xs4all.nl> References: <4FADBDDE.1040606@hardwarefreak.com> <24498C40-F1C2-459C-9FB0-B69E702B5D90@xs4all.nl> Message-ID: <4FAE9514.6080202@hardwarefreak.com> On 5/12/2012 2:26 AM, Cor Bosman wrote: > The indexes are doing a lot of iops on the metrocluster, and it's a bit > of an expensive option for something it's not even that good at. This clears things up a bit. > Im aiming for something with 2 servers, each with a 12 disk enclosure > with SSD for fast random io with 10G network interfaces, 24 core, 48GB > memory. AMD is a great platform and I laud your preference for it. > I just want to test some io patterns on different hardware/software > solutions, including the metrocluster itself, before we commit to > a specific solution. Im slightly leaning towards DRBD right now. A DRBD cluster simply doubles your costs--twice the disks/enclosures, twice the servers, and adds another layer of redundancy software to the storage stack. It can be even more if one decides to cluster 3-6 or more DRBD servers. Have you considered something like a Nexsan E18? In 2U it gives you dual PSUs, dual active/active RAID controllers each w/ 2GB BBWC, 2x8Gb FC and 2x1GbE iSCSI ports per controller. Optionally you can replace the FC ports with the same number of 10GbE iSCSI ports. It offers up to 18 100/200/400GB SLC SSDs, or up to 36/78 of these SSDs w/the E18X or E60X expansion chassis. http://www.nexsan.com/en/products/e-series/~/media/Nexsan/Files/products/e-series/library/NexsanESeriesDSpdf.ashx http://www.nexsan.com/en/products/e-series/tech-specs.aspx http://www.nexsan.com/products/e-series.aspx You'd simply create a single RAID1+0 array of all 18 SSDs, export it as a LUN on each iSCSI port, configure SCSI multipath and the iSCSI initiator on each Dovecot host, install GFS2/OCFS2, format the LUN and go. With 18x200GB SSDs you'll get 1.8T of net capacity and well north of 100K sustained real world random r/w block IOPS. And without needing two beefy dual socket AMD server chassis mirrored with DRBD. And of course you'll still want to use Dovecot Director to avoid locking issues. Contact the Nexsan European office to see about an evaluation unit: http://www.nexsan.com/about/contact/locations.aspx Disclaimer: I've never worked for Nexsan nor any affiliate. I'm simply a past customer very satisfied with their products and philosophy/strategy. -- Stan From dovecot at vosslamber.nl Sat May 12 20:34:23 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 19:34:23 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE9270.5050504@gedalya.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> <4FAE9270.5050504@gedalya.net> Message-ID: <4FAE9F1F.70609@vosslamber.nl> On 12-05-2012 18:40, Gedalya wrote: > On 5/12/2012 12:21 PM, Luuk at dovecot wrote: >> On 12-05-2012 18:00, Gedalya wrote: >>> On 5/12/2012 11:42 AM, Luuk at dovecot wrote: >>>> In the log, the following message showed: >>>> 2012-05-12 17:11:43 imap(luuk): Error: quota: >>>> net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such >>>> file >>>> or directory >>>> >>>> I think i have to revert the changes, and retest.....;) >>> Wiki says: quota_warning = >> name> >>> >>> >>> You define a listening socket in the unix_listener line in the service >>> definition, and refer to that socket in your quota_warning plugin >>> configuration. >>> >>> Duane wasn't saying to delete the path, he said to use the socket name. >>> So, just quota-warning without the .sh >>> >>> plugin { >>> quota_warning = storage=95%% quota-warning 95 %u >>> quota_warning2 = storage=90%% quota-warning 90 %u >>> quota_warning3 = storage=10%% quota-warning 10 %u >>> } >>> >>> service quota-warning { >>> executable = script /usr/local/bin/quota-warning.sh >>> unix_listener quota-warning { >>> user = dovecot >>> } >>> user = dovecot >>> } >>> >>> >> ok, after this error, i must have seen them all: >> 2012-05-12 18:08:31 imap(luuk): Error: quota: >> net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission >> denied (euid=1000(luuk) egid=100(users) missing +r perm: >> /var/run/dovecot/quota-warning, dir owned by 0:0 mode=0755) >> >> opensuse:/var/run/dovecot # ls -l /var/run/dovecot/quota-warning >> srw------- 1 dovecot root 0 May 12 18:18 /var/run/dovecot/quota-warning >> opensuse:/var/run/dovecot # >> >> Changing the permissions using chmod +rw /var/run/dovecot/quota-warning >> is reset when dovecot is restarted..... >> > > You should probably add mode = 0666 like so: > > service quota-warning { > executable = script /usr/local/bin/quota-warning.sh > unix_listener quota-warning { > user = dovecot > mode = 0666 > } > user = dovecot > } > > Indeed you can't use chmod from the command line because these sockets > are created by dovecot when it starts up. > ok, it seems to work now ;) but my quota-usage is dropping harder that it should i started at 71%, received a file, it went to 74% deleted the message in Inbox deleted the message from Sent and not the quota is at 68%..... Recovery is possible with: doveadm quota recalc -u From gedalya at gedalya.net Sat May 12 20:48:48 2012 From: gedalya at gedalya.net (Gedalya) Date: Sat, 12 May 2012 13:48:48 -0400 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAE9F1F.70609@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> <4FAE9270.5050504@gedalya.net> <4FAE9F1F.70609@vosslamber.nl> Message-ID: <4FAEA280.6070205@gedalya.net> On 5/12/2012 1:34 PM, Luuk at dovecot wrote: > On 12-05-2012 18:40, Gedalya wrote: >> On 5/12/2012 12:21 PM, Luuk at dovecot wrote: >>> On 12-05-2012 18:00, Gedalya wrote: >>>> On 5/12/2012 11:42 AM, Luuk at dovecot wrote: >>>>> In the log, the following message showed: >>>>> 2012-05-12 17:11:43 imap(luuk): Error: quota: >>>>> net_connect_unix(/var/run/dovecot/quota-warning.sh) failed: No such >>>>> file >>>>> or directory >>>>> >>>>> I think i have to revert the changes, and retest.....;) >>>> Wiki says: quota_warning = >>> name> >>>> >>>> >>>> You define a listening socket in the unix_listener line in the service >>>> definition, and refer to that socket in your quota_warning plugin >>>> configuration. >>>> >>>> Duane wasn't saying to delete the path, he said to use the socket name. >>>> So, just quota-warning without the .sh >>>> >>>> plugin { >>>> quota_warning = storage=95%% quota-warning 95 %u >>>> quota_warning2 = storage=90%% quota-warning 90 %u >>>> quota_warning3 = storage=10%% quota-warning 10 %u >>>> } >>>> >>>> service quota-warning { >>>> executable = script /usr/local/bin/quota-warning.sh >>>> unix_listener quota-warning { >>>> user = dovecot >>>> } >>>> user = dovecot >>>> } >>>> >>>> >>> ok, after this error, i must have seen them all: >>> 2012-05-12 18:08:31 imap(luuk): Error: quota: >>> net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission >>> denied (euid=1000(luuk) egid=100(users) missing +r perm: >>> /var/run/dovecot/quota-warning, dir owned by 0:0 mode=0755) >>> >>> opensuse:/var/run/dovecot # ls -l /var/run/dovecot/quota-warning >>> srw------- 1 dovecot root 0 May 12 18:18 /var/run/dovecot/quota-warning >>> opensuse:/var/run/dovecot # >>> >>> Changing the permissions using chmod +rw /var/run/dovecot/quota-warning >>> is reset when dovecot is restarted..... >>> >> You should probably add mode = 0666 like so: >> >> service quota-warning { >> executable = script /usr/local/bin/quota-warning.sh >> unix_listener quota-warning { >> user = dovecot >> mode = 0666 >> } >> user = dovecot >> } >> >> Indeed you can't use chmod from the command line because these sockets >> are created by dovecot when it starts up. >> > ok, it seems to work now ;) > > but my quota-usage is dropping harder that it should > > i started at 71%, > received a file, it went to 74% > deleted the message in Inbox > deleted the message from Sent > and not the quota is at 68%..... > > Recovery is possible with: > doveadm quota recalc -u I understand you sent an email to yourself? If you gained one $message_size upon reception and lost 2*$message_size upon deletion from Inbox+Sent, I would suspect quota plugin isn't active when the message is being delivered. How are messages delivered? Dovecot LDA, LMTP or an external MTA? You really should use LDA or LMTP to handle quota accounting. From dovecot at vosslamber.nl Sat May 12 21:35:30 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 20:35:30 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAEA280.6070205@gedalya.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> <4FAE9270.5050504@gedalya.net> <4FAE9F1F.70609@vosslamber.nl> <4FAEA280.6070205@gedalya.net> Message-ID: <4FAEAD72.5060601@vosslamber.nl> On 12-05-2012 19:48, Gedalya wrote: > > I understand you sent an email to yourself? > If you gained one $message_size upon reception and lost 2*$message_size > upon deletion from Inbox+Sent, I would suspect quota plugin isn't active > when the message is being delivered. How are messages delivered? Dovecot > LDA, LMTP or an external MTA? > You really should use LDA or LMTP to handle quota accounting. > Yes, i was sending it to meself... Postfix delivers mail using procmail. Next thing i need to read about mailservers are the LDA/LMTP pages.... From h.reindl at thelounge.net Sat May 12 21:42:20 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 12 May 2012 20:42:20 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAEAD72.5060601@vosslamber.nl> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> <4FAE9270.5050504@gedalya.net> <4FAE9F1F.70609@vosslamber.nl> <4FAEA280.6070205@gedalya.net> <4FAEAD72.5060601@vosslamber.nl> Message-ID: <4FAEAF0C.6090202@thelounge.net> Am 12.05.2012 20:35, schrieb Luuk at dovecot: > On 12-05-2012 19:48, Gedalya wrote: >> >> I understand you sent an email to yourself? >> If you gained one $message_size upon reception and lost 2*$message_size >> upon deletion from Inbox+Sent, I would suspect quota plugin isn't active >> when the message is being delivered. How are messages delivered? Dovecot >> LDA, LMTP or an external MTA? >> You really should use LDA or LMTP to handle quota accounting. > > Yes, i was sending it to meself... > Postfix delivers mail using procmail. > Next thing i need to read about mailservers are the LDA/LMTP pages.... this should be one of the first things nobody needs procmail/shellscripts to get quota with postfix and a MDA with LMPT support wokring these days usually the better way implementing services is to draw what exactly is needed and read docs how all this things can be achived example from dbmail (dovecot should be the same) /etc/postfix/master.cf: dbmail-lmtp unix - - n - - lmtp -o disable_dns_lookups=yes set the postfix-transport to "dbmail-lmtp:127.0.0.1:24" for each domain which should be delivered to LMTP and you are done, "dbmail-lmtp" is only a name -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From dovecot at vosslamber.nl Sat May 12 22:01:13 2012 From: dovecot at vosslamber.nl (Luuk@dovecot) Date: Sat, 12 May 2012 21:01:13 +0200 Subject: [Dovecot] Quota, message is never send? In-Reply-To: <4FAEAF0C.6090202@thelounge.net> References: <4FAE2443.1020909@vosslamber.nl> <4FAE6BBA.7030500@gedalya.net> <4FAE84EF.6040007@vosslamber.nl> <4FAE8901.6070505@gedalya.net> <4FAE8E05.40500@vosslamber.nl> <4FAE9270.5050504@gedalya.net> <4FAE9F1F.70609@vosslamber.nl> <4FAEA280.6070205@gedalya.net> <4FAEAD72.5060601@vosslamber.nl> <4FAEAF0C.6090202@thelounge.net> Message-ID: <4FAEB379.4030507@vosslamber.nl> On 12-05-2012 20:42, Reindl Harald wrote: > > Am 12.05.2012 20:35, schrieb Luuk at dovecot: >> On 12-05-2012 19:48, Gedalya wrote: >>> >>> I understand you sent an email to yourself? >>> If you gained one $message_size upon reception and lost 2*$message_size >>> upon deletion from Inbox+Sent, I would suspect quota plugin isn't active >>> when the message is being delivered. How are messages delivered? Dovecot >>> LDA, LMTP or an external MTA? >>> You really should use LDA or LMTP to handle quota accounting. >> >> Yes, i was sending it to meself... >> Postfix delivers mail using procmail. >> Next thing i need to read about mailservers are the LDA/LMTP pages.... > > this should be one of the first things > > nobody needs procmail/shellscripts to get quota with postfix > and a MDA with LMPT support wokring these days > > usually the better way implementing services is to draw > what exactly is needed and read docs how all this things > can be achived Everything (besides quota ;) is working as needed > > example from dbmail (dovecot should be the same) > /etc/postfix/master.cf: > dbmail-lmtp unix - - n - - lmtp -o disable_dns_lookups=yes > > set the postfix-transport to "dbmail-lmtp:127.0.0.1:24" for each domain which should > be delivered to LMTP and you are done, "dbmail-lmtp" is only a name > > > > i have a line like that in my master.cf, i reads: lmtp unix - - n - - lmtp but (apparantly) is not used. Before starting to use that, i should make sure all received mail keeps coming in at the right place... From stan at hardwarefreak.com Sat May 12 23:48:08 2012 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sat, 12 May 2012 15:48:08 -0500 Subject: [Dovecot] index IO patterns In-Reply-To: References: <4FADBDDE.1040606@hardwarefreak.com> Message-ID: <4FAECC88.3030903@hardwarefreak.com> On 5/12/2012 2:32 AM, Cor Bosman wrote: >> Mail is always a random IO workload, unless your mailbox count is 1, >> whether accessing indexes or mail files. Regarding the other two >> questions, you'll likely need to take your own measurements. > > Wait, maybe there is a misunderstanding. I mean the IO inside one > index file, not across the different mailboxes. So within 1 index > file that covers a mailbox with say 10.000 emails, how does the IO > occur. I would guess pretty random as well, but on the other hand > i guess in some ways it could be pretty linear too. If dovecot keeps > most changes in memory and writes it all back in 1 go. I don't see how this is relevant to designing an index storage system. Whether index file updates are sequential or random, they become random at the 2nd user and more so from there. So either way, your storage system will see a random IO pattern, and that's what you need to engineer the system for, not the single user index file update pattern. You've already expressed interest in SSD, which takes care of this concern. -- Stan From daniel.parthey at informatik.tu-chemnitz.de Sun May 13 03:07:52 2012 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 13 May 2012 02:07:52 +0200 Subject: [Dovecot] Dovecot usage values differ from actual disk usage Message-ID: <20120513000752.GA17087@daniel.localdomain> Hi, in my dovecot setup the accounting database table shows wrong values which do not correspond with the actual disk space used. The disk usage says 2.6 Gigabytes: mail01:~# du -sh /mail/dovecot/example.org/username 2.6G /mail/dovecot/example.org/username While the doveadm quota get says 7 Gigabytes for the same user: mail01:~# doveadm -f tab quota get -u username at example.org Quota name Type Value Limit % User quota STORAGE 7065208 - 0 User quota MESSAGE 282024 - 0 mysql> select * from dovecot.dovecot_usage where username="username at example.org"; +----------------------+------------+----------+ | username | storage | messages | +----------------------+------------+----------+ | username at example.org | 7234773131 | 282024 | +----------------------+------------+----------+ 1 row in set (0.00 sec) What might be the reason for such huge differences (several gigabytes) between storage value in dovecot_usage table and disk usage value? After a quota recalc everything is correct: mail01:~# doveadm quota recalc -u username at example.org mail01:~# doveadm -f tab quota get -u username at example.org Quota name Type Value Limit % User quota STORAGE 2630434 - 0 User quota MESSAGE 100714 - 0 mysql> select * from dovecot.dovecot_usage where username="username at example.org"; +----------------------+------------+----------+ | username | storage | messages | +----------------------+------------+----------+ | username at example.org | 2693565239 | 100714 | +----------------------+------------+----------+ 1 row in set (0.00 sec) How can I keep the accounting data consistent with actual disk usage, without running a recalc cronjob every few hours? There's running a dovecot director and mailbox instance on each of our servers with the mails being stored on NFS and received from postfix via LMTP through the director lmtp port 20024. Configuration of director (dovecot-director.conf) and mailbox (dovecot.conf) is attached. Kind regards Daniel -------------- next part -------------- # 2.0.20: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve service dict { unix_listener dict { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 19143 } } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service quota-warning { executable = script /usr/local/bin/quota-warning unix_listener quota-warning { user = vmail } user = dovecot } ssl = no userdb { driver = prefetch } userdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } verbose_proctitle = yes protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_plugins = quota imap_quota } protocol lmtp { mail_plugins = quota sieve } -------------- next part -------------- # 2.0.20: /etc/dovecot-director/dovecot-director.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot-director deliver_log_format = director: deliver: msgid=%m from=%f: %$ director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190 lmtp_proxy = yes login_greeting = Mail Balancer login_log_format = director: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "director: mail: %s(%u): " mail_privileged_group = vmail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes passdb { args = proxy=y nopassword=y user=%n at dovecotmail.%d driver = static } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { user = dovecot } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service imap-login { executable = imap-login director inet_listener imap { port = 20143 } inet_listener imaps { port = 20993 ssl = yes } } service lmtp { inet_listener lmtp { address = * port = 20024 } } service managesieve-login { inet_listener sieve { port = 20200 } } service pop3-login { executable = pop3-login director inet_listener pop3 { port = 20110 } inet_listener pop3s { port = 20995 ssl = yes } } ssl_cert = Lutz Schildt posted this to the Gentoo bugzilla recently: http://bugs.gentoo.org/show_bug.cgi?id=415571 There's a backtrace and conf files attached. I was able to find this possibly-related post from a while ago: http://dovecot.org/list/dovecot/2010-September/052963.html From joop.boonen at boonen.org Sun May 13 10:55:36 2012 From: joop.boonen at boonen.org (Joop Boonen) Date: Sun, 13 May 2012 09:55:36 +0200 Subject: [Dovecot] Non void function static int services_verify_systemd(struct service_list *service_list) doesn't return value at the end Message-ID: Hi All, Non void function static int services_verify_systemd(struct service_list *service_list) doesn't return value at the end I think this has been forgotten. Regards, Joop. I've attached a patch. -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-noreturn-nonvoid.patch Type: text/x-patch Size: 328 bytes Desc: not available URL: From h.reindl at thelounge.net Sun May 13 13:31:22 2012 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 13 May 2012 12:31:22 +0200 Subject: [Dovecot] dovecot-2.1.6: why are loglines longer and longer Message-ID: <4FAF8D7A.50806@thelounge.net> do we really need "session=" additional to proxy log-lines? until this change it was possible on a 24" screen with "tail -f /var/log/maillog" to watch without linebreaks, now each proxy line breaks PLEASE reconsider such changes! May 13 12:27:38 mail dovecot: imap-login: proxy(*******@thelounge.net): started proxying to 127.0.0.1:143: user=<********@thelounge.net>, method=PLAIN, rip=********, lip=******, TLS, session= -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Sun May 13 13:45:02 2012 From: tss at iki.fi (Timo Sirainen) Date: Sun, 13 May 2012 13:45:02 +0300 Subject: [Dovecot] dovecot-2.1.6: why are loglines longer and longer In-Reply-To: <4FAF8D7A.50806@thelounge.net> References: <4FAF8D7A.50806@thelounge.net> Message-ID: On 13.5.2012, at 13.31, Reindl Harald wrote: > do we really need "session=" additional > to proxy log-lines? until this change it was possible on > a 24" screen with "tail -f /var/log/maillog" to watch > without linebreaks, now each proxy line breaks > > PLEASE reconsider such changes! > > May 13 12:27:38 mail dovecot: imap-login: proxy(*******@thelounge.net): started proxying to 127.0.0.1:143: > user=<********@thelounge.net>, method=PLAIN, rip=********, lip=******, TLS, session= For login process lines you can configure this from login_log_format_elements setting. Anyway the session IDs are especially useful with proxying, since you can match proxy connections to backend connections easily by grepping for the session ID from both logs. From c at roessner-network-solutions.com Sun May 13 14:21:15 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 13 May 2012 13:21:15 +0200 Subject: [Dovecot] doveadm not working Message-ID: Hi, I know I must have done some misconfiguration, but I do not know where to start searching for. All began when looking at my weekly cron message, where doveadm purge -A is run. That fails. So I tried doveadm quota -A as well, which several weeks ago was working perfectly. Example: doveadm quota get -A doveadm(root): Error: User listing returned failure doveadm: Error: Failed to iterate through some users Username Quota name Type Value Limit % All I see in the logs is: May 13 13:03:20 mx0 dovecot: auth: Error: auth worker: Aborted request: Lookup timed out May 13 13:03:21 mx0 dovecot: auth-worker(26753): Error: LDAP: ldap_start_tls_s() failed: Connect error May 13 13:03:21 mx0 dovecot: auth-worker(26753): Error: LDAP: ldap_start_tls_s() failed: Can't contact LDAP server Dovecot itself works. Only doveadm does not. My LDAP is using SASL/EXTERNAL. Certs are in standard folders under /etc/ssl/{certs,private} (see below). I guess that "some" user (but which?) tries to read the certs but is disallowed. Can somebody help me please to fix my permissions on that (private used) mail server? Is my "vmail" user required? Thanks in advance Here is my doveconf -n: # 2.1.6: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-41-generic-pae i686 Ubuntu 10.04.4 LTS auth_master_user_separator = * auth_mechanisms = plain login auth_verbose = yes hostname = mail.roessner-net.de lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_access_groups = vmail mail_gid = vmail mail_location = mdbox:~/mdbox mail_plugins = autocreate quota acl fts fts_solr zlib mail_log notify mail_privileged_group = mail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = mdbox:%%h/mdbox prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox "Deleted Messages" { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } mailbox junkmail { special_use = \Junk } prefix = separator = / type = private } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/mail/virtual/shared-mailboxes.db autocreate = Trash autocreate2 = Sent autocreate3 = Drafts autocreate4 = junkmail autosubscribe = Trash autosubscribe2 = Sent autosubscribe3 = Drafts autosubscribe4 = junkmail fts = solr fts_solr = break-imap-search url=http://localhost:8080/solr/ mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = dict:User quota::file:%h/mdbox/dovecot-quota quota_rule = *:storage=300M:messages=20000 quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve zlib_save = gz zlib_save_level = 6 } protocols = imap pop3 lmtp sieve service auth-worker { unix_listener auth-worker { user = vmail } user = vmail } service auth { extra_groups = ssl-cert unix_listener auth-userdb { mode = 0600 user = vmail } user = vmail } service dict { unix_listener dict { mode = 0600 user = vmail } } service lmtp { inet_listener lmtp { address = ::1 port = 24 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_ca = From c at roessner-network-solutions.com Sun May 13 16:13:29 2012 From: c at roessner-network-solutions.com (=?iso-8859-1?Q?Christian_R=F6=DFner?=) Date: Sun, 13 May 2012 15:13:29 +0200 Subject: [Dovecot] doveadm not working In-Reply-To: References: Message-ID: <154F1EE4-47EA-4384-B37D-1B5741E88FAE@roessner-network-solutions.com> > doveadm quota get -A > doveadm(root): Error: User listing returned failure > doveadm: Error: Failed to iterate through some users > Username Quota name Type Value Limit % > > All I see in the logs is: > > May 13 13:03:20 mx0 dovecot: auth: Error: auth worker: Aborted request: Lookup timed out > May 13 13:03:21 mx0 dovecot: auth-worker(26753): Error: LDAP: ldap_start_tls_s() failed: Connect error > May 13 13:03:21 mx0 dovecot: auth-worker(26753): Error: LDAP: ldap_start_tls_s() failed: Can't contact LDAP server I just enabled Stats in both LDAP servers. When doing a doveadm quota get -A there does not happen any LDAP connection to one of my servers. If I do a "telnet -4/-6 ... 389" to each of them, I can see the ACCEPT stats. So why does doveadm not connect with LDAP, while the service dovecot works perfectly? How can I debug this? -Christian R??ner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gie?en F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3880 bytes Desc: not available URL: From ott at mirix.org Sun May 13 19:43:08 2012 From: ott at mirix.org (Matthias-Christian Ott) Date: Sun, 13 May 2012 18:43:08 +0200 Subject: [Dovecot] TLS X.509 CRLs Message-ID: <20120513164308.GA2850@qp> Hi, according to the documentation file referenced by ssl_ca must contain the Client certificate CA and the corresponding CRL. Thus dovecot would have to receive SIGHUP to reload a new CRL. Did I understand this correctly? Regards, Matthias-Christian From leo at strike.wu.ac.at Mon May 14 00:40:14 2012 From: leo at strike.wu.ac.at (Alexander 'Leo' Bergolth) Date: Sun, 13 May 2012 23:40:14 +0200 Subject: [Dovecot] userdb namespace settings bug Message-ID: <4FB02A3E.3000507@strike.wu.ac.at> Hi! Since upgrading to 2.1.6, setting namespaces via environment variables using a imap-postlogin-script *sometimes* doesn't work. Sometimes, the prefix of a namespace isn't set correctly, but is set to an empty string, which leads to the following error: namespace configuration error: Duplicate namespace prefix: "" However, the environment is set correctly, the error seems to occur when parsing the environment. See the attached log: The postlogin-script sets the environment variables attached as dovecot-postlogin-environment.txt. (dumped from postlogin script via env) However, the variable "NAMESPACE/S-GSD/PREFIX=Shared/GSD/" gets parsed as: plugin/namespace/s-gsd/prefix=Shared/GSD/ See the error message: Unknown userdb setting: plugin/namespace/s-gsd/prefix=Shared/GSD/ After restarting dovecot, the same configuration sometimes works correctly. I'd greatly appreciate your help! Unfortunately I have done the upgrade on a production system, so the issue is quite serious for me.. Will downgrading to 2.0 work? (Index-files, etc?) Thanks, --leo -- e-mail ::: Leo.Bergolth (at) wu.ac.at fax ::: +43-1-31336-906050 location ::: IT-Services | Vienna University of Economics | Austria -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot-userdb-namespaces.txt URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot-postlogin-environment.txt URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-post-login.pl Type: application/x-perl Size: 2954 bytes Desc: not available URL: From miroslav.misek at gmail.com Mon May 14 01:34:56 2012 From: miroslav.misek at gmail.com (=?ISO-8859-2?Q?Miroslav_M=ED=B9ek?=) Date: Mon, 14 May 2012 00:34:56 +0200 Subject: [Dovecot] managesieve problem Message-ID: Hi, please could anyone help me with managesieve problem? I have working dovecot (imap) and now i am trying to run managesieve plugin. But I am still getting error: May 14 00:05:41 thor dovecot: managesieve-login: Fatal: Error reading configuration: Invalid settings: ssl enabled, but ssl_cert not set May 14 00:05:41 thor dovecot: master: Error: service(managesieve-login): command startup failed, throttling Here is my configuration: # doveconf -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-220.13.1.el6.x86_64 x86_64 CentOS release 6.2 (Final) ext4 auth_mechanisms = plain login first_valid_uid = 200 last_valid_uid = 200 mail_location = maildir:/home/vmail/%1d/%d/%n/Maildir mbox_write_locks = fcntl passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service managesieve-login { executable = managesieve-login director inet_listener sieve_deprecated { port = 2000 } } service managesieve { executable = managesieve director } ssl_cert = References: Message-ID: On 5/10/2012 10:02 PM, Ian Pilcher wrote: > I am getting an SELinux error every time dovecot starts, because it is > trying to access my music directory (/srv/music). I've read the > doveadm-mount man page, and tried: > > doveadm mount add /srv/music ignore > > but it didn't make any difference. > > Now, I certainly didn't tell dovecot to access this directory, so how > can I tell it *not* to do so. > > This is dovecot-2.1.6-2.fc17.x86_64 on Fedora 17 Beta, BTW. > > Thanks! > Is your /srv/music shown in the output from "doveadm mount list"? Is /srv/music referenced via a symlink from another folder - possibly a home folder? -- Daniel From zdy0818 at gmail.com Mon May 14 08:39:43 2012 From: zdy0818 at gmail.com (=?GB2312?B?1ee2q9Pu?=) Date: Mon, 14 May 2012 13:39:43 +0800 Subject: [Dovecot] dovecot report W value error and Corrupted index cache file Message-ID: Hello everybody, I have a problem and no idea. Yesterday Dovecot.log report: Warning: Fixed a duplicate: /opt/*/cur/