From tss at iki.fi Mon Jul 1 00:32:59 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 1 Jul 2013 00:32:59 +0300 Subject: [Dovecot] LIST command -- quoting of folder names In-Reply-To: <87sj00we37.fsf@ericabrahamsen.net> References: <87sj00we37.fsf@ericabrahamsen.net> Message-ID: <3336427C-633E-47A1-B110-CE96E33ED6A8@iki.fi> On 30.6.2013, at 5.02, Eric Abrahamsen wrote: > * LIST (\HasChildren) "/" [Gmail] > * LIST (\HasNoChildren) "/" [Gmail]/Spam > * LIST (\HasNoChildren) "/" [Gmail]/Starred > * LIST (\HasNoChildren) "/" [Gmail]/Trash > * LIST (\HasNoChildren) "/" [Gmail]/Drafts > * LIST (\HasNoChildren) "/" "[Gmail]/Sent Mail" > * LIST (\HasNoChildren) "/" [Gmail]/Important > * LIST (\HasNoChildren) "/" INBOX > > Only "[Gmail]/Sent Mail" is quoted. This is messing up gnus, my MUA, > which truncates other folder names after the / separator. RFC 3501: list = "LIST" SP mailbox SP list-mailbox list-mailbox = 1*list-char / string list-char = ATOM-CHAR / list-wildcards / resp-specials ATOM-CHAR = atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards / quoted-specials / resp-specials list-wildcards = "%" / "*" resp-specials = "]" Looks to me like all the characters in the mailbox names are list-chars, so this would be a gnus bug. Unless this affects some widely used client I'd rather not change Dovecot to unnecessarily add quotes where they're not needed. > Examples of testing I've seen online have shown all folder names quoted, > which would allow things to work correctly here. Is this something I can > affect with local configuration, or is there some other solution? Would > removing "LAYOUT=fs" affect this issue? You can't affect this without modifying source code. From eric at ericabrahamsen.net Mon Jul 1 06:55:23 2013 From: eric at ericabrahamsen.net (Eric Abrahamsen) Date: Mon, 01 Jul 2013 11:55:23 +0800 Subject: [Dovecot] LIST command -- quoting of folder names References: <87sj00we37.fsf@ericabrahamsen.net> <3336427C-633E-47A1-B110-CE96E33ED6A8@iki.fi> Message-ID: <87y59rc4t0.fsf@ericabrahamsen.net> Timo Sirainen writes: > On 30.6.2013, at 5.02, Eric Abrahamsen wrote: > >> * LIST (\HasChildren) "/" [Gmail] >> * LIST (\HasNoChildren) "/" [Gmail]/Spam >> * LIST (\HasNoChildren) "/" [Gmail]/Starred >> * LIST (\HasNoChildren) "/" [Gmail]/Trash >> * LIST (\HasNoChildren) "/" [Gmail]/Drafts >> * LIST (\HasNoChildren) "/" "[Gmail]/Sent Mail" >> * LIST (\HasNoChildren) "/" [Gmail]/Important >> * LIST (\HasNoChildren) "/" INBOX >> >> Only "[Gmail]/Sent Mail" is quoted. This is messing up gnus, my MUA, >> which truncates other folder names after the / separator. > > RFC 3501: > > list = "LIST" SP mailbox SP list-mailbox > list-mailbox = 1*list-char / string > list-char = ATOM-CHAR / list-wildcards / resp-specials > ATOM-CHAR = > atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards / > quoted-specials / resp-specials > list-wildcards = "%" / "*" > resp-specials = "]" > > Looks to me like all the characters in the mailbox names are > list-chars, so this would be a gnus bug. Unless this affects some > widely used client I'd rather not change Dovecot to unnecessarily add > quotes where they're not needed. > >> Examples of testing I've seen online have shown all folder names quoted, >> which would allow things to work correctly here. Is this something I can >> affect with local configuration, or is there some other solution? Would >> removing "LAYOUT=fs" affect this issue? > > You can't affect this without modifying source code. Good to know, thanks! I'll work on it in from the gnus end, it should be relatively easy to fix there. Eric From simon.buongiorno at gmail.com Mon Jul 1 11:41:48 2013 From: simon.buongiorno at gmail.com (Simon B) Date: Mon, 1 Jul 2013 10:41:48 +0200 Subject: [Dovecot] Server shutting down Message-ID: Hi I recently moved to Debian Wheezy and installed dovecot from apt-get. root at mail:~# dpkg -l | grep dovecot ii dovecot-common 1:2.1.7-7 all Transitional package for dovecot ii dovecot-core 1:2.1.7-7 amd64 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-gssapi 1:2.1.7-7 amd64 GSSAPI authentication support for Dovecot ii dovecot-imapd 1:2.1.7-7 amd64 secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-ldap 1:2.1.7-7 amd64 LDAP support for Dovecot ii dovecot-managesieved 1:2.1.7-7 amd64 secure ManageSieve server for Dovecot ii dovecot-mysql 1:2.1.7-7 amd64 MySQL support for Dovecot ii dovecot-pgsql 1:2.1.7-7 amd64 PostgreSQL support for Dovecot ii dovecot-pop3d 1:2.1.7-7 amd64 secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-sieve 1:2.1.7-7 amd64 sieve filters support for Dovecot ii dovecot-sqlite 1:2.1.7-7 amd64 SQLite support for Dovecot Having previously been on 1.2 on Debian Squeeze the upgrade went flawlessly (and automatically, as I'd already placed the 1.2 dovecot.conf file before installing 2.1.7). And I've been very happy. However, yesterday the server just just shutdown. /var/log/mail.log.1:42890:Jun 30 17:27:04 mail dovecot: imap: Server shutting down. in=14 out=648 /var/log/mail.log.1:42891:Jun 30 17:27:04 mail dovecot: imap: Server shutting down. in=14 out=648 /var/log/mail.log.1:42893:Jun 30 17:27:04 mail dovecot: imap: Server shutting down. in=14 out=648 /var/log/mail.log.1:42895:Jun 30 17:27:34 mail dovecot: imap: Server shutting down. in=739 out=2081 /var/log/mail.log.1:42896:Jun 30 17:27:34 mail dovecot: imap: Server shutting down. in=1764 out=4027 There's no error|panic|warning|fatal messages in any of the logs. root at mail:~# grep -in dovecot /var/log/syslog | grep '(fatal|error|warning|panic)' root at mail:~# grep -in dovecot /var/log/messages | grep '(fatal|error|warning|panic)' root at mail:~# grep -in dovecot /var/log/daemon.log | grep '(fatal|error|warning|panic)' root at mail:~# grep -inr dovecot /var/log/mail* | grep '(fatal|error|warning|panic)' Although everything should log to mail.log if I set up rsyslog properly. The timestamp is not correlated to any of my cron jobs. How can I find out what caused this? Of course with Dovecot shut down Postfix refused to send mail as there was no auth service available. Simon From morpheus.ibis at gmail.com Mon Jul 1 12:24:52 2013 From: morpheus.ibis at gmail.com (Pavel Herrmann) Date: Mon, 01 Jul 2013 11:24:52 +0200 Subject: [Dovecot] Samba4 and user auth In-Reply-To: <5763134862c4cb8d05cec0c518703a43@delellis.net> References: <5763134862c4cb8d05cec0c518703a43@delellis.net> Message-ID: <3204186.W7SUAz2Nb8@gesher> Hi On Friday 28 June 2013 07:17:39 Carsten Laun-De Lellis wrote: > Hi all > > I am trying to set up an email Server with a Samba4 AD as user > Directory. > > Does anybody know a good how-to to setup user auth against AD ? Or could > anyone tell me how to do it? > > I am having an email Server up and running with openldap but want to > change to Samba4 AD, because of the openchange Integration. > > I would appreciate any help on this topic. I have an AD/Samba4 auth for dovecot, it works the same as any LDAP would (with authenticated lookups and auth_bind) I would suggest you try it, and ask if there are any issues. Pavel Herrmann From tlx at leuxner.net Mon Jul 1 12:32:21 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Mon, 1 Jul 2013 11:32:21 +0200 Subject: [Dovecot] Server shutting down In-Reply-To: References: Message-ID: <20130701093221.GA23314@nihlus.leuxner.net> * Simon B 2013.07.01 10:41: > /var/log/mail.log.1:42896:Jun 30 17:27:34 mail dovecot: imap: Server > shutting down. in=1764 out=4027 What does the preceding line for the master process say? Jun 29 11:39:24 spectre dovecot: master: Warning: Killed with signal 15 (by pid=11676 uid=0 code=kill) Jun 29 11:39:24 spectre dovecot: imap: Server shutting down. in=556 out=11739 Jun 29 11:39:24 spectre dovecot: imap: Server shutting down. in=7534 out=29257 Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From simon.buongiorno at gmail.com Mon Jul 1 12:53:02 2013 From: simon.buongiorno at gmail.com (Simon B) Date: Mon, 1 Jul 2013 11:53:02 +0200 Subject: [Dovecot] Server shutting down In-Reply-To: <20130701093221.GA23314@nihlus.leuxner.net> References: <20130701093221.GA23314@nihlus.leuxner.net> Message-ID: On 1 July 2013 11:32, Thomas Leuxner wrote: > * Simon B 2013.07.01 10:41: > >> /var/log/mail.log.1:42896:Jun 30 17:27:34 mail dovecot: imap: Server >> shutting down. in=1764 out=4027 > > What does the preceding line for the master process say? > > Jun 29 11:39:24 spectre dovecot: master: Warning: Killed with signal 15 (by pid=11676 uid=0 code=kill) > Jun 29 11:39:24 spectre dovecot: imap: Server shutting down. in=556 out=11739 > Jun 29 11:39:24 spectre dovecot: imap: Server shutting down. in=7534 out=29257 Hi Thomas, The line before was a regular imap login line. As per my original mail nothing was logged with warning in the entire mail.log. I notice now that I don't have any master logging lines too.. root at mail:~# grep -inr dovecot /var/log/mail* | grep '(fatal|error|warning|panic)' root at mail:~# grep -inr dovecot /var/log/mail* | grep '(fatal|error|warning|panic|master)' root at mail:~# I wonder where master is being logged to and how I can redirect that. Simon From l.kiraly at madalbal.hu Mon Jul 1 14:03:57 2013 From: l.kiraly at madalbal.hu (Laszlo Kiraly) Date: Mon, 1 Jul 2013 13:03:57 +0200 Subject: [Dovecot] namespace delivery question In-Reply-To: <1d6e8f48-81ab-4df1-a3ba-89b44f4bb61e@email.android.com> References: <20130627115159.M11417@madalbal.hu> <20130628133734.GA25817@nihlus.leuxner.net> <20130629184638.M19581@madalbal.hu> <1d6e8f48-81ab-4df1-a3ba-89b44f4bb61e@email.android.com> Message-ID: <20130701110357.M57716@madalbal.hu> Thank you everyone for your help, it works. I have now one more question: If I send mail to: info at domain.com , cc: l.kiraly at domain.com, I get two emails to info at domain.com, because of sieve_before executes this script for all the mailboxes. How can I persuade dovecot to deliver the mail all the adresses (to, cc, bcc)? Thanks again, L?szl? Kir?ly ---------- Original Message ----------- From: Daniel Parthey To: kiru at madalbal.hu,dovecot at dovecot.org Sent: Sun, 30 Jun 2013 16:38:21 +0200 Subject: Re: [Dovecot] namespace delivery question > Add the :create flag to your SIEVE rule in order to automatically > create mailboxes if nonexistent. > > require "fileinto"; > > if address :is ["To","CC"] "info at domain.com" > { > fileinto :create "public/info"; > } > > Regards > Daniel ------- End of Original Message ------- From morpheus.ibis at gmail.com Mon Jul 1 14:05:10 2013 From: morpheus.ibis at gmail.com (Pavel Herrmann) Date: Mon, 01 Jul 2013 13:05:10 +0200 Subject: [Dovecot] Samba4 and user auth In-Reply-To: <5e95a75938e9eb8e525a32f304fe3308@delellis.net> References: <5763134862c4cb8d05cec0c518703a43@delellis.net> <3204186.W7SUAz2Nb8@gesher> <5e95a75938e9eb8e525a32f304fe3308@delellis.net> Message-ID: <27458022.o9md69kx3v@gesher> Hi On Monday 01 July 2013 12:36:39 Carsten Laun-De Lellis wrote: > Hi Pavel > > Thankx for your reply. > > When you were setting up your ldap query what kind of password crypto > did you specify plain ntlm gssapi or anything else? The password field > in your query is userPassword or am I wrong here? the password field is hidden (only the user can see it) by default, and not stored as a unix-friendly value (anything a crypt() would understand) what I use is auth_bind (which uses user-supplied password to bind to the LDAP directory). what it means is that on every login there are 2 lookups (first one using your "service" DN to find the user DN, second one with your user DN to check the password) that also means that you need a password format that your LDAP can understand (mostly a plaintext password, or NTLM if your mail server is a Samba domain member). As long as you only offer IMAP/SSL I dont think plaintext (as in "auth_mechanisms = plain") is an issue, security wise. as far as the service account (the one that is used to look up users) goes, I am using the default option (setting "dn" and "dnpass" variables), which I think is a simple bind. it is possible that it only works because Samba4 and dovecot run on the same machine. Pavel Herrmann > > I will try it again. > --- > > Mit freundlichem Gru? > > Carsten Laun-De Lellis > > Hauptstrasse 13 > D-67705 Trippstadt > > Phone: +49 6306 992140 > Fax: +49 6306 992142 > Mobile: +49 151 27530865 > email: carsten.delellis at delellis.net > > http://www.linkedin.com/in/carstenlaundelellis [1] > > Am 2013-07-01 11:24, schrieb Pavel Herrmann: > > Hi > > > > On Friday 28 June 2013 07:17:39 Carsten Laun-De Lellis wrote: > >> Hi all I am trying to set up an email Server with a Samba4 AD as user > >> Directory. Does anybody know a good how-to to setup user auth against AD > >> ? Or could anyone tell me how to do it? I am having an email Server up > >> and running with openldap but want to change to Samba4 AD, because of > >> the openchange Integration. I would appreciate any help on this topic.> > > I have an AD/Samba4 auth for dovecot, it works the same as any LDAP would > > (with authenticated lookups and auth_bind) > > > > I would suggest you try it, and ask if there are any issues. > > > > Pavel Herrmann > > Links: > ------ > [1] http://www.linkedin.com/in/carstenlaundelellis From l.kiraly at madalbal.hu Mon Jul 1 14:34:38 2013 From: l.kiraly at madalbal.hu (Laszlo Kiraly) Date: Mon, 1 Jul 2013 13:34:38 +0200 Subject: [Dovecot] namespace delivery question In-Reply-To: <20130701110357.M57716@madalbal.hu> References: <20130627115159.M11417@madalbal.hu> <20130628133734.GA25817@nihlus.leuxner.net> <20130629184638.M19581@madalbal.hu> <1d6e8f48-81ab-4df1-a3ba-89b44f4bb61e@email.android.com> <20130701110357.M57716@madalbal.hu> Message-ID: <20130701113021.M76259@madalbal.hu> Otherwise asking: can I set sieve filter per namespace? I mean, one which is only for the public namespace. Thanks again, L?szl? Kir?ly > Thank you everyone for your help, it works. > > I have now one more question: > > If I send mail to: info at domain.com , cc: l.kiraly at domain.com, I get > two emails to info at domain.com, because of sieve_before executes this > script for all the mailboxes. > > How can I persuade dovecot to deliver the mail all the > adresses (to, cc, bcc)? > > Thanks again, > L?szl? Kir?ly > > ---------- Original Message ----------- > From: Daniel Parthey > To: kiru at madalbal.hu,dovecot at dovecot.org > Sent: Sun, 30 Jun 2013 16:38:21 +0200 > Subject: Re: [Dovecot] namespace delivery question > > > Add the :create flag to your SIEVE rule in order to automatically > > create mailboxes if nonexistent. > > > > require "fileinto"; > > > > if address :is ["To","CC"] "info at domain.com" > > { > > fileinto :create "public/info"; > > } > > > > Regards > > Daniel > ------- End of Original Message ------- ------- End of Original Message ------- From carsten.delellis at delellis.net Mon Jul 1 14:53:44 2013 From: carsten.delellis at delellis.net (Carsten Laun-De Lellis) Date: Mon, 01 Jul 2013 13:53:44 +0200 Subject: [Dovecot] Samba4 and user auth In-Reply-To: <27458022.o9md69kx3v@gesher> References: <5763134862c4cb8d05cec0c518703a43@delellis.net> <3204186.W7SUAz2Nb8@gesher> <5e95a75938e9eb8e525a32f304fe3308@delellis.net> <27458022.o9md69kx3v@gesher> Message-ID: <1b76efb18946e9884f23626bd9f634a2@delellis.net> Hi Pavel Thankx for your explanations. Also in my scenario Samba, Postfix and Dovecot are running on the same machine. I will try your config and then see if it works. But again kind regards and thankx to you and all others who came back to me with suggestions how to find the right config. --- Mit freundlichem Gru? Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: carsten.delellis at delellis.net http://www.linkedin.com/in/carstenlaundelellis [1] Am 2013-07-01 13:05, schrieb Pavel Herrmann: > Hi > > On Monday 01 July 2013 12:36:39 Carsten Laun-De Lellis wrote: > >> Hi Pavel Thankx for your reply. When you were setting up your ldap query what kind of password crypto did you specify plain ntlm gssapi or anything else? The password field in your query is userPassword or am I wrong here? > > the password field is hidden (only the user can see it) by default, and not > stored as a unix-friendly value (anything a crypt() would understand) > what I use is auth_bind (which uses user-supplied password to bind to the LDAP > directory). > > what it means is that on every login there are 2 lookups (first one using your > "service" DN to find the user DN, second one with your user DN to check the > password) > > that also means that you need a password format that your LDAP can understand > (mostly a plaintext password, or NTLM if your mail server is a Samba domain > member). As long as you only offer IMAP/SSL I dont think plaintext (as in > "auth_mechanisms = plain") is an issue, security wise. > > as far as the service account (the one that is used to look up users) goes, I > am using the default option (setting "dn" and "dnpass" variables), which I > think is a simple bind. it is possible that it only works because Samba4 and > dovecot run on the same machine. > > Pavel Herrmann > I will try it again. --- Mit freundlichem Gru? Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: carsten.delellis at delellis.net http://www.linkedin.com/in/carstenlaundelellis [1][1] Am 2013-07-01 11:24, schrieb Pavel Herrmann: Hi On Friday 28 June 2013 07:17:39 Carsten Laun-De Lellis wrote: Hi all I am trying to set up an email Server with a Samba4 AD as user Directory. Does anybody know a good how-to to setup user auth against AD ? Or could anyone tell me how to do it? I am having an email Server up and running with openldap but want to change to Samba4 AD, because of the openchange Integration. I would appreciate any help on this topic.> I have an AD/Samba4 auth for dovecot, it works the same as any LDAP would (with authenticated lookups and auth_bind) I would suggest you try it, and ask if there are any issues. Pavel Herrmann Links: ------ [1] http://www.linkedin.com/in/carstenlaundelellis [1] Links: ------ [1] http://www.linkedin.com/in/carstenlaundelellis From mariajose1982 at gmail.com Mon Jul 1 15:59:25 2013 From: mariajose1982 at gmail.com (=?ISO-8859-1?Q?Maria_Jose_Ya=F1ez_Dacosta?=) Date: Mon, 1 Jul 2013 09:59:25 -0300 Subject: [Dovecot] Doubt the relationship between NTLM and Kerberos. Message-ID: Could someone explain to me what role does the Authenticating Kerberos NTLM in Authenticating NTLM explained in http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm ? Not understand that relationship between NTLM and Kerberos?. I have to configure thunderbird with simple password method and leave the password to be blank or have to use the gssapi? Although gssapi not supported by windows right? You have to generate a keytab for imap server against AD? I should create in windows and copy it to linux where I have my imap server? I appreciate someone can explain this. Thank you!. -- Maria Jos? From jerry at seibercom.net Mon Jul 1 16:33:44 2013 From: jerry at seibercom.net (Jerry) Date: Mon, 1 Jul 2013 09:33:44 -0400 Subject: [Dovecot] Doubt the relationship between NTLM and Kerberos. In-Reply-To: References: Message-ID: <20130701093344.311c81f1@scorpio> On Mon, 1 Jul 2013 09:59:25 -0300 Maria Jose Ya?ez Dacosta articulated: http://technet.microsoft.com/en-us/library/bb123786%28v=EXCHG.65%29.aspx > Could someone explain to me what role does the Authenticating > Kerberos NTLM in Authenticating NTLM explained in > http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm ? > > Not understand that relationship between NTLM and Kerberos?. > > I have to configure thunderbird with simple password method and leave > the password to be blank or have to use the gssapi? > > Although gssapi not supported by windows right? > > You have to generate a keytab for imap server against AD? I should > create in windows and copy it to linux where I have my imap server? > > I appreciate someone can explain this. > Thank you!. You might try some of these URLs: http://msdn.microsoft.com/en-us/library/windows/desktop/aa378747%28v=vs.85%29.aspx http://msdn.microsoft.com/en-us/library/windows/desktop/aa380496%28v=vs.85%29.aspx -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From gedalya at gedalya.net Mon Jul 1 19:02:06 2013 From: gedalya at gedalya.net (Gedalya) Date: Mon, 01 Jul 2013 12:02:06 -0400 Subject: [Dovecot] dsync/imapc migration question Message-ID: <51D1A7FE.9030309@gedalya.net> Doing an imapc migration with the pop3 migration plugin, using doveadm backup -R. I occasionally get the following output: dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly dsync(user at domain.tld): Warning: I/O leak: 0xb7648650 (line 1229, fd 10) dsync(user at domain.tld): Warning: I/O leak: 0xb7648650 (line 1229, fd 11) dsync(user at domain.tld): Warning: Timeout leak: 0xb76488b0 (line 1316) dsync(user at domain.tld): Warning: Timeout leak: 0xb76488b0 (line 1316) The source server is really crappy, no need to look at the dovecot side for causes. My question is: is it possible that the migration did complete successfully? Dovecot does seem to continue and it's kind of vague on what went wrong, and did it re-try. This operation can take several hours on large mailboxes so this question is really meaningful in my case. (I'd try with -D but it's really hard to reproduce this on demand). Thanks Gedalya From h.reindl at thelounge.net Tue Jul 2 13:20:37 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 02 Jul 2013 12:20:37 +0200 Subject: [Dovecot] IMAPS: Disable SSL connection without client certificate In-Reply-To: <51CEE6FA.9020201@Media-Brokers.com> References: <51CE0097.90207@gmail.com> <51CE017A.4000404@thelounge.net> <51CE80E5.3050509@gmail.com> <51CEE6FA.9020201@Media-Brokers.com> Message-ID: <51D2A975.1080607@thelounge.net> Am 29.06.2013 15:54, schrieb Charles Marcus: >>> well, this is for dovecot 1.x, but have you tried it? >>> >>> Client certificate verification/authentication >>> If you want to require clients to present a valid SSL certificate, you'll need these settings: >>> >>> ssl_ca_file = /etc/ssl/ca.pem >>> ssl_verify_client_cert = yes >>> auth default { >>> ssl_require_client_cert = yes >>> .. >>> } > >> Thanks for your email. Yes, I looked before at that website before. I'm using these options with Dovecot 2.1.8, >> among others: >> >> auth_ssl_require_client_cert = yes >> ssl_verify_client_cert = yes >> ssl_ca = > I'm not sure why Reindl pointed you to the 1.x docs when you are using 2.x... because it is a good start-point and i do not need the feature and in this case it should be enough that i start to google for others at all however, if you would have followed this thread you would have realized that the OP demaned technical impossible things like "uhm openssl should reject the connction without cert before running any dovecot code" -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From roundcube at lefoyer.ru Tue Jul 2 15:00:23 2013 From: roundcube at lefoyer.ru (Sergey Sidlyarenko) Date: Tue, 02 Jul 2013 16:00:23 +0400 Subject: [Dovecot] Dovecot METADATA plugin configuration Message-ID: Debian Wheezy dovecot 2.2.4 (deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2.patched main) dovecot-metadata-plugin v14 /var/lib/dovecot 777 dovecot:dovecot /var/lib/dovecot/shared-metadata 700 dovecot:dovecot /var/run/dovecot 777 dovecot:dovecot /var/run/divecot/dict 666 mail:dovecot Test1 - create calendar UTF7 mailbox (no errors in dovecot-error.log): [02-Jul-2013 15:47:51 +0400]: [4419] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Welcome to TU FKP IMAP server. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0001 ID ("name" "Roundcube" "version" "1.0-git" "php" "5.4.4-14+deb7u2" "os" "Linux" "command" "/?_task=calendar&_action=calendar") [02-Jul-2013 15:47:51 +0400]: [4419] S: * ID ("name" "Dovecot") [02-Jul-2013 15:47:51 +0400]: [4419] S: A0001 OK ID completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0002 AUTHENTICATE PLAIN [02-Jul-2013 15:47:51 +0400]: [4419] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE METADATA ANNOTATEMORE] Logged in [02-Jul-2013 15:47:51 +0400]: [4419] C: A0003 CREATE &BCAEMAQxBD4ERwQ4BDk- [02-Jul-2013 15:47:51 +0400]: [4419] S: A0003 OK Create completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0004 SUBSCRIBE &BCAEMAQxBD4ERwQ4BDk- [02-Jul-2013 15:47:51 +0400]: [4419] S: A0004 OK Subscribe completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0005 SETMETADATA &BCAEMAQxBD4ERwQ4BDk- (/shared/vendor/kolab/folder-type event /private/vendor/kolab/folder-type NIL) [02-Jul-2013 15:47:51 +0400]: [4419] S: A0005 NO Mailbox does not exist. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0006 SETMETADATA &BCAEMAQxBD4ERwQ4BDk- (/private/vendor/kolab/folder-type event) [02-Jul-2013 15:47:51 +0400]: [4419] S: A0006 NO Mailbox does not exist. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0007 LIST "" "&BCAEMAQxBD4ERwQ4BDk-/*" [02-Jul-2013 15:47:51 +0400]: [4419] S: A0007 OK List completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0008 DELETE &BCAEMAQxBD4ERwQ4BDk- [02-Jul-2013 15:47:51 +0400]: [4419] S: A0008 OK Delete completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0009 UNSUBSCRIBE &BCAEMAQxBD4ERwQ4BDk- [02-Jul-2013 15:47:51 +0400]: [4419] S: A0009 OK Unsubscribe completed. [02-Jul-2013 15:47:51 +0400]: [4419] C: A0010 LOGOUT [02-Jul-2013 15:47:51 +0400]: [4419] S: * BYE Logging out [02-Jul-2013 15:47:51 +0400]: [4419] S: A0010 OK Logout completed. Test2 - create calendar ASCII mailbox: [02-Jul-2013 15:51:20 +0400]: [2611] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Welcome to TU FKP IMAP server. [02-Jul-2013 15:51:20 +0400]: [2611] C: A0001 ID ("name" "Roundcube" "version" "1.0-git" "php" "5.4.4-14+deb7u2" "os" "Linux" "command" "/?_task=calendar&_action=calendar") [02-Jul-2013 15:51:20 +0400]: [2611] S: * ID ("name" "Dovecot") [02-Jul-2013 15:51:20 +0400]: [2611] S: A0001 OK ID completed. [02-Jul-2013 15:51:20 +0400]: [2611] C: A0002 AUTHENTICATE PLAIN [02-Jul-2013 15:51:20 +0400]: [2611] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE METADATA ANNOTATEMORE] Logged in [02-Jul-2013 15:51:20 +0400]: [2611] C: A0003 CREATE Work [02-Jul-2013 15:51:20 +0400]: [2611] S: A0003 OK Create completed. [02-Jul-2013 15:51:20 +0400]: [2611] C: A0004 SUBSCRIBE Work [02-Jul-2013 15:51:20 +0400]: [2611] S: A0004 OK Subscribe completed. [02-Jul-2013 15:51:20 +0400]: [2611] C: A0005 SETMETADATA Work (/shared/vendor/kolab/folder-type event /private/vendor/kolab/folder-type NIL) [02-Jul-2013 15:51:50 +0400]: [2611] S: A0005 NO Setting entry failed. [02-Jul-2013 15:51:50 +0400]: [2611] C: A0006 SETMETADATA Work (/private/vendor/kolab/folder-type event) [02-Jul-2013 15:52:20 +0400]: [2611] S: A0006 NO Setting entry failed. [02-Jul-2013 15:52:20 +0400]: [2611] C: A0007 LIST "" "Work/*" [02-Jul-2013 15:52:20 +0400]: [2611] S: A0007 OK List completed. [02-Jul-2013 15:52:20 +0400]: [2611] C: A0008 DELETE Work [02-Jul-2013 15:52:20 +0400]: [2611] S: A0008 OK Delete completed. [02-Jul-2013 15:52:20 +0400]: [2611] C: A0009 UNSUBSCRIBE Work [02-Jul-2013 15:52:20 +0400]: [2611] S: A0009 OK Unsubscribe completed. [02-Jul-2013 15:52:20 +0400]: [2611] C: A0010 LOGOUT [02-Jul-2013 15:52:20 +0400]: [2611] S: * BYE Logging out [02-Jul-2013 15:52:20 +0400]: [2611] S: A0010 OK Logout completed. root at mail:/var/log/dovecot# cat dovecot-errors.log 2013-07-02 15:51:50 imap(admin at tufkp.ru): Error: read(/var/run/dovecot//dict) failed: Timeout after 30 seconds 2013-07-02 15:51:50 imap(admin at tufkp.ru): Error: metadata: dict commit failed 2013-07-02 15:52:20 imap(admin at tufkp.ru): Error: read(/var/run/dovecot//dict) failed: Timeout after 30 seconds 2013-07-02 15:52:20 imap(admin at tufkp.ru): Error: metadata: dict commit failed 2013-07-02 15:53:21 dict: Error: file dict commit: file_dotlock_open(/var/lib/dovecot/shared-metadata/) failed: Resource temporarily unavailable 2013-07-02 15:53:53 dict: Error: file dict commit: file_dotlock_open(/var/lib/dovecot/shared-metadata/) failed: Resource temporarily unavailable root at mail:/etc/dovecot# doveconf # 2.2.4: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.1 ext4 # NOTE: Send doveconf -n output instead when asking for help. auth_anonymous_username = anonymous auth_cache_negative_ttl = 10 secs auth_cache_size = 10 M auth_cache_ttl = 2 mins auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 secs auth_gssapi_hostname = auth_krb5_keytab = auth_master_user_separator = * auth_mechanisms = plain login auth_proxy_self = auth_realms = auth_socket_path = auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu auth_username_translation = auth_verbose = no auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 4096 base_dir = /var/run/dovecot/ config_cache_size = 1 M debug_log_path = default_client_limit = 8192 default_idle_kill = 1 mins default_internal_user = dovecot default_login_user = dovenull default_process_limit = 2048 default_vsz_limit = 2 G deliver_log_format = msgid=%m: %$ dict { expire = pgsql:/etc/dovecot/dovecot-dict-expire.conf metadata = file:/var/lib/dovecot/shared-metadata/ } dict_db_config = director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %u disable_plaintext_auth = yes dotlock_use_excl = yes doveadm_allowed_commands = doveadm_password = doveadm_port = 0 doveadm_socket_path = doveadm-server doveadm_worker_count = 0 dsync_alt_char = _ dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U first_valid_gid = 8 first_valid_uid = 8 hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = name * imap_idle_notify_interval = 2 mins imap_logout_format = in=%i out=%o imap_max_line_length = 64 k imap_urlauth_host = imap_urlauth_logout_format = in=%i out=%o imap_urlauth_port = 143 imap_urlauth_submit_password = imap_urlauth_submit_user = submission imapc_features = imapc_host = imapc_list_prefix = imapc_master_user = imapc_max_idle_time = 29 mins imapc_password = imapc_port = 143 imapc_rawlog_dir = imapc_ssl = no imapc_ssl_verify = yes imapc_user = import_environment = TZ info_log_path = /var/log/dovecot/dovecot.log instance_name = dovecot last_valid_gid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lda_original_recipient_header = libexec_dir = /usr/lib/dovecot listen = *, [::] lmtp_address_translate = lmtp_proxy = no lmtp_rcpt_check_quota = no lmtp_save_to_detail_mailbox = no lock_method = fcntl log_path = /var/log/dovecot/dovecot-errors.log log_timestamp = "%Y-%m-%d %H:%M:%S " login_access_sockets = login_greeting = Welcome to IMAP server. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c login_trusted_networks = 127.0.0.1 mail_access_groups = mail_always_cache_fields = mail_attachment_dir = mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} mail_attachment_min_size = 128 k mail_attribute_dict = mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_fsync = optimized mail_full_filesystem_access = no mail_gid = 8 mail_home = mail_location = maildir:/var/mail/%d/%n:LAYOUT=fs:INBOX=/var/mail/%d/%n/maildirfolder:DIRNAME=maildirfolder:INDEX=/var/mail/indexes/%d/%n mail_log_prefix = "%s(%u): " mail_max_keyword_length = 50 mail_max_lock_timeout = 0 mail_max_userip_connections = 1024 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /usr/lib/dovecot/modules mail_plugins = virtual expire metadata mail_prefetch_count = 0 mail_privileged_group = mail mail_save_crlf = no mail_shared_explicit_inbox = no mail_temp_dir = /tmp mail_temp_scan_interval = 1 weeks mail_uid = 8 mailbox_idle_check_interval = 30 secs mailbox_list_index = no maildir_broken_filename_sizes = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no managesieve_client_workarounds = managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o managesieve_max_compile_errors = 5 managesieve_max_line_length = 65536 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave master_user_separator = mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 2 mins mbox_lazy_writes = yes mbox_lock_timeout = 5 mins mbox_md5 = apop3d mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_preallocate_space = no mdbox_rotate_interval = 0 mdbox_rotate_size = 2 M mmap_disable = no namespace { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = maildir:/var/mail/%d/%n:LAYOUT=fs:INBOX=/var/mail/%d/%n/maildirfolder:DIRNAME=maildirfolder:INDEX=/var/mail/indexes/%d/%n:UTF-8 mailbox Archive { auto = subscribe driver = special_use = \Archive } mailbox Drafts { auto = subscribe driver = special_use = \Drafts } mailbox Junk { auto = subscribe driver = special_use = \Junk } mailbox Sent { auto = subscribe driver = special_use = \Sent } mailbox Trash { auto = subscribe driver = special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace { disabled = no hidden = no ignore_on_failure = no inbox = no list = yes location = virtual:/etc/dovecot/virtual:CONTROL=/var/mail/controls/%d/%n/??? ?????:INDEX=/var/mail/indexes/%d/%n/??? ?????:UTF-8 mailbox { auto = subscribe driver = special_use = \All } prefix = ??? ?????/ separator = / subscriptions = no type = private } passdb { args = /etc/dovecot/dovecot-pgsql-master.conf default_fields = deny = no driver = sql master = yes override_fields = pass = no result_failure = continue result_internalfail = continue result_success = return-ok skip = never } passdb { args = /etc/dovecot/dovecot-pgsql.conf default_fields = deny = no driver = sql master = no override_fields = pass = no result_failure = continue result_internalfail = continue result_success = return-ok skip = never } plugin { expire = Trash expire2 = Trash/* expire3 = Junk expire_dict = proxy::expire metadata_dict = proxy::metadata sieve = /var/mail/%d/%n/dovecot.sieve sieve_before = /var/lib/dovecot/sieve/ sieve_dir = /var/mail/%d/%n/maildirfolder sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M } pop3_client_workarounds = pop3_deleted_flag = pop3_enable_last = no pop3_fast_size_lookups = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_duplicates = allow pop3_uidl_format = %08Xu%08Xv pop3c_host = pop3c_master_user = pop3c_password = pop3c_port = 110 pop3c_rawlog_dir = pop3c_ssl = no pop3c_ssl_verify = yes pop3c_user = %u postmaster_address = protocols = imap sieve quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s replication_full_sync_interval = 1 days replication_max_conns = 10 replicator_host = replicator replicator_port = 0 sendmail_path = /usr/sbin/sendmail service aggregator { chroot = . client_limit = 0 drop_priv_before_exec = no executable = aggregator extra_groups = fifo_listener replication-notify-fifo { group = mode = 0600 user = } group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replication-notify { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil-auth-penalty { group = mode = 0600 user = } unix_listener anvil { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service auth-worker { chroot = client_limit = 4096 drop_priv_before_exec = no executable = auth -w extra_groups = group = idle_kill = 0 privileged_group = process_limit = 2048 process_min_avail = 10 protocol = service_count = 0 type = unix_listener auth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 1 G } service auth { chroot = client_limit = 10240 drop_priv_before_exec = no executable = auth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = unix_listener auth-client { group = mail mode = 0660 user = mail } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mail mode = 0664 user = mail } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = } unix_listener token-login/tokenlogin { group = mode = 0666 user = } user = dovecot vsz_limit = 1 G } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service dict { chroot = client_limit = 1 drop_priv_before_exec = no executable = dict extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = dovecot mode = 0666 user = mail } user = $default_internal_user vsz_limit = 18446744073709551615 B } service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { chroot = login client_limit = 4096 drop_priv_before_exec = no executable = imap-login extra_groups = group = idle_kill = 0 inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 2048 process_min_avail = 10 protocol = imap service_count = 0 type = login user = dovecot vsz_limit = 1 G } service imap-urlauth-login { chroot = token-login client_limit = 0 drop_priv_before_exec = no executable = imap-urlauth-login extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login unix_listener imap-urlauth { group = mode = 0666 user = } user = $default_login_user vsz_limit = 18446744073709551615 B } service imap-urlauth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener imap-urlauth-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service imap-urlauth { chroot = client_limit = 1 drop_priv_before_exec = no executable = imap-urlauth extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener token-login/imap-urlauth { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service imap { chroot = client_limit = 4096 drop_priv_before_exec = no executable = imap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 2048 process_min_avail = 10 protocol = imap service_count = 0 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 1 G } service indexer-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = indexer-worker extra_groups = group = idle_kill = 0 privileged_group = process_limit = 10 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer-worker { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service indexer { chroot = client_limit = 0 drop_priv_before_exec = no executable = indexer extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener indexer { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service ipc { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = ipc extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener ipc { group = mode = 0600 user = } unix_listener login/ipc-proxy { group = mode = 0600 user = $default_login_user } user = $default_internal_user vsz_limit = 18446744073709551615 B } service lmtp { chroot = client_limit = 1 drop_priv_before_exec = no executable = lmtp extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log unix_listener log-errors { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service managesieve-login { chroot = login client_limit = 4096 drop_priv_before_exec = no executable = /usr/lib/dovecot/managesieve-login extra_groups = group = idle_kill = 0 inet_listener sieve { address = port = 4190 ssl = no } privileged_group = process_limit = 2048 process_min_avail = 10 protocol = sieve service_count = 0 type = login user = dovecot vsz_limit = 1 G } service managesieve { chroot = client_limit = 4096 drop_priv_before_exec = no executable = /usr/lib/dovecot/managesieve extra_groups = group = idle_kill = 0 privileged_group = process_limit = 2048 process_min_avail = 10 protocol = sieve service_count = 0 type = unix_listener login/sieve { group = mode = 0666 user = } user = vsz_limit = 1 G } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = idle_kill = 0 inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service pop3 { chroot = client_limit = 1 drop_priv_before_exec = no executable = pop3 extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service replicator { chroot = client_limit = 0 drop_priv_before_exec = no executable = replicator extra_groups = group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener replicator-doveadm { group = mode = 00 user = $default_internal_user } unix_listener replicator { group = mode = 0600 user = $default_internal_user } user = vsz_limit = 18446744073709551615 B } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = startup unix_listener login/ssl-params { group = mode = 0666 user = } unix_listener ssl-params { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service submission-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = submission-login extra_groups = group = idle_kill = 0 inet_listener submission { address = port = 587 ssl = no } privileged_group = process_limit = 0 process_min_avail = 0 protocol = submission service_count = 1 type = login user = $default_login_user vsz_limit = 18446744073709551615 B } service submission { chroot = client_limit = 1 drop_priv_before_exec = no executable = submission extra_groups = group = idle_kill = 0 privileged_group = process_limit = 1024 process_min_avail = 0 protocol = submission service_count = 1 type = unix_listener login/submission { group = mode = 0666 user = } user = vsz_limit = 18446744073709551615 B } service tcpwrap { chroot = client_limit = 1 drop_priv_before_exec = no executable = tcpwrap extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 18446744073709551615 B } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = References: <20130627115159.M11417@madalbal.hu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 27 Jun 2013, Laszlo Kiraly wrote: > info at domain.com <- public, readable by user2 > user1 at domain.com <- private > user2 at domain.com <- private > > The mailboxes are virtual, authentication through pam (kerberos). > The public mailbox doesn't have valid kerberos account. > > I couldn't find solution in the documentation, how can I manage the email > delivery to the public namespace? > > There is a -m option in the lda delivery where you can give namespace prefix. > Maybe it's good for this, but I couldn't find any information how can I do > this with lmtp? If you set: lmtp_save_to_detail_mailbox = yes recipient_delimiter = # you could alias info at domain.com to #Public.Mailbox.Folder at domain.com . 1st option tells LMTP to use the detail (subaddress) as default mailbox, which is essentially the same as the -m option of the LDA. 2nd options sets the delimiter of user and detail. must habe write permission to the folder. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdLHeV3r2wJMiz2NAQJp/Qf+JG6RYpMbgP9K+POoaP4mFHPNr2NXcLlK RhO7GtOimZpyQZPeofStxJQwY4clRdKpKsmpMlhb1muXyvoHkB6Tn5TDO18Anqlq /Yp8li53rsx4hVptqI84tiZrPiPX52U7FJmM/j95a+gFelTOgOPFwNoTaIIMAQau qn1rVa4BYIhMUQTP4WJDnj+gs8Fd1LapajBcVR0yaMGkWKRLKjsOrgFzDaxQqpxk 8erJnGV68p+wEl0jnWEF2+U8XubvhqHJTbkrcBC7DsqONBzlXC7mc+xyycb+0okD 54dHI6YcSLvzDEI3uaOqoBxad4e2fvziEgYJ7Ph78aH80psAWNmu3A== =rJPs -----END PGP SIGNATURE----- From l.kiraly at madalbal.hu Tue Jul 2 16:23:10 2013 From: l.kiraly at madalbal.hu (Laszlo Kiraly) Date: Tue, 2 Jul 2013 15:23:10 +0200 Subject: [Dovecot] namespace delivery question In-Reply-To: References: <20130627115159.M11417@madalbal.hu> Message-ID: <20130702131728.M91368@madalbal.hu> > > There is a -m option in the lda delivery where you can give namespace prefix. > > Maybe it's good for this, but I couldn't find any information how can I do > > this with lmtp? > > If you set: > > lmtp_save_to_detail_mailbox = yes > recipient_delimiter = # > > you could alias info at domain.com to What kind of alias do you think? At smtp time, like in the /etc/aliases? Eventually, i can configure exim to accept the "#" and "/" chars in the email address. > #Public.Mailbox.Folder at domain.com . 1st option tells LMTP to > use the detail (subaddress) as default mailbox, which is essentially > the same as the -m option of the LDA. 2nd options sets the delimiter > of user and detail. must habe write permission to the folder. > > Regards, > > - -- > Steffen Kaiser Best regards: Kir?ly L?szl? From skdovecot at smail.inf.fh-brs.de Tue Jul 2 16:45:27 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 2 Jul 2013 15:45:27 +0200 (CEST) Subject: [Dovecot] namespace delivery question In-Reply-To: <20130702131728.M91368@madalbal.hu> References: <20130627115159.M11417@madalbal.hu> <20130702131728.M91368@madalbal.hu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Jul 2013, Laszlo Kiraly wrote: >>> There is a -m option in the lda delivery where you can give namespace > prefix. >>> Maybe it's good for this, but I couldn't find any information how can I do >>> this with lmtp? >> >> If you set: >> >> lmtp_save_to_detail_mailbox = yes >> recipient_delimiter = # >> >> you could alias info at domain.com to > > What kind of alias do you think? At smtp time, like in the /etc/aliases? > Eventually, i can configure exim to accept the "#" and "/" chars in the email > address. Yes, SMTP time aliases - exim aliases for a local address. I do this often. Actually, exim might use '+' or '-' as delimiter already, I'm not sure. No need to use # exactly. >> #Public.Mailbox.Folder at domain.com . 1st option tells LMTP to >> use the detail (subaddress) as default mailbox, which is essentially >> the same as the -m option of the LDA. 2nd options sets the delimiter >> of user and detail. must habe write permission to the folder. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdLZd13r2wJMiz2NAQIICAf7BsJ2o8uUutSFCxk5gftAfRbFBWbnLrEz i4/NVueVZLl1AyOZ5GujLDmPhvPPNS8mL9+wMs1qKT1rrJz7q5BatDCj/LMp0YVr 8d/HM6g/8U4pwjZxq54S15fs0nZDR+XmPg+q4RcB8lAU+ns36rXEDb6EZ7M2b/RM vdNqJYWs9kVZe9WkUKrWv/scZh04dI3iutgdCkc+iMcJsSJw4TWM61RgolzN2+wd iowUbc6X9HTNnDWziaPt78HMLNVh70BOE8uMiJtcPytxpCmMWZo48lds79i3CKdc SLFI3oXH5P0hkHbUymCVNhI3aSJQwlu514VlVEVp9lTleH//f5C5JQ== =9ZIT -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Tue Jul 2 16:48:10 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 2 Jul 2013 15:48:10 +0200 (CEST) Subject: [Dovecot] flat file in tmpfs for dict quota In-Reply-To: <51CC6BD6.7030308@pacific.net> References: <51CC6BD6.7030308@pacific.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 27 Jun 2013, Ken A wrote: > I'm using dict quota like so: > > quota = dict:User quota::file:/[path]/quotas/%u > > [path]/quotas/ is a tmpfs. > > The idea is to do less work on disk. Other than forcing dovecot to > rebuild quotas on a reboot, are there any downsides? I would say no, but to recalc the quota file might be more difficult that you think, make sure no logins or deliveries or automatic scripts change the content of the mail storage. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdLaGl3r2wJMiz2NAQI43QgApVYnrUwp7bUNlPPvYIKhl+3H/5PcZHBX hLysrAEKN96Zx7kMFwmpNvfk0UIiAN9ON1n8F9OjJNTpmgsp8+VkDgn7BaKFHsWT BfJBYbxsiDwRk8tl3UJY/sdA/sReyZZpOttPJB+Rk37warF/W40BSzyS/+gWosJW /T9ptJwZixVQTLd0jQnjlZhC83ssRHiEBer49dXKmfdxQA3U8cTaRObHbd/eJV25 0blwBIlW8ueuGqwNEk6e/ja2nT1wvZwkzTvxAwnSLquj2DYwkNLd6DvfXXXoE1FN LBVMYHvJ3Yk2AkONytTpjbP+JyjSwWnyeI+NfTDmlQYp44XQ1+DkBw== =3ubQ -----END PGP SIGNATURE----- From micha at krausam.de Tue Jul 2 17:14:19 2013 From: micha at krausam.de (Micha Krause) Date: Tue, 02 Jul 2013 16:14:19 +0200 Subject: [Dovecot] lmtp: Disable Delivered-To header Message-ID: <51D2E03B.2030902@krausam.de> Hi, using LMTP, is it possible to disable the addition of the Delivered-To header to messages? Micha Krause From user+dovecot at localhost.localdomain.org Tue Jul 2 21:35:09 2013 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Tue, 02 Jul 2013 20:35:09 +0200 Subject: [Dovecot] lmtp: Disable Delivered-To header In-Reply-To: <51D2E03B.2030902@krausam.de> References: <51D2E03B.2030902@krausam.de> Message-ID: <51D31D5D.6040901@localhost.localdomain.org> On 07/02/2013 04:14 PM Micha Krause wrote: > Hi, > > using LMTP, is it possible to disable the addition of the Delivered-To > header to messages? Maybe by reverting parts of this changeset: http://hg.dovecot.org/dovecot-2.2/rev/61c3124bba93 There is no configuration setting to accomplish that. Regards, Pascal -- The trapper recommends today: c01dcofe.1318223 at localdomain.org From alandaluz at gmail.com Wed Jul 3 03:20:12 2013 From: alandaluz at gmail.com (Cassidy Larson) Date: Tue, 2 Jul 2013 18:20:12 -0600 Subject: [Dovecot] LMTP Proxy Message-ID: Trying to figure out Proxying with LMTP to a few back end storage servers for quota checking before accepting email delivery on the front end nodes. If I connect to the back end server directly via telnet, everything works great. If I use a front-end server to proxy to the back end server, I don't get the same result. Running 2.2.4 on both front and back end servers. Any help would be appreciated. ------ backend dovecot.log: dovecot: lmtp(72274): Error: userdb lookup(user at host*masteruser): Disconnected unexpectedly dovecot: auth: Fatal: master: service(auth): child 72272 killed with signal 11 (core not dumped) ------ front end dovecot.log: dovecot: lmtp(7495): Debug: auth input: user=user at host.comnopassword= host= destuser= user at host.com*masteruser nologin=Y nodelay=Y proxy=Y pass= port=2525 ------ front end dovecot.conf: lmtp_proxy = yes protocols = lmtp protocol lmtp { postmaster_address = postmaster at mydomain.com mail_plugins = quota passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf driver = sql } } service lmtp { client_limit = 5 executable = lmtp idle_kill = 0 process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 inet_listener lmtp { address = port = 2525 } } ------ backend dovecot.conf: auth_master_user_separator = * lmtp_rcpt_check_quota = yes passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf driver = sql master = yes } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf driver = sql } service lmtp { client_limit = 5 executable = lmtp -L idle_kill = 0 process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 inet_listener lmtp { address = port = 2525 } } protocol lmtp { info_log_path = /var/log/dovecot-lmtp.log postmaster_address = postmaster at infowest.com mail_plugins = quota } From h.reindl at thelounge.net Wed Jul 3 03:27:06 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 03 Jul 2013 02:27:06 +0200 Subject: [Dovecot] LMTP Proxy In-Reply-To: References: Message-ID: <51D36FDA.4050901@thelounge.net> Am 03.07.2013 02:20, schrieb Cassidy Larson: > Trying to figure out Proxying with LMTP to a few back end storage servers > for quota checking before accepting email delivery on the front end nodes how does LMTP proxy help here? you need a policyd at the MTA which rejects the message directly from the client by knowing about quota of the target because after the MTA has accepted it *always* results in a bounce and incoming mailflow is hardly via LMTP google: "dovceot quota policyd postfix" http://www.dovecot.org/list/dovecot/2009-June/040400.html -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From john.ml at erba.tv Wed Jul 3 04:10:22 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 03:10:22 +0200 Subject: [Dovecot] dovecot corrupted transaction log In-Reply-To: <51B96BB0.7010409@erba.tv> References: <51B6547A.7050504@erba.tv> <1371090685.24006.14.camel@innu.dovecot.net> <51B96BB0.7010409@erba.tv> Message-ID: <51D379FE.1000900@erba.tv> On 13/06/13 08:50, John Fawcett wrote: > On 13/06/13 04:31, Timo Sirainen wrote: >> On Tue, 2013-06-11 at 00:34 +0200, John Fawcett wrote: >>> Hi I came across this error which happend immedately after a mail >>> delivery to the inbox. Should I look for the problem externally to >>> dovecot (ie. file system, operating system) or within dovecot? I never >>> saw this error before installing 2.2.1, with 2.2.2 I seemed to get even >>> more of them so currently back on 2.2.1 >>> >>> Jun 11 00:00:05 rosalia dovecot: imap(myemail at mydomain): Error: >>> Corrupted transaction log file >>> /var/vmail/mydomain/myemail at mydomain/dovecot.index.log seq 311: file >>> size shrank (1184 < 1304) (sync_offset=1304) >> Are you using NFS or some other cluster filesystem with multiple >> servers? If yes, see http://wiki2.dovecot.org/NFS. If not, show doveconf >> -n and describe the setup more. >> >> > TImo > > thanks for your response. There is no NFS involved. The file system > seems to be reiserfs (as reported by df -T) thogh I wonder why > fsck reports it would use fsck.ext2 (which I did not run). > > It is a single server vpn container hosting a few sites and > low volume mail service. The operating system is centos 6.4 > > The setup is with postfix, amavisd and dovecot using sieve. Dovecot and > sieve are built from source > > Clients are roundcube and usual mail clients mainly thunderbird. > > I cannot link the errors to anything specific, except that they started > happening 5 minutes after upgrade to 2.2.1 from 2.1.5. The error happens on > multiple mailboxes. I never saw the error prior to that, looking at logs > back to > version 2.1.7. > > Below is the dovecot -n output > > Thanks > John > > dovecot -n > # 2.2.1: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-028stab092.1 x86_64 CentOS release 6.4 (Final) > auth_mechanisms = plain login > dict { > expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext > quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext > } > first_valid_uid = 200 > listen = 80.237.194.64 > mail_plugins = quota expire > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > expire = Trash > expire2 = Trash/* > expire3 = Spam > expire4 = Postmaster > expire_dict = proxy::expire > fts = squat > fts_squat = partial=4 full=10 > quota = dict:User quota::proxy::quota > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+100M > sieve = ~/sieve/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 lmtp sieve > service auth-worker { > user = $default_internal_user > } > service auth { > unix_listener auth-userdb { > group = mail > mode = 0660 > } > } > service dict { > unix_listener dict { > group = mail > mode = 0660 > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0660 > user = postfix > } > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = quota expire sieve > } > protocol lda { > mail_plugins = quota expire sieve > } > protocol imap { > mail_plugins = quota expire imap_quota fts fts_squat > } > > The log corruptions are continuing, I now have 2.2.4 installed. They always seem to happen in proximty to a mail delivery. Is there anything that anyone can suggest for how to get a step closer to diagnoising the cause? Is there some debugging I can put on that would be useful? Thanks John From tss at iki.fi Wed Jul 3 04:19:12 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Jul 2013 04:19:12 +0300 Subject: [Dovecot] dovecot corrupted transaction log In-Reply-To: <51D379FE.1000900@erba.tv> References: <51B6547A.7050504@erba.tv> <1371090685.24006.14.camel@innu.dovecot.net> <51B96BB0.7010409@erba.tv> <51D379FE.1000900@erba.tv> Message-ID: On 3.7.2013, at 4.10, John Fawcett wrote: >>>> Jun 11 00:00:05 rosalia dovecot: imap(myemail at mydomain): Error: >>>> Corrupted transaction log file >>>> /var/vmail/mydomain/myemail at mydomain/dovecot.index.log seq 311: file >>>> size shrank (1184 < 1304) (sync_offset=1304) >>> Are you using NFS or some other cluster filesystem with multiple >>> servers? If yes, see http://wiki2.dovecot.org/NFS. If not, show doveconf >>> -n and describe the setup more. >> thanks for your response. There is no NFS involved. The file system >> seems to be reiserfs (as reported by df -T) thogh I wonder why >> fsck reports it would use fsck.ext2 (which I did not run). > The log corruptions are continuing, I now have 2.2.4 installed. They always > seem to happen in proximty to a mail delivery. > > Is there anything that anyone can suggest for how to get > a step closer to diagnoising the cause? Is there some debugging I can > put on that would be useful? If this problem is happening only because of reiserfs (and it kind of seems that way), I don't think there's anything that can be done except to move away from it. It's been a long time since I've heard of any problems related to Dovecot's handling of index files that didn't involve some non-POSIX filesystem, so I'm kind of thinking the problem has more to do with reiserfs than Dovecot. You could of course keep the maildirs in reiserfs and just move Dovecot's index files to tmpfs. That would work well as long as you didn't have to reboot (after reboot your performance would be more or less bad for a while). From tss at iki.fi Wed Jul 3 04:20:14 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Jul 2013 04:20:14 +0300 Subject: [Dovecot] lmtp: Disable Delivered-To header In-Reply-To: <51D2E03B.2030902@krausam.de> References: <51D2E03B.2030902@krausam.de> Message-ID: <42483575-0DA0-4DF1-A153-AC7C81F24BBB@iki.fi> On 2.7.2013, at 17.14, Micha Krause wrote: > using LMTP, is it possible to disable the addition of the Delivered-To > header to messages? No. But why? From john.ml at erba.tv Wed Jul 3 04:21:49 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 03:21:49 +0200 Subject: [Dovecot] dnsbl feature for dovecot Message-ID: <51D37CAD.2090601@erba.tv> dnsbl's are a popular method to prevent listed ips from making connections to mta software. cf. postscreen_dnsbl_sites in postfix Would it be possible to introduce such a feature in dovecot, so that connections can be denied based on a dnsbl lookup (where the precise dnsbls used are configurable)? John From tss at iki.fi Wed Jul 3 04:25:00 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Jul 2013 04:25:00 +0300 Subject: [Dovecot] LMTP Proxy In-Reply-To: References: Message-ID: <97E8EBF5-FAE6-49FF-9A74-05A42B602311@iki.fi> On 3.7.2013, at 3.20, Cassidy Larson wrote: > dovecot: auth: Fatal: master: service(auth): child 72272 killed with signal > 11 (core not dumped) A crash is always a bug. It would be nice to be able to fix it. A gdb backtrace would be the easiest way to fix it. One possibility would be to a get a core dump, which could be kind of annoyingly difficult since it didn't already happen. One hopefully easier way would be to: 1. telnet localhost 143 2. In another terminal run: ps aux | grep dovecot/auth; gdb -p cont bt full From tss at iki.fi Wed Jul 3 04:27:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Jul 2013 04:27:23 +0300 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D37CAD.2090601@erba.tv> References: <51D37CAD.2090601@erba.tv> Message-ID: On 3.7.2013, at 4.21, John Fawcett wrote: > dnsbl's are a popular method to prevent listed ips from making > connections to mta software. > > cf. postscreen_dnsbl_sites in postfix > > Would it be possible to introduce such a feature in dovecot, so that > connections can be denied > based on a dnsbl lookup (where the precise dnsbls used are configurable)? You're talking about IMAP/POP3 connections? Possible, yeah .. possibly even without code changes by using tcpwrappers. From professa at dementianati.com Wed Jul 3 04:32:44 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 02 Jul 2013 18:32:44 -0700 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D37CAD.2090601@erba.tv> References: <51D37CAD.2090601@erba.tv> Message-ID: <51D37F3C.4090407@dementianati.com> On 7/2/2013 6:21 PM, John Fawcett wrote: > dnsbl's are a popular method to prevent listed ips from making > connections to mta software. > > cf. postscreen_dnsbl_sites in postfix > > Would it be possible to introduce such a feature in dovecot, so that > connections can be denied > based on a dnsbl lookup (where the precise dnsbls used are configurable)? > > John > Let's back up a bit. This does not seem like a feature that Dovecot needs. Rather, what problem are you trying to solve? Maybe there is an existing or better way to accomplish it. Dem From alandaluz at gmail.com Wed Jul 3 04:50:14 2013 From: alandaluz at gmail.com (Cassidy Larson) Date: Tue, 2 Jul 2013 19:50:14 -0600 Subject: [Dovecot] LMTP Proxy In-Reply-To: <97E8EBF5-FAE6-49FF-9A74-05A42B602311@iki.fi> References: <97E8EBF5-FAE6-49FF-9A74-05A42B602311@iki.fi> Message-ID: Timo, Does this give you what you need? #0 0x00000000131bbdd4 in strcmp () from /lib/libc.so.7 No symbol table info available. #1 0x000000000040d0af in auth_find_service () No symbol table info available. #2 0x0000000000413b38 in auth_request_set_login_username () No symbol table info available. #3 0x0000000000413c72 in auth_request_set_username () No symbol table info available. #4 0x000000000040eedf in ?? () No symbol table info available. #5 0x000000000040f855 in ?? () No symbol table info available. #6 0x00000000108c7a16 in io_loop_call_io () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #7 0x00000000108c89d6 in io_loop_handler_run () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #8 0x00000000108c79bd in io_loop_run () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #9 0x000000001087e443 in master_service_run () from /usr/local/lib/dovecot/libdovecot.so.0 No symbol table info available. #10 0x000000000041bb90 in main () No symbol table info available. On Tue, Jul 2, 2013 at 7:25 PM, Timo Sirainen wrote: > On 3.7.2013, at 3.20, Cassidy Larson wrote: > > > dovecot: auth: Fatal: master: service(auth): child 72272 killed with > signal > > 11 (core not dumped) > > A crash is always a bug. It would be nice to be able to fix it. A gdb > backtrace would be the easiest way to fix it. One possibility would be to a > get a core dump, which could be kind of annoyingly difficult since it > didn't already happen. One hopefully easier way would be to: > > 1. telnet localhost 143 > 2. In another terminal run: ps aux | grep dovecot/auth; gdb -p that auth process> > cont > > bt full > > From stan at hardwarefreak.com Wed Jul 3 05:11:24 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 02 Jul 2013 21:11:24 -0500 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D37F3C.4090407@dementianati.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> Message-ID: <51D3884C.2070007@hardwarefreak.com> On 7/2/2013 8:32 PM, Professa Dementia wrote: > On 7/2/2013 6:21 PM, John Fawcett wrote: >> dnsbl's are a popular method to prevent listed ips from making >> connections to mta software. >> >> cf. postscreen_dnsbl_sites in postfix >> >> Would it be possible to introduce such a feature in dovecot, so that >> connections can be denied >> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >> >> John >> > > Let's back up a bit. This does not seem like a feature that Dovecot needs. > > Rather, what problem are you trying to solve? Maybe there is an > existing or better way to accomplish it. Based on John's recent thread on postfix-users on the same general subject, I'd guess he's trying to stop rouge/malicious connections. -- Stan From professa at dementianati.com Wed Jul 3 06:24:33 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 02 Jul 2013 20:24:33 -0700 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3884C.2070007@hardwarefreak.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> Message-ID: <51D39971.20903@dementianati.com> On 7/2/2013 7:11 PM, Stan Hoeppner wrote: > On 7/2/2013 8:32 PM, Professa Dementia wrote: >> On 7/2/2013 6:21 PM, John Fawcett wrote: >>> dnsbl's are a popular method to prevent listed ips from making >>> connections to mta software. >>> >>> cf. postscreen_dnsbl_sites in postfix >>> >>> Would it be possible to introduce such a feature in dovecot, so that >>> connections can be denied >>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>> >>> John >>> >> >> Let's back up a bit. This does not seem like a feature that Dovecot needs. >> >> Rather, what problem are you trying to solve? Maybe there is an >> existing or better way to accomplish it. > > Based on John's recent thread on postfix-users on the same general > subject, I'd guess he's trying to stop rouge/malicious connections. > That's my point. A self run IP blackhole list is almost useless. Distributed RBLs are much more effective. However, existing ones are based on spam sources, not malicious connections to POP or IMAP servers. Knowing the problem would be beneficial in determining a good solution. For certain types of connection abuse, Fail2Ban works remarkably well. But, without knowing his exact problem, it may not be the correct solution. Dem From rs at sys4.de Wed Jul 3 10:26:12 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 03 Jul 2013 09:26:12 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3884C.2070007@hardwarefreak.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> Message-ID: <51D3D214.7020704@sys4.de> Am 03.07.2013 04:11, schrieb Stan Hoeppner: > On 7/2/2013 8:32 PM, Professa Dementia wrote: >> On 7/2/2013 6:21 PM, John Fawcett wrote: >>> dnsbl's are a popular method to prevent listed ips from making >>> connections to mta software. >>> >>> cf. postscreen_dnsbl_sites in postfix >>> >>> Would it be possible to introduce such a feature in dovecot, so that >>> connections can be denied >>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>> >>> John >>> >> >> Let's back up a bit. This does not seem like a feature that Dovecot needs. >> >> Rather, what problem are you trying to solve? Maybe there is an >> existing or better way to accomplish it. > > Based on John's recent thread on postfix-users on the same general > subject, I'd guess he's trying to stop rouge/malicious connections. > so perhaps fail2ban might help, or construct something out of syslog and iptables recent, or use dovecot deny etc http://wiki2.dovecot.org/HowTo/Fail2Ban http://wiki2.dovecot.org/Authentication/RestrictAccess http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets only german, but code should understandable anyway for new coding ideas http://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ usually fail2ban is enough for brute force pop3/imap, but blocking ips is a problem ever with nat clients Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From john.ml at erba.tv Wed Jul 3 10:35:47 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 09:35:47 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D39971.20903@dementianati.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D39971.20903@dementianati.com> Message-ID: <51D3D453.8000005@erba.tv> On 03/07/13 05:24, Professa Dementia wrote: > On 7/2/2013 7:11 PM, Stan Hoeppner wrote: >> On 7/2/2013 8:32 PM, Professa Dementia wrote: >>> On 7/2/2013 6:21 PM, John Fawcett wrote: >>>> dnsbl's are a popular method to prevent listed ips from making >>>> connections to mta software. >>>> >>>> cf. postscreen_dnsbl_sites in postfix >>>> >>>> Would it be possible to introduce such a feature in dovecot, so that >>>> connections can be denied >>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>>> >>>> John >>>> >>> Let's back up a bit. This does not seem like a feature that Dovecot needs. >>> >>> Rather, what problem are you trying to solve? Maybe there is an >>> existing or better way to accomplish it. >> Based on John's recent thread on postfix-users on the same general >> subject, I'd guess he's trying to stop rouge/malicious connections. >> > That's my point. A self run IP blackhole list is almost useless. > Distributed RBLs are much more effective. However, existing ones are > based on spam sources, not malicious connections to POP or IMAP servers. > > Knowing the problem would be beneficial in determining a good solution. > For certain types of connection abuse, Fail2Ban works remarkably well. > But, without knowing his exact problem, it may not be the correct solution. > > Dem The point is to stop spambot connections to pop and imap (which are usually done to try and steal credentials). I already use fail2ban to stop brute force attacks but that means that each one has to be allowed to connect a specified number of times and trigger the filter. I was imagining a distributed solution which is already in use in many mtas applied also to imap and pop so that connections could be stopped from the first one. I am assuming that if there is such a feature then data is available (e.g. sorbs) or if not yet being collected that it could be done. John From rs at sys4.de Wed Jul 3 10:37:14 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 03 Jul 2013 09:37:14 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D39971.20903@dementianati.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D39971.20903@dementianati.com> Message-ID: <51D3D4AA.5060100@sys4.de> Am 03.07.2013 05:24, schrieb Professa Dementia: > On 7/2/2013 7:11 PM, Stan Hoeppner wrote: >> On 7/2/2013 8:32 PM, Professa Dementia wrote: >>> On 7/2/2013 6:21 PM, John Fawcett wrote: >>>> dnsbl's are a popular method to prevent listed ips from making >>>> connections to mta software. >>>> >>>> cf. postscreen_dnsbl_sites in postfix >>>> >>>> Would it be possible to introduce such a feature in dovecot, so that >>>> connections can be denied >>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>>> >>>> John >>>> >>> >>> Let's back up a bit. This does not seem like a feature that Dovecot needs. >>> >>> Rather, what problem are you trying to solve? Maybe there is an >>> existing or better way to accomplish it. >> >> Based on John's recent thread on postfix-users on the same general >> subject, I'd guess he's trying to stop rouge/malicious connections. >> > > That's my point. A self run IP blackhole list is almost useless. > Distributed RBLs are much more effective. However, existing ones are > based on spam sources, not malicious connections to POP or IMAP servers. > > Knowing the problem would be beneficial in determining a good solution. > For certain types of connection abuse, Fail2Ban works remarkably well. > But, without knowing his exact problem, it may not be the correct solution. > > Dem > i think an auto dynamic user/ip based con limit might be best , but i guess it will be difficult to implement, for this you need some log analyser counting wrong auth user/ip pairs, invoking some action on the fly , like throttle user from ip, and auto high user/ip login throttle by adjustable time periods , also there must be some whitelist possible Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From john.ml at erba.tv Wed Jul 3 10:38:59 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 09:38:59 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3D214.7020704@sys4.de> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D3D214.7020704@sys4.de> Message-ID: <51D3D513.3030401@erba.tv> On 03/07/13 09:26, Robert Schetterer wrote: > Am 03.07.2013 04:11, schrieb Stan Hoeppner: >> On 7/2/2013 8:32 PM, Professa Dementia wrote: >>> On 7/2/2013 6:21 PM, John Fawcett wrote: >>>> dnsbl's are a popular method to prevent listed ips from making >>>> connections to mta software. >>>> >>>> cf. postscreen_dnsbl_sites in postfix >>>> >>>> Would it be possible to introduce such a feature in dovecot, so that >>>> connections can be denied >>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>>> >>>> John >>>> >>> Let's back up a bit. This does not seem like a feature that Dovecot needs. >>> >>> Rather, what problem are you trying to solve? Maybe there is an >>> existing or better way to accomplish it. >> Based on John's recent thread on postfix-users on the same general >> subject, I'd guess he's trying to stop rouge/malicious connections. >> > so perhaps fail2ban might help, or construct something out of syslog and > iptables recent, or use dovecot deny etc > > http://wiki2.dovecot.org/HowTo/Fail2Ban > http://wiki2.dovecot.org/Authentication/RestrictAccess > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets > > only german, but code should understandable anyway for new coding ideas > > http://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ > > usually fail2ban is enough for brute force pop3/imap, but blocking ips > is a problem ever with nat clients > > > Best Regards > MfG Robert Schetterer > Thanks Robert, I saw that article and implemented that in fail2ban to stop repeated hammering attempts on the server from the same clients already rejected by dnsbl in postfix. I was thinking of extending the mechanism to imap/pop. John From john.ml at erba.tv Wed Jul 3 10:40:04 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 09:40:04 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: References: <51D37CAD.2090601@erba.tv> Message-ID: <51D3D554.9010302@erba.tv> On 03/07/13 03:27, Timo Sirainen wrote: > On 3.7.2013, at 4.21, John Fawcett wrote: > >> dnsbl's are a popular method to prevent listed ips from making >> connections to mta software. >> >> cf. postscreen_dnsbl_sites in postfix >> >> Would it be possible to introduce such a feature in dovecot, so that >> connections can be denied >> based on a dnsbl lookup (where the precise dnsbls used are configurable)? > You're talking about IMAP/POP3 connections? > > Possible, yeah .. possibly even without code changes by using tcpwrappers. > TImo, thanks for the reply. I will look into that suggestion. John From pvsuja at gmail.com Wed Jul 3 11:32:12 2013 From: pvsuja at gmail.com (pvsuja) Date: Wed, 3 Jul 2013 01:32:12 -0700 (PDT) Subject: [Dovecot] Who all accessed my dovecot server? Message-ID: <1372840331973-43102.post@n4.nabble.com> Hi, I have set up a mail server with dovecot as IMAP/POP3 server, postfix as MTA and roundcube as web mail client. Other mail clients such as Thunderbird is also being used for mail access. Now as a security policy in our organization, I want to know the IP addresses of the machines from which my mail server was accessed. Is there any monitoring tools to get these details? Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/Who-all-accessed-my-dovecot-server-tp43102.html Sent from the Dovecot mailing list archive at Nabble.com. From micha at krausam.de Wed Jul 3 11:43:07 2013 From: micha at krausam.de (Micha Krause) Date: Wed, 03 Jul 2013 10:43:07 +0200 Subject: [Dovecot] lmtp: Disable Delivered-To header In-Reply-To: <42483575-0DA0-4DF1-A153-AC7C81F24BBB@iki.fi> References: <51D2E03B.2030902@krausam.de> <42483575-0DA0-4DF1-A153-AC7C81F24BBB@iki.fi> Message-ID: <51D3E41B.3090705@krausam.de> Hi, >> using LMTP, is it possible to disable the addition of the >> Delivered-To header to messages? > > No. But why? Stupid customer, I migrated his Mailbox from Cyrus to Dovecot, and now this Delivered-To: Header is somehow shown as To: in his Client. I tried to Explain it to him, but he demands that I take out this Header, because he doesn't want it, and it breaks his e-mail. :-/ Customer is a Lawyer, so reasoning with him is probably a waste of time. Micha Krause From rs at sys4.de Wed Jul 3 11:43:12 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 03 Jul 2013 10:43:12 +0200 Subject: [Dovecot] Who all accessed my dovecot server? In-Reply-To: <1372840331973-43102.post@n4.nabble.com> References: <1372840331973-43102.post@n4.nabble.com> Message-ID: <51D3E420.9020009@sys4.de> Am 03.07.2013 10:32, schrieb pvsuja: > > Hi, > > I have set up a mail server with dovecot as IMAP/POP3 server, postfix as MTA > and roundcube as web mail client. > Other mail clients such as Thunderbird is also being used for mail access. > > Now as a security policy in our organization, I want to know the IP > addresses of the machines from which my mail server was accessed. > > Is there any monitoring tools to get these details? > > Regards, > > Suja > > > > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Who-all-accessed-my-dovecot-server-tp43102.html > Sent from the Dovecot mailing list archive at Nabble.com. > logwatch gives you detailed report about ips pop3/imap also counts users/ip logins pop3/imap and shows delivers to imap folders, use it i.e daily with logrotate you might have to adjust dovecot logging level and use some logwatch ignores http://sourceforge.net/projects/logwatch/files/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From raabe at froglogic.com Wed Jul 3 11:53:56 2013 From: raabe at froglogic.com (Frerich Raabe) Date: Wed, 03 Jul 2013 10:53:56 +0200 Subject: [Dovecot] Who all accessed my dovecot server? In-Reply-To: <1372840331973-43102.post@n4.nabble.com> References: <1372840331973-43102.post@n4.nabble.com> Message-ID: <51D3E6A4.3060007@froglogic.com> Am 7/3/2013 10:32 AM, schrieb pvsuja: > I have set up a mail server with dovecot as IMAP/POP3 server, postfix as MTA > and roundcube as web mail client. > Other mail clients such as Thunderbird is also being used for mail access. > > Now as a security policy in our organization, I want to know the IP > addresses of the machines from which my mail server was accessed. > > Is there any monitoring tools to get these details? A cron job doing grep "imap-login: Login:" /var/log/maillog might do the job already. The 'rip=' part of the matches tells you the remote IP. Instead of /var/log/maillog you might have to check another file (it depends on your Dovecot setup). -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From branko at majic.rs Wed Jul 3 12:01:01 2013 From: branko at majic.rs (Branko Majic) Date: Wed, 3 Jul 2013 11:01:01 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3D4AA.5060100@sys4.de> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D39971.20903@dementianati.com> <51D3D4AA.5060100@sys4.de> Message-ID: <20130703110101.75d7fc84@zetkin.primekey.se> On Wed, 03 Jul 2013 09:37:14 +0200 Robert Schetterer wrote: > Am 03.07.2013 05:24, schrieb Professa Dementia: > > On 7/2/2013 7:11 PM, Stan Hoeppner wrote: > >> On 7/2/2013 8:32 PM, Professa Dementia wrote: > >>> On 7/2/2013 6:21 PM, John Fawcett wrote: > >>>> dnsbl's are a popular method to prevent listed ips from making > >>>> connections to mta software. > >>>> > >>>> cf. postscreen_dnsbl_sites in postfix > >>>> > >>>> Would it be possible to introduce such a feature in dovecot, so that > >>>> connections can be denied > >>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? > >>>> > >>>> John > >>>> > >>> > >>> Let's back up a bit. This does not seem like a feature that Dovecot needs. > >>> > >>> Rather, what problem are you trying to solve? Maybe there is an > >>> existing or better way to accomplish it. > >> > >> Based on John's recent thread on postfix-users on the same general > >> subject, I'd guess he's trying to stop rouge/malicious connections. > >> > > > > That's my point. A self run IP blackhole list is almost useless. > > Distributed RBLs are much more effective. However, existing ones are > > based on spam sources, not malicious connections to POP or IMAP servers. > > > > Knowing the problem would be beneficial in determining a good solution. > > For certain types of connection abuse, Fail2Ban works remarkably well. > > But, without knowing his exact problem, it may not be the correct solution. > > > > Dem > > > > i think an auto dynamic user/ip based con limit might be best , but i > guess it will be difficult to implement, for this you need some log > analyser counting wrong auth user/ip pairs, invoking some action on the > fly , like throttle user from ip, and auto high user/ip login throttle > by adjustable time periods , also there must be some whitelist possible > One possibility for the connection limiting could be using the iptables hashlimit module. Getting the correct values for it might be a bit tricky, but maybe initially you could do logging on a dedicated iptables chain instead of drops to get some sample usage statistics. Then again, you should also be careful with hashlimit if you have large number of users coming from the same IP address (ISPs using NAT etc). Best regards -- Branko Majic Jabber: branko at majic.rs Please use only Free formats when sending attachments to me. ?????? ????? ?????: branko at majic.rs ????? ??? ?? ??????? ?????? ????????? ? ????????? ?????????. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: From rs at sys4.de Wed Jul 3 12:04:21 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 03 Jul 2013 11:04:21 +0200 Subject: [Dovecot] Who all accessed my dovecot server? In-Reply-To: <51D3E6A4.3060007@froglogic.com> References: <1372840331973-43102.post@n4.nabble.com> <51D3E6A4.3060007@froglogic.com> Message-ID: <51D3E915.1000302@sys4.de> Am 03.07.2013 10:53, schrieb Frerich Raabe: > Am 7/3/2013 10:32 AM, schrieb pvsuja: >> I have set up a mail server with dovecot as IMAP/POP3 server, postfix >> as MTA >> and roundcube as web mail client. >> Other mail clients such as Thunderbird is also being used for mail >> access. >> >> Now as a security policy in our organization, I want to know the IP >> addresses of the machines from which my mail server was accessed. >> >> Is there any monitoring tools to get these details? > > A cron job doing > > grep "imap-login: Login:" /var/log/maillog > > might do the job already. The 'rip=' part of the matches tells you the > remote IP. Instead of /var/log/maillog you might have to check another > file (it depends on your Dovecot setup). > graphic realtime logging may also be done out of syslog by using some monitoring solution like nagios , xymon, zabbix etc this might give you ideas, hove to code your own stuff http://sys4.de/de/blog/2013/04/02/monitoring-logfile-entries-logwatch/ http://sys4.de/de/blog/2013/01/10/xymon-dovecot-count-imap-pop3-logins-graph-central-rsyslog-server-ubuntu-lucid/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Wed Jul 3 13:02:34 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 03 Jul 2013 12:02:34 +0200 Subject: [Dovecot] lmtp: Disable Delivered-To header In-Reply-To: <51D3E41B.3090705@krausam.de> References: <51D2E03B.2030902@krausam.de> <42483575-0DA0-4DF1-A153-AC7C81F24BBB@iki.fi> <51D3E41B.3090705@krausam.de> Message-ID: <51D3F6BA.1050802@sys4.de> Am 03.07.2013 10:43, schrieb Micha Krause: > Hi, > >>> using LMTP, is it possible to disable the addition of the >>> Delivered-To header to messages? >> >> No. But why? > > Stupid customer, I migrated his Mailbox from Cyrus to Dovecot, and now > this Delivered-To: Header is somehow shown as To: in his Client. > > I tried to Explain it to him, but he demands that I take out this > Header, because he doesn't want it, and it breaks his e-mail. :-/ > > Customer is a Lawyer, so reasoning with him is probably a waste of time. > > > Micha Krause > looks like he has to live with this, in general, i anounced at my customers that headers may change ever by urgent updates etc,in the past, cause at migration time customers noticed this with fetchmail like software Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From professa at dementianati.com Wed Jul 3 13:47:52 2013 From: professa at dementianati.com (Professa Dementia) Date: Wed, 03 Jul 2013 03:47:52 -0700 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3D453.8000005@erba.tv> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D39971.20903@dementianati.com> <51D3D453.8000005@erba.tv> Message-ID: <51D40158.8030804@dementianati.com> On 7/3/2013 12:35 AM, John Fawcett wrote: > The point is to stop spambot connections to pop and > imap (which are usually done to try and steal > credentials). This is not the usual way spambots work. Generally, spambots scrape addresses from various sources in order to get lists of emails to send spam to. What you seem to be experiencing may be zombie nets trying to brute force credentials so they can then send spam from compromised accounts. This is a different beast with a different solution. Regardless, you have a spcific problem that needs addressing. I ran an ISP for almost two decades and have dealt with these issues myself. My recommendations: 1) Enforce strong user passwords. I use 12 characters minimum. 14 characters or more would be better, but this length starts to make it hard for mere humans to remember. Enforce a rule that the password contains at least 2 or 3 of the following: lower case letter, upper case letter, digit, and symbol which is not one of the prior three. Some systems require the user's password have all four. This actually weakens the password (if you care to know why, I can go into the math in a later post). After enforcing your chosen rules, run the password through cracklib before accepting it from the user. Or even better, what I started doing was having the system generate passwords and not let the user choose their own. Initially people grumbled a bit, but they soon got used to it and security was much better. 2) Fail2Ban with rules that seem like they are pretty weak, but trust me, they work fine and you limit complaints from users. a) If you get 3 invalid login attempts within a minute from more than 1 IP address, block that login for 10 minutes. If you have blocked a login and another attempt to log in to that account is made then tarpit that connection. Usually 60 seconds is sufficient. Do not extend the original block time past the original 10 minutes. b) If you get 5 invalid login attempts within a minute from the same IP, block that IP for 5 minutes. This is usually a valid user who forgot their password, as opposed to a) which is usually a malicious third party. Some of this you can do with off the shelf tools, some of it may require some glue code (Perl or Python works nicely) on your part. If you can implement this, it will stop the abuse cold. 1) provides security and makes brute forcing infeasible. 2) helps reduce load on your systems. > I was imagining a distributed solution which is already > in use in many mtas applied also to imap and pop > so that connections could be stopped from the first > one. > > I am assuming that if there is such a feature then data is > available (e.g. sorbs) or if not yet being collected that it > could be done. I feel your pain and frustration. I do not believe there is an RBL list of offending IP's for brute force attacks and I think one would be hard to build and keep up to date enough to be useful, since most of these systems are compromised home computers, but they get fixed and there is a lot of turnover - infected systems are repaired and new ones infected. Most of them are in the far east, so if you do not mind applying a cudgel to the problem, you can block entire ranges of IPs altogether. Of course, one of your users traveling to one of those areas would need to use some other method to access email (mobile device, webmail, etc). Dem From l.kiraly at madalbal.hu Wed Jul 3 15:45:04 2013 From: l.kiraly at madalbal.hu (Laszlo Kiraly) Date: Wed, 3 Jul 2013 14:45:04 +0200 Subject: [Dovecot] namespace delivery question In-Reply-To: References: <20130627115159.M11417@madalbal.hu> Message-ID: <20130703124504.M28415@madalbal.hu> Thanks Steffen, It mostly works. my public namespace config: -- namespace { type = public prefix = public/ separator = / location = sdbox:/home/vmail/public/ list = no subscriptions = no } -- If I rewrite info at domain.com to vmail+public/info at domain.com, then it saved to /home/vmail/public/mailboxes/info however if I get mail to vmail+public/info at anotherdomain.com then it's saved to the same mailbox. How can I set dovecot to save to different mailboxes? Regards: Kir?ly L?szl? ---------- Original Message ----------- From: Steffen Kaiser To: kiru at madalbal.hu Cc: dovecot at dovecot.org Sent: Tue, 2 Jul 2013 14:28:41 +0200 (CEST) Subject: Re: [Dovecot] namespace delivery question > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 27 Jun 2013, Laszlo Kiraly wrote: > > > info at domain.com <- public, readable by user2 > > user1 at domain.com <- private > > user2 at domain.com <- private > > > > The mailboxes are virtual, authentication through pam (kerberos). > > The public mailbox doesn't have valid kerberos account. > > > > I couldn't find solution in the documentation, how can I manage the email > > delivery to the public namespace? > > > > There is a -m option in the lda delivery where you can give namespace prefix. > > Maybe it's good for this, but I couldn't find any information how can I do > > this with lmtp? > > If you set: > > lmtp_save_to_detail_mailbox = yes > recipient_delimiter = # > > you could alias info at domain.com to > #Public.Mailbox.Folder at domain.com . 1st option tells LMTP to > use the detail (subaddress) as default mailbox, which is essentially > the same as the -m option of the LDA. 2nd options sets the delimiter > of user and detail. must habe write permission to the folder. > > Regards, > > - -- > Steffen Kaiser From skdovecot at smail.inf.fh-brs.de Wed Jul 3 16:36:24 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 3 Jul 2013 15:36:24 +0200 (CEST) Subject: [Dovecot] namespace delivery question In-Reply-To: <20130703124504.M28415@madalbal.hu> References: <20130627115159.M11417@madalbal.hu> <20130703124504.M28415@madalbal.hu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 3 Jul 2013, Laszlo Kiraly wrote: > It mostly works. > location = sdbox:/home/vmail/public/ > If I rewrite info at domain.com to vmail+public/info at domain.com, then it saved to > /home/vmail/public/mailboxes/info however if I get mail to > vmail+public/info at anotherdomain.com then it's saved to the same mailbox. > > How can I set dovecot to save to different mailboxes? if both users vmail at domain.com and vmail at anotherdomain.com have "append" permission to public/info, vmail+public/info at anotherdomain.com will save the message there, because that's the idea of lmtp_save_to_detail_mailbox . vmail+public/info at anotherdomain.com means: do not save to INBOX of vmail at anotherdomain.com, but to public/info with the permission of user vmail at anotherdomain.com. That applies to all other users as well. If you want to store info at anotherdomain.com somewhere else, create another SMTP alias to another mailbox, e.g.: info at anotherdomain.com -> vmail+public/info-anotherdomain at anotherdomain.com I think you should reject incoming mails from outside to vmail and handle all deliveries to public through local SMTP aliases. Because "vmail" is no valid recipient anyway, isn't it? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdQo2F3r2wJMiz2NAQIO8ggAsnaAZaJjtClKzIYOXK2y5SvQzKdnOI03 UOeSf5e99AXWZKZSP+fC+pXra9pNQzicYYQoOabeLPCodvkGt8m2lDslksTSjN6P fzx0HSxxns1wWgUQtLjkBrgdCoKie4irgyCMfByFDmmLjeYVCWtME1cFazUWScLq n+x3qDSFUSHNJbN30X2/UnsIqS/HxMD/VX+8dplhX385z6ZR6XxgZHbjM28LOugS mgfaf42eaqTf/jDgIBJzF23zhITrMb3C4cjWi3pssv/DVc1cuKFchJttdSrTEsMt vgo791cjS+w+kuCZnZKAXiyLKzApk7akRD+kDtzcFpEeoXd5P6YhaA== =ILOl -----END PGP SIGNATURE----- From l.kiraly at madalbal.hu Wed Jul 3 17:36:21 2013 From: l.kiraly at madalbal.hu (Laszlo Kiraly) Date: Wed, 3 Jul 2013 16:36:21 +0200 Subject: [Dovecot] namespace delivery question In-Reply-To: References: <20130627115159.M11417@madalbal.hu> <20130703124504.M28415@madalbal.hu> Message-ID: <20130703135605.M17443@madalbal.hu> > > If I rewrite info at domain.com to vmail+public/info at domain.com, then it saved to > > /home/vmail/public/mailboxes/info however if I get mail to > > vmail+public/info at anotherdomain.com then it's saved to the same mailbox. > > > > How can I set dovecot to save to different mailboxes? > > if both users vmail at domain.com and vmail at anotherdomain.com have > "append" permission to public/info, > vmail+public/info at anotherdomain.com will save the message there, > because that's the idea of lmtp_save_to_detail_mailbox . > vmail+public/info at anotherdomain.com means: do not save to INBOX of > vmail at anotherdomain.com, but to public/info with the permission of > user vmail at anotherdomain.com. That applies to all other users as well. > > If you want to store info at anotherdomain.com somewhere else, create > another SMTP alias to another mailbox, e.g.: > > info at anotherdomain.com -> > vmail+public/info-anotherdomain at anotherdomain.com Thanks, that is the trick. > I think you should reject incoming mails from outside to vmail and > handle all deliveries to public through local SMTP aliases. Because > "vmail" is no valid recipient anyway, isn't it? Do you think reject in SMTP time in exim? I think, I do exactly the same. I have a list with public mails and rewrite rules for them. I use this list in an acl to check it's a public mailbox or not. Of course vmail isn't a valid recipient. I have now a fully working system. :) Thank you all for the very useful answers. Regards: Laszlo Kiraly From peljasz at yahoo.co.uk Wed Jul 3 19:05:54 2013 From: peljasz at yahoo.co.uk (lejeczek) Date: Wed, 03 Jul 2013 17:05:54 +0100 Subject: [Dovecot] tcpwrappers Message-ID: <51D44BE2.7000309@yahoo.co.uk> hi everybody having I believe sort of plain-vanilla config with section in 10-tcpwrapper.conf as per docs login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } /etc/hosts.deny contains: ALL: given_host and yet dovecot logins IMAP client in whereas other tcpwrapper aware services act as expected what am I missing? regards From cgbullock at gmail.com Wed Jul 3 19:06:12 2013 From: cgbullock at gmail.com (Chris Bullock) Date: Wed, 3 Jul 2013 12:06:12 -0400 Subject: [Dovecot] Creating an authenticated user master user Message-ID: dovecot --version 1.1.18 mbox format We are trying to migrate from dovecot to another imap server and need some help migrating the user data to the new server. We have written a perl script to migrate the data but it seems that we need an "authenticated or Master user" in order for the script to access the user mail boxes without the users password. We are using PAM authentication, and root does not have access to the user's mail boxes. Any help would be appreciated. Chris From me at junc.eu Wed Jul 3 19:40:09 2013 From: me at junc.eu (Benny Pedersen) Date: Wed, 03 Jul 2013 18:40:09 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D37CAD.2090601@erba.tv> References: <51D37CAD.2090601@erba.tv> Message-ID: John Fawcett skrev den 2013-07-03 03:21: > dnsbl's are a popular method to prevent listed ips from making > connections to mta software. hmm are pop3/imap clients not authed users ? well done -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From me at junc.eu Wed Jul 3 19:44:36 2013 From: me at junc.eu (Benny Pedersen) Date: Wed, 03 Jul 2013 18:44:36 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: References: <51D37CAD.2090601@erba.tv> Message-ID: <9151de58f30a8f62151dcc3e92ea93d2@junc.eu> Timo Sirainen skrev den 2013-07-03 03:27: > You're talking about IMAP/POP3 connections? > Possible, yeah .. possibly even without code changes by using > tcpwrappers. why is it needed ? setup fail2ban to manange xtables-addons geoip csv files from abusers, then use this csv file as A0 list in iptables, end result is low memory footprint, it should not be a dovecot solotion -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From me at junc.eu Wed Jul 3 19:49:46 2013 From: me at junc.eu (Benny Pedersen) Date: Wed, 03 Jul 2013 18:49:46 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D3D554.9010302@erba.tv> References: <51D37CAD.2090601@erba.tv> <51D3D554.9010302@erba.tv> Message-ID: John Fawcett skrev den 2013-07-03 09:40: >> Possible, yeah .. possibly even without code changes by using >> tcpwrappers. > TImo, thanks for the reply. I will look into that suggestion. > John if its implemented in dovecot possible use postfix memcached ?, so thay share cache data -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From john.ml at erba.tv Wed Jul 3 21:27:06 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 20:27:06 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <9151de58f30a8f62151dcc3e92ea93d2@junc.eu> References: <51D37CAD.2090601@erba.tv> <9151de58f30a8f62151dcc3e92ea93d2@junc.eu> Message-ID: <51D46CFA.4010006@erba.tv> On 03/07/13 18:44, Benny Pedersen wrote: > Timo Sirainen skrev den 2013-07-03 03:27: > >> You're talking about IMAP/POP3 connections? >> Possible, yeah .. possibly even without code changes by using >> tcpwrappers. > > why is it needed ? > > setup fail2ban to manange xtables-addons geoip csv files from abusers, > then use this csv file as A0 list in iptables, end result is low > memory footprint, it should not be a dovecot solotion > I would not see fail2ban as the only solution. On the mta I use both dnsbl and fail2ban and both help in their own ways to reduce/limit unwanted connections. I wouldn't consider adding large numbers of rules to iptables but I would consider querying a dnsbl which contained large numbers of ips, since the management of the data is then off the server. John From john.ml at erba.tv Wed Jul 3 21:41:58 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 20:41:58 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: References: <51D37CAD.2090601@erba.tv> Message-ID: <51D47076.2030106@erba.tv> On 03/07/13 18:40, Benny Pedersen wrote: > John Fawcett skrev den 2013-07-03 03:21: >> dnsbl's are a popular method to prevent listed ips from making >> connections to mta software. > > hmm are pop3/imap clients not authed users ? > > well done > in this case no, I am talking about connections from zombies. From me at junc.eu Wed Jul 3 21:50:52 2013 From: me at junc.eu (Benny Pedersen) Date: Wed, 03 Jul 2013 20:50:52 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D47076.2030106@erba.tv> References: <51D37CAD.2090601@erba.tv> <51D47076.2030106@erba.tv> Message-ID: John Fawcett skrev den 2013-07-03 20:41: > in this case no, I am talking about connections from zombies. block client ip of the zombies, this is what iptables is for, or change rules to only have ports open for clients location, well dovecot supports ipblocking, but imho its not the right place to setup -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From h.reindl at thelounge.net Wed Jul 3 21:53:49 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 03 Jul 2013 20:53:49 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D47076.2030106@erba.tv> References: <51D37CAD.2090601@erba.tv> <51D47076.2030106@erba.tv> Message-ID: <51D4733D.1080806@thelounge.net> Am 03.07.2013 20:41, schrieb John Fawcett: > On 03/07/13 18:40, Benny Pedersen wrote: >> John Fawcett skrev den 2013-07-03 03:21: >>> dnsbl's are a popular method to prevent listed ips from making >>> connections to mta software. >> >> hmm are pop3/imap clients not authed users ? >> >> well done >> > in this case no, I am talking about connections from zombies have fun - most RBL's contains a lot of dialup-addresses which makes sense to get rejected on a MTA until auth but stupid to block completly without abuse users -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From john.ml at erba.tv Wed Jul 3 21:58:33 2013 From: john.ml at erba.tv (John Fawcett) Date: Wed, 03 Jul 2013 20:58:33 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D40158.8030804@dementianati.com> References: <51D37CAD.2090601@erba.tv> <51D37F3C.4090407@dementianati.com> <51D3884C.2070007@hardwarefreak.com> <51D39971.20903@dementianati.com> <51D3D453.8000005@erba.tv> <51D40158.8030804@dementianati.com> Message-ID: <51D47459.4030409@erba.tv> On 03/07/13 12:47, Professa Dementia wrote: > On 7/3/2013 12:35 AM, John Fawcett wrote: > >> The point is to stop spambot connections to pop and >> imap (which are usually done to try and steal >> credentials). > This is not the usual way spambots work. Generally, spambots scrape > addresses from various sources in order to get lists of emails to send > spam to. > > What you seem to be experiencing may be zombie nets trying to brute > force credentials so they can then send spam from compromised accounts. > This is a different beast with a different solution. Yes I have evidence that passwords found by brute force on pop3 were then used to send email via smtp. > > Regardless, you have a spcific problem that needs addressing. > > I ran an ISP for almost two decades and have dealt with these issues > myself. My recommendations: > > 1) Enforce strong user passwords. I use 12 characters minimum. 14 > characters or more would be better, but this length starts to make it > hard for mere humans to remember. Enforce a rule that the password > contains at least 2 or 3 of the following: lower case letter, upper case > letter, digit, and symbol which is not one of the prior three. > > Some systems require the user's password have all four. This actually > weakens the password (if you care to know why, I can go into the math in > a later post). > > After enforcing your chosen rules, run the password through cracklib > before accepting it from the user. Or even better, what I started doing > was having the system generate passwords and not let the user choose > their own. Initially people grumbled a bit, but they soon got used to > it and security was much better. > > > 2) Fail2Ban with rules that seem like they are pretty weak, but trust > me, they work fine and you limit complaints from users. > > a) If you get 3 invalid login attempts within a minute from more than > 1 IP address, block that login for 10 minutes. If you have blocked a > login and another attempt to log in to that account is made then tarpit > that connection. Usually 60 seconds is sufficient. Do not extend the > original block time past the original 10 minutes. > b) If you get 5 invalid login attempts within a minute from the same > IP, block that IP for 5 minutes. This is usually a valid user who > forgot their password, as opposed to a) which is usually a malicious > third party. > > Some of this you can do with off the shelf tools, some of it may require > some glue code (Perl or Python works nicely) on your part. If you can > implement this, it will stop the abuse cold. > > > 1) provides security and makes brute forcing infeasible. 2) helps > reduce load on your systems. these look like good suggestions. >> I was imagining a distributed solution which is already >> in use in many mtas applied also to imap and pop >> so that connections could be stopped from the first >> one. >> >> I am assuming that if there is such a feature then data is >> available (e.g. sorbs) or if not yet being collected that it >> could be done. > I feel your pain and frustration. I do not believe there is an RBL list > of offending IP's for brute force attacks and I think one would be hard > to build and keep up to date enough to be useful, since most of these > systems are compromised home computers, but they get fixed and there is > a lot of turnover - infected systems are repaired and new ones infected. > > Most of them are in the far east, so if you do not mind applying a > cudgel to the problem, you can block entire ranges of IPs altogether. > Of course, one of your users traveling to one of those areas would need > to use some other method to access email (mobile device, webmail, etc). > > Dem I take the point that ips in such a dnsbl would probably have a short life span. However, whatever may be the difficulties, such a list would not make sense if there is no functionality in the server to use it. I am going to look into Timo's suggestion though on tcpwrappers to see how this would work. John From stephan at rename-it.nl Wed Jul 3 23:15:31 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 03 Jul 2013 22:15:31 +0200 Subject: [Dovecot] Released Pigeonhole v0.4.1 for Dovecot v2.2.4. Message-ID: <51D48663.2090506@rename-it.nl> Hello Dovecot users, Now that I am not preoccupied anymore, I quickly release a new version of Pigeonhole for Dovecot v2.2. This consists mainly of bug fixes. One new feature is that the Sieve plugin will try to pass temporary failures (e.g. from mail storage) back to LDA/LMTP as much as possible. However, this change turned out a little bigger than I would have liked, so experiment with it a bit before you deploy it in production. Changelog v0.4.1: + Added support for handling temporary failures. These are passed back to LDA/LTMP to produce an appropriate response towards the MTA. - Sieve storage: Removed PATH_MAX limitation for active symlink. This caused problems for GNU/Hurd. - Fixed line endings in X-Sieve headers added by redirect command. - ManageSieve: Fixed '[' ']' stupidity for response codes (only happened before login). - Fixed setting name in example-config/conf.d/20-managesieve.conf. - Sieve extprograms plugin: Fixed interaction between pipe command and remote script service. The output from the script service was never read, causing a broken pipe error at the script service. Apparently, this was broken since the I/O handling for extprograms was last revised. - Fixed assertion failure due to datastack problem in message header composition. The release is available as follows: http://www.rename-it.nl/dovecot/2.2/dovecot-2.2-pigeonhole-0.4.1.tar.gz http://www.rename-it.nl/dovecot/2.2/dovecot-2.2-pigeonhole-0.4.1.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for more information. Have fun testing this new release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch stephan at rename-it.nl From janfrode at tanso.net Wed Jul 3 23:29:04 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 3 Jul 2013 22:29:04 +0200 Subject: [Dovecot] login_trusted_networks from webmail ? Message-ID: <20130703202904.GA12770@mushkin.tanso.net> I'd like to get the IP-address of the webmail-klient logged in my maillog (for being compliant with coming data retention policies). I've noticed that with login_trusted_networks pointing at my dovecot directors, we get rip=client-ip logged on the backends. How is the proxy providing this to the dovecot backends? Anybody know what magic we need to implement in our webmail-solution to be able to forward the webmail-client-ip and have it logged as rip= in dovecot? I belive it will be enough to have it logged as rip= on the directors, maybe not needed to be forwarded all the way to the backends (but that would be nice as well). -jf From tss at iki.fi Wed Jul 3 23:34:56 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 3 Jul 2013 23:34:56 +0300 Subject: [Dovecot] login_trusted_networks from webmail ? In-Reply-To: <20130703202904.GA12770@mushkin.tanso.net> References: <20130703202904.GA12770@mushkin.tanso.net> Message-ID: On 3.7.2013, at 23.29, Jan-Frode Myklebust wrote: > I'd like to get the IP-address of the webmail-klient logged in my > maillog (for being compliant with coming data retention policies). I've > noticed that with login_trusted_networks pointing at my dovecot > directors, we get rip=client-ip logged on the backends. How is the proxy > providing this to the dovecot backends? Anybody know what magic we need > to implement in our webmail-solution to be able to forward the > webmail-client-ip and have it logged as rip= in dovecot? a ID ("x-originating-ip" "1.2.3.4") Other things you could send in the same command: x-originating-port, x-connected-ip, x-connected-port And in case others are wondering, POP3 and LMTP use: XCLIENT ADDR=1.2.3.4 PORT=12345 > I belive it will be enough to have it logged as rip= on the directors, > maybe not needed to be forwarded all the way to the backends (but that > would be nice as well). If backend has login_trusted_networks pointing to directors, then the IP gets forwarded to backends as well. From janfrode at tanso.net Wed Jul 3 23:50:43 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Wed, 3 Jul 2013 22:50:43 +0200 Subject: [Dovecot] login_trusted_networks from webmail ? In-Reply-To: References: <20130703202904.GA12770@mushkin.tanso.net> Message-ID: <20130703205043.GA13546@mushkin.tanso.net> On Wed, Jul 03, 2013 at 11:34:56PM +0300, Timo Sirainen wrote: > > a ID ("x-originating-ip" "1.2.3.4") Perfect, thanks! Feature request for SOGo filed: http://www.sogo.nu/bugs/view.php?id=2366 -jf From tss at iki.fi Thu Jul 4 00:14:12 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 4 Jul 2013 00:14:12 +0300 Subject: [Dovecot] login_trusted_networks from webmail ? In-Reply-To: <20130703205043.GA13546@mushkin.tanso.net> References: <20130703202904.GA12770@mushkin.tanso.net> <20130703205043.GA13546@mushkin.tanso.net> Message-ID: <49EB7EA1-17E4-4415-986F-ABF0AB222F14@iki.fi> On 3.7.2013, at 23.50, Jan-Frode Myklebust wrote: > On Wed, Jul 03, 2013 at 11:34:56PM +0300, Timo Sirainen wrote: >> >> a ID ("x-originating-ip" "1.2.3.4") > > Perfect, thanks! Feature request for SOGo filed: > > http://www.sogo.nu/bugs/view.php?id=2366 Oh and BTW the reason it was implemented with this kind of ID command was so that the client could detect the normal ID capability and based on that just send the IP address without any further figuring out if the backend supports it. The backends that didn't support it would simply ignore that parameter without any errors. So it should be easy for webmails to implement. From jtam.home at gmail.com Thu Jul 4 00:30:02 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Wed, 3 Jul 2013 14:30:02 -0700 (PDT) Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: References: Message-ID: Professa Dementia writes: > 2) Fail2Ban with rules that seem like they are pretty weak, but trust > me, they work fine and you limit complaints from users. > > a) If you get 3 invalid login attempts within a minute from more than > 1 IP address, block that login for 10 minutes. If you have blocked a > login and another attempt to log in to that account is made then tarpit > that connection. Usually 60 seconds is sufficient. Do not extend the > original block time past the original 10 minutes. > b) If you get 5 invalid login attempts within a minute from the same > IP, block that IP for 5 minutes. This is usually a valid user who > forgot their password, as opposed to a) which is usually a malicious > third party. Looking at my POP3/IMAP logs, users enter wrong passwords all the time, then their mail client keeps trying to re-authenticate, giving the appearance of a slow rolling BFD. For example, I just grabbed this typical sample Jul 2 13:24:48 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:26:03 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:26:13 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 9 secs): user= ... Jul 2 13:26:37 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:26:43 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:27:08 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:27:14 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:27:30 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:27:36 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Jul 2 13:27:51 dovecot: imap-login: Aborted login (auth failed, 1 attempts in 5 secs): user= ... Brute force attempts are more intense, so I think these rules can be set harder to not risk plunking your users into blacklist hell. Also, some common role account (that don't exist on my system e.g. "admin") will trigger an immediate blacklist here -- an easy way to shortcut the process. > I feel your pain and frustration. I do not believe there is an RBL list > of offending IP's for brute force attacks ... Maybe http://www.blocklist.de/en/index.html I use it for ssh BFD blocking, and it detects 2/3 of the IPs trying to do attempts. On their web page, they also list FTP, Web, and Mail login brute forcers, although I'm not sure whether "Mail" logins means IMAP, POP, SMTP-AUTH, or all of them. You can also integrate this with fail2ban so that not only can you use it to block, but can also contribute to the global detection of brute forcers. Joseph Tam From professa at dementianati.com Thu Jul 4 00:45:51 2013 From: professa at dementianati.com (Professa Dementia) Date: Wed, 03 Jul 2013 14:45:51 -0700 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: References: Message-ID: <51D49B8F.2040500@dementianati.com> On 7/3/2013 2:30 PM, Joseph Tam wrote: > Brute force attempts are more intense, so I think these rules can be > set harder to not risk plunking your users into blacklist hell. Also, > some common role account (that don't exist on my system e.g. "admin") > will trigger an immediate blacklist here -- an easy way to shortcut > the process. Certainly, set the rules to whatever works for your system. My example is just what I used and it worked well for me. Your example is why I specified that an attempt to login as a blocked account does *not* extend the blocking time. Otherwise, you run the risk of a rolling block that goes on forever. Why are users on your system entering bad passwords all the time? Every major mail client can save passwords in a reasonably secure format so the feeble minded human is free of that burden. Even with webmail, the browser generally can save passwords. In fact, I feel this is safer. It eliminates keystroke loggers from getting the password. It also makes it easier to enforce strong passwords. If the user had to type in a 16 character strong password each time (such as HjY6##k,F8Dl9sy1), many of them would certainly complain loudly and often. However, if the user can enter that password once into their chosen software and not have to remember it again, you get good protection from brute force attacks and happy users. Typing a password once is much easier than even typing "cat" 50,000 times over the course of several years. Dem From ka at pacific.net Thu Jul 4 03:56:05 2013 From: ka at pacific.net (Ken A) Date: Wed, 03 Jul 2013 19:56:05 -0500 Subject: [Dovecot] flat file in tmpfs for dict quota In-Reply-To: References: <51CC6BD6.7030308@pacific.net> Message-ID: <51D4C825.2080102@pacific.net> On 7/2/2013 8:48 AM, Steffen Kaiser wrote: > On Thu, 27 Jun 2013, Ken A wrote: > >> I'm using dict quota like so: > >> quota = dict:User quota::file:/[path]/quotas/%u > >> [path]/quotas/ is a tmpfs. > >> The idea is to do less work on disk. Other than forcing dovecot >> to rebuild quotas on a reboot, are there any downsides? > > I would say no, but to recalc the quota file might be more > difficult that you think, make sure no logins or deliveries or > automatic scripts change the content of the mail storage. The quota files are per mailbox, and are created when the user logs in or LDA touches a mailbox. Most mailboxes are < 1GB. Dovecot seems to handle it very quickly. Thanks, Ken Anderson > Regards, > > -- Steffen Kaiser > -- Ken Anderson Pacific Internet - http://www.pacific.net From tss at iki.fi Thu Jul 4 04:31:36 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 4 Jul 2013 04:31:36 +0300 Subject: [Dovecot] flat file in tmpfs for dict quota In-Reply-To: <51CC6BD6.7030308@pacific.net> References: <51CC6BD6.7030308@pacific.net> Message-ID: <59888C70-5823-4791-A0AA-94FF4BEEB12A@iki.fi> On 27.6.2013, at 19.44, Ken A wrote: > I'm using dict quota like so: > > quota = dict:User quota::file:/[path]/quotas/%u > > [path]/quotas/ is a tmpfs. > > The idea is to do less work on disk. There are no fsync() or fdatasync() calls to quota files. Ideally if the system had enough memory and the disk IO wasn't used up all the time, it wouldn't waste any time on unnecessary disk writes. Now, whether the current OSes worked that way I don't really know.. I think there are quite a lot of settings for that though. Placing quota files (and maybe indexes) on a different mount point would allow changing such settings. From i_was_yah00ed at yahoo.com Wed Jul 3 20:43:38 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Wed, 3 Jul 2013 10:43:38 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed Message-ID: <1372873418258-43118.post@n4.nabble.com> I was not able to find specific help for configuring the crt file for CaCert. I gleaned from examples the following order: server certificate CaCert class 3 certificate Cacert root certificate However, when I try to configure my mail reading for IMAP, Dovecot shows the following error in the log: dovecot: imap-login: Aborted login (no auth attempts): I am assuming, based on searches for this error, that my crt file is not correct but I don't know what to do at this point. Can someone steer me in the right direction? TIA. -- View this message in context: http://dovecot.2317879.n4.nabble.com/CaCert-certificate-configuration-help-needed-tp43118.html Sent from the Dovecot mailing list archive at Nabble.com. From peljasz at yahoo.co.uk Thu Jul 4 11:32:00 2013 From: peljasz at yahoo.co.uk (lejeczek) Date: Thu, 04 Jul 2013 09:32:00 +0100 Subject: [Dovecot] tcpwrappers In-Reply-To: <51D44BE2.7000309@yahoo.co.uk> References: <51D44BE2.7000309@yahoo.co.uk> Message-ID: <51D53300.1070605@yahoo.co.uk> hi, I might have been bit impatient,must have been Thunderbird or something else that caused a bit of delay between when an entry appeared in hosts.deny and mail client actually got denied. regards On 07/03/2013 05:05 PM, lejeczek wrote: > hi everybody > > having I believe sort of plain-vanilla config with section > in 10-tcpwrapper.conf > as per docs > > login_access_sockets = tcpwrap > > service tcpwrap { > unix_listener login/tcpwrap { > group = $default_login_user > mode = 0600 > user = $default_login_user > } > } > > /etc/hosts.deny contains: > ALL: given_host > > and yet dovecot logins IMAP client in > whereas other tcpwrapper aware services act as expected > > what am I missing? > > regards > > From rs at sys4.de Thu Jul 4 11:38:50 2013 From: rs at sys4.de (Robert Schetterer) Date: Thu, 04 Jul 2013 10:38:50 +0200 Subject: [Dovecot] dnsbl feature for dovecot In-Reply-To: <51D4733D.1080806@thelounge.net> References: <51D37CAD.2090601@erba.tv> <51D47076.2030106@erba.tv> <51D4733D.1080806@thelounge.net> Message-ID: <51D5349A.2010203@sys4.de> Am 03.07.2013 20:53, schrieb Reindl Harald: > > > Am 03.07.2013 20:41, schrieb John Fawcett: >> On 03/07/13 18:40, Benny Pedersen wrote: >>> John Fawcett skrev den 2013-07-03 03:21: >>>> dnsbl's are a popular method to prevent listed ips from making >>>> connections to mta software. >>> >>> hmm are pop3/imap clients not authed users ? >>> >>> well done >>> >> in this case no, I am talking about connections from zombies > > have fun - most RBL's contains a lot of dialup-addresses > which makes sense to get rejected on a MTA until auth > but stupid to block completly without abuse users > just for info a botnet check ip service was anounced https://www.check-and-secure.com/ipcheck/_en/index.html it seems that they have some db with botnet ips, with "ttl" 15 mins but for sure this isnt a "traditional" rbl however it shows some people work on that stuff Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From skdovecot at smail.inf.fh-brs.de Thu Jul 4 12:26:20 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 4 Jul 2013 11:26:20 +0200 (CEST) Subject: [Dovecot] namespace delivery question In-Reply-To: <20130703135605.M17443@madalbal.hu> References: <20130627115159.M11417@madalbal.hu> <20130703124504.M28415@madalbal.hu> <20130703135605.M17443@madalbal.hu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 3 Jul 2013, Laszlo Kiraly wrote: >> I think you should reject incoming mails from outside to vmail and >> handle all deliveries to public through local SMTP aliases. Because >> "vmail" is no valid recipient anyway, isn't it? > > Do you think reject in SMTP time in exim? I think, I do exactly the same. > I have a list with public mails and rewrite rules for them. I use this list in > an acl to check it's a public mailbox or not. did you tested it ;-) > I have now a fully working system. :) fine! - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdU/vF3r2wJMiz2NAQLlKgf7Bzm6I5v2TIHEamt2J/viRBlZA8etNbPI gEkiCYpkj6tsySgDlRVCpWwF60HH2Hg1nCy8KEm28JTEaSn8xocxpE800d0KgKmo FgbElbUE3L8IQKpVAS1ny7/Rg0lr91/e5bzll3XcGZKtstvjbeiqJcThROpZWewy 3NIyntdQLnKVjHZqvpYpd8W2ZwzaltaQJg0RLKj1nZZMHfv2xWu/ulasMZ0YBprG ixKJRrIPwTHeEGqk8hT6kudkks+ptltVzeoL4vXT7T03gXxzJtLlSRO+7Ztpic5J B3KxuhMqOunVjZkrZAvJnryeERac4HRqusUxB6tr4gYo+7P+BAYMbQ== =ApuF -----END PGP SIGNATURE----- From lst_hoe02 at kwsoft.de Thu Jul 4 12:32:10 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Thu, 04 Jul 2013 11:32:10 +0200 Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <1372873418258-43118.post@n4.nabble.com> References: <1372873418258-43118.post@n4.nabble.com> Message-ID: <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> Zitat von gw1500se : > I was not able to find specific help for configuring the crt file for CaCert. > I gleaned from examples the following order: > > server certificate > CaCert class 3 certificate > Cacert root certificate > > However, when I try to configure my mail reading for IMAP, Dovecot shows the > following error in the log: > > dovecot: imap-login: Aborted login (no auth attempts): > > I am assuming, based on searches for this error, that my crt file is not > correct but I don't know what to do at this point. Can someone steer me in > the right direction? TIA. > The server (dovecot) needs the server certificate, the matching private key and the intermediate CAs, not the root-CA. The client need the root-CA in it's "trust store" so you have to make your client trusting the CaCert root-CA. For the dovcot side have a look here: http://wiki2.dovecot.org/SSL/DovecotConfiguration Regards Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From dalevizo at otenet.gr Thu Jul 4 12:48:47 2013 From: dalevizo at otenet.gr (Dimos Alevizos) Date: Thu, 04 Jul 2013 12:48:47 +0300 Subject: [Dovecot] dovecot 2.2 Panic: pool_data_stack_realloc(): stack frame changed Message-ID: <51D544FF.4040204@otenet.gr> Hi again, we've been trying dovecot 2.2 in our setup and we see thousands of messages like these : Jul 4 12:29:47 pop01 dovecot: lmtp(2899): Debug: auth input: rigakis2 at otenet.gr home=/var/mail/folders/U/9/5/rigakis2 quota_rule=*:storage=50M uid=531846 gid=100 mail=mbox:~/:INBOX=/var/mail/U/9/5 /rigakis2:INDEX=/indexes/4/1/b/rigakis2 at otenet.gr Jul 4 12:29:47 pop01 dovecot: lmtp(2899): Debug: Added userdb setting: mail=mbox:~/:INBOX=/var/mail/U/9/5/rigakis2:INDEX=/indexes/4/1/b/rigakis2 at otenet.gr Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: Effective uid=531846, gid=100, home=/var/mail/folders/U/9/5/rigakis2 Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: Quota root: name=User quota backend=dict args=:noenforcing:proxy::sqlquota Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: Quota rule: root=User quota mailbox=* bytes=52428800 messages=0 Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: Quota grace: root=User quota bytes=5242880 (10%) Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: dict quota: user=rigakis2 at otenet.gr, uri=proxy::sqlquota, noenforcing=1 Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: fs: root=/var/mail/folders/U/9/5/rigakis2, index=/indexes/4/1/b/rigakis2 at otenet.gr, indexpvt=, control=, inbox=/var/mail/U/9/5/ rigakis2, alt= Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: sieve: Pigeonhole version 0.4.0 initializing Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: sieve: include: sieve_global_dir is not set; it is currently not possible to include `:global' scripts. Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: o6pTL5k/1VFTCwAAYg/qxw: sieve: using the following location for user's Sieve script: /var/mail/folders/U/9/5/rigakis2/.sieve;na me=main script Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: o6pTL5k/1VFTCwAAYg/qxw: sieve: loading script /var/mail/folders/U/9/5/rigakis2/.sieve;name=main script Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: o6pTL5k/1VFTCwAAYg/qxw: sieve: script binary /var/mail/folders/U/9/5/rigakis2/.sieve.svbin successfully loaded Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: o6pTL5k/1VFTCwAAYg/qxw: sieve: binary save: not saving binary /var/mail/folders/U/9/5/rigakis2/.sieve.svbin, because it is alre ady stored Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Debug: o6pTL5k/1VFTCwAAYg/qxw: sieve: executing script from /var/mail/folders/U/9/5/rigakis2/.sieve.svbin Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Panic: pool_data_stack_realloc(): stack frame changed Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Error: Raw backtrace: /opt/dovecot-2.2.4/lib/dovecot/libdovecot.so.0 [0x2b0066488bb0] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot.so. 0 [0x2b0066488c06] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot.so.0 [0x2b0066487dc3] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot.so.0 [0x2b006649c5d1] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot .so.0 [0x2b00664844ef] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot.so.0(buffer_write+0xf6) [0x2b0066484956] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot-sieve.so.0(rfc2822_header_append+0x35) [0x2 b0066b2c695] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot-sieve.so.0(rfc2822_header_printf+0xbd) [0x2b0066b2cbdd] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot-sieve.so.0 [0x2b0066b6141c] -> /opt/do vecot-2.2.4/lib/dovecot/libdovecot-sieve.so.0 [0x2b0066b5fd63] -> /opt/dovecot-2.2.4/lib/dovecot/libdovecot-sieve.so.0(sieve_result_execute+0x220) [0x2b0066b407b0] -> /opt/dovecot-2.2.4/lib/dovecot /libdovecot-sieve.so.0(sieve_execute+0x Jul 4 12:29:47 pop01 dovecot: lmtp(2899, rigakis2 at otenet.gr): Fatal: master: service(lmtp): child 2899 killed with signal 6 (core not dumped) I tried to get a core dump but I can't, apparently I'm doing something wrong. Any ideas ? dovecot -n : # 2.2.4: /opt/dovecot-2.2.4/etc/dovecot/dovecot.conf # OS: Linux 2.6.18-348.6.1.el5 x86_64 CentOS release 5.9 (Final) auth_cache_negative_ttl = 10 mins auth_cache_size = 5 M auth_cache_ttl = 10 mins auth_verbose = yes default_client_limit = 5000 default_process_limit = 500 deliver_log_format = msgid=%m: from=%f size=%p %$ dict { sqlquota = mysql:/opt/dovecot/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 20 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = OTENET ready login_trusted_networks = 83.235.66.0/24 mail_access_groups = mail otemail disk root mail_fsync = always mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify mbox_lock_timeout = 3 secs mbox_read_locks = dotlock fcntl mmap_disable = yes passdb { args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mail_log_fields = uid box msgid size quota = dict:User quota::noenforcing:proxy::sqlquota sieve = ~/.sieve sieve_dir = ~/sieve sieve_extensions = +notify +imapflags } postmaster_address = postmaster at otenet.gr quota_full_tempfail = yes service auth-worker { user = dovenull } service dict { unix_listener dict { group = otemail mode = 0666 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { client_limit = 1 inet_listener lmtp { port = 24 } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service quota-warning { executable = script /opt/dovecot/etc/dovecot/quota-warning.sh user = dovecot } ssl = no userdb { args = /opt/dovecot/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } verbose_proctitle = yes protocol lmtp { mail_plugins = quota sieve } protocol lda { mail_plugins = quota sieve } protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep mail_max_userip_connections = 100 mail_plugins = quota imap_quota notify } protocol pop3 { mail_max_userip_connections = 100 mail_plugins = quota notify pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_fast_size_lookups = yes pop3_lock_session = yes pop3_reuse_xuidl = yes pop3_uidl_format = %08Xu%08Xv } From dalevizo at otenet.gr Thu Jul 4 12:57:27 2013 From: dalevizo at otenet.gr (Dimos Alevizos) Date: Thu, 04 Jul 2013 12:57:27 +0300 Subject: [Dovecot] dovecot 2.2 Panic: pool_data_stack_realloc(): stack frame changed In-Reply-To: <51D544FF.4040204@otenet.gr> References: <51D544FF.4040204@otenet.gr> Message-ID: <51D54707.8030903@otenet.gr> Never mind I just saw there's a newer version of pigeonhole that fixes it. Sigh... Changelog v0.4.1: - Fixed assertion failure due to datastack problem in message header composition. Dalevizo From i_was_yah00ed at yahoo.com Thu Jul 4 12:59:51 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 02:59:51 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> Message-ID: <1372931991518-43139.post@n4.nabble.com> Thanks for the reply. I guess I should have been more complete in my description. That is where I first started. Not only did that give me the error above but an additional error telling me I was missing the root CA for the signing authority. Searches on that error pointed me to the chained SSL certificates section. That eliminated the root CA error but I still have the posted error. Perhaps I am still not recognizing which specific section I should be using in that document. -- View this message in context: http://dovecot.2317879.n4.nabble.com/CaCert-certificate-configuration-help-needed-tp43118p43139.html Sent from the Dovecot mailing list archive at Nabble.com. From skdovecot at smail.inf.fh-brs.de Thu Jul 4 14:15:49 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 4 Jul 2013 13:15:49 +0200 (CEST) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <1372931991518-43139.post@n4.nabble.com> References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> <1372931991518-43139.post@n4.nabble.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Jul 2013, gw1500se wrote: > > Perhaps I am still not recognizing which specific section I should be using > in that document. increase logging http://wiki2.dovecot.org/Logging esp. section "Logging verbosity", then try again and check what the MUA is displaying. If it disconnects because of cert errors, the MUA displays the error. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdVZZV3r2wJMiz2NAQKpIwf/ZCiL2b+jDU+asctSVTHz7TlkPxzQujGf 0eoW1Rn+O+jEiTdtHC1S3KLDHqTiCQv+dnt7urH+PFymOkK4LMoZQ0omO0k3iNSY mQp5U855vY9LgVfuEVtCyUg+yGxjXhWgUA9qbJI6bZGUMRu4/mX4aGbK/YdjTZ35 HQNvRHgK+Tg52CSumIAK+As/FDr5ftKzEwT2K5bocb250VxcE673vs+5vDphu8j9 RB+kIi2K3xKoM/sIb3ZV2QBCCs5xLF+jj1FY19+DL/tw3lTQf/zvt6ckrOAcFCi/ FQhYFIbY+yB0hLBAftiVheCrxN+s0JNNfv25NQoKMF/k5Lc98EbG0g== =i6sh -----END PGP SIGNATURE----- From i_was_yah00ed at yahoo.com Thu Jul 4 20:36:42 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 10:36:42 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> <1372931991518-43139.post@n4.nabble.com> Message-ID: <1372959402237-43141.post@n4.nabble.com> Thanks. I think I turned on all the debug I can but the result is not at all helpful (to me). Jul 4 13:33:02 public dovecot: auth: Debug: auth client connected (pid=29195) Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write key exchange A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write session ticket A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully Jul 4 13:33:02 public dovecot: imap-login: Aborted login (no auth attempts): rip=74.176.153.21, lip=69.64.71.47, TLS Jul 4 13:33:02 public dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify -- View this message in context: http://dovecot.2317879.n4.nabble.com/CaCert-certificate-configuration-help-needed-tp43118p43141.html Sent from the Dovecot mailing list archive at Nabble.com. From i_was_yah00ed at yahoo.com Thu Jul 4 20:44:19 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 10:44:19 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <1372959402237-43141.post@n4.nabble.com> References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> <1372931991518-43139.post@n4.nabble.com> <1372959402237-43141.post@n4.nabble.com> Message-ID: <1372959859167-43142.post@n4.nabble.com> FWIW, here is my doveconf output: # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.11.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_debug_passwords = yes base_dir = /var/run/dovecot/ login_greeting = Dovecot on mydomain.com ready. mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } ssl_cert = Hi list, I'm trying to do a domain migration using the imapc feature, but i'm having some problems and I really don't know what is happening. So if you guys could help me with a path to solve this, I will be glad. I'm using Dovecot 2.1.7 in a Debian Wheezy machine. The command I'm using is: dsync -Dv -o imapc_features=rfc822.size -o imapc_host=IP -o imapc_port=143 -o imapc_username='breno.moreira at mav.com.br' -o imapc_password='pass' -u breno.moreira at mav.com.br mirror imapc:/tmp/dsync-imapc and what I got with the logs is: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentio nal, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentiona l, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(breno.moreira at mav.com.br): Debug: Added userdb setting: mail=sdbox:~/:ALT=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira doveadm(breno.moreira at mav.com.br): Debug: Effective uid=5000, gid=5000, home=/srv/dovessdodd/dovecot/mav.com.br/breno.moreira doveadm(breno.moreira at mav.com.br): Debug: Namespace : type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=sdbox:~/:ALT=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira doveadm(breno.moreira at mav.com.br): Debug: fs: root=/srv/dovessdodd/dovecot/ mav.com.br/breno.moreira, index=, control=, inbox=, alt=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira dsync(breno.moreira at mav.com.br): Debug: Effective uid=5000, gid=5000, home=/srv/dovessdodd/dovecot/mav.com.br/breno.moreira dsync(breno.moreira at mav.com.br): Debug: Namespace : type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=imapc:/tmp/dsync-imapc dsync(breno.moreira at mav.com.br): Debug: imapc: root=/tmp/dsync-imapc, index=, control=, inbox=, alt= dsync(breno.moreira at mav.com.br): Debug: maildir++: root=/tmp/dsync-imapc, index=, control=, inbox=, alt= dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Looking up IP address dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Connecting to 187.115.200.155:143 dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Authenticating as breno.moreira at mav.com.br dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT I DLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Authenticated successfully dsync(breno.moreira at mav.com.br): Debug: Namespace INBOX.: Using permissions from /srv/dovessdodd/dovecot/mav.com.br/breno.moreira: mode=0700 gid=-1 dsync(breno.moreira at mav.com.br): Debug: Namespace INBOX.: Using permissions from /tmp/dsync-imapc: mode=0755 gid=-1 dsync(breno.moreira at mav.com.br): Error: Can't create mailbox INBOX: Empty mailbox name. dsync(breno.moreira at mav.com.br): Info: INBOX: only in dest (guid=c92f64f79f0d1ed01e6d5b314f04886c) dsync(breno.moreira at mav.com.br): Info: INBOX: only in source (guid=f4c6a715e8b1d551112d000042e5307d) dsync(breno.moreira at mav.com.br): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> f4c6a715e8b1d551112d000042e5307d) dsync(breno.moreira at mav.com.br): Error: msg iteration failed: Couldn't open mailbox c92f64f79f0d1ed01e6d5b314f04886c dsync(breno.moreira at mav.com.br): Error: Mailbox INBOX changed its GUID (c92f64f79f0d1ed01e6d5b314f04886c -> f4c6a715e8b1d551112d000042e5307d) dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Looking up IP address dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Connecting to 187.115.200.155:143 dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Authenticating as breno.moreira at mav.com.br dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT I DLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Authenticated successfully dsync(breno.moreira at mav.com.br): Panic: file mail-storage.c: line 794 (mailbox_check_mismatching_separators): assertion failed: (vname[0] == ns->prefix[ns->prefix_len-1]) dsync(breno.moreira at mav.com.br): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4373a) [0x7f21a814b73a] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f21a814b7fa] -> /usr/lib/dove cot/libdovecot.so.0(i_fatal+0) [0x7f21a81237e2] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x7ce8e) [0x7f21a8411e8e] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_open+0x18) [0x7f21a8411ed8] -> /usr/lib/d ovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x95) [0x7f21a83fd235] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x33) [0x7f21a8410e23] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailb ox_sync+0x27) [0x7f21a8410f47] -> /usr/bin/dsync(+0x2ef11) [0x7f21a8b20f11] -> /usr/bin/dsync(+0x2f03f) [0x7f21a8b2103f] -> /usr/bin/dsync(+0x30ac4) [0x7f21a8b22ac4] -> /usr/bin/dsync(dsync_worker_msg_iter_next+0x34) [0x7f21a8b1ffb4] -> /usr/bin/dsync(+0x292b4) [0x7f21a8b1b2b4] -> /usr/bin/dsync(+0x29352) [0x7f21a8b1b352] -> /usr/bin/dsync(dsync_brain_msg_sync_more+0x450) [0x7f21a8b1b7c0] -> /usr/bin/dsync(dsync_brain_sync+0xc21) [0x7f21a8b1a6c1] -> /usr/bin/dsync(+0x28e01) [0x7f21a8b1ae01] -> /usr/bin/dsync(dsync_brain_sync+0x7b7) [0x7f21a8b1a257] -> /usr/bin/dsync(+0x28c98) [0x7f21a8b1ac98] -> /usr/bin/dsync(dsync_brain_sync+0x7f8) [0x7f21a8b1a298] -> /usr/bin/dsync(dsync_brain_sync_all+0x18) [0x7f21a8b1ae68] -> /usr/bin/dsync(+0x25f76) [0x7f21a8b17f76] -> /usr/bin/dsync(+0x26461) [0x7f21a8b18461] -> /usr/bin/dsync(+0x13486) [0x7f21a8b05486] -> /usr/bin/dsync(+0x13f51) [0x7f21a8b05f51] -> /usr/bin/dsync(doveadm_mail_try_run+0x159) [0x7f21a8b063e9] -> /usr/bin/dsync(main+0x3a1) [0x7f21a8b05031] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f21a7d9cead] Aborted Best Regards, -- --------------------------------------------------------------------- Breno Moreira ?O ?xito na vida n?o se mede pelo que voc? conquistou, mas sim pelas dificuldades que superou no caminho.? * Abraham Lincoln* From me at junc.eu Thu Jul 4 21:44:04 2013 From: me at junc.eu (Benny Pedersen) Date: Thu, 04 Jul 2013 20:44:04 +0200 Subject: [Dovecot] =?utf-8?q?login=5Ftrusted=5Fnetworks_from_webmail_=3F?= In-Reply-To: <20130703202904.GA12770@mushkin.tanso.net> References: <20130703202904.GA12770@mushkin.tanso.net> Message-ID: <737aef023d310d52a8dd8e12d0019c92@junc.eu> Jan-Frode Myklebust skrev den 2013-07-03 22:29: > I belive it will be enough to have it logged as rip= on the > directors, > maybe not needed to be forwarded all the way to the backends (but > that > would be nice as well). it would be loggin webservers ip, not webmail client ip, if thats not accepted, turn off webmail -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From me at junc.eu Thu Jul 4 21:51:47 2013 From: me at junc.eu (Benny Pedersen) Date: Thu, 04 Jul 2013 20:51:47 +0200 Subject: [Dovecot] =?utf-8?q?login=5Ftrusted=5Fnetworks_from_webmail_=3F?= In-Reply-To: References: <20130703202904.GA12770@mushkin.tanso.net> Message-ID: Timo Sirainen skrev den 2013-07-03 22:34: > If backend has login_trusted_networks pointing to directors, then the > IP gets forwarded to backends as well. how does imap get ip from http ? -- senders that put my email into body content will deliver it to my own trashcan, so if you like to get reply, dont do it From i_was_yah00ed at yahoo.com Thu Jul 4 22:08:37 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 12:08:37 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <1372959859167-43142.post@n4.nabble.com> References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> <1372931991518-43139.post@n4.nabble.com> <1372959402237-43141.post@n4.nabble.com> <1372959859167-43142.post@n4.nabble.com> Message-ID: <1372964917638-43146.post@n4.nabble.com> I think I am now close on this. It appears that the user is successfully authenticating via IMAP. However, I am getting permissions errors when it tries to write to the Maildir. dovecot: imap(dap): Error: mkdir(/home/dap/Maildir/.imap/INBOX) failed: Operation not permitted Jul 4 15:02:04 public dovecot: imap(dap): Error: chown(/home/dap/Maildir/.imap/INBOX, -1, 12(mail)) failed: Operation not permitted (egid=500(dap), group based on /var/mail/dap) What am I missing in the previously posted doveconf? TIA. -- View this message in context: http://dovecot.2317879.n4.nabble.com/CaCert-certificate-configuration-help-needed-tp43118p43146.html Sent from the Dovecot mailing list archive at Nabble.com. From 2pdd at mail.ru Thu Jul 4 16:41:20 2013 From: 2pdd at mail.ru (Dmitry) Date: Thu, 4 Jul 2013 17:41:20 +0400 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP Message-ID: <20130704174120.50f90e1d27bfdf59d56e690f@mail.ru> Hi, Sorry for my english. My problem: *************************************************** dspam-3.9.0 (dspam-3.10.2 all the time segmentation fault) dspam.conf .................... # DeliveryHost /var/run/dovecot/lmtp # same error as IP DeliveryHost 127.0.0.33 DeliveryPort 24 DeliveryProto LMTP .................... ServerHost 192.168.1.34 ServerPort 24 ServerQueueSize 32 ServerPID /var/run/dspam/dspam.pid *************************************************** dovecot-2.2.4 10-master.conf service lmtp { # Create inet listener only if you can't use the above UNIX socket inet_listener lmtp { # Avoid making LMTP visible for the entire internet address = 127.0.0.33 port = 24 } } quota is not included *************************************************** telnet to dspam LMTP # telnet 192.168.1.34 24 Trying 192.168.1.34... Connected to 192.168.1.34. Escape character is '^]'. 220 DSPAM LMTP 3.9.0 Ready LHLO test.com 250-localhost.localdomain 250-PIPELINING 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 SIZE MAIL FROM: 250 2.1.0 OK RCPT TO: 250 2.1.5 OK DATA 354 Enter mail, end with "." on a line by itself 1234567 qwertyu asdfghj . 530 5.3.0 Fatal: 501 5.5.4 Unsupported options QUIT 221 2.0.0 OK Connection closed by foreign host. *************************************************** at the same time tcpflow LMTP # tcpflow -c -i any host 127.0.0.33 127.000.000.033.00024-127.000.000.001.41663: 220 mail Dovecot ready. 127.000.000.001.41663-127.000.000.033.00024: LHLO localhost 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 250-mail 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING 127.000.000.001.41663-127.000.000.033.00024: MAIL FROM: SIZE=25 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 501 5.5.4 Unsupported options 127.000.000.001.41663-127.000.000.033.00024: QUIT 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 221 2.0.0 OK ^Ctcpflow[5411]: terminating *************************************************** after telnet to dovecot LMTP # telnet 127.0.0.33 24 Trying 127.0.0.33... Connected to 127.0.0.33. Escape character is '^]'. 220 mail Dovecot ready. LHLO test.com 250-mail 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING MAIL FROM: 250 2.1.0 OK RCPT TO: 250 2.1.5 OK DATA 354 OK 1234567 qwertyu asdfghj . 250 2.0.0 WVKvFEln1VEuFQAAZU03Dg Saved QUIT 221 2.0.0 OK How can I persuade dovecot to deliver the mail? And one more: telnet to dovecot LMTP # telnet 127.0.0.33 24 .................... MAIL FROM: test at test.com 501 5.5.4 Invalid parameters MAIL FROM: 501 5.5.4 Invalid parameters MAIL FROM: 250 2.1.0 OK telnet to dspam LMTP # telnet 192.168.1.34 24 .................... MAIL FROM: test at test.com 250 2.1.0 OK .................... # telnet 192.168.1.34 24 .................... MAIL FROM: 250 2.1.0 OK .................... Thank you! Regards, Dmitry From i_was_yah00ed at yahoo.com Thu Jul 4 23:47:06 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 13:47:06 -0700 (PDT) Subject: [Dovecot] CaCert certificate configuration help needed In-Reply-To: <1372964917638-43146.post@n4.nabble.com> References: <1372873418258-43118.post@n4.nabble.com> <20130704113210.Horde.VZw1JxQ7_w-9rev6lpj1HA2@webmail.kwsoft.de> <1372931991518-43139.post@n4.nabble.com> <1372959402237-43141.post@n4.nabble.com> <1372959859167-43142.post@n4.nabble.com> <1372964917638-43146.post@n4.nabble.com> Message-ID: <1372970826084-43148.post@n4.nabble.com> Got it. It seems that when Dovecot tries to create the user's local mail directory, it attempts to set the group as it is in /var/mail. This is not mentioned in the documentation anywhere I could find. That is where it fails. However, it turns out that if you turn off group permissions (0600) in /var/mail/* it will not try to set the group and the local directory is created successfully. -- View this message in context: http://dovecot.2317879.n4.nabble.com/CaCert-certificate-configuration-help-needed-tp43118p43148.html Sent from the Dovecot mailing list archive at Nabble.com. From i_was_yah00ed at yahoo.com Thu Jul 4 23:55:29 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 13:55:29 -0700 (PDT) Subject: [Dovecot] IMAP Cannot Delete (Mailbox Doesn't exist) Message-ID: <1372971329530-43149.post@n4.nabble.com> I am now at the next layer of the onion. I am able to retrieve mail but I cannot delete mail from my inbox. My reader says the server is responding with "mailbox does not exist." Any ideas? TIA. -- View this message in context: http://dovecot.2317879.n4.nabble.com/IMAP-Cannot-Delete-Mailbox-Doesn-t-exist-tp43149.html Sent from the Dovecot mailing list archive at Nabble.com. From d.parthey at metaways.de Fri Jul 5 00:58:30 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Thu, 04 Jul 2013 23:58:30 +0200 Subject: [Dovecot] IMAP Cannot Delete (Mailbox Doesn't exist) In-Reply-To: <1372971329530-43149.post@n4.nabble.com> References: <1372971329530-43149.post@n4.nabble.com> Message-ID: <51D5F006.6080904@metaways.de> Am 04.07.2013 22:55, schrieb gw1500se: > I am able to retrieve mail but I cannot delete mail from my inbox. > My reader says the server is respondingwith "mailbox does not exist." Please follow the advice from http://www.dovecot.org/bugreport.html and post at least the output of the following command: doveconf -n Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele From i_was_yah00ed at yahoo.com Fri Jul 5 01:18:29 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Thu, 4 Jul 2013 15:18:29 -0700 (PDT) Subject: [Dovecot] IMAP Cannot Delete (Mailbox Doesn't exist) In-Reply-To: <51D5F006.6080904@metaways.de> References: <1372971329530-43149.post@n4.nabble.com> <51D5F006.6080904@metaways.de> Message-ID: <1372976309836-43151.post@n4.nabble.com> Sorry, it was posted in a previous thread. I forgot I was starting a new one. Here it is again: # OS: Linux 2.6.32-358.11.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) base_dir = /var/run/dovecot/ login_greeting = Dovecot on mydomain.com ready. mail_location = mbox:~/Maildir:INBOX=/var/mail/%u mbox_write_locks = fcntl passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } ssl = required ssl_cert = References: <1372971329530-43149.post@n4.nabble.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 4 Jul 2013, gw1500se wrote: > I am now at the next layer of the onion. I am able to retrieve mail but I > cannot delete mail from my inbox. My reader says the server is responding > with "mailbox does not exist." Any ideas? TIA. You have enabled debugging still? No errors or something like that in the Dovecot logs? Maybe your client wants to move mails to some other mailbox, e.g. "Deleted Messages", which does not exist and is not created automagically. Check such problem with RawLog http://wiki2.dovecot.org/Debugging/Rawlog There you see the IMAP commands and responses transferred. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdZsjF3r2wJMiz2NAQLfMgf9Fv4ff5KDxHlRYMFx+YkC9UIXgcRX7ZDk gAC96qUEnX5ljCg3vIAYrAO3N7pZ498liQWL3pGX4ef+wx9pM44nv2KZV5wy4h7S gsg24Va8bzQ01c5hXCVkueak9mJyhQ05pCgha0gfzaO23H6pnhUlLJgn7U1MCbPx KCbQ2AxySJ1CtpMsso3i7NRuP9QG1FjNLYcP8VJ1slVrd3bxMefoCxLpLyKvDzi1 SkEUddEenoNtB/QWtMncv8tH4nsgczdAH8jKilXlZpEBx7uBWQM8QkhuRDKKT5LB nw7py4ZMZ+omODaDW2iV0urxuFn5f63FuagO/WW7WjUqrzFy9JjN5A== =K1Cj -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Jul 5 09:50:56 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 5 Jul 2013 08:50:56 +0200 (CEST) Subject: [Dovecot] IMAP Cannot Delete (Mailbox Doesn't exist) In-Reply-To: References: <1372971329530-43149.post@n4.nabble.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 5 Jul 2013, Steffen Kaiser wrote: > Maybe your client wants to move mails to some other mailbox, e.g. "Deleted > Messages", which does not exist and is not created automagically. Check > such problem with RawLog http://wiki2.dovecot.org/Debugging/Rawlog There > you see the IMAP commands and responses transferred. er, or check in the client, what kind of "delete" you've configured, e.g. "move to trash" and what mailbox "trash" is actually. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdZs0V3r2wJMiz2NAQIIUQf/bByWWZcoOi9nBZl+HnLFzWSsCFQBf/n9 EoytTYCfInYkzdIh/eEYIYjc7qimOINh3zk5u7WL3ddoDJWfo8V2fpIX54rrqbQ8 xjvfQME1znQl5GnGD1h8SMpvqZP8AQLqjfqFaUi6+Gf7PaHIRg+L5De+B3RUfE/B xHqPr0NX/5UNCKlvrVn7H+UaM4hBmf7xEAZjG2HQq/1eaWtzEIVe1/bFujMYv7YP PdFGjLuneC1wSi3MYcRSXBMk2P0CQv4oiiUxzhqZKQAdJ2n1aPAe4bA2t4tcWh7F OT4F1cDSjt2Nug69jOKyGIQOhZPsxCS/kecNVfIlWF9LMyKi2wG98A== =KZg4 -----END PGP SIGNATURE----- From AxelLuttgens at swing.be Fri Jul 5 15:37:09 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 5 Jul 2013 14:37:09 +0200 Subject: [Dovecot] Dovecot 2.2.4 - Fatal: master: service(imap): child 44562 killed with signal 11 In-Reply-To: <51CD9418.4020407@mejor.pl> References: <51CACD85.80006@mejor.pl> <51CD9418.4020407@mejor.pl> Message-ID: <7910AD15-4D40-4755-8694-745BF73B60AB@swing.be> Le 28 juin 2013 ? 15:48, Marcin Miros?aw a ?crit : > [...] > > I have fixed configuration. Sadly, dovecot still throws segfaults. Hello Marcin, Do you still encounter the problem? FYI, just upgraded from 2.2.3 to 2.2.4 here, without any obvious ill effect wrt imap sessions. Axel From i_was_yah00ed at yahoo.com Fri Jul 5 16:19:07 2013 From: i_was_yah00ed at yahoo.com (gw1500se) Date: Fri, 5 Jul 2013 06:19:07 -0700 (PDT) Subject: [Dovecot] IMAP Cannot Delete (Mailbox Doesn't exist) In-Reply-To: References: <1372971329530-43149.post@n4.nabble.com> Message-ID: <1373030347500-43155.post@n4.nabble.com> Thanks for all the replies. I cannot explain it but after making some changes to postfix for authenticated relaying, it all started working. One of the parameters I set must have made some kind of difference. -- View this message in context: http://dovecot.2317879.n4.nabble.com/IMAP-Cannot-Delete-Mailbox-Doesn-t-exist-tp43149p43155.html Sent from the Dovecot mailing list archive at Nabble.com. From frank.bonnet at esiee.fr Fri Jul 5 16:41:30 2013 From: frank.bonnet at esiee.fr (Frank Bonnet) Date: Fri, 05 Jul 2013 15:41:30 +0200 Subject: [Dovecot] popup to all users ? Message-ID: <51D6CD0A.6030409@esiee.fr> Hello I need to have a information popup will be send when my thunderbird's users connect to our server. Is there a function in Dovecot to do so ? Thank you From h.reindl at thelounge.net Fri Jul 5 16:43:37 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 05 Jul 2013 15:43:37 +0200 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CD0A.6030409@esiee.fr> References: <51D6CD0A.6030409@esiee.fr> Message-ID: <51D6CD89.1010704@thelounge.net> Am 05.07.2013 15:41, schrieb Frank Bonnet: > I need to have a information popup will be send when > my thunderbird's users connect to our server. > > Is there a function in Dovecot to do so? not IMAP nor POP3 have such capabilities these are *mail protocols* -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From gedalya at gedalya.net Fri Jul 5 16:44:09 2013 From: gedalya at gedalya.net (Gedalya) Date: Fri, 05 Jul 2013 09:44:09 -0400 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CD0A.6030409@esiee.fr> References: <51D6CD0A.6030409@esiee.fr> Message-ID: <51D6CDA9.4010301@gedalya.net> On 07/05/2013 09:41 AM, Frank Bonnet wrote: > Hello > > I need to have a information popup will be send when > my thunderbird's users connect to our server. > > Is there a function in Dovecot to do so ? > > Thank you > Asking Thunderbird to pop up a window would be an IMAP extension and a Thunderbird feature about which you need to inquire. If such a feature exists then we need dovevot to support it. From gedalya at gedalya.net Fri Jul 5 16:49:17 2013 From: gedalya at gedalya.net (Gedalya) Date: Fri, 05 Jul 2013 09:49:17 -0400 Subject: [Dovecot] Migrating domain using IMAPc In-Reply-To: References: Message-ID: <51D6CEDD.5000202@gedalya.net> Some more details? Is the destination not empty? As far as I know you should use backup -R to pull from a source to an empty destination, and import for "merging" messages into an existing, populated mailbox (in which case messages will have new UIDs). Get us some more details on your situation. On 07/04/2013 02:19 PM, Breno Moreira wrote: > Hi list, > > I'm trying to do a domain migration using the imapc feature, but i'm having > some problems and I really don't know what is happening. > > So if you guys could help me with a path to solve this, I will be glad. > I'm using Dovecot 2.1.7 in a Debian Wheezy machine. > > The command I'm using is: > > dsync -Dv -o imapc_features=rfc822.size -o imapc_host=IP -o imapc_port=143 > -o imapc_username='breno.moreira at mav.com.br' -o imapc_password='pass' -u > breno.moreira at mav.com.br mirror imapc:/tmp/dsync-imapc > > and what I got with the logs is: > > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/modules > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/modules/lib20_zlib_plugin.so > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/modules/doveadm > doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() > failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: > undefined symbol: acl_user_module (this is usually intentional, so > just ignore this message) > doveadm(root): Debug: Skipping module doveadm_expire_plugin, because > dlopen() failed: > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined > symbol: expire_set_deinit (this is usually intentio > nal, so just ignore this message) > doveadm(root): Debug: Skipping module doveadm_quota_plugin, because > dlopen() failed: > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined > symbol: quota_user_module (this is usually intentiona > l, so just ignore this message) > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so > doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() > failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: > undefined symbol: fts_backend_rescan (this is usually intentional, > so just ignore this message) > doveadm(breno.moreira at mav.com.br): Debug: Added userdb setting: > mail=sdbox:~/:ALT=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira > doveadm(breno.moreira at mav.com.br): Debug: Effective uid=5000, gid=5000, > home=/srv/dovessdodd/dovecot/mav.com.br/breno.moreira > doveadm(breno.moreira at mav.com.br): Debug: Namespace : type=private, > prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes > location=sdbox:~/:ALT=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira > doveadm(breno.moreira at mav.com.br): Debug: fs: root=/srv/dovessdodd/dovecot/ > mav.com.br/breno.moreira, index=, control=, inbox=, > alt=/srv/dovehdodd/dovecot/mav.com.br/breno.moreira > dsync(breno.moreira at mav.com.br): Debug: Effective uid=5000, gid=5000, > home=/srv/dovessdodd/dovecot/mav.com.br/breno.moreira > dsync(breno.moreira at mav.com.br): Debug: Namespace : type=private, > prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes > location=imapc:/tmp/dsync-imapc > dsync(breno.moreira at mav.com.br): Debug: imapc: root=/tmp/dsync-imapc, > index=, control=, inbox=, alt= > dsync(breno.moreira at mav.com.br): Debug: maildir++: root=/tmp/dsync-imapc, > index=, control=, inbox=, alt= > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Looking > up IP address > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Connecting to 187.115.200.155:143 > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server > capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS > AUTH=PLAIN AUTH=LOGIN > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Authenticating as breno.moreira at mav.com.br > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server > capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT > SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT I > DLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Authenticated successfully > dsync(breno.moreira at mav.com.br): Debug: Namespace INBOX.: Using permissions > from /srv/dovessdodd/dovecot/mav.com.br/breno.moreira: mode=0700 gid=-1 > dsync(breno.moreira at mav.com.br): Debug: Namespace INBOX.: Using permissions > from /tmp/dsync-imapc: mode=0755 gid=-1 > dsync(breno.moreira at mav.com.br): Error: Can't create mailbox INBOX: Empty > mailbox name. > dsync(breno.moreira at mav.com.br): Info: INBOX: only in dest > (guid=c92f64f79f0d1ed01e6d5b314f04886c) > dsync(breno.moreira at mav.com.br): Info: INBOX: only in source > (guid=f4c6a715e8b1d551112d000042e5307d) > dsync(breno.moreira at mav.com.br): Error: Mailbox INBOX changed its GUID > (c92f64f79f0d1ed01e6d5b314f04886c -> f4c6a715e8b1d551112d000042e5307d) > dsync(breno.moreira at mav.com.br): Error: msg iteration failed: Couldn't open > mailbox c92f64f79f0d1ed01e6d5b314f04886c > dsync(breno.moreira at mav.com.br): Error: Mailbox INBOX changed its GUID > (c92f64f79f0d1ed01e6d5b314f04886c -> f4c6a715e8b1d551112d000042e5307d) > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Looking > up IP address > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Connecting to 187.115.200.155:143 > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server > capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS > AUTH=PLAIN AUTH=LOGIN > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Authenticating as breno.moreira at mav.com.br > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): Server > capabilities: IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT > SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT I > DLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC > ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > dsync(breno.moreira at mav.com.br): Debug: imapc(187.115.200.155:143): > Authenticated successfully > dsync(breno.moreira at mav.com.br): Panic: file mail-storage.c: line 794 > (mailbox_check_mismatching_separators): assertion failed: (vname[0] == > ns->prefix[ns->prefix_len-1]) > dsync(breno.moreira at mav.com.br): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x4373a) [0x7f21a814b73a] -> > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) > [0x7f21a814b7fa] -> /usr/lib/dove > cot/libdovecot.so.0(i_fatal+0) [0x7f21a81237e2] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0x7ce8e) [0x7f21a8411e8e] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_open+0x18) > [0x7f21a8411ed8] -> /usr/lib/d > ovecot/libdovecot-storage.so.0(imapc_mailbox_sync_init+0x95) > [0x7f21a83fd235] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x33) > [0x7f21a8410e23] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailb > ox_sync+0x27) [0x7f21a8410f47] -> /usr/bin/dsync(+0x2ef11) [0x7f21a8b20f11] > -> /usr/bin/dsync(+0x2f03f) [0x7f21a8b2103f] -> /usr/bin/dsync(+0x30ac4) > [0x7f21a8b22ac4] -> /usr/bin/dsync(dsync_worker_msg_iter_next+0x34) > [0x7f21a8b1ffb4] -> /usr/bin/dsync(+0x292b4) [0x7f21a8b1b2b4] -> > /usr/bin/dsync(+0x29352) [0x7f21a8b1b352] -> > /usr/bin/dsync(dsync_brain_msg_sync_more+0x450) [0x7f21a8b1b7c0] -> > /usr/bin/dsync(dsync_brain_sync+0xc21) [0x7f21a8b1a6c1] -> > /usr/bin/dsync(+0x28e01) [0x7f21a8b1ae01] -> > /usr/bin/dsync(dsync_brain_sync+0x7b7) [0x7f21a8b1a257] -> > /usr/bin/dsync(+0x28c98) [0x7f21a8b1ac98] -> > /usr/bin/dsync(dsync_brain_sync+0x7f8) [0x7f21a8b1a298] -> > /usr/bin/dsync(dsync_brain_sync_all+0x18) [0x7f21a8b1ae68] -> > /usr/bin/dsync(+0x25f76) [0x7f21a8b17f76] -> /usr/bin/dsync(+0x26461) > [0x7f21a8b18461] -> /usr/bin/dsync(+0x13486) [0x7f21a8b05486] -> > /usr/bin/dsync(+0x13f51) [0x7f21a8b05f51] -> > /usr/bin/dsync(doveadm_mail_try_run+0x159) [0x7f21a8b063e9] -> > /usr/bin/dsync(main+0x3a1) [0x7f21a8b05031] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f21a7d9cead] > Aborted > > > Best Regards, > From ben at morrow.me.uk Fri Jul 5 16:49:18 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 5 Jul 2013 14:49:18 +0100 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CD0A.6030409@esiee.fr> References: <51D6CD0A.6030409@esiee.fr> Message-ID: <20130705134917.GA2346@anubis.morrow.me.uk> At 3PM +0200 on 5/07/13 you (Frank Bonnet) wrote: > > I need to have a information popup will be send when > my thunderbird's users connect to our server. > > Is there a function in Dovecot to do so ? http://wiki2.dovecot.org/PostLoginScripting#Alerts (I don't actually know Thunderbird displays alerts, but it ought to.) Ben From antondollmaier at aditsystems.de Fri Jul 5 16:49:30 2013 From: antondollmaier at aditsystems.de (Anton Dollmaier) Date: Fri, 05 Jul 2013 15:49:30 +0200 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CD0A.6030409@esiee.fr> References: <51D6CD0A.6030409@esiee.fr> Message-ID: <51D6CEEA.2090200@aditsystems.de> Hi, > I need to have a information popup will be send when > my thunderbird's users connect to our server. > > Is there a function in Dovecot to do so ? You may use the postlogin feature: > http://wiki2.dovecot.org/PostLoginScripting Haven't used it myself yet and don't know if this works as expected. @Harald: See RFC 3501, Section 7.1.2.: > https://tools.ietf.org/html/rfc3501#section-7.1.2 > The NO response indicates an operational error message from the > server. When tagged, it indicates unsuccessful completion of the > associated command. The untagged form indicates a warning; the > command can still complete successfully. The human-readable text > describes the condition. Best regards, Anton -- ADIT Systems Anton Dollmaier, B.Sc. Im Moos 22 84323 Massing Telefon: +49-8724-3949990 (Mo-Sa, 10:00-20:00 Uhr, dt. Festnetz) Telefax: +49-8724-3949999 Umsatzsteuer-ID: DE221493781 Twitter: http://twitter.com/ADITSystems Blog: http://blog.aditsystems.de/ Facebook: http://www.facebook.com/ADITSystems KundenCenter: https://kunden.aditsystems.de/kc/ Wiki: https://kunden.aditsystems.de/wiki/ From h.reindl at thelounge.net Fri Jul 5 17:05:29 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 05 Jul 2013 16:05:29 +0200 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CEEA.2090200@aditsystems.de> References: <51D6CD0A.6030409@esiee.fr> <51D6CEEA.2090200@aditsystems.de> Message-ID: <51D6D2A9.1080509@thelounge.net> Am 05.07.2013 15:49, schrieb Anton Dollmaier: > @Harald: > > See RFC 3501, Section 7.1.2.: > >> https://tools.ietf.org/html/rfc3501#section-7.1.2 > >> The NO response indicates an operational error message from the >> server. When tagged, it indicates unsuccessful completion of the >> associated command. The untagged form indicates a warning; the >> command can still complete successfully. The human-readable text >> describes the condition. you really do not want indicate unsuccessful completion just for fun and to hopefully display a message on the client only god knows what this breaks on different clients -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From AxelLuttgens at swing.be Fri Jul 5 17:06:25 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 5 Jul 2013 16:06:25 +0200 Subject: [Dovecot] Variable similar to %u but providing the username changed by a database lookup? Message-ID: <83F71B78-F013-4A3D-BD6E-6E3D907C05F6@swing.be> Hello, Variable %u may be used in dovecot.conf whenever the "full username" is needed. But the expansion of %u returns the username before a possible change performed thru a password or user database lookup (e.g., in the case of a SQL database, thru as "AS user" clause). Is there a variable that would expand to the changed name when used in the configuration file? TIA, Axel From jeroen at massar.ch Fri Jul 5 17:19:38 2013 From: jeroen at massar.ch (Jeroen Massar) Date: Fri, 05 Jul 2013 16:19:38 +0200 Subject: [Dovecot] popup to all users ? In-Reply-To: <20130705134917.GA2346@anubis.morrow.me.uk> References: <51D6CD0A.6030409@esiee.fr> <20130705134917.GA2346@anubis.morrow.me.uk> Message-ID: <51D6D5FA.30101@massar.ch> On 2013-07-05 15:49 , Ben Morrow wrote: > At 3PM +0200 on 5/07/13 you (Frank Bonnet) wrote: >> >> I need to have a information popup will be send when >> my thunderbird's users connect to our server. >> >> Is there a function in Dovecot to do so ? > > http://wiki2.dovecot.org/PostLoginScripting#Alerts > > (I don't actually know Thunderbird displays alerts, but it ought to.) Thunderbird supports it it seems as for instance Zimbra notifies one when the 'server license' is invalid through that method. Greets, Jeroen From genie at geniechka.ru Fri Jul 5 17:20:48 2013 From: genie at geniechka.ru (Eugene) Date: Fri, 5 Jul 2013 18:20:48 +0400 Subject: [Dovecot] popup to all users ? In-Reply-To: <51D6CD0A.6030409@esiee.fr> References: <51D6CD0A.6030409@esiee.fr> Message-ID: <26F3FC9D34664661B801D7E2B65CBBF7@geniepc2011> Hi Frank, Maybe it would be better to just send them a (group) e-mail ? best wishes Eugene -----Original Message----- From: Frank Bonnet Sent: Friday, July 05, 2013 5:41 PM To: Dovecot Mailinglist Subject: [Dovecot] popup to all users ? Hello I need to have a information popup will be send when my thunderbird's users connect to our server. Is there a function in Dovecot to do so ? Thank you From skdovecot at smail.inf.fh-brs.de Fri Jul 5 17:27:53 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 5 Jul 2013 16:27:53 +0200 (CEST) Subject: [Dovecot] Variable similar to %u but providing the username changed by a database lookup? In-Reply-To: <83F71B78-F013-4A3D-BD6E-6E3D907C05F6@swing.be> References: <83F71B78-F013-4A3D-BD6E-6E3D907C05F6@swing.be> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 5 Jul 2013, Axel Luttgens wrote: > Variable %u may be used in dovecot.conf whenever the "full username" is needed. > > But the expansion of %u returns the username before a possible change performed thru a password or user database lookup (e.g., in the case of a SQL database, thru as "AS user" clause). The doc http://wiki2.dovecot.org/AuthDatabase/SQL#User_database_lookups spells: SELECT userid AS username maybe, you override the wrong field? Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdbX6V3r2wJMiz2NAQJeFwf/TNLtKu7lbykgc5ol7aVdLm2Xbt/ZPee7 a0eQTemS2YI2R51+u8jiPHG2YSNlFD2qU9I9/P/OlOAZmvV++FGrKR+1MVKL1Yqy TxwmVKJ/DNNA0XNJuTkTpVshjgwH2HSsvJQ6EJv4qRlD3JUnOFMoGdtumtLoigJx fPLH5OG6YswjOSyEL7p71H3Rit3J+nsHg9AVIWA5fHKNahO1MKT+BQxhpSj0lcDd OhFmXrYPrjSY5TapBoldCRrtXyAJeFhx5AHUZjiBlICFF49bxHTDPSY+gQ4ktIyK 6mxbk9spmNPGgmWKWMWP8lckLXbj4YP/RgCxxDS8JeESmLHmp8YBog== =Wunj -----END PGP SIGNATURE----- From AxelLuttgens at swing.be Fri Jul 5 20:14:26 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 5 Jul 2013 19:14:26 +0200 Subject: [Dovecot] Variable similar to %u but providing the username changed by a database lookup? In-Reply-To: References: <83F71B78-F013-4A3D-BD6E-6E3D907C05F6@swing.be> Message-ID: <9B3B1E1E-A897-4328-A4EF-BD1FBDCD6C89@swing.be> Le 5 juil. 2013 ? 16:27, Steffen Kaiser a ?crit : > [...] > The doc http://wiki2.dovecot.org/AuthDatabase/SQL#User_database_lookups spells: > > SELECT userid AS username > > maybe, you override the wrong field? Hello Steffen, You helped me to look twice at those matters. So, it seems that variable %u (or, for what matters, even %n) indeed expands to the value as changed thru a database lookup. In fact, I now understand that I was struggling with a somewhat unexpected behavior of the prefetch database, and that I failed to correctly interpret the behaviors I was encountering. Will be a question for a next post. ;-) Thanks again, Axel From ka at pacific.net Fri Jul 5 21:02:53 2013 From: ka at pacific.net (Ken A) Date: Fri, 05 Jul 2013 13:02:53 -0500 Subject: [Dovecot] Dovecot 2.2.4 : Panic: file pop3-client.c: line 585 (client_default_destroy): assertion failed: (client->cmd == NULL) Message-ID: <51D70A4D.2020409@pacific.net> This doesn't seem to affect clients, but I'm seeing an occasional pop3 error in the log over the last week. Any ideas what is causing this? Thanks, Ken > Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Connection > closed top=0/0, retr=0/0, del=0/4582, size=246709805 > Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Panic: file > pop3-client.c: line 585 (client_default_destroy): assertion failed: > (client->cmd == NULL) > Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Error: Raw > backtrace: /usr/lib/dovecot/libdovecot.so.0() [0x31b4c6074a] -> > /usr/lib/dovecot/libdovecot.so.0() [0x31b4c60796] -> > /usr/lib/dovecot/libdovecot.so.0(i_error+0) [0x31b4c202df] -> > dovecot/pop3() [0x404df9] -> dovecot/pop3(client_handle_input+0xd4) > [0x4051b4] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) > [0x31b4c6f6d6] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) > [0x31b4c70737] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) > [0x31b4c6f678] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) > [0x31b4c24fa3] -> dovecot/pop3(main+0x257) [0x4043d7] -> > /lib64/libc.so.6(__libc_start_main+0xfd) [0x3a08e1ecdd] -> > dovecot/pop3() [0x403f29] > Jul 4 15:04:04 mail dovecot: POP3(user)x.x.x.x: Fatal: master: > service(pop3): child 9080 killed with signal 6 (core dumped) -- Ken Anderson Pacific Internet - http://www.pacific.net From AxelLuttgens at swing.be Sat Jul 6 01:18:27 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sat, 6 Jul 2013 00:18:27 +0200 Subject: [Dovecot] Ambiguous behavior with prefetch database? Message-ID: Hello, Let's say dovecot.conf contains: mail_uid = dovemailer mail_gid = dovemailer mail_home = /some/path/%n mail_location = mbox:~/mboxes:INBOX=~/mboxes/inbox and that the password database query is of the form: password_query = \ SELECT \ passwd AS password, \ nickname AS user, \ mail_home AS userdb_home, \ mail_location AS userdb_mail, \ WHERE \ ... The database initially comes with NULL for both mail_home and mail_location, the goal being to be able to progressively replace legacy settings. With the above, one gets such entries in the logs upon a pop or imap connection: auth-worker(11262): Debug: auth(u12345678,127.0.0.1): username changed u12345678 -> john.doe auth: Debug: auth(u12345678,127.0.0.1,): username changed u12345678 -> john.doe [...] auth: Debug: prefetch(john.doe,127.0.0.1,): passdb didn't return userdb entries, trying the next userdb and, of course, the userdb_query fails since it isn't supposed to be invoked under such circumstances. Of course, the userdb_query could be adapted so as to handle pop/imap connections in addition to say, lmtp or doveadm connections, but this would anyway raise the question: why bother with a prefetch database setup? In fact, it seems that the problem comes from the fact that the password_query returns NULL values (i.e. "do not override dovecot.conf settings") for all userdb_xxx settings even if, technically speaking, it returns such columns. A slight yet somewhat silly modification of the password_query, such as this one: password_query = \ SELECT \ passwd AS password, \ nickname AS user, \ 'dovemailer' AS userdb_uid, \ mail_home AS userdb_home, \ mail_location AS userdb_mail, \ WHERE \ ... indeed seems to bring back all the expected behavior: now, the "passdb returns userdb entries" and, for example, the config's mail_home expands to the expected value /some/path/john.doe. Could it be that the case "userdb_xxx columns returned, even if all with NULL values" has been somehow overlooked in the code? Or am I erring with my interpetation of all those matters? TIA, Axel From dieterknopf at googlemail.com Sat Jul 6 04:49:40 2013 From: dieterknopf at googlemail.com (Dieter Knopf) Date: Sat, 6 Jul 2013 03:49:40 +0200 Subject: [Dovecot] Right way to share some global mailboxes Message-ID: Hello, i'm using Dovecot since a long time but now I need to share folders for global mail adresses like info@ and support@ between all users. What is the right way to share this mailboxes between many users (everyone with own read flag). My config for location is: mail_location = maildir:/home/vmail/%d/%n:INDEX=/home/vmail-indexes/%d/%n And now i have a folder like /home/vmail/bar.com/foo for sharing... Thanks! From AxelLuttgens at swing.be Sat Jul 6 11:36:11 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sat, 6 Jul 2013 10:36:11 +0200 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP In-Reply-To: <20130704174120.50f90e1d27bfdf59d56e690f@mail.ru> References: <20130704174120.50f90e1d27bfdf59d56e690f@mail.ru> Message-ID: <387A67F4-A4AA-4EA0-9C00-707DCCDCC29D@swing.be> Le 4 juil. 2013 ? 15:41, Dmitry a ?crit : > [...] > > at the same time tcpflow LMTP > > # tcpflow -c -i any host 127.0.0.33 > 127.000.000.033.00024-127.000.000.001.41663: 220 mail Dovecot ready. > 127.000.000.001.41663-127.000.000.033.00024: LHLO localhost > 127.000.000.001.41663-127.000.000.033.00024: > 127.000.000.033.00024-127.000.000.001.41663: 250-mail > 250-8BITMIME > 250-ENHANCEDSTATUSCODES > 250 PIPELINING > 127.000.000.001.41663-127.000.000.033.00024: MAIL FROM: SIZE=25 > 127.000.000.001.41663-127.000.000.033.00024: > 127.000.000.033.00024-127.000.000.001.41663: 501 5.5.4 Unsupported options > 127.000.000.001.41663-127.000.000.033.00024: QUIT > 127.000.000.001.41663-127.000.000.033.00024: > 127.000.000.033.00024-127.000.000.001.41663: 221 2.0.0 OK > ^Ctcpflow[5411]: terminating > > *************************************************** Hello Dmitry, So, it seems that when getting an LMTP connection from dspam, dovecot doesn't advertise a SIZE extension and that dspam anyway makes use of that extension. Hmmm... from RFC5321: In the absence of specific extensions offered by the server and accepted by the client, clients MUST NOT send such parameters and servers SHOULD reject commands containing them as having invalid syntax. I don't know anything about dspam (beside a quick look at their site) nor how it integrates in your environment, but it looks like the behavior of dspam's LMTP client is somewhat buggy. Seems to be a question for some dspam mailing list... On the other hand, the release notes for dspam Version 3.10.0 tend to imply that the problem has been corrected. HTH Axel From david at hicks.id.au Sat Jul 6 12:50:56 2013 From: david at hicks.id.au (David Hicks) Date: Sat, 06 Jul 2013 19:50:56 +1000 Subject: [Dovecot] [PATCH] login-common: Add support for ECDH/ECDHE cipher suites Message-ID: <1373104256.20768.8@d.hx.id.au> # HG changeset patch # User David Hicks # Date 1373085976 -36000 # Sat Jul 06 14:46:16 2013 +1000 # Node ID ccd83f38e4b484ae18f69ea08631eefcaf6a4a4e # Parent 1fbac590b9d4dc05d81247515477bfe6192c262c login-common: Add support for ECDH/ECDHE cipher suites ECDH temporary key parameter selection must be performed during OpenSSL context initialisation before ECDH and ECDHE cipher suites can be used. OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter selection. For OpenSSL < 1.0.2 we must manually specify a named elliptic curve that Dovecot will use to generate an ephemeral key pair. By default we try to use the same named curve as that used in the server's private EC key file. If this attempt fails, a fall back curve of NIST P-384 (secp384r1) is used instead. RFC 6460 states that NIST P-384 MUST be used for cipher suites that include AES-256. For cipher suites that include AES-128, RFC 6460 states that NIST P-256 MUST be used. No matter which curve is used as a fall back option, Dovecot will be non-compliant. The reason for selecting NIST P-384 as a fall back curve is to ensure that the non-compliance is in the form of providing too great a level of security for AES-128 cipher suites rather than too little security for AES-256 cipher suites. diff -r 1fbac590b9d4 -r ccd83f38e4b4 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Fri Jun 28 19:48:37 2013 +0300 +++ b/src/login-common/ssl-proxy-openssl.c Sat Jul 06 14:46:16 2013 +1000 @@ -119,6 +119,10 @@ const struct master_service_ssl_settings *ssl_set); static void ssl_server_context_deinit(struct ssl_server_context **_ctx); +static void ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx, + const struct master_service_ssl_settings *set); +static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set); + static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx) { unsigned int i, g, h = 0; @@ -993,11 +997,58 @@ store = SSL_CTX_get_cert_store(ssl_ctx); load_ca(store, set->ssl_ca, load_xnames ? &xnames : NULL); } + ssl_proxy_ctx_set_crypto_params(ssl_ctx, set); SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); + return xnames; +} + +static void +ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx, + const struct master_service_ssl_settings *set) +{ +#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L + EC_KEY *ecdh; + int nid; + const char *curve_name; +#endif if (SSL_CTX_need_tmp_RSA(ssl_ctx)) SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key); SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback); - return xnames; +#if !defined(OPENSSL_NO_ECDH) + /* In the non-recommended situation where ECDH cipher suites are being + used instead of ECDHE, do not reuse the same ECDH key pair for + different sessions. This option improves forward secrecy. */ + SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE); +#endif +#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10002000L + /* OpenSSL >= 1.0.2 automatically handles ECDH temporary key parameter + selection. */ + SSL_CTX_set_ecdh_auto(ssl_ctx, 1); +#elif !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L + /* For OpenSSL < 1.0.2, ECDH temporary key parameter selection must be + performed manually. Attempt to select the same curve as that used + in the server's private EC key file. Otherwise fall back to the + NIST P-384 (secp384r1) curve to be compliant with RFC 6460 when + AES-256 TLS cipher suites are in use. This fall back option does + however make Dovecot non-compliant with RFC 6460 which requires + curve NIST P-256 (prime256v1) be used when AES-128 TLS cipher + suites are in use. At least the non-compliance is in the form of + providing too much security rather than too little. */ + nid = ssl_proxy_ctx_get_pkey_ec_curve_name(set); + ecdh = EC_KEY_new_by_curve_name(nid); + if (ecdh == NULL) { + /* Fall back option */ + nid = NID_secp384r1; + ecdh = EC_KEY_new_by_curve_name(nid); + } + if ((curve_name = OBJ_nid2sn(nid)) != NULL) + i_debug("SSL: elliptic curve %s will be used for ECDH and" + " ECDHE key exchanges", curve_name); + if (ecdh != NULL) { + SSL_CTX_set_tmp_ecdh(ssl_ctx, ecdh); + EC_KEY_free(ecdh); + } +#endif } static void @@ -1084,6 +1135,28 @@ } static int +ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set) +{ + int nid = 0; +#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L + EVP_PKEY *pkey; + const char *password; + EC_KEY *eckey; + EC_GROUP *ecgrp; + + password = *set->ssl_key_password != '\0' ? set->ssl_key_password : + getenv(MASTER_SSL_KEY_PASSWORD_ENV); + pkey = ssl_proxy_load_key(set->ssl_key, password); + if (pkey != NULL && + (eckey = EVP_PKEY_get1_EC_KEY(pkey)) != NULL && + (ecgrp = EC_KEY_get0_group(eckey)) != NULL) + nid = EC_GROUP_get_curve_name(ecgrp); + EVP_PKEY_free(pkey); +#endif + return nid; +} + +static int ssl_proxy_ctx_use_certificate_chain(SSL_CTX *ctx, const char *cert) { /* mostly just copy&pasted from SSL_CTX_use_certificate_chain_file() */ @@ -1209,7 +1282,6 @@ #endif ssl_proxy_ctx_use_key(ctx->ctx, ssl_set); - SSL_CTX_set_info_callback(ctx->ctx, ssl_info_callback); if (ctx->verify_client_cert) ssl_proxy_ctx_verify_client(ctx->ctx, xnames); -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part URL: From d.parthey at metaways.de Sat Jul 6 16:49:51 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Sat, 06 Jul 2013 15:49:51 +0200 Subject: [Dovecot] Right way to share some global mailboxes In-Reply-To: References: Message-ID: <51D8207F.1020608@metaways.de> Hello Dieter, Am 06.07.2013 03:49, schrieb Dieter Knopf: > i'm using Dovecot since a long time but now I need to share folders for > global mail adresses like info@ and support@ between all users. > > What is the right way to share this mailboxes between many users (everyone > with own read flag). > > My config for location is: > mail_location = maildir:/home/vmail/%d/%n:INDEX=/home/vmail-indexes/%d/%n > > And now i have a folder like /home/vmail/bar.com/foo for sharing... "Public" or "Shared" namespaces with "Private Indexes" (INDEXPVT=... in Dovecot 2.2) should be the way to go, see: http://wiki2.dovecot.org/SharedMailboxes Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele From dotancohen at gmail.com Sun Jul 7 12:47:20 2013 From: dotancohen at gmail.com (Dotan Cohen) Date: Sun, 7 Jul 2013 12:47:20 +0300 Subject: [Dovecot] (no subject) Message-ID: On an Ubuntu Server 12.04 system with Dovecot 2.0.19 I am having some trouble with the Dovecot passwords. I am finding this in the logs when I unsuccessfully try to log in: Jul 07 08:13:25 auth-worker: Debug: pam(user at someDomain.com,212. 179.241.14): lookup service=dovecot Jul 07 08:13:25 auth-worker: Debug: pam(user at someDomain.com,212.179.241.14): #1/1 style=1 msg=Password: Jul 07 08:13:27 auth-worker: Info: pam(user at someDomain.com,212.179.241.14): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: 12345) Jul 07 08:13:29 auth: Debug: client out: FAIL 2 user=user at someDomain.com Jul 07 08:13:29 pop3-login: Info: Disconnected (auth failed, 2 attempts): user=, method=PLAIN, rip=212.179.241.14, lip=10.138.11.251 This is not the real password, but an example to show that I think that there is an issue: $ /usr/bin/doveadm pw -u user at someDomain.com -s DIGEST-MD5 Enter new password: # Here I have typed "12345" Retype new password: # Here I have typed "12345" {DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc $ printf "12345" | md5sum 827ccb0eea8a706c4c34a16891f84e7b - $ Shouldn't that password match the md5sum check? Also, might I have the file formats wrong? $ cat passwd user at someDomain.com::5000:5000::/var/mail/vhosts/someDomain.com/user $ cat shadow user at someDomain.com:{DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc $ Note that testing in Telnet fails the password as well, both when specifying the user without a domain and with a domain: $ telnet mail.someDomain.com 143 Trying x.x.x.x... Connected to mail.someDomain.com. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. a login user 12345 a NO [AUTHENTICATIONFAILED] Authentication failed. e logout * BYE Logging out e OK Logout completed. Connection closed by foreign host. $ telnet mail.someDomain.com 143 Trying x.x.x.x... Connected to mail.someDomain.com. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. a login user at someDomain.com 12345 a NO [AUTHENTICATIONFAILED] Authentication failed. * BAD Error in IMAP command received by server. e logout * BYE Logging out e OK Logout completed. Connection closed by foreign host. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com From AxelLuttgens at swing.be Sun Jul 7 16:10:55 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sun, 7 Jul 2013 15:10:55 +0200 Subject: [Dovecot] (no subject) In-Reply-To: References: Message-ID: <7105B8B0-905D-4CF4-A1CF-2FF72674F731@swing.be> Le 7 juil. 2013 ? 11:47, Dotan Cohen a ?crit : > [...] > $ /usr/bin/doveadm pw -u user at someDomain.com -s DIGEST-MD5 > Enter new password: # Here I have typed "12345" > Retype new password: # Here I have typed "12345" > {DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc > $ printf "12345" | md5sum > 827ccb0eea8a706c4c34a16891f84e7b - > $ Hello Dotan, Note that md5sum calculates a hash similar to the one used by dovecot's MD5-PLAIN scheme: $ doveadm pw -s PLAIN-MD5 -p 12345 {PLAIN-MD5}827ccb0eea8a706c4c34a16891f84e7b > Shouldn't that password match the md5sum check? As a result: no... ;-) > [...] > $ telnet mail.someDomain.com 143 > Trying x.x.x.x... > Connected to mail.someDomain.com. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE AUTH=PLAIN] Dovecot ready. > a login user 12345 > [...] I doubt this is a valid attempt: - unless I'm wrong, the command should be authenticate (not login) - the server doesn't seem to be configured for making use of digest-md5 You may find an example of such an authentication near the end of http://tools.ietf.org/html/rfc2831. You might also have a look at http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5. HTH, Axel From trever at middleearth.sapphiresunday.org Mon Jul 8 12:31:33 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 08 Jul 2013 03:31:33 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) Message-ID: <51DA86F5.6080707@middleearth.sapphiresunday.org> I am not sure how to get the symbols necessary, however the following is the backtrace (this is Fedora 19 latest everything): Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of memory Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] -> /usr/lib64/dovecot/libdovecot.so.0(i_error+0) [0x7f97a94f070f] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72ee8) [0x7f97a9542ee8] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72f1f) [0x7f97a9542f1f] -> /usr/lib64/dovecot/libdovecot.so.0(sasl_client_new+0x31) [0x7f97a9526ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) [0x7f97a62f058c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) [0x7f97a62f0cd9] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) [0x7f97a62f3e46] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind_s+0xe1) [0x7f97a62f4041] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so(db_ldap_connect+0x146) [0x7f97a652f286] -> dovecot/auth(userdb_init+0x1a) [0x7f97a99e09ea] -> dovecot/auth(auths_init+0xc9) [0x7f97a99c8e29] -> dovecot/auth(main+0x335) [0x7f97a99c8225] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f97a8ae8b75] -> dovecot/auth(+0xe43d) [0x7f97a99c843d] Jul 8 03:23:02 MX dovecot: master: Error: service(auth): command startup failed, throttling for 60 secs Jul 8 03:23:02 MX dovecot: auth: Fatal: master: service(auth): child 9650 returned error 83 (Out of memory (service auth { vsz_limit=256 MB }, you may need to increase it)) Any help would be greatly appreciated. Thank you, Trever From h.reindl at thelounge.net Mon Jul 8 12:43:06 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 08 Jul 2013 11:43:06 +0200 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA86F5.6080707@middleearth.sapphiresunday.org> References: <51DA86F5.6080707@middleearth.sapphiresunday.org> Message-ID: <51DA89AA.7040400@thelounge.net> Am 08.07.2013 11:31, schrieb Trever L. Adams: > Jul 8 03:23:02 MX dovecot: auth: Fatal: master: service(auth): child > 9650 returned error 83 (Out of memory (service auth { vsz_limit=256 MB > }, you may need to increase it)) > > Any help would be greatly appreciated look at the last line of your quote -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From marcin at mejor.pl Mon Jul 8 12:52:04 2013 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Mon, 08 Jul 2013 11:52:04 +0200 Subject: [Dovecot] Dovecot 2.2.{3, 4} - Fatal: master: service(imap): child 44562 killed with signal 11, related to IMAPC? In-Reply-To: <7910AD15-4D40-4755-8694-745BF73B60AB@swing.be> References: <51CACD85.80006@mejor.pl> <51CD9418.4020407@mejor.pl> <7910AD15-4D40-4755-8694-745BF73B60AB@swing.be> Message-ID: <51DA8BC4.9070100@mejor.pl> W dniu 05.07.2013 14:37, Axel Luttgens pisze: > Le 28 juin 2013 ? 15:48, Marcin Miros?aw a ?crit : > >> [...] >> >> I have fixed configuration. Sadly, dovecot still throws segfaults. > > Hello Marcin, Hi Axel! Yhanks for bringing my problem up. > Do you still encounter the problem? > FYI, just upgraded from 2.2.3 to 2.2.4 here, without any obvious ill effect wrt imap sessions. I did some tests. Problems appears when I use namespace with defined IMAPC. My definition of addistionale namespaces is keept in database, here it is: namespace=mailinglists xxxx-wp-pl test3$namespace/test3/location=mdbox:~/.mdbox/test3/$namespace/test3/prefix=test3.$namespace/mailinglists/location=mdbox:~/.mdbox/mailinglists$namespace/mailinglists/prefix=mailinglists.$namespace/mailinglists/separator=.$namespace/test3 /separator=.$namespace/xxxx-wp-pl/location=imapc:~/imapc.xxxx-wp-pl/$namespace/xxxx-wp-pl/prefix=xxxx-wp-pl.$imapc_host=imap.wp.pl$imapc_port=993$imapc_user=xxxx @wp.pl$imapc_password=QWERTY$imapc_ssl=imaps$imapc_ssl_ca_dir=/etc/ssl/certs$imapc_ssl_verify=no$imapc_feature=rfc.822$ignore_on_failure=yes I've also problem with dovecot 2.2.3. Regards, Marcin. From trever at middleearth.sapphiresunday.org Mon Jul 8 12:55:06 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 08 Jul 2013 03:55:06 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA89AA.7040400@thelounge.net> References: <51DA86F5.6080707@middleearth.sapphiresunday.org> <51DA89AA.7040400@thelounge.net> Message-ID: <51DA8C7A.7020003@middleearth.sapphiresunday.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/08/2013 03:43 AM, Reindl Harald wrote: > > > Am 08.07.2013 11:31, schrieb Trever L. Adams: >> Jul 8 03:23:02 MX dovecot: auth: Fatal: master: service(auth): child >> 9650 returned error 83 (Out of memory (service auth { vsz_limit=256 MB >> }, you may need to increase it)) >> >> Any help would be greatly appreciated > > look at the last line of your quote > I am afraid that that doesn't fix the problem Reindl. Jul 8 03:51:56 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of memory Jul 8 03:51:56 MX dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f5774b6b437] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f5774b6b4fe] -> /usr/lib64/dovecot/libdovecot.so.0(i_error+0) [0x7f5774b2c70f] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72ee8) [0x7f5774b7eee8] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72f1f) [0x7f5774b7ef1f] -> /usr/lib64/dovecot/libdovecot.so.0(sasl_client_new+0x31) [0x7f5774b62ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) [0x7f577192c58c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) [0x7f577192ccd9] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) [0x7f577192fe46] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind_s+0xe1) [0x7f5771930041] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so(db_ldap_connect+0x146) [0x7f5771b6b286] -> dovecot/auth(userdb_init+0x1a) [0x7f577501c9ea] -> dovecot/auth(auths_init+0xc9) [0x7f5775004e29] -> dovecot/auth(main+0x335) [0x7f5775004225] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f5774124b75] -> dovecot/auth(+0xe43d) [0x7f577500443d] Jul 8 03:51:56 MX dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs Jul 8 03:51:56 MX dovecot: auth: Fatal: master: service(auth): child 1744 returned error 83 (Out of memory (service auth { vsz_limit=512 MB }, you may need to increase it)) I do not think that dovecot has increased its memory usage by more than 100%. Thank you, Trever -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJR2oxjAAoJENEtz1LOYsiz4s4P/1g5GHweaH0L7GfZeDypYx8V 0tRTtMHkW66IpgQ9V7ZTlFO6jbrQGiqQyiaKy1s5Fx1gYbDwJ6fEgVqNqM1w1L8U hnw78a2piCFu4lOtatooAWoudtkR5/4VUSKXId9fCLayTFWRhE1TkBP74+KfAqCa CipHazwpZpYR4PShHooUPn54mxYupFmwL3GQZKP0rglIB/VUwpXXm6QJaX3+Nfnf 0jrSQEn/vbrV9kOiH7/FauzXfQl/23a1odpzgcgvaqXO0oAL0r/8OoF7CZhSTPsJ bs97T/G8PV4zFnTug1XjbvPY5xDh2F8ZbcgEE63y72c4Ncjs0njFxlAS/1rfu7cl k0URC2IfRm8dFcfa67xNpNH+aOxlaCP0/r5/0WEQg+VjzfNUNMwNq29uXjiZvYd8 ojFgfeyBtHepZkgg/YmtE39wIbLh83vizBcQVF96en4NCjvtfeUZkFdlR6F9TvY8 CiJj2eZ3sI/WHdenpv83nxGmKlIj6dg0tbmXuYrO1067L+zBbW3tcHebxqqcDQ/u PGsDKkaLZvmw+is/iJwnlvhfAyeMzbn5/r+IST24K3h4oyVv0DSyVvrXaxOG0DB0 NGMYoiNc+3oqbN4OKR9E+SZvyJDFS/oGAP0j2mbnmTiCdmKbhsBJQVy+1uoLt+sL 1WPrhMM2ElUuLT9+5J3f =luLp -----END PGP SIGNATURE----- From genie at geniechka.ru Mon Jul 8 13:00:44 2013 From: genie at geniechka.ru (Eugene) Date: Mon, 8 Jul 2013 14:00:44 +0400 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA8C7A.7020003@middleearth.sapphiresunday.org> References: <51DA86F5.6080707@middleearth.sapphiresunday.org><51DA89AA.7040400@thelounge.net> <51DA8C7A.7020003@middleearth.sapphiresunday.org> Message-ID: Hi Trever, Actually the first line seems to suggest an attempt to allocate 2GB block. The question is why it wants to do that =) Best wishes Eugene -----Original Message----- From: Trever L. Adams Sent: Monday, July 08, 2013 1:55 PM To: Reindl Harald Cc: dovecot at dovecot.org Subject: Re: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/08/2013 03:43 AM, Reindl Harald wrote: > > > Am 08.07.2013 11:31, schrieb Trever L. Adams: >> Jul 8 03:23:02 MX dovecot: auth: Fatal: master: service(auth): child >> 9650 returned error 83 (Out of memory (service auth { vsz_limit=256 MB >> }, you may need to increase it)) >> >> Any help would be greatly appreciated > > look at the last line of your quote > I am afraid that that doesn't fix the problem Reindl. Jul 8 03:51:56 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of memory Jul 8 03:51:56 MX dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f5774b6b437] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f5774b6b4fe] -> /usr/lib64/dovecot/libdovecot.so.0(i_error+0) [0x7f5774b2c70f] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72ee8) [0x7f5774b7eee8] -> /usr/lib64/dovecot/libdovecot.so.0(+0x72f1f) [0x7f5774b7ef1f] -> /usr/lib64/dovecot/libdovecot.so.0(sasl_client_new+0x31) [0x7f5774b62ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) [0x7f577192c58c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) [0x7f577192ccd9] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) [0x7f577192fe46] -> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind_s+0xe1) [0x7f5771930041] -> /usr/lib64/dovecot/auth/libauthdb_ldap.so(db_ldap_connect+0x146) [0x7f5771b6b286] -> dovecot/auth(userdb_init+0x1a) [0x7f577501c9ea] -> dovecot/auth(auths_init+0xc9) [0x7f5775004e29] -> dovecot/auth(main+0x335) [0x7f5775004225] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f5774124b75] -> dovecot/auth(+0xe43d) [0x7f577500443d] Jul 8 03:51:56 MX dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs Jul 8 03:51:56 MX dovecot: auth: Fatal: master: service(auth): child 1744 returned error 83 (Out of memory (service auth { vsz_limit=512 MB }, you may need to increase it)) I do not think that dovecot has increased its memory usage by more than 100%. Thank you, Trever -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJR2oxjAAoJENEtz1LOYsiz4s4P/1g5GHweaH0L7GfZeDypYx8V 0tRTtMHkW66IpgQ9V7ZTlFO6jbrQGiqQyiaKy1s5Fx1gYbDwJ6fEgVqNqM1w1L8U hnw78a2piCFu4lOtatooAWoudtkR5/4VUSKXId9fCLayTFWRhE1TkBP74+KfAqCa CipHazwpZpYR4PShHooUPn54mxYupFmwL3GQZKP0rglIB/VUwpXXm6QJaX3+Nfnf 0jrSQEn/vbrV9kOiH7/FauzXfQl/23a1odpzgcgvaqXO0oAL0r/8OoF7CZhSTPsJ bs97T/G8PV4zFnTug1XjbvPY5xDh2F8ZbcgEE63y72c4Ncjs0njFxlAS/1rfu7cl k0URC2IfRm8dFcfa67xNpNH+aOxlaCP0/r5/0WEQg+VjzfNUNMwNq29uXjiZvYd8 ojFgfeyBtHepZkgg/YmtE39wIbLh83vizBcQVF96en4NCjvtfeUZkFdlR6F9TvY8 CiJj2eZ3sI/WHdenpv83nxGmKlIj6dg0tbmXuYrO1067L+zBbW3tcHebxqqcDQ/u PGsDKkaLZvmw+is/iJwnlvhfAyeMzbn5/r+IST24K3h4oyVv0DSyVvrXaxOG0DB0 NGMYoiNc+3oqbN4OKR9E+SZvyJDFS/oGAP0j2mbnmTiCdmKbhsBJQVy+1uoLt+sL 1WPrhMM2ElUuLT9+5J3f =luLp -----END PGP SIGNATURE----- From h.reindl at thelounge.net Mon Jul 8 13:15:25 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 08 Jul 2013 12:15:25 +0200 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: References: <51DA86F5.6080707@middleearth.sapphiresunday.org><51DA89AA.7040400@thelounge.net> <51DA8C7A.7020003@middleearth.sapphiresunday.org> Message-ID: <51DA913D.1010700@thelounge.net> Am 08.07.2013 12:00, schrieb Eugene: > Actually the first line seems to suggest an attempt to allocate 2GB block. The question is why it wants to do that =) sure taht there is no stupid client trying to store a some GB draft on the server? i had a year ago a apple-mail client where the user selected the wrong attachment (6 GB MP4) and apple-mail insisted to store it a draft on the server repeating this every time the server came back after crashing even after changing the password as the client found a open connection from before if the client is inside the LAN with GBE this goes fast -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From jeroen at massar.ch Mon Jul 8 13:17:02 2013 From: jeroen at massar.ch (Jeroen Massar) Date: Mon, 08 Jul 2013 12:17:02 +0200 Subject: [Dovecot] Mailbox statistics (sdbox / indexes) (+ wiki2 frontpage notes) Message-ID: <51DA919E.9050506@massar.ch> Hi, I used to, with a simple script, loop over the filenames in a Maildir, grab the From from the contents of the file and grab the flags (especially "READ" and "REPLIED") from the filename, but after moving to sdbox these flags are hidden in the index file. Is there anyway to get these out of there programmatically without having to resort to using an imap-client or is that the way to go? (I am effectively counting who has sent the most mail to a mailbox and how many of the the messages have been and have not been replied to; thus another answer would be: "I got a stats program for mailboxes") Greets, Jeroen PS: just reverted the wiki2 Frontpage, apparently even bots know who the author of the IMAP protocol is (leading me to believe that that check does not work): http://wiki2.dovecot.org/FrontPage?action=info I could not find a "revert" button thus copied&pasta'd the previous edition in there. PS2: there seems to be a master.wiki2.dovecot.org and a wiki2.dovecot.org; logging in on the one does not log in on the other, and accounts on the one are different from the other, and it seems cookies go missing also somewhere, hence why an IP is logged and not my account (which I used to have, now was missing and thus I recreated, but needed to do that on both boxes) From trever at middleearth.sapphiresunday.org Mon Jul 8 13:24:53 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 08 Jul 2013 04:24:53 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA913D.1010700@thelounge.net> References: <51DA86F5.6080707@middleearth.sapphiresunday.org><51DA89AA.7040400@thelounge.net> <51DA8C7A.7020003@middleearth.sapphiresunday.org> <51DA913D.1010700@thelounge.net> Message-ID: <51DA9375.7080503@middleearth.sapphiresunday.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/08/2013 04:15 AM, Reindl Harald wrote: > > > Am 08.07.2013 12:00, schrieb Eugene: >> Actually the first line seems to suggest an attempt to allocate 2GB block. The question is why it wants to do that =) > > sure taht there is no stupid client trying to store a some GB > draft on the server? i had a year ago a apple-mail client > where the user selected the wrong attachment (6 GB MP4) > and apple-mail insisted to store it a draft on the server > repeating this every time the server came back after crashing > even after changing the password as the client found a open > connection from before > > if the client is inside the LAN with GBE this goes fast > > The crash happens on any Kerberos login. I am the only user on the system at the moment and while I have a few drafts, they are small. To do crash, I just do "yum upgrade; service dovecot restart" then try to login. Instant crash. If I then do a forced down grade, do the login, it works. Trever -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJR2pN1AAoJENEtz1LOYsizylMP/2LDQQjzoUjk2koPmR48r/Xs 9NvmRr1xcvi4jjYic1qT1NJgOO8jHT93smV8whX0LDa49scIu4TwBxAqOcMH/lSh +zqcGo5mj1zA3Qu7e81EcV34raFXfNKPOqGRzmKf68aKO0ktMLINXlEhPzbfxeoH r3CxukFzKjzA0ZZh1XtFzgX1SdnttiqjZYVVqy7YMS5mph+pRxE7UPtLSXS9vJck cQAM75B7WGCDIT9hPW2YFz4GXEDtx8bgMrzeEXNe1MdTxXi/+jIzBDmRdsOmJ7fS lmooFETcjZBv36OGReLYipu5juG34Z0EpiWJTy1DbcnOL5XwAdoErIx2VbZ+r+Aj 5fFEhQT/bpsEo+GBb59zPRE5b22Y3LgNFBwQ1m0zie/GJTSUi89M2mKugQ5l5s0O fPEwdtQT7VYWr1iZVrDaQBA6xAqTMaz/XxH8JByE/nYAXYQflW/4PU/qeh6qCNxE VJeyVAfcuIZGKtzvepye/8ZZxKLRHVcP/dq/0um3xWozUiG6se7V3TWfQ2DhIOEj TJhN0Ygcm+iQmyUBIN82ga4j4KUvZTIJ9h6CeRTlqznuxMzXI5UH+Q38fASqUCZN nRT7bMGhYwP7w9sioRj+8nZqxkLqpT/pxwPvQpZt3HTD6VFjsvQ9RClx4Ylmztom KumkGNlet79FuLKq1MSL =GEz4 -----END PGP SIGNATURE----- From trever at middleearth.sapphiresunday.org Mon Jul 8 13:45:43 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 08 Jul 2013 04:45:43 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: References: <51DA86F5.6080707@middleearth.sapphiresunday.org><51DA89AA.7040400@thelounge.net> <51DA8C7A.7020003@middleearth.sapphiresunday.org> Message-ID: <51DA9857.7030600@middleearth.sapphiresunday.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/08/2013 04:00 AM, Eugene wrote: > Hi Trever, > > Actually the first line seems to suggest an attempt to allocate 2GB block. The question is why it wants to do that =) > > Best wishes > Eugene > And I have no reason why. Thank you for your help, Trever -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCgAGBQJR2phXAAoJENEtz1LOYsizxKwQAJDqwTY2ooYJ9cHjrsQo6p6H xKMXBh3G+3rNkNfrdw1OKFKuTESh92lbA6wjPEEKnNl5ZAkarJZJQcR2qtp5IT3+ L/YRZiuSFNK/UKzhxMopnbp4gntE+Fq5Ch6SMNkNfm2iHgsO5YAbQAhOJadH9JI2 KICFb6SmWCVsZ4JynzioGIBRnY+ka881BUgPBtQJfjjGn2C76IWaPtJuc8cyEWGq +yPXUStCawRnV+EAeC8s/KWEND+Ys3Mm5Z5p2ad+vYI4M0FzCdqAH/v+zO/KvQNX oJsvzcecLg0zbI+O8fIXX3wD/5imzQweDaY/kOV1WayEby+GXAY1VByrVttq7H49 IIYVWlVj2uwDbw4IoTnKqBCf3/bp6isTbHiPqts/vq5dD45ssjT+fQ9qmpkE0BJQ rGdOQH2Bt+tPIu3m3C+Mm5r/1ygaHp+ZBCKZzl2wDoZUmavh7g2NG9HOKXtj0jEk s6HTDrfAIoGRRCCPOc72bJanzrCqHIs8Jg+/M9SNKCmBk0oYO1MdnShVofg8Cgx1 o+Y8NPeWmwVvmFuZ6lZflSkCKP8o3ajgqyYfyCO2Gzj+nDs6mAwo2Z0BL/AuFpUZ N+BL8NuNA26pXlLZ61Q/1q/e/Uz4+tRDGYbhSXoKs5gaKjvtm58xL2ZcxdM2QZfN /9szf1Ihr62NkbXFumSX =zyeX -----END PGP SIGNATURE----- From rs at sys4.de Mon Jul 8 13:55:51 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 08 Jul 2013 12:55:51 +0200 Subject: [Dovecot] Mailbox statistics (sdbox / indexes) (+ wiki2 frontpage notes) In-Reply-To: <51DA919E.9050506@massar.ch> References: <51DA919E.9050506@massar.ch> Message-ID: <51DA9AB7.4040601@sys4.de> Am 08.07.2013 12:17, schrieb Jeroen Massar: > Hi, > > I used to, with a simple script, loop over the filenames in a Maildir, > grab the From from the contents of the file and grab the flags > (especially "READ" and "REPLIED") from the filename, but after moving to > sdbox these flags are hidden in the index file. > > Is there anyway to get these out of there programmatically without > having to resort to using an imap-client or is that the way to go? > > (I am effectively counting who has sent the most mail to a mailbox and > how many of the the messages have been and have not been replied to; > thus another answer would be: "I got a stats program for mailboxes") > > Greets, > Jeroen you may have a look at http://wiki2.dovecot.org/Tools/Doveadm/SearchQuery > > PS: just reverted the wiki2 Frontpage, apparently even bots know who the > author of the IMAP protocol is (leading me to believe that that check > does not work): http://wiki2.dovecot.org/FrontPage?action=info > I could not find a "revert" button thus copied&pasta'd the previous > edition in there. > > PS2: there seems to be a master.wiki2.dovecot.org and a > wiki2.dovecot.org; logging in on the one does not log in on the other, > and accounts on the one are different from the other, and it seems > cookies go missing also somewhere, hence why an IP is logged and not my > account (which I used to have, now was missing and thus I recreated, but > needed to do that on both boxes) > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From dotancohen at gmail.com Mon Jul 8 14:31:26 2013 From: dotancohen at gmail.com (Dotan Cohen) Date: Mon, 8 Jul 2013 14:31:26 +0300 Subject: [Dovecot] (no subject) In-Reply-To: <7105B8B0-905D-4CF4-A1CF-2FF72674F731@swing.be> References: <7105B8B0-905D-4CF4-A1CF-2FF72674F731@swing.be> Message-ID: On Sun, Jul 7, 2013 at 4:10 PM, Axel Luttgens wrote: > Hello Dotan, > > Note that md5sum calculates a hash similar to the one used by dovecot's MD5-PLAIN scheme: > > $ doveadm pw -s PLAIN-MD5 -p 12345 > {PLAIN-MD5}827ccb0eea8a706c4c34a16891f84e7b > > >> Shouldn't that password match the md5sum check? > > As a result: no... ;-) > I see! I've tried a few formats to verify the MD5 hash, but none produced the expected results. In any case, I've gotten that part of Dovecot working now that I've discovered that most of the information online is for Dovecot 1. However the Dovecot 2 wiki is terrific and it pulled me through. >> [...] >> $ telnet mail.someDomain.com 143 >> Trying x.x.x.x... >> Connected to mail.someDomain.com. >> Escape character is '^]'. >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE AUTH=PLAIN] Dovecot ready. >> a login user 12345 >> [...] > > I doubt this is a valid attempt: > > - unless I'm wrong, the command should be authenticate (not login) No, it does seem that 'login' is the right command. I've got it working now. > - the server doesn't seem to be configured for making use of digest-md5 > > You may find an example of such an authentication near the end of http://tools.ietf.org/html/rfc2831. > You might also have a look at http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5. > Thank you, that was indeed part of the issue! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com From do1 at yandex.ru Mon Jul 8 21:42:08 2013 From: do1 at yandex.ru (do1 at yandex.ru) Date: Mon, 08 Jul 2013 22:42:08 +0400 Subject: [Dovecot] Non-blocking file_dotlock_open() in quota-maildir question Message-ID: <120481373308928@web17d.yandex.ru> Hello, Is it safe to change lines in plugins/quota/quota-maildir.c::maildirsize_write() from ? fd = file_dotlock_open_group(.., DOTLOCK_CREATE_FLAG_NONBLOCK, ..); to ? fd = file_dotlock_open_group(.., 0, ..); ? Rationale is: exim+cpanel frequently leave stale maldirsize.lock, but when quota plugin try to dotlock maildirsize, it do this with NONBLOCK flag and just once, so first lock fails with EAGAIN and second may never happen. (When last mail is over quota this also prevent user from further receiving any mail because quota remain exceeded, forver. This is annoing problem.) I wonder if it is possible to do easy fix problem by removing NONBLOCK flag, but as I don't understand why this NONBLOCK flag is used in the first place I decided to ask developers in the list for approval. If removing NONBLOCK flag is not possible I will just call file_dotlock_open_group() twice if first one return -1 with EAGAIN. Best regards, Don. From trever at middleearth.sapphiresunday.org Tue Jul 9 01:35:47 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Mon, 08 Jul 2013 16:35:47 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA9857.7030600@middleearth.sapphiresunday.org> References: <51DA86F5.6080707@middleearth.sapphiresunday.org><51DA89AA.7040400@thelounge.net> <51DA8C7A.7020003@middleearth.sapphiresunday.org> <51DA9857.7030600@middleearth.sapphiresunday.org> Message-ID: <51DB3EC3.5070404@middleearth.sapphiresunday.org> On 07/08/2013 04:45 AM, Trever L. Adams wrote: > On 07/08/2013 04:00 AM, Eugene wrote: > > Hi Trever, > > > Actually the first line seems to suggest an attempt to allocate 2GB > block. The question is why it wants to do that =) > > > Best wishes > > Eugene > > > And I have no reason why. > > Thank you for your help, > Trever > In 2.2.3 did mailbox handling change? I use maildir. Some of the folders do have a lot of messages, but very few large ones (I believe my postfix setup limits things to 10M per message). Also, this happens on any login kerberos or not. I have an LDAP that is used to test for accounts (this is where it says it is crashing), Kerberos for Authentication and PAM which looks at the LDAP/Kerberos. Nothing but dovecot software changes between working and non-working. Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 901 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Tue Jul 9 10:12:38 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 9 Jul 2013 09:12:38 +0200 (CEST) Subject: [Dovecot] Right way to share some global mailboxes In-Reply-To: <51D8207F.1020608@metaways.de> References: <51D8207F.1020608@metaways.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 6 Jul 2013, Daniel Parthey wrote: > "Public" or "Shared" namespaces with "Private Indexes" > (INDEXPVT=... in Dovecot 2.2) should be the way to go, see: > > http://wiki2.dovecot.org/SharedMailboxes Is INDEXPVT documented in the Wiki2 somewhere? I searched by title and text, but found no hit. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUdu35l3r2wJMiz2NAQJbJwf9HxwJ/In6UluUyaAHhlX5N/pUmgplcMdx 1kxB+riqOBmLxwAWijBjOWncgipN4VSfzBRtRYIyDKjZDTq2/Ntrl6egLaXjAdQ0 uITBaFp74QHs1kJrQqXWuqwrSHFIYKe33yGPwcFCc9XwEE01quEqVBtK9HUSogL8 GorCDbAtY+wmgKMkLsazKtemeJu3oqTX5iZV6iuigYPcqWVu+io3Zzrn4i5TCXz7 3ZiZQBeHltzF7mmKGC3g4QmxYsYSDOsWk11/58n60EX2x8qOjTXpvwrfWu+GoREX f+HJ/xLTKWKY1jQ2x1JLUHpqdXzVFBT7yoPfOjKtRLj7TshDopO68A== =2vjZ -----END PGP SIGNATURE----- From h.reindl at thelounge.net Tue Jul 9 15:04:16 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 09 Jul 2013 14:04:16 +0200 Subject: [Dovecot] Anyone know dovecot? In-Reply-To: <20130709075210.1e098fe4@zooty> References: <20130709075210.1e098fe4@zooty> Message-ID: <51DBFC40.9030002@thelounge.net> Am 09.07.2013 13:52, schrieb Tom Horsley: > I keep getting this sort of garbage cluttering my logs: > > dovecot: master: Warning: /ada/denmark is no longer mounted. See http://wiki2.dovecot.org/Mountpoints: 1 Time(s) > > I have indeed seen the wiki page mentioned, and even > tried what it says, but nothing seems to "stick". > Any time a filesystem gets mounted, I apparently > also have to invoke doveadm yet again to make > it ignore the new dadgum filesystem. (The wildcards > mentioned in that web page seem only to apply to > existing filesystems, not new mounts). > > Is there a way to just make it stop forever? no, i asked on the dovecot list why this happens since dovecot 2.0 and upstream believes it is a good idea to assume that every random mounted FS could be relevant for email because it *may* be referred in a config-include instead throw only a fatal error if this is the case and something can not be accessed -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From piotr-l at netexpert.pl Tue Jul 9 15:35:17 2013 From: piotr-l at netexpert.pl (Piotr Szafarczyk - NetExpert) Date: Tue, 09 Jul 2013 14:35:17 +0200 Subject: [Dovecot] How to manipulate attachments with LDA? Message-ID: <51DC0385.3030800@netexpert.pl> Hi All, I want to plug in a tool that will convert attachments somewhere into a mail delivery process (postfix->dovecot). I think deliver would be a good place to do it. Does it make sense? Could you direct me where I could read about how to do it please? Piotr Szafarczyk From rs at sys4.de Tue Jul 9 15:48:38 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 09 Jul 2013 14:48:38 +0200 Subject: [Dovecot] How to manipulate attachments with LDA? In-Reply-To: <51DC0385.3030800@netexpert.pl> References: <51DC0385.3030800@netexpert.pl> Message-ID: <51DC06A6.40103@sys4.de> Am 09.07.2013 14:35, schrieb Piotr Szafarczyk - NetExpert: > Hi All, > > I want to plug in a tool that will convert attachments somewhere into a > mail delivery process (postfix->dovecot). I think deliver would be a > good place to do it. Does it make sense? Could you direct me where I > could read about how to do it please? > > Piotr Szafarczyk > depends on what you like to do exactly you may use sieve pipe ext prog http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe http://hg.rename-it.nl/dovecot-2.2-pigeonhole/raw-file/tip/doc/rfc/spec-bosch-sieve-extprograms.txt Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From piotr-l at netexpert.pl Tue Jul 9 16:33:35 2013 From: piotr-l at netexpert.pl (Piotr Szafarczyk - NetExpert) Date: Tue, 09 Jul 2013 15:33:35 +0200 Subject: [Dovecot] How to manipulate attachments with LDA? In-Reply-To: <51DC06A6.40103@sys4.de> References: <51DC0385.3030800@netexpert.pl> <51DC06A6.40103@sys4.de> Message-ID: <51DC112F.3010903@netexpert.pl> On 2013-07-09 14:48, Robert Schetterer wrote > depends on what you like to do exactly > > you may use sieve pipe ext prog > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms > http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe > > http://hg.rename-it.nl/dovecot-2.2-pigeonhole/raw-file/tip/doc/rfc/spec-bosch-sieve-extprograms.txt > > > Best Regards > MfG Robert Schetterer > I use pigeonhole 0.4, so I will play with extprograms. I was sure sieve cannot do such things. Are you sure I can modify a message with the plugin? I see: "The "execute" action does not change the message in any way" All examples store messages in a folder instead of modifying them. I need to replace an attachment or insert a new one into a message. From d.parthey at metaways.de Tue Jul 9 17:39:56 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Tue, 09 Jul 2013 16:39:56 +0200 Subject: [Dovecot] Right way to share some global mailboxes In-Reply-To: References: <51D8207F.1020608@metaways.de> Message-ID: <51DC20BC.6050803@metaways.de> Hi Steffen, Am 09.07.2013 09:12, schrieb Steffen Kaiser: >> "Public" or "Shared" namespaces with "Private Indexes" >> (INDEXPVT=... in Dovecot 2.2) should be the way to go, see: >> >> http://wiki2.dovecot.org/SharedMailboxes > > Is INDEXPVT documented in the Wiki2 somewhere? I searched by title and text, but found no hit. Not yet. I just added the text from Timo's Post http://dovecot.org/list/dovecot/2013-February/088317.html to http://master.wiki2.dovecot.org/MailLocation Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele From rs at sys4.de Tue Jul 9 17:44:09 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 09 Jul 2013 16:44:09 +0200 Subject: [Dovecot] How to manipulate attachments with LDA? In-Reply-To: <51DC112F.3010903@netexpert.pl> References: <51DC0385.3030800@netexpert.pl> <51DC06A6.40103@sys4.de> <51DC112F.3010903@netexpert.pl> Message-ID: <51DC21B9.9000000@sys4.de> Am 09.07.2013 15:33, schrieb Piotr Szafarczyk - NetExpert: > On 2013-07-09 14:48, Robert Schetterer wrote >> depends on what you like to do exactly >> >> you may use sieve pipe ext prog >> >> http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Extprograms >> http://wiki2.dovecot.org/Pigeonhole/Sieve/Plugins/Pipe >> >> http://hg.rename-it.nl/dovecot-2.2-pigeonhole/raw-file/tip/doc/rfc/spec-bosch-sieve-extprograms.txt >> >> >> >> Best Regards >> MfG Robert Schetterer >> > I use pigeonhole 0.4, so I will play with extprograms. I was sure sieve > cannot do such things. > > Are you sure I can modify a message with the plugin? I see: > "The "execute" action does not change the message in any way" > > All examples store messages in a folder instead of modifying them. > > I need to replace an attachment or insert a new one into a message. > > at my last tests , i was able to execute procmail with sieve, it should do some stuff to attachments http://blog.lundscape.com/2009/10/extract-email-attachments-with-procmail-and-munpack/ but perhaps you wanna use more postfix stuff look at http://www.developertoolshed.com/how-to/141/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From metro_domain_admin at fastmail.fm Tue Jul 9 20:37:23 2013 From: metro_domain_admin at fastmail.fm (Metro Domain Admin) Date: Tue, 09 Jul 2013 13:37:23 -0400 Subject: [Dovecot] dovecot.index disappeared Message-ID: <1373391443.20403.140661253684978.1D56619F@webmail.messagingengine.com> Hello, One of my users just mysteriously lost all files from his inbox. I have "mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename" but couldn't find any evidence of accidental file or folder deletion. I logged in to find that ~user/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index and its backup were tiny, only 552 bytes, when the folder had thousands of messages. Other folders were left intact. We are running 2.1.15 (mdbox) on Ubuntu 12.10 using ext4. The system was rebooted about 10 days before and the full INBOX was definitely seen since the reboot. I'm just looking for ideas about what might have happened. Thanks, Tony From tss at iki.fi Wed Jul 10 05:20:49 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 05:20:49 +0300 Subject: [Dovecot] Dovecot 2.2.4 : Panic: file pop3-client.c: line 585 (client_default_destroy): assertion failed: (client->cmd == NULL) In-Reply-To: <51D70A4D.2020409@pacific.net> References: <51D70A4D.2020409@pacific.net> Message-ID: On 5.7.2013, at 21.02, Ken A wrote: > This doesn't seem to affect clients, but I'm seeing an occasional pop3 > error in the log over the last week. > Any ideas what is causing this? .. >> Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Connection >> closed top=0/0, retr=0/0, del=0/4582, size=246709805 > >> Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Panic: file >> pop3-client.c: line 585 (client_default_destroy): assertion failed: >> (client->cmd == NULL) The only reason I can see for this is: http://hg.dovecot.org/dovecot-2.2/rev/debbcfe5577a From tss at iki.fi Wed Jul 10 05:37:24 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 05:37:24 +0300 Subject: [Dovecot] Ambiguous behavior with prefetch database? In-Reply-To: References: Message-ID: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> Fixed: http://hg.dovecot.org/dovecot-2.2/rev/9091d0f2d971 And for LDAP: http://hg.dovecot.org/dovecot-2.2/rev/939aa051e3f1 On 6.7.2013, at 1.18, Axel Luttgens wrote: > Hello, > > Let's say dovecot.conf contains: > > mail_uid = dovemailer > mail_gid = dovemailer > mail_home = /some/path/%n > mail_location = mbox:~/mboxes:INBOX=~/mboxes/inbox > > and that the password database query is of the form: > > password_query = \ > SELECT \ > passwd AS password, \ > nickname AS user, \ > mail_home AS userdb_home, \ > mail_location AS userdb_mail, \ > WHERE \ > ... > > The database initially comes with NULL for both mail_home and mail_location, the goal being to be able to progressively replace legacy settings. > > With the above, one gets such entries in the logs upon a pop or imap connection: > > auth-worker(11262): Debug: auth(u12345678,127.0.0.1): username changed u12345678 -> john.doe > auth: Debug: auth(u12345678,127.0.0.1,): username changed u12345678 -> john.doe > [...] > auth: Debug: prefetch(john.doe,127.0.0.1,): passdb didn't return userdb entries, trying the next userdb > > and, of course, the userdb_query fails since it isn't supposed to be invoked under such circumstances. > > Of course, the userdb_query could be adapted so as to handle pop/imap connections in addition to say, lmtp or doveadm connections, but this would anyway raise the question: why bother with a prefetch database setup? > > In fact, it seems that the problem comes from the fact that the password_query returns NULL values (i.e. "do not override dovecot.conf settings") for all userdb_xxx settings even if, technically speaking, it returns such columns. > > A slight yet somewhat silly modification of the password_query, such as this one: > > password_query = \ > SELECT \ > passwd AS password, \ > nickname AS user, \ > 'dovemailer' AS userdb_uid, \ > mail_home AS userdb_home, \ > mail_location AS userdb_mail, \ > WHERE \ > ... > > indeed seems to bring back all the expected behavior: now, the "passdb returns userdb entries" and, for example, the config's mail_home expands to the expected value /some/path/john.doe. > > Could it be that the case "userdb_xxx columns returned, even if all with NULL values" has been somehow overlooked in the code? > Or am I erring with my interpetation of all those matters? > > TIA, > Axel > From tss at iki.fi Wed Jul 10 06:56:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 06:56:23 +0300 Subject: [Dovecot] Dovecot 2.2.4 - Fatal: master: service(imap): child 44562 killed with signal 11 In-Reply-To: <51CACD85.80006@mejor.pl> References: <51CACD85.80006@mejor.pl> Message-ID: <0E5D7D1F-B7F6-4212-8365-1A86312EEBEA@iki.fi> After thinking about it enough and not seeing any simple fix for the crash, I did some larger changes to hg which fix this. There's an easy workaround though: Explicitly configure a hierarchy separator for the imapc namespaces. On 26.6.2013, at 14.16, Marcin Miros?aw wrote: > Hi all! > I just upgraded dovecot from 2.2.2 to 2.2.4. Now I can't login to imap, > proces imap throws segfault. Here is snip from dovecot.log: > > 2013-06-25T23:06:47.824321+02:00 meteor dovecot: imap-login: Login: > user=, method=PLAIN, > rip=2001:470:1f0b:1ab3:1bc:3b24:d355:b142, lip=2001:470:1f15:1b61::2, > mpid=44562, TLS, session= > 2013-06-25T23:06:47.827616+02:00 meteor dovecot: imap(marcin at mejor.pl) > : Warning: autocreate plugin is > deprecated, use mailbox { auto } setting instead > 2013-06-25T23:06:47.830425+02:00 meteor dovecot: imap(marcin at mejor.pl) > : Fatal: master: service(imap): child > 44562 killed with signal 11 (core dumped) > > Here is bt created using gdb: > Reading symbols from /usr/libexec/dovecot/imap...Reading symbols from > /usr/lib64/debug/usr/libexec/dovecot/imap.debug...done. > done. > [New LWP 17730] > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > Core was generated by `dovecot/imap'. > Program terminated with signal 11, Segmentation fault. > #0 imapc_storage_try_get_root_sep (storage=0x0, sep_r=0x3f7bad9bbd7 "") > at imapc-storage.c:229 > 229 i_assert(storage->list != NULL); > (gdb) > Thread 1 (Thread 0x38656679700 (LWP 17730)): > #0 imapc_storage_try_get_root_sep (storage=0x0, sep_r=0x3f7bad9bbd7 "") > at imapc-storage.c:229 > #1 0x00000386567b8b05 in imapc_list_get_hierarchy_sep (_list= out>) at imapc-list.c:196 > #2 0x00000386567b8fff in imapc_list_get_fs_name (list=0xdba28f030, > name=0x0) at imapc-list.c:282 > #3 0x00000386567b9291 in imapc_list_get_path (_list=, > name=0x0, type=MAILBOX_LIST_PATH_TYPE_MAILBOX, path_r=0x3f7bad9bcc8) > at imapc-list.c:323 > #4 0x00000386567db675 in mailbox_list_get_root_path (list= out>, type=, path_r=0x3f7bad9bcc8) at mailbox-list.c:1258 > #5 0x0000038655c75d15 in quota_add_user_namespace (quota=0xdba288e80, > ns=0xdba28eee0) at quota.c:704 > #6 0x0000038655c7d0ea in quota_mailbox_list_created (list=0xdba292480) > at quota-storage.c:590 > #7 0x00000386567d64d2 in hook_mailbox_list_created (list=0xdba292480) > at mail-storage-hooks.c:319 > #8 0x00000386567da297 in mailbox_list_create (driver=, > ns=0xdba28eee0, set=0x3f7bad9be20, flags=, > list_r=0xdba28f228, > error_r=0x3f7bad9be80) at mailbox-list.c:206 > #9 0x00000386567b8f63 in imapc_list_get_fs (list=0xdba28f030) at > imapc-list.c:265 > #10 0x00000386567b927e in imapc_list_get_path (_list=, > name=0x0, type=MAILBOX_LIST_PATH_TYPE_MAILBOX, path_r=0x3f7bad9bf18) > at imapc-list.c:319 > #11 0x00000386567db675 in mailbox_list_get_root_path (list= out>, type=, path_r=0x3f7bad9bf18) at mailbox-list.c:1258 > #12 0x0000038655c75d15 in quota_add_user_namespace (quota=0xdba288e80, > ns=0xdba28eee0) at quota.c:704 > #13 0x0000038655c7d0ea in quota_mailbox_list_created (list=0xdba28f030) > at quota-storage.c:590 > #14 0x00000386567d64d2 in hook_mailbox_list_created (list=0xdba28f030) > at mail-storage-hooks.c:319 > #15 0x00000386567da297 in mailbox_list_create (driver=, > ns=0xdba28eee0, set=0x3f7bad9c090, flags=, > list_r=0x3f7bad9c0e8, > error_r=0x3f7bad9c1a0) at mailbox-list.c:206 > #16 0x00000386567d15c1 in mail_storage_create_full (ns=0xdba28eee0, > driver=, data=, flags=(unknown: 0), > storage_r=0x3f7bad9c150, error_r=0x3f7bad9c1a0) at mail-storage.c:356 > #17 0x00000386567d181c in mail_storage_create (ns=, > driver=, flags=, error_r=) > at mail-storage.c:407 > #18 0x00000386567c9b25 in namespace_add (user=0xdba283e90, > ns_set=, unexpanded_ns_set=0xdba284668, > mail_set=0xdba284f98, ns_p=0xdba28c5b0, > error_r=0x3f7bad9c300) at mail-namespace.c:170 > #19 0x00000386567caba7 in mail_namespaces_init (user=0xdba283e90, > error_r=0x3f7bad9c300) at mail-namespace.c:344 > #20 0x00000386567e1acf in mail_storage_service_init_post > (error_r=0x3f7bad9c300, mail_user_r=0x3f7bad9c3d0, priv=0x3f7bad9c2d0, > user=0xdba272c38, > ctx=) at mail-storage-service.c:653 > #21 mail_storage_service_next (ctx=, user=0xdba272c38, > mail_user_r=0x3f7bad9c3d0) at mail-storage-service.c:1158 > #22 0x00000386567e1e35 in mail_storage_service_lookup_next > (ctx=0xdba26e4b0, input=, user_r=0x3f7bad9c3c8, > mail_user_r=0x3f7bad9c3d0, > error_r=0x3f7bad9c430) at mail-storage-service.c:1193 > #23 0x0000000db6f824e9 in client_create_from_input (input=0x3f7bad9c440, > login_client=0xdba270660, fd_in=12, fd_out=12, input_buf=0x3f7bad9c4b0, > error_r=) at main.c:204 > #24 0x0000000db6f827f7 in login_client_connected (client=0xdba270660, > username=, extra_fields=) at main.c:277 > #25 0x00000386566a97e6 in master_login_auth_finish (client=0xdba270660, > auth_args=) at master-login.c:209 > #26 0x00000386566a9b45 in master_login_auth_callback > (auth_args=0xdba264ee8, errormsg=0x0, context=) at > master-login.c:377 > #27 0x00000386566aa558 in master_login_auth_input_user (args= out>, auth=) at master-login-auth.c:243 > #28 master_login_auth_input (auth=0xdba26fa10) at master-login-auth.c:363 > #29 0x0000038656704cf6 in io_loop_call_io (io=0xdba2709f0) at ioloop.c:387 > #30 0x0000038656705f0f in io_loop_handler_run (ioloop=) > at ioloop-epoll.c:215 > #31 0x00000386567046f0 in io_loop_run (ioloop=0xdba26d2b0) at ioloop.c:406 > #32 0x00000386566ac017 in master_service_run (service=0xdba26d140, > callback=) at master-service.c:560 > #33 0x0000000db6f82ebc in main (argc=1, argv=0xdba26cf20) at main.c:400 > (gdb) quit > > > doveconf -n: > # 2.2.4: /etc/dovecot/dovecot.conf > # OS: Linux 3.9.6-hardened x86_64 Gentoo Base System release 2.2 > auth_cache_size = 1 k > auth_mechanisms = login digest-md5 cram-md5 plain > deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ > dict { > quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext > } > first_valid_uid = 8 > last_valid_uid = 8 > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > mail_attachment_dir = /dane/domeny/zalaczniki > mail_attachment_min_size = 10000 k > mail_cache_min_mail_count = 20 > mail_gid = mail > mail_log_prefix = "%s(%u) <%{session}>: " > mail_plugins = autocreate quota notify mail_log stats zlib > mail_privileged_group = mail > mail_uid = mail > maildir_stat_dirs = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mdbox_preallocate_space = yes > mdbox_rotate_interval = 60 days > mdbox_rotate_size = 50 M > namespace inbox { > inbox = yes > list = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = . > subscriptions = yes > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > autocreate = Trash > autocreate2 = Spam > autocreate3 = Sent > autocreate4 = Drafts > autosubscribe = Trash > autosubscribe2 = Spam > autosubscribe3 = Sent > autosubscribe4 = Drafts > quota = dict:User quota::proxy::quota > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > stats_command_min_time = 1 mins > stats_domain_min_time = 12 hours > stats_ip_min_time = 12 hours > stats_memory_limit = 1M > stats_refresh = 30 s > stats_session_min_time = 15 mins > stats_track_cmds = yes > stats_user_min_time = 1 hours > zlib_save = gz > } > postmaster_address = postmaster at mejor.pl > protocols = imap pop3 sieve > service auth { > unix_listener auth-userdb { > group = mail > mode = 0660 > user = root > } > } > service dict { > unix_listener dict { > user = mail > } > } > service stats { > fifo_listener stats-mail { > mode = 0600 > user = mail > } > } > ssl_cert = ssl_key = userdb { > driver = prefetch > } > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > verbose_proctitle = yes > protocol lda { > mail_plugins = autocreate quota notify mail_log stats zlib sieve > } > protocol imap { > mail_max_userip_connections = 25 > mail_plugins = autocreate quota notify mail_log stats zlib imap_quota > imap_stats imap_zlib > } > > I'm also using namespaces and imapc defined in database (as settings per > user). > Thanks, > Marcin > From tss at iki.fi Wed Jul 10 06:58:46 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 06:58:46 +0300 Subject: [Dovecot] dovecot.index disappeared In-Reply-To: <1373391443.20403.140661253684978.1D56619F@webmail.messagingengine.com> References: <1373391443.20403.140661253684978.1D56619F@webmail.messagingengine.com> Message-ID: <811C37CB-5716-48A2-858B-16845581DCAE@iki.fi> On 9.7.2013, at 20.37, Metro Domain Admin wrote: > One of my users just mysteriously lost all files from his inbox. I have > "mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename" but couldn't find any evidence of accidental file or > folder deletion. I logged in to find that > ~user/mdbox/mailboxes/INBOX/dbox-Mails/dovecot.index and its backup were > tiny, only 552 bytes, when the folder had thousands of messages. Other > folders were left intact. We are running 2.1.15 (mdbox) on Ubuntu 12.10 > using ext4. The system was rebooted about 10 days before and the full > INBOX was definitely seen since the reboot. I'm just looking for ideas > about what might have happened. Can you find any error or warning messages in the log for this user? Like "rebuilding indexes" warning? Are the messages still in the mdbox/storage/m.* files? From tss at iki.fi Wed Jul 10 07:02:14 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 07:02:14 +0300 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <51DA86F5.6080707@middleearth.sapphiresunday.org> References: <51DA86F5.6080707@middleearth.sapphiresunday.org> Message-ID: <3F38537B-D82E-4B56-A59B-6AFA7A8200F8@iki.fi> On 8.7.2013, at 12.31, Trever L. Adams wrote: > I am not sure how to get the symbols necessary, however the following is > the backtrace (this is Fedora 19 latest everything): > > Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of > memory > [0x7f97a9526ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) > [0x7f97a62f058c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) > [0x7f97a62f0cd9] -> > /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) There's a bug in v2.2.4 with LDAP SASL binds. http://hg.dovecot.org/dovecot-2.2/rev/2dd27b0e7e49 I'll try to get v2.2.5 out this week. Been a bit lazy these few weeks with a "vacation". :) From tss at iki.fi Wed Jul 10 09:00:15 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:00:15 +0300 Subject: [Dovecot] [PATCH] login-common: Add support for ECDH/ECDHE cipher suites In-Reply-To: <1373104256.20768.8@d.hx.id.au> References: <1373104256.20768.8@d.hx.id.au> Message-ID: <1373436015.22500.16.camel@innu.dovecot.net> On Sat, 2013-07-06 at 19:50 +1000, David Hicks wrote: > ECDH temporary key parameter selection must be performed during OpenSSL > context initialisation before ECDH and ECDHE cipher suites can be used. Thanks. Committed with two small changes: - added const to EC_GROUP to avoid warning - call i_debug() only with verbose_ssl The login-common/ssl-proxy-openssl.c will go away in some future version and be replaced by the code in lib-ssl-iostream. I added the code there as well: http://hg.dovecot.org/dovecot-2.2/rev/dc99912e5047 From tss at iki.fi Wed Jul 10 09:24:14 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:24:14 +0300 Subject: [Dovecot] Mailbox statistics (sdbox / indexes) (+ wiki2 frontpage notes) In-Reply-To: <51DA919E.9050506@massar.ch> References: <51DA919E.9050506@massar.ch> Message-ID: <1373437454.22500.27.camel@innu.dovecot.net> On Mon, 2013-07-08 at 12:17 +0200, Jeroen Massar wrote: > I used to, with a simple script, loop over the filenames in a Maildir, > grab the From from the contents of the file and grab the flags > (especially "READ" and "REPLIED") from the filename, but after moving to > sdbox these flags are hidden in the index file. > > Is there anyway to get these out of there programmatically without > having to resort to using an imap-client or is that the way to go? \Seen flags can be very efficiently looked up with doveadm mailbox status 'messages unseen' INBOX. \Replied flag requires going through the index, which is a little bit slower, but still quite fast: doveadm search mailbox INBOX replied > PS: just reverted the wiki2 Frontpage, apparently even bots know who the > author of the IMAP protocol is (leading me to believe that that check > does not work): http://wiki2.dovecot.org/FrontPage?action=info > I could not find a "revert" button thus copied&pasta'd the previous > edition in there. The check works well enough currently. I change it only when enough bots learn the answer that I have to keep reverting the changes several times a week. > PS2: there seems to be a master.wiki2.dovecot.org and a > wiki2.dovecot.org; logging in on the one does not log in on the other, > and accounts on the one are different from the other, and it seems > cookies go missing also somewhere, hence why an IP is logged and not my > account (which I used to have, now was missing and thus I recreated, but > needed to do that on both boxes) Hmm. The way it works is that all edits go to master.wiki* server and they are rsynced to the two mirror wiki* servers. I hadn't really thought of users before. Only users created on master.wiki* are preserved, the others will get deleted after the next rsync. I guess there should be some kind of redirection to master.wiki also when creating a user, maybe also when logging in, but that would require some more moinmoin patching.. Anyone want to do that? :) http://dovecot.org/tmp/moin-1.9.3-master-mirror.diff is my current patch. From tss at iki.fi Wed Jul 10 09:37:26 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:37:26 +0300 Subject: [Dovecot] Non-blocking file_dotlock_open() in quota-maildir question In-Reply-To: <120481373308928@web17d.yandex.ru> References: <120481373308928@web17d.yandex.ru> Message-ID: <1373438246.22500.28.camel@innu.dovecot.net> On Mon, 2013-07-08 at 22:42 +0400, do1 at yandex.ru wrote: > Hello, > > Is it safe to change lines in plugins/quota/quota-maildir.c::maildirsize_write() from > fd = file_dotlock_open_group(.., DOTLOCK_CREATE_FLAG_NONBLOCK, ..); > to > fd = file_dotlock_open_group(.., 0, ..); ? > > Rationale is: exim+cpanel frequently leave stale maldirsize.lock, but when quota plugin try to dotlock maildirsize, it do this with NONBLOCK flag and just once, so first lock fails with EAGAIN and second may never happen. (When last mail is over quota this also prevent user from further receiving any mail because quota remain exceeded, forver. This is annoing problem.) I wonder if it is possible to do easy fix problem by removing NONBLOCK flag, but as I don't understand why this NONBLOCK flag is used in the first place I decided to ask developers in the list for approval. Here's a better fix: http://hg.dovecot.org/dovecot-2.2/rev/24d6708cea76 From tss at iki.fi Wed Jul 10 09:43:53 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:43:53 +0300 Subject: [Dovecot] LMTP Proxy In-Reply-To: References: <97E8EBF5-FAE6-49FF-9A74-05A42B602311@iki.fi> Message-ID: On 3.7.2013, at 4.50, Cassidy Larson wrote: > Timo, > > Does this give you what you need? > > #0 0x00000000131bbdd4 in strcmp () from /lib/libc.so.7 > No symbol table info available. > #1 0x000000000040d0af in auth_find_service () > No symbol table info available. > #2 0x0000000000413b38 in auth_request_set_login_username () > No symbol table info available. > #3 0x0000000000413c72 in auth_request_set_username () > No symbol table info available. Thanks, this should fix it: http://hg.dovecot.org/dovecot-2.2/rev/aff54366b1b6 From tss at iki.fi Wed Jul 10 09:47:19 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:47:19 +0300 Subject: [Dovecot] Migrating domain using IMAPc In-Reply-To: References: Message-ID: <2BCD5760-DCF7-40A0-A452-466BE875E413@iki.fi> On 4.7.2013, at 21.19, Breno Moreira wrote: > I'm trying to do a domain migration using the imapc feature, but i'm having > some problems and I really don't know what is happening. > > So if you guys could help me with a path to solve this, I will be glad. > I'm using Dovecot 2.1.7 in a Debian Wheezy machine. imapc+dsync has always been troublesome. I think only the latest v2.1 version works well with it. For v2.2 I've done several fixes since v2.2.4 so the upcoming v2.2.5 should also work. From tss at iki.fi Wed Jul 10 09:49:42 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:49:42 +0300 Subject: [Dovecot] dsync/imapc migration question In-Reply-To: <51D1A7FE.9030309@gedalya.net> References: <51D1A7FE.9030309@gedalya.net> Message-ID: <4A9CA99B-09C5-423D-927B-362DE6ACC18B@iki.fi> On 1.7.2013, at 19.02, Gedalya wrote: > Doing an imapc migration with the pop3 migration plugin, using doveadm backup -R. > > I occasionally get the following output: > > dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly > dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly > dsync(user at domain.tld): Error: imapc(mail01.domain.tld:143): Server disconnected unexpectedly > dsync(user at domain.tld): Warning: I/O leak: 0xb7648650 (line 1229, fd 10) > dsync(user at domain.tld): Warning: I/O leak: 0xb7648650 (line 1229, fd 11) > dsync(user at domain.tld): Warning: Timeout leak: 0xb76488b0 (line 1316) > dsync(user at domain.tld): Warning: Timeout leak: 0xb76488b0 (line 1316) > > The source server is really crappy, no need to look at the dovecot side for causes. My question is: is it possible that the migration did complete successfully? Dovecot does seem to continue and it's kind of vague on what went wrong, and did it re-try. This operation can take several hours on large mailboxes so this question is really meaningful in my case. (I'd try with -D but it's really hard to reproduce this on demand). I think imapc automatically reconnects and retries the command. In any case you should retry if dsync returns non-zero exit code. (The I/O and timeout leaks don't really matter, but they are also finally fixed in v2.2.3+.) From tss at iki.fi Wed Jul 10 09:52:22 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 09:52:22 +0300 Subject: [Dovecot] Strange Problems when deleting folders. In-Reply-To: <51C99164.9010709@olografix.org> References: <51C99164.9010709@olografix.org> Message-ID: On 25.6.2013, at 15.47, Davide Bozzelli wrote: > I'm experiencing a strange problem on my dovecot 2.0.21 setup. > > When i delete a folder "foo" it was correctly moved in the trash folder. > If i try to delete from it the folder "foo" from the trash it gets renamed "foo1". > > If I try to dlete "foo1" it gets renamed foo11, and the operation could be continued figured out in an endless loop. > > This happens both from thunderbird and sogo (a webmail). > > Is it a known bug or a misconfiguration ? IMAP's DELETE command actually deletes the folder, it doesn't move it under Trash. What you're describing sounds like client is RENAMEing it under the Trash. Interesting if it happens with both TB and SOGo, but I can't think of how this could be Dovecot's fault in any way. From tss at iki.fi Wed Jul 10 10:04:39 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 10:04:39 +0300 Subject: [Dovecot] Dovecot SLOW in imaptest without any apparent reason In-Reply-To: References: Message-ID: <2A5B55F7-1273-4867-AB17-74D5EFA0D164@iki.fi> On 28.6.2013, at 13.28, FABIO FERRARI wrote: > I'm migrating a mail server from a centos 5 cluster architecture to a > centos 6 cluster architecture. The new cluster involves faster machines > then the old cluster, and a virtual machine. > I use dovecot-2.0.9-5.el6.x86_64, while the old cluster uses > dovecot-2.0.1-1_118.el5. Since both are v2.0.x there aren't any big differences in how they work. > Tha mail server uses mysql for the users database, and a local ldap for > authentication. .. > ./imaptest user=XXXXXXX pass=XXXXXXX secs=120 seed=123 mbox=./dovecot-crlf Test if the difference is in authentication or non-authentication: auth: imaptest user=XX pass=XX secs=120 seed=123 - select=0 non-auth: imaptest user=XX pass=XX secs=120 seed=123 logout=0 My guess is that it's authentication related. From lluis at ingent.net Wed Jul 10 11:59:36 2013 From: lluis at ingent.net (lluis) Date: Wed, 10 Jul 2013 10:59:36 +0200 Subject: [Dovecot] avoid log message when using nagios check Message-ID: <1373446776.25873.9.camel@debian> Hello, I'm using a nagios check to monitor dovecot status, since dovecot v2 I see those syslog messages on every nagios check: pop3-login: Aborted login (no auth attempts in 0 secs) imap-login: Aborted login (no auth attempts in 0 secs) I tried to avoid those messages sending a logout string: check_imap -H localhost -e 'OK' -s 'a logout' check_pop -H localhost -e 'OK' -s 'quit' but now I get imap-login: Disconnected (no auth attempts in 0 secs) pop3-login: Disconnected (no auth attempts in 0 secs) what can I do to avoid a log message on every nagios check? thanks! Llu?s From marcin at mejor.pl Wed Jul 10 12:15:58 2013 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 10 Jul 2013 11:15:58 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <1373446776.25873.9.camel@debian> References: <1373446776.25873.9.camel@debian> Message-ID: <51DD264E.9090806@mejor.pl> W dniu 10.07.2013 10:59, lluis pisze: > Hello, > I'm using a nagios check to monitor dovecot status, since dovecot v2 I > see those syslog messages on every nagios check: > > pop3-login: Aborted login (no auth attempts in 0 secs) > imap-login: Aborted login (no auth attempts in 0 secs) > > I tried to avoid those messages sending a logout string: > > check_imap -H localhost -e 'OK' -s 'a logout' > check_pop -H localhost -e 'OK' -s 'quit' > > but now I get > > imap-login: Disconnected (no auth attempts in 0 secs) > pop3-login: Disconnected (no auth attempts in 0 secs) > > what can I do to avoid a log message on every nagios check? Hi Lluis! Maybe just filter it in your syslog? Marcin From marcin at mejor.pl Wed Jul 10 12:18:39 2013 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Wed, 10 Jul 2013 11:18:39 +0200 Subject: [Dovecot] Dovecot 2.2.4 - Fatal: master: service(imap): child 44562 killed with signal 11 In-Reply-To: <0E5D7D1F-B7F6-4212-8365-1A86312EEBEA@iki.fi> References: <51CACD85.80006@mejor.pl> <0E5D7D1F-B7F6-4212-8365-1A86312EEBEA@iki.fi> Message-ID: <51DD26EF.9050905@mejor.pl> W dniu 10.07.2013 05:56, Timo Sirainen pisze: > After thinking about it enough and not seeing any simple fix for the crash, I did some larger changes to hg which fix this. There's an easy workaround though: Explicitly configure a hierarchy separator for the imapc namespaces. Hi Timo, hi all! Thank you, I've applied three patches and now dovecot works without problem. Even more! It looks that "ignore_on_failure = yes" works better now:) Regards, Marcin From AxelLuttgens at swing.be Wed Jul 10 12:38:46 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Wed, 10 Jul 2013 11:38:46 +0200 Subject: [Dovecot] Ambiguous behavior with prefetch database? In-Reply-To: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> References: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> Message-ID: Le 10 juil. 2013 ? 04:37, Timo Sirainen a ?crit : > Fixed: http://hg.dovecot.org/dovecot-2.2/rev/9091d0f2d971 > > And for LDAP: http://hg.dovecot.org/dovecot-2.2/rev/939aa051e3f1 Hello Timo, Many thanks for having taken the pain to have a look at this. (BTW, when do you sleep?) I've tried the patch for sql, on an otherwise unpatched 2.2.4. And it unfortunately doesn't seem to yield the expected results: I still need the "AS userdb_uid" workaround. May I somehow be useful by trying something else here? Best Regards, Axel From lluis at ingent.net Wed Jul 10 12:44:28 2013 From: lluis at ingent.net (lluis) Date: Wed, 10 Jul 2013 11:44:28 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <51DD264E.9090806@mejor.pl> References: <1373446776.25873.9.camel@debian> <51DD264E.9090806@mejor.pl> Message-ID: <1373449468.25873.16.camel@debian> Hi Marcin, filtering in syslog is an option, but then I will not be able to get those messages when are not generated from a nagios check there is something I can send to silently exit? El dc 10 de 07 de 2013 a les 11:15 +0200, en/na Marcin Miros?aw va escriure: > W dniu 10.07.2013 10:59, lluis pisze: > > Hello, > > I'm using a nagios check to monitor dovecot status, since dovecot v2 I > > see those syslog messages on every nagios check: > > > > pop3-login: Aborted login (no auth attempts in 0 secs) > > imap-login: Aborted login (no auth attempts in 0 secs) > > > > I tried to avoid those messages sending a logout string: > > > > check_imap -H localhost -e 'OK' -s 'a logout' > > check_pop -H localhost -e 'OK' -s 'quit' > > > > but now I get > > > > imap-login: Disconnected (no auth attempts in 0 secs) > > pop3-login: Disconnected (no auth attempts in 0 secs) > > > > what can I do to avoid a log message on every nagios check? > Hi Lluis! > Maybe just filter it in your syslog? > Marcin From tss at iki.fi Wed Jul 10 13:15:32 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 13:15:32 +0300 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <1373449468.25873.16.camel@debian> References: <1373446776.25873.9.camel@debian> <51DD264E.9090806@mejor.pl> <1373449468.25873.16.camel@debian> Message-ID: <2143C8D1-566C-48D1-B813-939946506314@iki.fi> On 10.7.2013, at 12.44, lluis wrote: > there is something I can send to silently exit? No. Attackers would otherwise use that. Although I suppose something could be added if the source IP is from login_trusted_networks.. Wonder what would be a good way. I guess the same commands that are used to pass IPs through proxies, so maybe: IMAP: a ID ("x-silent-logout" "y") b LOGOUT POP3: XCLIENT SILENT-LOGOUT QUIT But would those work well enough everywhere? Should it be a LOGOUT/QUIT parameter instead?.. Such parameters could be troublesome though. From tommyw at ntlworld.com Wed Jul 10 12:28:19 2013 From: tommyw at ntlworld.com (Tommy Wareing) Date: Wed, 10 Jul 2013 10:28:19 +0100 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) Message-ID: <20130710092819.GA12628@mrwolf.afraid.org> I'm trying to install Dovecot onto my QNAP NAS. I apologise for this! It means I'm not working in a normal environment, and don't (necessarily) have the normal range of tools available (or the most up to date version of those tools). It seems that 2.0.21 works (at least, as far as I've tested), but 2.1.17 and 2.2.4 won't start up their child services. I've got the source code for all three from http://www.dovecot.org/download.html, and, for experimental purposes, I'm configuring with: ./configure --prefix=/opt The configure script ends by reporting: Install prefix . : /opt File offsets ... : 64bit I/O polling .... : epoll I/O notifys .... : inotify SSL ............ : yes (OpenSSL) GSSAPI ......... : no passdbs ........ : static passwd passwd-file shadow checkpassword : -pam -bsdauth -sia -ldap -sql -vpopmail userdbs ........ : static prefetch passwd passwd-file checkpassword nss : -ldap -sql -vpopmail SQL drivers .... : : -pgsql -mysql -sqlite The dovecot.conf I'm using, at the moment, is the absolute minimal to fire things up: protocols = imap listen = * ssl_cert = References: <51DA86F5.6080707@middleearth.sapphiresunday.org> <3F38537B-D82E-4B56-A59B-6AFA7A8200F8@iki.fi> Message-ID: <51DD35A5.5070507@middleearth.sapphiresunday.org> On 07/09/2013 10:02 PM, Timo Sirainen wrote: > On 8.7.2013, at 12.31, Trever L. Adams wrote: > >> I am not sure how to get the symbols necessary, however the following is >> the backtrace (this is Fedora 19 latest everything): >> >> Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of >> memory >> [0x7f97a9526ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) >> [0x7f97a62f058c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) >> [0x7f97a62f0cd9] -> >> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) > There's a bug in v2.2.4 with LDAP SASL binds. http://hg.dovecot.org/dovecot-2.2/rev/2dd27b0e7e49 > > I'll try to get v2.2.5 out this week. Been a bit lazy these few weeks with a "vacation". :) > > Thank you for the information Timo. I hope your "vacation" was great! Thanks again, Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 901 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Wed Jul 10 13:33:55 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 10 Jul 2013 06:33:55 -0400 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <20130710092819.GA12628@mrwolf.afraid.org> References: <20130710092819.GA12628@mrwolf.afraid.org> Message-ID: <51DD3893.5070102@Media-Brokers.com> On 2013-07-10 5:28 AM, Tommy Wareing wrote: > I'm trying to install Dovecot onto my QNAP NAS. Which device, and what version of OS? QNAP NAS devices are notorious for having ancient versions of critical OS software (like the kernel, glib, OpenSSL, etc)... If you haven't already, check and see if the new 4.x OS version is available for your device, and if so, and you aren't already running it, update it, and try again. Otherwise, you'd probably get much better help on the QNAP forums... -- Best regards, Charles From rcpt.dmitry at gmail.com Wed Jul 10 14:15:09 2013 From: rcpt.dmitry at gmail.com (Dmitry Dmitry) Date: Wed, 10 Jul 2013 15:15:09 +0400 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP Message-ID: Hi, Sorry for my english. My problem: *************************************************** dspam-3.9.0 (dspam-3.10.2 all the time segmentation fault) dspam.conf .................... # DeliveryHost /var/run/dovecot/lmtp # same error as IP DeliveryHost 127.0.0.33 DeliveryPort 24 DeliveryProto LMTP .................... ServerHost 192.168.1.34 ServerPort 24 ServerQueueSize 32 ServerPID /var/run/dspam/dspam.pid *************************************************** dovecot-2.2.4 10-master.conf service lmtp { # Create inet listener only if you can't use the above UNIX socket inet_listener lmtp { # Avoid making LMTP visible for the entire internet address = 127.0.0.33 port = 24 } } quota is not included *************************************************** telnet to dspam LMTP # telnet 192.168.1.34 24 Trying 192.168.1.34... Connected to 192.168.1.34. Escape character is '^]'. 220 DSPAM LMTP 3.9.0 Ready LHLO test.com 250-localhost.localdomain 250-PIPELINING 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 SIZE MAIL FROM: 250 2.1.0 OK RCPT TO: 250 2.1.5 OK DATA 354 Enter mail, end with "." on a line by itself 1234567 qwertyu asdfghj . 530 5.3.0 Fatal: 501 5.5.4 Unsupported options QUIT 221 2.0.0 OK Connection closed by foreign host. *************************************************** at the same time tcpflow LMTP # tcpflow -c -i any host 127.0.0.33 127.000.000.033.00024-127.000.000.001.41663: 220 mail Dovecot ready. 127.000.000.001.41663-127.000.000.033.00024: LHLO localhost 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 250-mail 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING 127.000.000.001.41663-127.000.000.033.00024: MAIL FROM: SIZE=25 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 501 5.5.4 Unsupported options 127.000.000.001.41663-127.000.000.033.00024: QUIT 127.000.000.001.41663-127.000.000.033.00024: 127.000.000.033.00024-127.000.000.001.41663: 221 2.0.0 OK ^Ctcpflow[5411]: terminating *************************************************** after telnet to dovecot LMTP # telnet 127.0.0.33 24 Trying 127.0.0.33... Connected to 127.0.0.33. Escape character is '^]'. 220 mail Dovecot ready. LHLO test.com 250-mail 250-8BITMIME 250-ENHANCEDSTATUSCODES 250 PIPELINING MAIL FROM: 250 2.1.0 OK RCPT TO: 250 2.1.5 OK DATA 354 OK 1234567 qwertyu asdfghj . 250 2.0.0 WVKvFEln1VEuFQAAZU03Dg Saved QUIT 221 2.0.0 OK How can I persuade dovecot to deliver the mail? And one more: telnet to dovecot LMTP # telnet 127.0.0.33 24 .................... MAIL FROM: test at test.com 501 5.5.4 Invalid parameters MAIL FROM: 501 5.5.4 Invalid parameters MAIL FROM: 250 2.1.0 OK telnet to dspam LMTP # telnet 192.168.1.34 24 .................... MAIL FROM: test at test.com 250 2.1.0 OK .................... # telnet 192.168.1.34 24 .................... MAIL FROM: 250 2.1.0 OK .................... Thank you! Regards, Dmitry From stephan at rename-it.nl Wed Jul 10 14:31:53 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 10 Jul 2013 13:31:53 +0200 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP In-Reply-To: References: Message-ID: <51DD4629.3010506@rename-it.nl> Op 7/10/2013 1:15 PM, Dmitry Dmitry schreef: > Hi, > > Sorry for my english. > My problem: Looks like you asked this before and got an answer: http://www.dovecot.org/list/dovecot/2013-July/091317.html Regards, Stephan. From tss at iki.fi Wed Jul 10 15:08:38 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 15:08:38 +0300 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP In-Reply-To: <51DD4629.3010506@rename-it.nl> References: <51DD4629.3010506@rename-it.nl> Message-ID: <7D5A086B-546A-4899-994D-20F36B2D640B@iki.fi> On 10.7.2013, at 14.31, Stephan Bosch wrote: > Op 7/10/2013 1:15 PM, Dmitry Dmitry schreef: >> Hi, >> >> Sorry for my english. >> My problem: > > Looks like you asked this before and got an answer: > > http://www.dovecot.org/list/dovecot/2013-July/091317.html I also considered today adding support for the SIZE option, but there's currently no easy way to feed that information to quota plugin to allow it to reject the message early if user is over quota. And having a no-op feature seemed kind of pointless. From tommyw at ntlworld.com Wed Jul 10 15:09:01 2013 From: tommyw at ntlworld.com (Tommy Wareing) Date: Wed, 10 Jul 2013 13:09:01 +0100 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <51DD3893.5070102@Media-Brokers.com> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> Message-ID: <20130710120900.GA12922@mrwolf.afraid.org> On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: > On 2013-07-10 5:28 AM, Tommy Wareing wrote: > >I'm trying to install Dovecot onto my QNAP NAS. > > Which device, and what version of OS? Whoops! Sorry, I was concentrating too much on the specifics of the problem, and not enough on my setup! It's a TS-869L, with version 4.0.1 of the firmware. (So it's running on an Intel Atom CPU, if that's at all relevant) uname -a reports: Linux qnap.mrwolf.afraid.org 3.4.6 #1 SMP Tue Jun 4 20:08:41 CST 2013 x86_64 GNU/Linux and dovecot -n agrees: # OS: Linux 3.4.6 x86_64 ext4 > QNAP NAS devices are notorious for having ancient versions of > critical OS software (like the kernel, glib, OpenSSL, etc)... Yup, I'd already tripped over that quite a lot. I've installed updates from ipkg, but those aren't the most up to date either (dovecot 1.2.0 beta!) I'm happy to check for further updates of "stuff", or supply version numbers, or run other diagnostics, but without knowing the sort of "stuff" I'm looking for, that's probably not helpful. make check, incidentally, passes satisfactorily on all three builds. > If you haven't already, check and see if the new 4.x OS version is > available for your device, and if so, and you aren't already running > it, update it, and try again. Already done. > Otherwise, you'd probably get much better help on the QNAP forums... I'm trying there as well. But trying to identify an active, relevant sub-forum is an interesting challenge in its own right :) Fingers crossed! -- Tommy Wareing From d.parthey at metaways.de Wed Jul 10 15:16:16 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Wed, 10 Jul 2013 14:16:16 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <1373446776.25873.9.camel@debian> References: <1373446776.25873.9.camel@debian> Message-ID: <51DD5090.5040103@metaways.de> Am 10.07.2013 10:59, schrieb lluis: > Hello, > I'm using a nagios check to monitor dovecot status, since dovecot v2 I > see those syslog messages on every nagios check: > > pop3-login: Aborted login (no auth attempts in 0 secs) > imap-login: Aborted login (no auth attempts in 0 secs) > > I tried to avoid those messages sending a logout string: > > check_imap -H localhost -e 'OK' -s 'a logout' > check_pop -H localhost -e 'OK' -s 'quit' > > but now I get > > imap-login: Disconnected (no auth attempts in 0 secs) > pop3-login: Disconnected (no auth attempts in 0 secs) > > what can I do to avoid a log message on every nagios check? Just do a complete login/logout sequence. I have developed some perl scripts to do so. This is fine for the nagios checks, but we are facing similar problems with our loadbalancer, which is just doing TCP Healthchecks on the IMAP/POP3/SIEVE ports, so being able to disable the warning for trusted networks would be really helpful. Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Tel: +49 (0)40 317031-537 Fax: +49 (0)40 317031-937 Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: check_imap_login URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: check_pop3_login URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: check_sieve_login URL: From rcpt.dmitry at gmail.com Wed Jul 10 15:41:31 2013 From: rcpt.dmitry at gmail.com (Dmitry .) Date: Wed, 10 Jul 2013 16:41:31 +0400 Subject: [Dovecot] DOVECOT 2.2.4 = 501 5.5.4 Unsupported options in LMTP In-Reply-To: <7D5A086B-546A-4899-994D-20F36B2D640B@iki.fi> References: <51DD4629.3010506@rename-it.nl> <7D5A086B-546A-4899-994D-20F36B2D640B@iki.fi> Message-ID: > Looks like you asked this before and got an answer: > > http://www.dovecot.org/list/dovecot/2013-July/091317.html > > Regards, > > Stephan. > I'm sorry. In this way I subscribe this Mailing lists... I checked the same thing with dspam-3.10.2 and this error disappeared. I will be examine errors dspam-3.10.2. Thank you. 2013/7/10 Timo Sirainen > On 10.7.2013, at 14.31, Stephan Bosch wrote: > > > Op 7/10/2013 1:15 PM, Dmitry Dmitry schreef: > >> Hi, > >> > >> Sorry for my english. > >> My problem: > > > > Looks like you asked this before and got an answer: > > > > http://www.dovecot.org/list/dovecot/2013-July/091317.html > > I also considered today adding support for the SIZE option, but there's > currently no easy way to feed that information to quota plugin to allow it > to reject the message early if user is over quota. And having a no-op > feature seemed kind of pointless. > > From tom at talpey.com Wed Jul 10 15:42:20 2013 From: tom at talpey.com (Tom Talpey) Date: Wed, 10 Jul 2013 08:42:20 -0400 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <20130710120900.GA12922@mrwolf.afraid.org> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> <20130710120900.GA12922@mrwolf.afraid.org> Message-ID: <51DD56AC.9070305@talpey.com> On 7/10/2013 8:09 AM, Tommy Wareing wrote: > On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: >> On 2013-07-10 5:28 AM, Tommy Wareing wrote: >>> I'm trying to install Dovecot onto my QNAP NAS. >> Did you create the "dovenull" user, which is needed by 2.1+? I ran dovecot 2.1.7 on my stock SS-439 quite successfully, until I completely gave up on the QNAP firmware and reinstalled it with Ubuntu. Anyway, try this, which worked for me back on QNAP 3.7.x: /bin/adduser -DHS -g "XDove user" -h /tmp -s /bin/false dovecot /bin/adduser -DHS -g "XDove user" -h /tmp -s /bin/false dovenull Tom. From joppeo79 at hotmail.com Wed Jul 10 16:17:08 2013 From: joppeo79 at hotmail.com (Joakim Ohlsson) Date: Wed, 10 Jul 2013 15:17:08 +0200 Subject: [Dovecot] Have an issue with catch-all - Dovecot-lda andPostfix Message-ID: Hi, I run dovecot version 2.1.7 and postfix 2.9.6. I'm using dovecot-lda as local delivery. I use virtual users and need to use catch-all for some of my domains. My problem when using catch-all is that I got a separate email for each recipient. As an example: If I send mail to: test1 at test.org, test2, test3 at test.org, test4 at test.org and have a catch-all which will send this mail to test at test.org. In this example I get 4 mails in my test at test.org inbox and in TO: field in the header I have all this four recipients: TO: test1 at test.org, test2, test3 at test.org, test4 at test.org. In my dovecot log: 2013-07-10 13:49:25 lda(test at test.org): Debug: Destination address: test at test.org (source: user at hostname) 2013-07-10 13:49:25 lda(test at test.org: Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX My question is if it's possible to receive just one mail instead of four? If I send the mail via Spamassassin I'll just receive one mail to test at test.org with TO: test1 at test.org, test2, test3 at test.org, test4 at test.org in the header. Thanks in advance Br Joakim # dovecot -n: From tommyw at ntlworld.com Wed Jul 10 16:22:50 2013 From: tommyw at ntlworld.com (Tommy Wareing) Date: Wed, 10 Jul 2013 14:22:50 +0100 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <51DD56AC.9070305@talpey.com> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> <20130710120900.GA12922@mrwolf.afraid.org> <51DD56AC.9070305@talpey.com> Message-ID: <20130710132250.GB13288@mrwolf.afraid.org> On Wed, Jul 10, 2013 at 08:42:20AM -0400, Tom Talpey wrote: > On 7/10/2013 8:09 AM, Tommy Wareing wrote: > >On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: > >>On 2013-07-10 5:28 AM, Tommy Wareing wrote: > >>>I'm trying to install Dovecot onto my QNAP NAS. > >> > > Did you create the "dovenull" user, which is needed by 2.1+? I ran > dovecot 2.1.7 on my stock SS-439 quite successfully, until I completely > gave up on the QNAP firmware and reinstalled it with Ubuntu. I may end up with a "real" operating system yet. But I've only had the box for a fortnight, so it seems a little early for gutting it so completely ;) Yes, I've got dovecot and dovenull users. In fact (just to check), doveconf for 2.0.21 complains if dovenull's not there: doveconf: Error: default_login_user doesn't exist: dovenull doveconf: Fatal: Error in configuration file /opt/etc/dovecot/dovecot.conf: default_login_user doesn't exist: dovenull Interestingly, it doesn't complain about the absence of dovecot. (I'll put 'em back now ;-) -- Tommy Wareing From rs at sys4.de Wed Jul 10 16:35:40 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 10 Jul 2013 15:35:40 +0200 Subject: [Dovecot] Have an issue with catch-all - Dovecot-lda andPostfix In-Reply-To: References: Message-ID: <51DD632C.7090401@sys4.de> Am 10.07.2013 15:17, schrieb Joakim Ohlsson: > Hi, > > I run dovecot version 2.1.7 and postfix 2.9.6. > I'm using dovecot-lda as local delivery. > I use virtual users and need to use catch-all for some of my domains. > > My problem when using catch-all is that I got a separate email for each recipient. > As an example: If I send mail to: test1 at test.org, test2, test3 at test.org, test4 at test.org and have a catch-all which will send this mail to test at test.org. > In this example I get 4 mails in my test at test.org inbox and in TO: field in the header I have all this four recipients: > TO: test1 at test.org, test2, test3 at test.org, test4 at test.org. looks ok to me, did you expect other ? > > In my dovecot log: > 2013-07-10 13:49:25 lda(test at test.org): Debug: Destination address: test at test.org (source: user at hostname) > 2013-07-10 13:49:25 lda(test at test.org: Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX > 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX > 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX > 2013-07-10 13:49:25 lda(test at test.org): Info: msgid=<20130710114924.DBA3F9FA8D at mail2.test.org>: saved mail to INBOX > > > My question is if it's possible to receive just one mail instead of four? perhaps, with some filter or supress doubles etc > > If I send the mail via Spamassassin I'll just receive one mail to test at test.org with TO: test1 at test.org, test2, test3 at test.org, test4 at test.org in the header. > > Thanks in advance > Br > Joakim > > # dovecot -n: > > you should solve your problem in not using catch alls in the first line Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From tom at talpey.com Wed Jul 10 17:10:41 2013 From: tom at talpey.com (Tom Talpey) Date: Wed, 10 Jul 2013 10:10:41 -0400 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <20130710132250.GB13288@mrwolf.afraid.org> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> <20130710120900.GA12922@mrwolf.afraid.org> <51DD56AC.9070305@talpey.com> <20130710132250.GB13288@mrwolf.afraid.org> Message-ID: <51DD6B61.1010109@talpey.com> On 7/10/2013 9:22 AM, Tommy Wareing wrote: > On Wed, Jul 10, 2013 at 08:42:20AM -0400, Tom Talpey wrote: >> On 7/10/2013 8:09 AM, Tommy Wareing wrote: >>> On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: >>>> On 2013-07-10 5:28 AM, Tommy Wareing wrote: >>>>> I'm trying to install Dovecot onto my QNAP NAS. >>>> >> >> Did you create the "dovenull" user, which is needed by 2.1+? I ran >> dovecot 2.1.7 on my stock SS-439 quite successfully, until I completely >> gave up on the QNAP firmware and reinstalled it with Ubuntu. > > Yes, I've got dovecot and dovenull users. In fact (just to check), > doveconf for 2.0.21 complains if dovenull's not there: > doveconf: Error: default_login_user doesn't exist: dovenull > doveconf: Fatal: Error in configuration file /opt/etc/dovecot/dovecot.conf: default_login_user doesn't exist: dovenull > > Interestingly, it doesn't complain about the absence of dovecot. I guess I'd suggest configuring both log_path and info_log_path to point somewhere, and look for additional clues in the output. Maybe a missing home directory or a permissions problem on one of the sockets in /var/run/dovecot, something like that. Remember the QNAP firmware puts a bunch of that stuff in a very small ramdisk. Tom. From CMarcus at Media-Brokers.com Wed Jul 10 17:15:29 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 10 Jul 2013 10:15:29 -0400 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <20130710120900.GA12922@mrwolf.afraid.org> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> <20130710120900.GA12922@mrwolf.afraid.org> Message-ID: <51DD6C81.1010605@Media-Brokers.com> On 2013-07-10 8:09 AM, Tommy Wareing wrote: > On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: > >> Otherwise, you'd probably get much better help on the QNAP forums... > I'm trying there as well. But trying to identify an active, relevant > sub-forum is an interesting challenge in its own right :) Fingers > crossed! Cool - please by all means report back if/when you get an answer, as I have a couple of TS-569P's that I was considering trying to install dovecot... -- Best regards, Charles From skdovecot at smail.inf.fh-brs.de Wed Jul 10 18:11:24 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 10 Jul 2013 17:11:24 +0200 (CEST) Subject: [Dovecot] Have an issue with catch-all - Dovecot-lda andPostfix In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 10 Jul 2013, Joakim Ohlsson wrote: > I run dovecot version 2.1.7 and postfix 2.9.6. > I'm using dovecot-lda as local delivery. > I use virtual users and need to use catch-all for some of my domains. Where do you use "catch-all" in Postfix or Dovecot? If you must use Dovecot's "catch-all", Postfix is calling the Dovecot LDA for times, so you end up with four copies. You could try to change to Dovecot LMTP, maybe it is detecting the duplication. Can you activate catch-all in Postfix, then Postfix is to detect the duplicate recipients. > If I send the mail via Spamassassin I'll just receive one mail to test at test.org with TO: test1 at test.org, test2, test3 at test.org, test4 at test.org in the header. How do you send a mail via Spamassassin? You know that the "to" header is used in only very rare cases for mail routing, in other words: "to" has nothing to do with mail routing. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUd15nV3r2wJMiz2NAQIIBAf/VGjzKQCGOPyOdh1IjRCL1QPv8thFujt1 8OJJonm06EcxJ2hQGJFK/UK4TK8x4hcgse7Oj3NqsJV6n9u2UAcW1pe73phs5U53 mD0TLN8CsFOxwtP0nxZAYUGHgBriihRit0yUTNe0cdHMBOpCmLtaCe8EAnSSW6hU g+QcpTyrUiSbwSctYZv8ck2rI6Slym1cFHcJ818+rEeIBWz+ijtqNVaJ+jNavi3l f4EuEWL3qne8CkrwYCgSJ3ZYC32Z6niyglsJX3NAcZvRVlKvtV/tXfbnnlQ4i5Fn pkbWR/SzMI7YZISEYy+Vgioa6ulBo084g9mshuZQuw8XbMOZw5VCHg== =i2YG -----END PGP SIGNATURE----- From trever at middleearth.sapphiresunday.org Wed Jul 10 18:15:54 2013 From: trever at middleearth.sapphiresunday.org (Trever L. Adams) Date: Wed, 10 Jul 2013 09:15:54 -0600 Subject: [Dovecot] Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes) In-Reply-To: <3F38537B-D82E-4B56-A59B-6AFA7A8200F8@iki.fi> References: <51DA86F5.6080707@middleearth.sapphiresunday.org> <3F38537B-D82E-4B56-A59B-6AFA7A8200F8@iki.fi> Message-ID: <51DD7AAA.5030909@middleearth.sapphiresunday.org> On 07/09/2013 10:02 PM, Timo Sirainen wrote: > On 8.7.2013, at 12.31, Trever L. Adams wrote: > >> I am not sure how to get the symbols necessary, however the following is >> the backtrace (this is Fedora 19 latest everything): >> >> Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of >> memory >> [0x7f97a9526ac1] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_open+0x5c) >> [0x7f97a62f058c] -> /lib64/libldap-2.4.so.2(ldap_int_sasl_bind+0x5c9) >> [0x7f97a62f0cd9] -> >> /lib64/libldap-2.4.so.2(ldap_sasl_interactive_bind+0x96) > There's a bug in v2.2.4 with LDAP SASL binds. http://hg.dovecot.org/dovecot-2.2/rev/2dd27b0e7e49 > > I'll try to get v2.2.5 out this week. Been a bit lazy these few weeks with a "vacation". :) > > Only some basic testing so far, but I wanted to report that everything seems to be working perfectly. Thank you again, Timo. Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 901 bytes Desc: OpenPGP digital signature URL: From gedalya at gedalya.net Wed Jul 10 19:10:07 2013 From: gedalya at gedalya.net (Gedalya) Date: Wed, 10 Jul 2013 12:10:07 -0400 Subject: [Dovecot] dsync/imapc migration question In-Reply-To: <4A9CA99B-09C5-423D-927B-362DE6ACC18B@iki.fi> References: <51D1A7FE.9030309@gedalya.net> <4A9CA99B-09C5-423D-927B-362DE6ACC18B@iki.fi> Message-ID: <51DD875F.8060001@gedalya.net> On 07/10/2013 02:49 AM, Timo Sirainen wrote: > I think imapc automatically reconnects and retries the command. In any case you should retry if dsync returns non-zero exit code. > > (The I/O and timeout leaks don't really matter, but they are also finally fixed in v2.2.3+.) Yes, I already adjusted the calling code (massive perl script) to ignore the leak messages, and of course look at the exit code. So, you're saying impac reconnects. I guess there is doing to be an error on top of "Server disconnected unexpectedly" if there was something irrecoverable. So can I just code that in? Or should I look only at the exit code? I'm being paranoid here, I know.. From kgc at corp.sonic.net Wed Jul 10 21:48:01 2013 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Wed, 10 Jul 2013 11:48:01 -0700 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <51DD5090.5040103@metaways.de> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> Message-ID: <0e379bb76c116b76a76e01e6cd402098@sonic.net> On 2013-07-10 05:16, Daniel Parthey wrote: > Just do a complete login/logout sequence. If you aren't doing a complete login/logout sequence and possibly even pulling down a message you aren't performing an accurate health check to begin with. We don't use nagios but I'd be surprised if those scripts don't optionally take a username and password. > This is fine for the nagios checks, but we are facing similar > problems with our loadbalancer, which is just doing TCP Healthchecks > on the IMAP/POP3/SIEVE ports, so being able to disable the warning > for trusted networks would be really helpful. Same here. We use LVS with surealived and LUA scripting to do a complete login/logout cycle as part of the health check. Even the ancient Alteon's had similar functionality (and supported common protocols like pop and imap out of the box.) -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From tss at iki.fi Wed Jul 10 22:00:34 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 22:00:34 +0300 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <0e379bb76c116b76a76e01e6cd402098@sonic.net> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> Message-ID: On 10.7.2013, at 21.48, Kelsey Cummings wrote: >> This is fine for the nagios checks, but we are facing similar >> problems with our loadbalancer, which is just doing TCP Healthchecks >> on the IMAP/POP3/SIEVE ports, so being able to disable the warning >> for trusted networks would be really helpful. > > Same here. We use LVS with surealived and LUA scripting to do a complete login/logout cycle as part of the health check. Even the ancient Alteon's had similar functionality (and supported common protocols like pop and imap out of the box.) So it would have to disable logging also for the logout message after login.. Can those load balancers be configured to send these kind of extra XCLIENT/ID commands? Is it really worth the effort that it really works in enough systems? From piotr-l at netexpert.pl Wed Jul 10 22:28:05 2013 From: piotr-l at netexpert.pl (Piotr Szafarczyk - NetExpert) Date: Wed, 10 Jul 2013 21:28:05 +0200 Subject: [Dovecot] How to manipulate attachments with LDA? In-Reply-To: <51DC21B9.9000000@sys4.de> References: <51DC0385.3030800@netexpert.pl> <51DC06A6.40103@sys4.de> <51DC112F.3010903@netexpert.pl> <51DC21B9.9000000@sys4.de> Message-ID: <51DDB5C5.8050202@netexpert.pl> On 2013-07-09 16:44, Robert Schetterer wrote: > at my last tests , i was able to execute procmail with sieve, > > it should do some stuff to attachments > > http://blog.lundscape.com/2009/10/extract-email-attachments-with-procmail-and-munpack/ > > but perhaps you wanna use more postfix stuff > > look at > > http://www.developertoolshed.com/how-to/141/ This posfix detaching looks promising. Thanks a lot. From d.parthey at metaways.de Wed Jul 10 22:39:48 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Wed, 10 Jul 2013 21:39:48 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> Message-ID: <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> Timo Sirainen schrieb: >On 10.7.2013, at 21.48, Kelsey Cummings wrote: > >>> This is fine for the nagios checks, but we are facing similar >>> problems with our loadbalancer, which is just doing TCP Healthchecks >>> on the IMAP/POP3/SIEVE ports, so being able to disable the warning >>> for trusted networks would be really helpful. >> >> Same here. We use LVS with surealived and LUA scripting to do a >complete login/logout cycle as part of the health check. Even the >ancient Alteon's had similar functionality (and supported common >protocols like pop and imap out of the box.) > >So it would have to disable logging also for the logout message after >login.. Can those load balancers be configured to send these kind of >extra XCLIENT/ID commands? Is it really worth the effort that it really >works in enough systems? No. It does simple TCP connects, doesn't know about IMAP at all and won't send any string, it just checks if the TCP port is available. Would it be a problem to remove the log message altogether, at least for trusted IPs or make it a warning, not an error. What is so bad with TCP connects/disconnects without any IMAP traffic, especially when they originate from trusted IPs? From tss at iki.fi Wed Jul 10 22:41:29 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 10 Jul 2013 22:41:29 +0300 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> Message-ID: <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> On 10.7.2013, at 22.39, Daniel Parthey wrote: >> So it would have to disable logging also for the logout message after >> login.. Can those load balancers be configured to send these kind of >> extra XCLIENT/ID commands? Is it really worth the effort that it really >> works in enough systems? > > No. It does simple TCP connects, doesn't know about IMAP at all and won't send any string, it just checks if the TCP port is available. Would it be a problem to remove the log message altogether, at least for trusted IPs or make it a warning, not an error. What is so bad with TCP connects/disconnects without any IMAP traffic, especially when they originate from trusted IPs? They are regular info messages, not errors or warnings.. From d.parthey at metaways.de Wed Jul 10 23:47:40 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Wed, 10 Jul 2013 22:47:40 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> Message-ID: <51DDC86C.5010908@metaways.de> Am 10.07.2013 21:41, schrieb Timo Sirainen: > On 10.7.2013, at 22.39, Daniel Parthey wrote: > >>> So it would have to disable logging also for the logout message after >>> login.. Can those load balancers be configured to send these kind of >>> extra XCLIENT/ID commands? Is it really worth the effort that it really >>> works in enough systems? >> >> No. It does simple TCP connects, doesn't know about IMAP at all and won't send any string, it just checks if the TCP port is available. Would it be a problem to remove the log message altogether, at least for trusted IPs or make it a warning, not an error. What is so bad with TCP connects/disconnects without any IMAP traffic, especially when they originate from trusted IPs? > > They are regular info messages, not errors or warnings.. > You're right, TCP connections don't seem to be a real problem here. I confused it with the following messages, we get every few minutes in the dovecot-director.log, but I'm not sure of their origin yet, there are some other imap proxies/balancer in front of the director: Jul 10 21:51:46 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 21:51:49 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 21:54:46 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 21:56:22 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 21:57:51 10.129.3.200 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 21:59:23 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:00:48 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:03:47 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:06:51 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:11:14 10.129.3.200 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:12:52 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:15:50 10.129.3.200 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:15:50 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:24:51 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:24:53 10.129.3.200 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:35:21 10.129.3.200 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:39:52 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Jul 10 22:41:22 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele From AxelLuttgens at swing.be Thu Jul 11 00:13:50 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Wed, 10 Jul 2013 23:13:50 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> Message-ID: Le 10 juil. 2013 ? 21:41, Timo Sirainen a ?crit : > On 10.7.2013, at 22.39, Daniel Parthey wrote: > >>> So it would have to disable logging also for the logout message after >>> login.. Can those load balancers be configured to send these kind of >>> extra XCLIENT/ID commands? Is it really worth the effort that it really >>> works in enough systems? >> >> No. It does simple TCP connects, doesn't know about IMAP at all and won't send any string, it just checks if the TCP port is available. Would it be a problem to remove the log message altogether, at least for trusted IPs or make it a warning, not an error. What is so bad with TCP connects/disconnects without any IMAP traffic, especially when they originate from trusted IPs? > > They are regular info messages, not errors or warnings.. Really, I'm not sure it is the role of Dovecot to bother with such things. As a mail-related software, it is essential to know it will report any potentially useful info. So, if the admin ins't interested in info messages emitted by Dovecot, just filter those messages at the logging system level; no need to have Dovecot implement sophisticated logging policies. If Nagios insists on natively perform incomplete logins, it isn't Dovecot's responsibility to try to filter such log messages on the basis of sophisticated rules: on the contrary, such messages are useful to understand that something is worth a deeper investigation than just asking Dovecot to implement more complexity for more than probably futile reasons. If a device or a surveyor software behaves like an attacker, couldn't be argued that the device or the surveyor software is somehow flawed, instead of asking Dovecot to hide those flaws? Axel From ka at pacific.net Thu Jul 11 00:22:18 2013 From: ka at pacific.net (Ken A) Date: Wed, 10 Jul 2013 16:22:18 -0500 Subject: [Dovecot] Dovecot 2.2.4 : Panic: file pop3-client.c: line 585 (client_default_destroy): assertion failed: (client->cmd == NULL) In-Reply-To: References: <51D70A4D.2020409@pacific.net> Message-ID: <51DDD08A.7030703@pacific.net> Thanks! I'll let you know if the issue disappears. Ken Anderson On 7/9/2013 9:20 PM, Timo Sirainen wrote: > On 5.7.2013, at 21.02, Ken A wrote: > >> This doesn't seem to affect clients, but I'm seeing an occasional pop3 >> error in the log over the last week. >> Any ideas what is causing this? > .. >>> Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Connection >>> closed top=0/0, retr=0/0, del=0/4582, size=246709805 >> >>> Jul 4 15:04:03 mail dovecot: POP3(user)x.x.x.x: Panic: file >>> pop3-client.c: line 585 (client_default_destroy): assertion failed: >>> (client->cmd == NULL) > > The only reason I can see for this is: http://hg.dovecot.org/dovecot-2.2/rev/debbcfe5577a > > > -- Ken Anderson Pacific Internet - http://www.pacific.net From me at junc.eu Thu Jul 11 04:59:29 2013 From: me at junc.eu (Benny Pedersen) Date: Thu, 11 Jul 2013 03:59:29 +0200 Subject: [Dovecot] Services not starting in 2.1 (or 2.2) In-Reply-To: <20130710120900.GA12922@mrwolf.afraid.org> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> <20130710120900.GA12922@mrwolf.afraid.org> Message-ID: <85232ca24b7cc1dce849d54075ea55ac@junc.eu> Tommy Wareing skrev den 2013-07-10 14:09: [snip] >> Otherwise, you'd probably get much better help on the QNAP forums... > > I'm trying there as well. But trying to identify an active, relevant > sub-forum is an interesting challenge in its own right :) Fingers > crossed! yes qnap qpkg have btw xmail, dont know if its based on dovecot, but its more a maintained package then dovecot in ipkg is, is you running mta aswell in qnap ? wish from my side is that qnap change to gentoo portage, and then let portage maintainers support qnap hardware, its just a wish, just installing gentoo is not a problem, its just loose what software qnap makes :( http://wiki.qnap.com/wiki/Category:XDove is the only dovecot link i could find that is not just ipkg install dovecot :=) i think you have done ipkg update, ipkg upgrade, so this does not help old packages :( i self have a ts-419p+ From adrian.stoica at dacris.net Thu Jul 11 13:28:02 2013 From: adrian.stoica at dacris.net (Adrian Stoica) Date: Thu, 11 Jul 2013 13:28:02 +0300 Subject: [Dovecot] Fault in dovecot 2.1.17 Message-ID: The system hang, linux from scratch. I have changed the live kernel from linux-2.6.35.4 to linux-2.6.32.61 , to see if the fault still occurs. The kernel 2.6.35.4 was working fine with all version up to dovecot 2.1.12 , from which i made update to 2.1.17. dovecot -n # 2.1.17: /usr/dovecot21/etc/dovecot/dovecot.conf # OS: Linux 2.6.32.61 i686 auth_cache_negative_ttl = 1 secs auth_cache_size = 2 M auth_failure_delay = 4 secs auth_mechanisms = plain login digest-md5 cram-md5 auth_worker_max_count = 100 base_dir = /var/run/dovecot/ default_client_limit = 4096 default_internal_user = vmail default_login_user = nobody default_process_limit = 256 deliver_log_format = mail delivery from=%f subject=%s msgid=%m: %$ dict { acl = mysql:/usr/dovecot21/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_uid = 1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * mail_location = maildir:~/Maildir mail_plugins = " quota acl trash notify mail_log" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /usr/dovecot21/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_defaults_from_inbox = yes acl_shared_dict = proxy::acl autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = INBOX autosubscribe4 = Sent mail_log_events = delete mailbox_delete mailbox_rename mail_log_fields = box subject from msgid size quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=95%% quota-warning 90 %u quota_warning3 = storage=85%% quota-warning 85 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 10 trash = /usr/dovecot21/etc/dovecot/dovecot-trash.conf.ext } postmaster_address = postmaster at dacris.net protocols = imap quota_full_tempfail = yes rejection_subject = Rejected: %s: %r service auth { unix_listener auth-client { mode = 0666 user = vmail } unix_listener auth-userdb { mode = 0666 user = vmail } } service dict { unix_listener dict { user = vmail } } service imap-login { process_min_avail = 4 } service imap-postlogin { executable = script-login /bin/imap.sh unix_listener imap-postlogin { mode = 01232 } } service imap { executable = imap imap-postlogin process_limit = 1024 vsz_limit = 1 G } service quota-warning { executable = script /bin/quota_warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = vm_ops->fault: filemap_fault+0x0/0x2fa Jul 11 10:14:01 mail kernel: vma->vm_file->f_op->mmap: ext4_file_mmap+0x0/0x39 Jul 11 10:14:01 mail kernel: Pid: 22889, comm: imap-login Not tainted 2.6.35.4 #2 Jul 11 10:14:01 mail kernel: Call Trace: Jul 11 10:14:01 mail kernel: [] ? print_bad_pte+0x13a/0x14b Jul 11 10:14:01 mail kernel: [] ? unmap_vmas+0x33b/0x62d Jul 11 10:14:01 mail kernel: [] ? try_to_wake_up+0x206/0x210 Jul 11 10:14:01 mail kernel: [] ? exit_mmap+0x8c/0x107 Jul 11 10:14:01 mail kernel: [] ? mmput+0x1c/0x8c Jul 11 10:14:01 mail kernel: [] ? exit_mm+0xdc/0xe4 Jul 11 10:14:01 mail kernel: [] ? hrtimer_try_to_cancel+0x55/0x5b Jul 11 10:14:01 mail kernel: [] ? acct_collect+0x77/0x126 Jul 11 10:14:01 mail kernel: [] ? do_exit+0x1c8/0x5bc Jul 11 10:14:01 mail kernel: [] ? mntput_no_expire+0x15/0xad Jul 11 10:14:01 mail kernel: [] ? do_group_exit+0x5a/0x7d Jul 11 10:14:01 mail kernel: [] ? sys_exit_group+0x11/0x14 Jul 11 10:14:01 mail kernel: [] ? sysenter_do_call+0x12/0x22 Jul 11 10:14:01 mail kernel: Disabling lock debugging due to kernel taint Jul 11 10:14:01 mail kernel: BUG: Bad page state in process imap-login pfn:c926b Jul 11 10:14:01 mail kernel: page:c2f2ed60 count:0 mapcount:-1 mapping:ec5a03a0 index:0x4ab Jul 11 10:14:01 mail kernel: page flags: 0x80020008(uptodate|mappedtodisk) Jul 11 10:14:01 mail kernel: Pid: 22889, comm: imap-login Tainted: G B 2.6.35.4 #2 Jul 11 10:14:01 mail kernel: Call Trace: Jul 11 10:14:01 mail kernel: [] ? bad_page+0x9c/0xae Jul 11 10:14:01 mail kernel: [] ? free_pages_prepare+0x55/0xc5 Jul 11 10:14:01 mail kernel: [] ? free_hot_cold_page+0x20/0xef Jul 11 10:14:01 mail kernel: [] ? __pagevec_free+0x1a/0x21 Jul 11 10:14:01 mail kernel: [] ? release_pages+0x165/0x16d Jul 11 10:14:01 mail kernel: [] ? free_pages_and_swap_cache+0x68/0x74 Jul 11 10:14:01 mail kernel: [] ? unmap_vmas+0x386/0x62d Jul 11 10:14:01 mail kernel: [] ? try_to_wake_up+0x206/0x210 Jul 11 10:14:01 mail kernel: [] ? exit_mmap+0x8c/0x107 Jul 11 10:14:01 mail kernel: [] ? mmput+0x1c/0x8c Jul 11 10:14:01 mail kernel: [] ? exit_mm+0xdc/0xe4 Jul 11 10:14:01 mail kernel: [] ? hrtimer_try_to_cancel+0x55/0x5b Jul 11 10:14:01 mail kernel: [] ? acct_collect+0x77/0x126 Jul 11 10:14:01 mail kernel: [] ? do_exit+0x1c8/0x5bc Jul 11 10:14:01 mail kernel: [] ? mntput_no_expire+0x15/0xad Jul 11 10:14:01 mail kernel: [] ? do_group_exit+0x5a/0x7d Jul 11 10:14:01 mail kernel: [] ? sys_exit_group+0x11/0x14 Jul 11 10:14:01 mail kernel: [] ? sysenter_do_call+0x12/0x22 From tss at iki.fi Thu Jul 11 13:53:19 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 11 Jul 2013 13:53:19 +0300 Subject: [Dovecot] Fault in dovecot 2.1.17 In-Reply-To: References: Message-ID: On 11.7.2013, at 13.28, Adrian Stoica wrote: > The system hang, linux from scratch. > I have changed the live kernel from linux-2.6.35.4 to linux-2.6.32.61 , to see if the fault still occurs. > The kernel 2.6.35.4 was working fine with all version up to dovecot 2.1.12 , from which i made update to 2.1.17. .. > Jul 11 10:14:01 mail kernel: BUG: Bad page map in process imap-login pte:c926b025 pmd:4597c067 If Dovecot can break a kernel then it's a kernel bug. Report it to kernel people. From CMarcus at Media-Brokers.com Thu Jul 11 13:55:17 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 11 Jul 2013 06:55:17 -0400 Subject: [Dovecot] Fault in dovecot 2.1.17 In-Reply-To: References: Message-ID: <51DE8F15.6020307@Media-Brokers.com> On 2013-07-11 6:53 AM, Timo Sirainen wrote: > On 11.7.2013, at 13.28, Adrian Stoica wrote: > >> The system hang, linux from scratch. >> I have changed the live kernel from linux-2.6.35.4 to linux-2.6.32.61 , to see if the fault still occurs. >> The kernel 2.6.35.4 was working fine with all version up to dovecot 2.1.12 , from which i made update to 2.1.17. > .. >> Jul 11 10:14:01 mail kernel: BUG: Bad page map in process imap-login pte:c926b025 pmd:4597c067 > If Dovecot can break a kernel then it's a kernel bug. Report it to kernel people. Which also begs the question... why are you running such old software on a system that you fully control (LFS)? Upgrade to a modern kernel? -- Best regards, Charles From iipopgab at gmail.com Thu Jul 11 16:31:54 2013 From: iipopgab at gmail.com (Gab IIpop) Date: Thu, 11 Jul 2013 09:31:54 -0400 Subject: [Dovecot] (no subject) Message-ID: >From the documentation, virtual users seem like a good idea if you plan on having a lot of users. Although I'm wondering about the following: What other benefits/consequences are there to using virtual over system users and vice versa? Will virtual users have the same protection as system users (system users would use linux permissions, which is pretty secure)? How easy will it be to switch from using system users to virtual users or vice versa? From thomas-lists at nybeta.com Thu Jul 11 17:37:54 2013 From: thomas-lists at nybeta.com (Thomas Harold) Date: Thu, 11 Jul 2013 10:37:54 -0400 Subject: [Dovecot] Pigeonhole vacation auto-response not respecting "days" parameter Message-ID: <51DEC342.9080101@nybeta.com> This might be a PEBKAC on my end, but in our old server, "vacation" responses would only be sent back to an origin address once per day because we had ":days 1" in the rule. On the new server, even though we have ":days 1", pigeonhole is sending responses to every message, resulting in multiple vacation responses each day back to each origin address. The following was generated by Roundcube's web interface, it looks to be correct. ----------------------- require ["vacation"]; # rule:[vacation-reply] if allof (not header :contains "Subject" "[spam]", not exists "List-Unsubscribe") { vacation :days 1 :addresses ["email1 at example.com","email2 at example.com"] :subject "Out of office reply" text: I am currently out of the office July 11th and 12th, returning on July 15th. During this time I will have no access to email. Thank you. User So-And-So . ; } ----------------------- Interestingly, if I look at .dovecot.sieve.log, I see error messages like (except that the vacation responses are, in reality, being sent): error: msgid=<20130711134816.35B9A40335 at mail.example.com>: failed to send vacation response to (refer to server log for more information). And in the maillog: Jul 11 09:48:17 servername sendmail[28244]: r6BDmHem028244: SYSERR(UID1132): Who are you? Jul 11 09:48:17 servername sendmail[28244]: r6BDmHem028244: Authentication-Warning: servername .example.com: Unknown UID 1132 set sender to <> using -f Jul 11 09:48:17 servername sendmail[28244]: r6BDmHem028244: from=<>, size=725, class=-60, nrcpts=1, msgid=, relay=Unknown UID 1132 at localhost My guess at this point is that I've failed to configure pigeonhole and/or postfix's copy of the sendmail command properly so that it can create the "who I have send mail to recently" file. From pvnostrand at gmail.com Thu Jul 11 21:47:04 2013 From: pvnostrand at gmail.com (Peter von Nostrand) Date: Thu, 11 Jul 2013 15:47:04 -0300 Subject: [Dovecot] SSL cert problem Message-ID: Hi, I'm running a new dovecot 2.0.9 under Centos 6.4. I'm having an issue with SSL certificate not being accepted by the email client. I have my own CA and I have generated certificates for web usage without a problem. For imaps and pop3s what I did was generate a certificate for the hostname of my dovecot server and then cat that cert with the intermediate and root CA certificates. No matter what thunderbird still complains with Unknown identity. # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.2.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_username_format = %n disable_plaintext_auth = no log_path = /var/log/dovecot.log mail_fsync = never mail_home = /vmail/%u mail_location = maildir:~/Maildir mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = maildir:User quota quota_rule = *:storage=1G quota_rule2 = Trash:storage=+100M sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service lmtp { unix_listener lmtp { user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = References: Message-ID: <51DF062F.5050608@thelounge.net> Am 11.07.2013 20:47, schrieb Peter von Nostrand: > I'm running a new dovecot 2.0.9 under Centos 6.4. I'm having an issue with > SSL certificate not being accepted by the email client. > I have my own CA and I have generated certificates for web usage without a > problem. > > For imaps and pop3s what I did was generate a certificate for the hostname > of my dovecot server and then cat that cert with the intermediate and root > CA certificates. No matter what thunderbird still complains with Unknown > identity. because thunderbird does not trust your own CA by default without import it there by hand - you can not expect to cat your CA to the cert for the server and that is enough to get truested by the client - if so everybody would do this to make his DNS forgery successful please do not post debug logs anywhere without requested > This is the log: > Jul 11 15:38:45 imap-login: Warning: SSL: where=0x10, ret=1: > before/accept initialization [192.168.0.1] > Jul 11 15:38:45 imap-login: Warning: SSL: where=0x2001, ret=1: > before/accept initialization [192.168.0.1] > Jul 11 15:38:45 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv2/v3 > read client hello A [192.168.0.1] the below is clear because the client does not finish the TLS handshake > Jul 11 15:38:45 imap-login: Info: Disconnected (no auth attempts): > rip=192.168.0.1, lip=192.168.1.1, TLS: SSL_read() failed: > error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate > unknown: SSL alert number 46 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From h.reindl at thelounge.net Thu Jul 11 22:55:17 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 11 Jul 2013 21:55:17 +0200 Subject: [Dovecot] SSL cert problem In-Reply-To: References: <51DF062F.5050608@thelounge.net> Message-ID: <51DF0DA5.4080304@thelounge.net> Am 11.07.2013 21:51, schrieb Peter von Nostrand: > On Thu, Jul 11, 2013 at 4:23 PM, Reindl Harald > because thunderbird does not trust your own CA by default > without import it there by hand - you can not expect to > cat your CA to the cert for the server and that is enough > to get truested by the client - if so everybody would do > this to make his DNS forgery successful > > Sorry, I should specify that I already have my root CA certificates loaded in thunderbird much more important you should reply this to the list and not off-list, fixed by me, no need to send it again -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From professa at dementianati.com Thu Jul 11 23:18:59 2013 From: professa at dementianati.com (Professa Dementia) Date: Thu, 11 Jul 2013 13:18:59 -0700 Subject: [Dovecot] SSL cert problem In-Reply-To: References: Message-ID: <51DF1333.4050901@dementianati.com> On 7/11/2013 11:47 AM, Peter von Nostrand wrote: > Hi, > I'm running a new dovecot 2.0.9 under Centos 6.4. I'm having an issue with > SSL certificate not being accepted by the email client. > I have my own CA and I have generated certificates for web usage without a > problem. > > For imaps and pop3s what I did was generate a certificate for the hostname > of my dovecot server and then cat that cert with the intermediate and root > CA certificates. No matter what thunderbird still complains with Unknown > identity. If you have access to a Unix / Linux system, you can use openssl with the s_client command to connect to your mail server, much as you would have done with telnet in the old days. openssl shows all of the key exchange in detail and should be more than enough for you to be able to debug your problem. Compare fingerprints of the keys you have stored with those being sent to/from the server. Example: openssl s_client -connect mail.mydomain.com:995 Dem From alandaluz at gmail.com Fri Jul 12 01:50:05 2013 From: alandaluz at gmail.com (Cassidy Larson) Date: Thu, 11 Jul 2013 16:50:05 -0600 Subject: [Dovecot] Multiple Folders Continually Auto-Created Message-ID: I've had reports of a number of clients running Outlook 2011 on Mac where they have quite a few folders with the same name appended by multiple "1"s. So far I've only narrowed it down to Outlook 2011 on Mac. We've been in the process of migrating to sdbox on a new server from maildir using dsync backup. Example folder structure: INBOX INBOX 1 INBOX 1 1 INBOX 1 1 1 INBOX 1 1 1 1 INBOX 1 1 1 1 1 INBOX 1 1 1 1 1 1 INBOX 1 1 1 1 1 1 1 INBOX 1 1 1 1 1 1 1 1 INBOX 1 1 1 1 1 1 1 1 1 INBOX 1 1 1 1 1 1 1 1 1 1 Junk Junk 1 Junk 1 1 Junk 1 1 1 Junk 1 1 1 1 Junk 1 1 1 1 1 Junk 1 1 1 1 1 1 Junk 1 1 1 1 1 1 1 Junk 1 1 1 1 1 1 1 1 and so on for "Sent Messages", etc. Seems that the the default folders for these clients are getting created over and over again, each time with a new "1" at the end. Anybody else see this? I'm digging for a client I can troubleshoot with and reproduce with me watching. Thanks, -c From tss at iki.fi Fri Jul 12 02:44:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 12 Jul 2013 02:44:23 +0300 Subject: [Dovecot] Ambiguous behavior with prefetch database? In-Reply-To: References: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> Message-ID: <1373586263.31839.13.camel@hurina> On Wed, 2013-07-10 at 11:38 +0200, Axel Luttgens wrote: > Le 10 juil. 2013 ? 04:37, Timo Sirainen a ?crit : > > > Fixed: http://hg.dovecot.org/dovecot-2.2/rev/9091d0f2d971 > > > > And for LDAP: http://hg.dovecot.org/dovecot-2.2/rev/939aa051e3f1 > > Hello Timo, > > Many thanks for having taken the pain to have a look at this. > (BTW, when do you sleep?) > > I've tried the patch for sql, on an otherwise unpatched 2.2.4. > And it unfortunately doesn't seem to yield the expected results: I still need the "AS userdb_uid" workaround. > > May I somehow be useful by trying something else here? Here: http://hg.dovecot.org/dovecot-2.2/rev/2be295a0b64f From tss at iki.fi Fri Jul 12 02:50:54 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 12 Jul 2013 02:50:54 +0300 Subject: [Dovecot] Multiple Folders Continually Auto-Created In-Reply-To: References: Message-ID: <5DF12655-A162-4944-B399-5D8703C109DC@iki.fi> On 12.7.2013, at 1.50, Cassidy Larson wrote: > I've had reports of a number of clients running Outlook 2011 on Mac where > they have quite a few folders with the same name appended by multiple > "1"s. So far I've only narrowed it down to Outlook 2011 on Mac. We've > been in the process of migrating to sdbox on a new server from maildir > using dsync backup. > > Seems that the the default folders for these clients are getting created > over and over again, each time with a new "1" at the end. > > Anybody else see this? I'm digging for a client I can troubleshoot with > and reproduce with me watching. Enable rawlog for the user to see what Outlook does: http://wiki2.dovecot.org/Debugging/Rawlog sdbox has some minor differences in how the folder listing works, but since these are root level folders I don't think that's relevant. What Dovecot version are you using? Are you autocreating any folders on Dovecot side? From tss at iki.fi Fri Jul 12 03:09:38 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 12 Jul 2013 03:09:38 +0300 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: <51DDC86C.5010908@metaways.de> References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> <51DDC86C.5010908@metaways.de> Message-ID: On 10.7.2013, at 23.47, Daniel Parthey wrote: > You're right, TCP connections don't seem to be a real problem here. > > I confused it with the following messages, we get every few minutes in the dovecot-director.log, but I'm not sure of their origin yet, > there are some other imap proxies/balancer in front of the director: > > Jul 10 21:51:46 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer > Jul 10 21:51:49 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer Those aren't really errors. They should just be ignored. This gets rid of them: http://hg.dovecot.org/dovecot-2.2/rev/ebbe00999da8 I'm not sure why I haven't seen these before though. Was this with Linux? Or I guess more likely it's because you're not using it in high performance mode as explained in http://wiki2.dovecot.org/LoginProcess From tss at iki.fi Fri Jul 12 03:13:16 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 12 Jul 2013 03:13:16 +0300 Subject: [Dovecot] dsync/imapc migration question In-Reply-To: <51DD875F.8060001@gedalya.net> References: <51D1A7FE.9030309@gedalya.net> <4A9CA99B-09C5-423D-927B-362DE6ACC18B@iki.fi> <51DD875F.8060001@gedalya.net> Message-ID: On 10.7.2013, at 19.10, Gedalya wrote: > On 07/10/2013 02:49 AM, Timo Sirainen wrote: >> I think imapc automatically reconnects and retries the command. In any case you should retry if dsync returns non-zero exit code. >> >> (The I/O and timeout leaks don't really matter, but they are also finally fixed in v2.2.3+.) > Yes, I already adjusted the calling code (massive perl script) to ignore the leak messages, and of course look at the exit code. > So, you're saying impac reconnects. I guess there is doing to be an error on top of "Server disconnected unexpectedly" if there was something irrecoverable. So can I just code that in? Or should I look only at the exit code? I'm being paranoid here, I know.. Exit code 0 should be enough (if not, it's a bug and I'd like to know), but it's good to be paranoid. :) From ben at morrow.me.uk Fri Jul 12 03:37:50 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 12 Jul 2013 01:37:50 +0100 Subject: [Dovecot] SSL cert problem In-Reply-To: <51DF1333.4050901@dementianati.com> References: <51DF1333.4050901@dementianati.com> Message-ID: <20130712003750.GC19776@anubis.morrow.me.uk> At 1PM -0700 on 11/07/13 you (Professa Dementia) wrote: > > If you have access to a Unix / Linux system, you can use openssl with > the s_client command to connect to your mail server, much as you would > have done with telnet in the old days. openssl shows all of the key > exchange in detail and should be more than enough for you to be able to > debug your problem. Compare fingerprints of the keys you have stored > with those being sent to/from the server. > > Example: > > openssl s_client -connect mail.mydomain.com:995 For STARTTLS that needs to be openssl s_client -starttls imap mail.mydomain.com:143 Ben From alandaluz at gmail.com Fri Jul 12 07:38:47 2013 From: alandaluz at gmail.com (Cassidy Larson) Date: Thu, 11 Jul 2013 22:38:47 -0600 Subject: [Dovecot] Multiple Folders Continually Auto-Created In-Reply-To: <5DF12655-A162-4944-B399-5D8703C109DC@iki.fi> References: <5DF12655-A162-4944-B399-5D8703C109DC@iki.fi> Message-ID: I'm on 2.2.4 and don't auto-create any folders. I'll try rawlog if I can figure out how to reproduce it. I tried Outlook 2011 on my mac connecting to a duplicate of one of the original problem users and unable to get it to reproduce. Thanks for the suggestion. -c On Thu, Jul 11, 2013 at 5:50 PM, Timo Sirainen wrote: > Enable rawlog for the user to see what Outlook does: > http://wiki2.dovecot.org/Debugging/Rawlog > > sdbox has some minor differences in how the folder listing works, but > since these are root level folders I don't think that's relevant. > > What Dovecot version are you using? Are you autocreating any folders on > Dovecot side? > > From aoster at novanetwork.de Fri Jul 12 08:27:49 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Fri, 12 Jul 2013 07:27:49 +0200 Subject: [Dovecot] getting quota error when accessing private namespace Message-ID: Hi all, I have run into a problem which I cannot find a solution for. I have created an additional private namespace with the following commands in dovecot.conf : namespace { disabled = no hidden = no ignore_on_failure = no inbox = no list = children location = maildir:/var/vmail/archives/%Ln/Maildir mailbox "archived mails" { auto = subscribe driver = special_use = \Archive } prefix = Archives/ separator = / subscriptions = yes type = private } plugin { quota = maildir:User quota:ns= quota2 = maildir:Archives quota:ns=Archives/ quota2_rule = *:storage=5G quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M } I can access the new namespace without any problems but every time a folder in this namespace is accessed, I get the following error messages in mail.err log: dovecot: imap(testuser): Error: quota: Unknown namespace: Archives/ dovecot: last message repeated 49 times Quota seems to work, though I have the feeling, that it only will be updated when closing and reopening the mail client, but this can also be a client issue. Quota for the INBOX is either taken from LDAP or, if there is no value defined in LDAP, will be assigned a quota of 1G The Archives/ namespace has a static quota of 5G for every user. Does anyone have idea how to get rid of these error messages ? Thank you for your kind help Andreas From rs at sys4.de Fri Jul 12 09:39:56 2013 From: rs at sys4.de (Robert Schetterer) Date: Fri, 12 Jul 2013 08:39:56 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: References: Message-ID: <51DFA4BC.10705@sys4.de> Am 12.07.2013 07:27, schrieb Andreas Oster: > Hi all, > > I have run into a problem which I cannot find a solution for. > > I have created an additional private namespace with the following > commands in dovecot.conf : > > namespace { > disabled = no > hidden = no > ignore_on_failure = no > inbox = no > list = children > location = maildir:/var/vmail/archives/%Ln/Maildir > mailbox "archived mails" { > auto = subscribe > driver = > special_use = \Archive > } > prefix = Archives/ > separator = / > subscriptions = yes > type = private > } > > plugin { > quota = maildir:User quota:ns= > quota2 = maildir:Archives quota:ns=Archives/ > quota2_rule = *:storage=5G > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+200M > } > > > I can access the new namespace without any problems but every time > a folder in this namespace is accessed, I get the following error > messages in mail.err log: > > dovecot: imap(testuser): Error: quota: Unknown namespace: Archives/ > dovecot: last message repeated 49 times > > > Quota seems to work, though I have the feeling, that it only will be > updated when closing and reopening the mail client, but this can also > be a client issue. > > Quota for the INBOX is either taken from LDAP or, if there is no value > defined in LDAP, will be assigned a quota of 1G > > The Archives/ namespace has a static quota of 5G for every user. > > > Does anyone have idea how to get rid of these error messages ? > > Thank you for your kind help > > Andreas > why you want to have a separate namespace for archives ?, why not use simply a imap folder for every user ( which i wouldnt call archives, cause that name is allready used by thunderbird etc ), or use some pub namespace with an archive-username folder, restrictions can be done by acl, what problem youre trying to solve? perhaps you might have a look at http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ for ideas also http://sys4.de/de/blog/2013/03/25/outlook-2013-special-use-mit-dovecot/ should give you help for special use handling, guess german is ok for you Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From aoster at novanetwork.de Fri Jul 12 10:07:32 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Fri, 12 Jul 2013 09:07:32 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFA4BC.10705@sys4.de> References: <51DFA4BC.10705@sys4.de> Message-ID: <51DFAB34.4060100@novanetwork.de> Am 12.07.2013 08:39, schrieb Robert Schetterer: > Am 12.07.2013 07:27, schrieb Andreas Oster: >> Hi all, >> >> I have run into a problem which I cannot find a solution for. >> >> I have created an additional private namespace with the following >> commands in dovecot.conf : >> >> namespace { >> disabled = no >> hidden = no >> ignore_on_failure = no >> inbox = no >> list = children >> location = maildir:/var/vmail/archives/%Ln/Maildir >> mailbox "archived mails" { >> auto = subscribe >> driver = >> special_use = \Archive >> } >> prefix = Archives/ >> separator = / >> subscriptions = yes >> type = private >> } >> >> plugin { >> quota = maildir:User quota:ns= >> quota2 = maildir:Archives quota:ns=Archives/ >> quota2_rule = *:storage=5G >> quota_rule = *:storage=1G >> quota_rule2 = Trash:storage=+200M >> } >> >> >> I can access the new namespace without any problems but every time >> a folder in this namespace is accessed, I get the following error >> messages in mail.err log: >> >> dovecot: imap(testuser): Error: quota: Unknown namespace: Archives/ >> dovecot: last message repeated 49 times >> >> >> Quota seems to work, though I have the feeling, that it only will be >> updated when closing and reopening the mail client, but this can also >> be a client issue. >> >> Quota for the INBOX is either taken from LDAP or, if there is no value >> defined in LDAP, will be assigned a quota of 1G >> >> The Archives/ namespace has a static quota of 5G for every user. >> >> >> Does anyone have idea how to get rid of these error messages ? >> >> Thank you for your kind help >> >> Andreas >> > > why you want to have a separate namespace for archives ?, why not use > simply a imap folder for every user ( which i wouldnt call archives, > cause that name is allready used by thunderbird etc ), or use some pub > namespace with an archive-username folder, restrictions can be done by > acl, what problem youre trying to solve? > > perhaps you might have a look at > > http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ > > for ideas > > also > > http://sys4.de/de/blog/2013/03/25/outlook-2013-special-use-mit-dovecot/ > > should give you help for special use handling, guess german is ok for you > > > Best Regards > MfG Robert Schetterer > Hello Robert, thank you for your fast response. I wanted to use the Thunderbird archive feature to allow users to move old mails, they want to keep, to a storage located on another server. But it would be perfectly OK to just have another folder where they can drop their old stuff. Every user should have a quota of 5G in that folder, which is different from the default INBOX quota. best regards Andreas From aoster at novanetwork.de Fri Jul 12 10:07:32 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Fri, 12 Jul 2013 09:07:32 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFA4BC.10705@sys4.de> References: <51DFA4BC.10705@sys4.de> Message-ID: <51DFAB34.4060100@novanetwork.de> Am 12.07.2013 08:39, schrieb Robert Schetterer: > Am 12.07.2013 07:27, schrieb Andreas Oster: >> Hi all, >> >> I have run into a problem which I cannot find a solution for. >> >> I have created an additional private namespace with the following >> commands in dovecot.conf : >> >> namespace { >> disabled = no >> hidden = no >> ignore_on_failure = no >> inbox = no >> list = children >> location = maildir:/var/vmail/archives/%Ln/Maildir >> mailbox "archived mails" { >> auto = subscribe >> driver = >> special_use = \Archive >> } >> prefix = Archives/ >> separator = / >> subscriptions = yes >> type = private >> } >> >> plugin { >> quota = maildir:User quota:ns= >> quota2 = maildir:Archives quota:ns=Archives/ >> quota2_rule = *:storage=5G >> quota_rule = *:storage=1G >> quota_rule2 = Trash:storage=+200M >> } >> >> >> I can access the new namespace without any problems but every time >> a folder in this namespace is accessed, I get the following error >> messages in mail.err log: >> >> dovecot: imap(testuser): Error: quota: Unknown namespace: Archives/ >> dovecot: last message repeated 49 times >> >> >> Quota seems to work, though I have the feeling, that it only will be >> updated when closing and reopening the mail client, but this can also >> be a client issue. >> >> Quota for the INBOX is either taken from LDAP or, if there is no value >> defined in LDAP, will be assigned a quota of 1G >> >> The Archives/ namespace has a static quota of 5G for every user. >> >> >> Does anyone have idea how to get rid of these error messages ? >> >> Thank you for your kind help >> >> Andreas >> > > why you want to have a separate namespace for archives ?, why not use > simply a imap folder for every user ( which i wouldnt call archives, > cause that name is allready used by thunderbird etc ), or use some pub > namespace with an archive-username folder, restrictions can be done by > acl, what problem youre trying to solve? > > perhaps you might have a look at > > http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ > > for ideas > > also > > http://sys4.de/de/blog/2013/03/25/outlook-2013-special-use-mit-dovecot/ > > should give you help for special use handling, guess german is ok for you > > > Best Regards > MfG Robert Schetterer > Hello Robert, thank you for your fast response. I wanted to use the Thunderbird archive feature to allow users to move old mails, they want to keep, to a storage located on another server. But it would be perfectly OK to just have another folder where they can drop their old stuff. Every user should have a quota of 5G in that folder, which is different from the default INBOX quota. best regards Andreas From rs at sys4.de Fri Jul 12 10:37:13 2013 From: rs at sys4.de (Robert Schetterer) Date: Fri, 12 Jul 2013 09:37:13 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFAB34.4060100@novanetwork.de> References: <51DFA4BC.10705@sys4.de> <51DFAB34.4060100@novanetwork.de> Message-ID: <51DFB229.6050103@sys4.de> Am 12.07.2013 09:07, schrieb Andreas Oster: > Am 12.07.2013 08:39, schrieb Robert Schetterer: >> Am 12.07.2013 07:27, schrieb Andreas Oster: >>> Hi all, >>> >>> I have run into a problem which I cannot find a solution for. >>> >>> I have created an additional private namespace with the following >>> commands in dovecot.conf : >>> >>> namespace { >>> disabled = no >>> hidden = no >>> ignore_on_failure = no >>> inbox = no >>> list = children >>> location = maildir:/var/vmail/archives/%Ln/Maildir >>> mailbox "archived mails" { >>> auto = subscribe >>> driver = >>> special_use = \Archive >>> } >>> prefix = Archives/ >>> separator = / >>> subscriptions = yes >>> type = private >>> } >>> >>> plugin { >>> quota = maildir:User quota:ns= >>> quota2 = maildir:Archives quota:ns=Archives/ >>> quota2_rule = *:storage=5G >>> quota_rule = *:storage=1G >>> quota_rule2 = Trash:storage=+200M >>> } >>> >>> >>> I can access the new namespace without any problems but every time >>> a folder in this namespace is accessed, I get the following error >>> messages in mail.err log: >>> >>> dovecot: imap(testuser): Error: quota: Unknown namespace: Archives/ >>> dovecot: last message repeated 49 times >>> >>> >>> Quota seems to work, though I have the feeling, that it only will be >>> updated when closing and reopening the mail client, but this can also >>> be a client issue. >>> >>> Quota for the INBOX is either taken from LDAP or, if there is no value >>> defined in LDAP, will be assigned a quota of 1G >>> >>> The Archives/ namespace has a static quota of 5G for every user. >>> >>> >>> Does anyone have idea how to get rid of these error messages ? >>> >>> Thank you for your kind help >>> >>> Andreas >>> >> >> why you want to have a separate namespace for archives ?, why not use >> simply a imap folder for every user ( which i wouldnt call archives, >> cause that name is allready used by thunderbird etc ), or use some pub >> namespace with an archive-username folder, restrictions can be done by >> acl, what problem youre trying to solve? >> >> perhaps you might have a look at >> >> http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ >> >> for ideas >> >> also >> >> http://sys4.de/de/blog/2013/03/25/outlook-2013-special-use-mit-dovecot/ >> >> should give you help for special use handling, guess german is ok for you >> >> >> Best Regards >> MfG Robert Schetterer >> > > Hello Robert, > > thank you for your fast response. > > I wanted to use the Thunderbird archive feature to allow users to move > old mails, they want to keep, to a storage located on another server. > But it would be perfectly OK to just have another folder where they can > drop their old stuff. > Every user should have a quota of 5G in that folder, which is different > from the default INBOX quota. > > best regards > > Andreas > a folder can have additional plus quota via quota rules http://wiki2.dovecot.org/Quota/Configuration for short thinking you may use pub namespace with http://wiki2.dovecot.org/MailboxFormat/dbox#Alternate_storage but i nearly sure, there are some other solutions too for solving this, wait for other maybe better ideas Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Fri Jul 12 10:54:34 2013 From: rs at sys4.de (Robert Schetterer) Date: Fri, 12 Jul 2013 09:54:34 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFB229.6050103@sys4.de> References: <51DFA4BC.10705@sys4.de> <51DFAB34.4060100@novanetwork.de> <51DFB229.6050103@sys4.de> Message-ID: <51DFB63A.6090604@sys4.de> Am 12.07.2013 09:37, schrieb Robert Schetterer: >>> http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ >>> >>> for ideas like above a little bit different ( no postfix bcc archive feature and sieve autosort, instead for putting users mails by themselves to some archive by imap ) you may solve it ,with some backup.domain.de with alternate mail location in i.e ldap or mysql having some inbox and archive folder for every user mailbox on other physical mount in shared user namespace and using acl on it, this can be done automatic at user mailbox creation time with subscribe archive folder, use some static quota with it Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From aoster at novanetwork.de Fri Jul 12 11:02:27 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Fri, 12 Jul 2013 10:02:27 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFB63A.6090604@sys4.de> References: <51DFA4BC.10705@sys4.de> <51DFAB34.4060100@novanetwork.de> <51DFB229.6050103@sys4.de> <51DFB63A.6090604@sys4.de> Message-ID: <51DFB813.3010200@novanetwork.de> Am 12.07.2013 09:54, schrieb Robert Schetterer: > Am 12.07.2013 09:37, schrieb Robert Schetterer: >>>> http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ >>>> >>>> for ideas > > like above a little bit different ( no postfix bcc archive feature and > sieve autosort, instead for putting users mails by themselves to some > archive by imap ) you may solve it ,with some backup.domain.de with > alternate mail location in i.e ldap or mysql having some inbox and > archive folder for every user mailbox on other physical mount in shared > user namespace and using acl on it, this can be done automatic at user > mailbox creation time with subscribe archive folder, use some static > quota with it > > > Best Regards > MfG Robert Schetterer > Hello Robert, thank you for all your hints. I already know the +quota stuff, but this is not shown in the mail client and the user has no way to see if he is reaching the max level. That is why I tried to set up an additional namespace in the first place. Thank you very much for your kind help. Andreas From aoster at novanetwork.de Fri Jul 12 11:02:27 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Fri, 12 Jul 2013 10:02:27 +0200 Subject: [Dovecot] getting quota error when accessing private namespace In-Reply-To: <51DFB63A.6090604@sys4.de> References: <51DFA4BC.10705@sys4.de> <51DFAB34.4060100@novanetwork.de> <51DFB229.6050103@sys4.de> <51DFB63A.6090604@sys4.de> Message-ID: <51DFB813.3010200@novanetwork.de> Am 12.07.2013 09:54, schrieb Robert Schetterer: > Am 12.07.2013 09:37, schrieb Robert Schetterer: >>>> http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ >>>> >>>> for ideas > > like above a little bit different ( no postfix bcc archive feature and > sieve autosort, instead for putting users mails by themselves to some > archive by imap ) you may solve it ,with some backup.domain.de with > alternate mail location in i.e ldap or mysql having some inbox and > archive folder for every user mailbox on other physical mount in shared > user namespace and using acl on it, this can be done automatic at user > mailbox creation time with subscribe archive folder, use some static > quota with it > > > Best Regards > MfG Robert Schetterer > Hello Robert, thank you for all your hints. I already know the +quota stuff, but this is not shown in the mail client and the user has no way to see if he is reaching the max level. That is why I tried to set up an additional namespace in the first place. Thank you very much for your kind help. Andreas From d.parthey at metaways.de Fri Jul 12 11:08:13 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Fri, 12 Jul 2013 10:08:13 +0200 Subject: [Dovecot] avoid log message when using nagios check In-Reply-To: References: <1373446776.25873.9.camel@debian> <51DD5090.5040103@metaways.de> <0e379bb76c116b76a76e01e6cd402098@sonic.net> <1cdcae7a-c0cd-4c26-bb2b-6d390e1369ce@email.android.com> <155958FB-BFF2-4E21-869A-176581A8EF81@iki.fi> <51DDC86C.5010908@metaways.de> Message-ID: <51DFB96D.50302@metaways.de> Am 12.07.2013 02:09, schrieb Timo Sirainen: > On 10.7.2013, at 23.47, Daniel Parthey wrote: > >> You're right, TCP connections don't seem to be a real problem here. >> >> I confused it with the following messages, we get every few minutes in the dovecot-director.log, but I'm not sure of their origin yet, >> there are some other imap proxies/balancer in front of the director: >> >> Jul 10 21:51:46 10.129.3.233 dovecot: director: Error: read(login connection) failed: Connection reset by peer >> Jul 10 21:51:49 10.129.3.213 dovecot: director: Error: read(login connection) failed: Connection reset by peer > > Those aren't really errors. They should just be ignored. This gets rid of them: http://hg.dovecot.org/dovecot-2.2/rev/ebbe00999da8 > > I'm not sure why I haven't seen these before though. Was this with Linux? Yes, this was with Linux. > Or I guess more likely it's because you're not using it in high performance mode as explained in http://wiki2.dovecot.org/LoginProcess Indeed we're currently using the default (high security mode). Regards Daniel -- Dipl.-Inf. Daniel Parthey System Engineer Metaways Infosystems GmbH Pickhuben 2, D-20457 Hamburg E-Mail: d.parthey at metaways.de Web: http://www.metaways.de Metaways Infosystems GmbH - Sitz: D-22967 Tremsb?ttel Handelsregister: Amtsgericht L?beck HRB 4508 AH Gesch?ftsf?hrung: Hermann Thaele, L?der-H.Thaele From genie at geniechka.ru Fri Jul 12 12:12:58 2013 From: genie at geniechka.ru (Eugene) Date: Fri, 12 Jul 2013 13:12:58 +0400 Subject: [Dovecot] virtual users In-Reply-To: References: Message-ID: <62E59289786F4FF7816CA384F4E6FEEE@geniepc2011> Hello Gab, well the most attractive feature of virtual users is ease of administration. Adding a new domain and user is a matter of adding a couple of text lines (if using simplest text-based user databases), mail users do not litter the system user space, you do not expose system access to mail-only users, you don't have to create and manage email-to-sysuser mapping, each user logins simply by his/her email address, mail storage is separated from system home dir, etc... In fact it is more convenient and consistent to use virtual mailboxes even for system users (e.g. admin), just add an alias root -> user at domain.zz (Naturally system password and mail password are independent so they can be different for added security). Of course in simplest form all virtual users use one system account but exploiting this would require circumventing Dovecot security which is pretty high. Also at most it would get access to other accounts' mail, not other system access. Migration is really quite easy, actually I just created the virtual user infrastructure (postfix + dovecot) and then simply copied each Maildir directory from ~user/ to ~vmail/user at domain.zz/ Best wishes Eugene -----Original Message----- From: Gab IIpop Sent: Thursday, July 11, 2013 5:31 PM To: dovecot at dovecot.org Subject: [Dovecot] (no subject) >From the documentation, virtual users seem like a good idea if you plan on having a lot of users. Although I'm wondering about the following: What other benefits/consequences are there to using virtual over system users and vice versa? Will virtual users have the same protection as system users (system users would use linux permissions, which is pretty secure)? How easy will it be to switch from using system users to virtual users or vice versa? From janfrode at tanso.net Fri Jul 12 13:51:55 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Fri, 12 Jul 2013 12:51:55 +0200 Subject: [Dovecot] login_trusted_networks from webmail ? In-Reply-To: References: <20130703202904.GA12770@mushkin.tanso.net> Message-ID: <20130712105155.GA10387@mushkin.tanso.net> On Thu, Jul 04, 2013 at 08:51:47PM +0200, Benny Pedersen wrote: > Timo Sirainen skrev den 2013-07-03 22:34: > > >If backend has login_trusted_networks pointing to directors, then the > >IP gets forwarded to backends as well. > > how does imap get ip from http ? The webmail-server will use the HTTP REMOTE_ADDR header in the IMAP ID when initiating the IMAP connection. a ID ("x-originating-ip" "$REMOTE_ADDR") -jf From CMarcus at Media-Brokers.com Fri Jul 12 16:21:37 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 12 Jul 2013 09:21:37 -0400 Subject: [Dovecot] Dovecot Virtual Folders... could these be managed by a/the Client? Message-ID: <51E002E1.80602@Media-Brokers.com> Hi all/Timo, I was thinking about Thunderbirds ability to create Virtual folders allowing you to have many different views of your messages... The downside though, is you only see these in Thunderbird. I know that dovecot supports server side virtual folders: http://wiki2.dovecot.org/Plugins/Virtual But I'm wondering about the possibility to manage these from the client side... For example, would it be possible to create an extension in Thunderbird that allowed the user to manage these (create, edit the filters for, delete, rename, etc)? Thanks, -- Best regards, Charles From victormanuelo at gmail.com Fri Jul 12 16:28:04 2013 From: victormanuelo at gmail.com (=?UTF-8?Q?Victor_O=C3=B1ate?=) Date: Fri, 12 Jul 2013 08:58:04 -0430 Subject: [Dovecot] mail not reject when the mailbox is full (Dovecot-LDAP-Imap_quota) Message-ID: Hello List. Currently I have configured the share of users through the LDAP query as shown #dovecot.conf protocol imap { mail_plugins = quota imap_quota } plugin { quota = dirsize } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } #dovecot-ldap.conf auth_bind = yes ldap_version = 3 base = dc=XXX,dc=YY,dc=ZZ deref = never scope = subtree user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,mail=Maildir,mailQuotaSize=quota_rule=*:storage=%$ user_filter = (&(objectClass=posixAccount)(uid=%u)) pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid pass_filter = (&(objectClass=posixAccount)(uid=%u)) Additionally in thunderbird customers have the plug so they can see the share. This works perfect! However, when the mailbox exceeds 100% users continue to receive mail which makes the risk set allocated disk space, the idea is that when full the mail reject with a message "mailbox XXX full" . As always appreciate the ideas. Victor O?ate From tss at iki.fi Fri Jul 12 19:37:54 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 12 Jul 2013 19:37:54 +0300 Subject: [Dovecot] Dovecot Virtual Folders... could these be managed by a/the Client? In-Reply-To: <51E002E1.80602@Media-Brokers.com> References: <51E002E1.80602@Media-Brokers.com> Message-ID: <0BC46078-C924-481D-BF1F-7C10F31835DA@iki.fi> Hi, On 12.7.2013, at 16.21, Charles Marcus wrote: > I know that dovecot supports server side virtual folders: > > http://wiki2.dovecot.org/Plugins/Virtual > > But I'm wondering about the possibility to manage these from the client side... > > For example, would it be possible to create an extension in Thunderbird that allowed the user to manage these (create, edit the filters for, delete, rename, etc)? Currently Dovecot doesn't provide an IMAP level interface for managing these. There have been two proposed IMAP extensions for these, but nothing really came ouf ot those. It would be possible to add some new IMAP extension to configure the virtual folders, but the main reason why there isn't one is simply because I haven't thought anyone would bother to implement such spec. From iipopgab at gmail.com Fri Jul 12 22:32:49 2013 From: iipopgab at gmail.com (Gab IIpop) Date: Fri, 12 Jul 2013 15:32:49 -0400 Subject: [Dovecot] Difference between using auth_realms and setting up virtual mailboxes in postfix? Message-ID: Hi, there is a possibility in the future that I might have to support multiple domain names(but using the same IP address). Postfix has something called 'virtual mailboxes' to help handle this. But I also noticed that dovecot has a setting "auth_realms" where I can specify domains separated by a space. What is the relationship between the two? From AxelLuttgens at swing.be Fri Jul 12 23:18:56 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 12 Jul 2013 22:18:56 +0200 Subject: [Dovecot] Ambiguous behavior with prefetch database? In-Reply-To: <1373586263.31839.13.camel@hurina> References: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> <1373586263.31839.13.camel@hurina> Message-ID: <94E5AB88-7FD3-4A47-9229-9D970F1E54C1@swing.be> Le 12 juil. 2013 ? 01:44, Timo Sirainen a ?crit : > [...] > > Here: http://hg.dovecot.org/dovecot-2.2/rev/2be295a0b64f Hello Timo, I hope I'll have the opportunity to try it tomorrow. In the meantime, thanks again for your care, Axel From AxelLuttgens at swing.be Sat Jul 13 00:01:45 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 12 Jul 2013 23:01:45 +0200 Subject: [Dovecot] A sqlite-based quota dict Message-ID: <32D94DE2-7BF6-4520-9E72-00FBC0CF2DFD@swing.be> Hello, While experimenting with the sqlite backend, I noticed a big vacuum wrt its use for a quota dict. This is thus an opportunity to share a solution I managed to devise after some trials and errors and a (very quick and unscientific) look at the code. And also the opportunity to ask the community to check for possible flaws. Yes, nothing comes for free... ;-) TIA, Axel This is the SQL for creating the database or for adding needed table/trigger to an existing database (with many comments and few "active" lines): CREATE TABLE quota ( -- We will assume that, in the case of a sqlite DB (and probably a pgsql DB -- as well), Dovecot will *always* act along these lines: -- In case of a "row creation": -- INSERT INTO quota (subject, byte_count) -- VALUES (, ); -- INSERT INTO quota (subject, message_count) -- VALUES (, ); -- In case of a recalculation: -- UPDATE quota -- SET byte_count = byte_count + , -- message_count = message_count + -- WHERE subject = ; -- In case of a row deletion: -- DELETE FROM quota -- WHERE subject = ; -- For example, a "doveadm quota recalc" may first delete the relevant row -- if it exists, then (re-)create it. -- Clearly, the "row creation" case is a bit problematic, hence the need for -- a trigger. -- An id for the entity subjected to a quota (a user/mailbox, a domain...). subject TEXT PRIMARY KEY NOT NULL, -- The entity's size, expressed as a storage space use and as a message -- count. -- Note the NULL defaults: they allow to simplify the trigger's logics. byte_count INTEGER DEFAULT NULL, message_count INTEGER DEFAULT NULL ); CREATE TRIGGER quota_insert BEFORE INSERT ON quota FOR EACH ROW BEGIN -- If there's a row to update, that's because the first INSERT of the "row -- creation" has been performed. -- (this UPDATE could probably be simplified if the insertion order, -- byte_count then message_count, was guaranteed; anyway, since the "row -- creation" operation shouldn't be very frequent, we may afford a slight -- inefficiency). UPDATE quota SET byte_count = CASE WHEN NEW.byte_count ISNULL THEN byte_count ELSE NEW.byte_count END, message_count = CASE WHEN NEW.message_count ISNULL THEN message_count ELSE NEW.message_count END WHERE subject = NEW.subject; -- In which case we may ignore that second (current) INSERT, since the -- previously inserted row has just been updated with the value coming -- from the current INSERT statement. SELECT raise(IGNORE) WHERE EXISTS (SELECT * FROM quota WHERE subject = NEW.subject); END; The corresponding dict configuration being thus supposed to be similar to this one: connect = /path/to/database map { pattern = priv/quota/storage table = quota username_field = subject value_field = byte_count } map { pattern = priv/quota/messages table = quota username_field = subject value_field = message_count } From AxelLuttgens at swing.be Sat Jul 13 11:44:05 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sat, 13 Jul 2013 10:44:05 +0200 Subject: [Dovecot] Ambiguous behavior with prefetch database? In-Reply-To: <94E5AB88-7FD3-4A47-9229-9D970F1E54C1@swing.be> References: <7D478185-D42F-45C3-A60E-54F5432E173D@iki.fi> <1373586263.31839.13.camel@hurina> <94E5AB88-7FD3-4A47-9229-9D970F1E54C1@swing.be> Message-ID: <914CAB05-E87F-4E59-AEA5-BA135CDD5265@swing.be> Le 12 juil. 2013 ? 22:18, Axel Luttgens a ?crit : > [...] > I hope I'll have the opportunity to try it tomorrow. > [...] I've applied changesets 9091d0f2d971 and 2be295a0b64f (both were needed) to a clean 2.2.4 source, and it seems to yield the expected results now. Nice to be able to keep configs clean thanks to an enhanced consistency. Thank you very much, Axel From roundcube at lefoyer.ru Sat Jul 13 18:13:14 2013 From: roundcube at lefoyer.ru (Sergey Sidlyarenko) Date: Sat, 13 Jul 2013 19:13:14 +0400 Subject: [Dovecot] Dovecot 2.2.4 metadata-plugin crached Message-ID: <6391b428f86419f86570eb1a1719345e@lefoyer.ru> Dovecot (deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2 main) crached after create new metadata folder (But the folder with metadata is created). Metadata plugin v14. Coredump: http://yadi.sk/d/bsBCpRS76mXpj in log: imap(admin at example.ru): Fatal: master: service(imap): child 14339 killed with signal 11 (core dumped) [10-Jul-2013 11:46:00 +0400]: [A4A2] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Welcome to TU FKP IMAP server. [10-Jul-2013 11:46:00 +0400]: [A4A2] C: A0001 ID ("name" "Roundcube" "version" "1.0-git" "php" "5.4.4-14+deb7u2" "os" "Linux" "command" "/?_task=calendar&_action=calendar") [10-Jul-2013 11:46:00 +0400]: [A4A2] S: * ID ("name" "Dovecot") [10-Jul-2013 11:46:00 +0400]: [A4A2] S: A0001 OK ID completed. [10-Jul-2013 11:46:00 +0400]: [A4A2] C: A0002 AUTHENTICATE PLAIN pass [10-Jul-2013 11:46:00 +0400]: [A4A2] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE METADATA ANNOTATEMORE] Logged in [10-Jul-2013 11:46:00 +0400]: [A4A2] C: A0003 CREATE Calendar/New4 [10-Jul-2013 11:46:00 +0400]: [A4A2] S: A0003 OK Create completed. [10-Jul-2013 11:46:00 +0400]: [A4A2] C: A0004 SUBSCRIBE Calendar/New4 [10-Jul-2013 11:46:00 +0400]: [A4A2] S: A0004 OK Subscribe completed. [10-Jul-2013 11:46:00 +0400]: [A4A2] C: A0005 SETMETADATA Calendar/New4 (/shared/vendor/kolab/folder-type event /private/vendor/kolab/folder-type NIL) root at mail:/var/core# gdb /usr/lib/dovecot/imap /var/core/19851 GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/lib/dovecot/imap...Reading symbols from /usr/lib/debug/usr/lib/dovecot/imap...done. done. [New LWP 19851] warning: Can't read pathname for load map: ?????? ?????/??????. [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `dovecot/imap'. Program terminated with signal 11, Segmentation fault. #0 0x00007f0a7102686f in ?? () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) bt full #0 0x00007f0a7102686f in ?? () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #1 0x00007f0a700ccad9 in metadata_set_entry (entry=0x1705880, user=) at metadata-backend.c:133 muser = 0x16f6550 key = dt = #2 0x00007f0a6fcc4c91 in setmetadata_helper (box=0x1700080, args=, cmd=0x16fb440) at imap-metadata-plugin.c:673 name = 0x16fffd8 "/private/vendor/kolab/folder-type" value = 0x0 entry = ret = warn_maxsize = warn_toomany = arglist = 0x16ffeb8 response = warn_noprivate = false #3 cmd_setmetadata (cmd=0x16fb440) at imap-metadata-plugin.c:761 args = 0x16ffca8 mailbox_name = 0x16ffe10 "Calendar/New3" box = 0x1700080 #4 0x000000000041679c in command_exec (cmd=cmd at entry=0x16fb440) at imap-commands.c:156 hook = 0x16e00b0 ret = #5 0x0000000000415800 in client_command_input (cmd=0x16fb440) at imap-client.c:775 client = 0x16fa910 command = __FUNCTION__ = "client_command_input" #6 0x00000000004158ba in client_command_input (cmd=0x16fb440) at imap-client.c:836 client = 0x16fa910 command = __FUNCTION__ = "client_command_input" #7 0x0000000000415b75 in client_handle_next_command (remove_io_r=, client=0x16fa910) at imap-client.c:874 No locals. #8 client_handle_input (client=client at entry=0x16fa910) at imap-client.c:886 _data_stack_cur_id = 3 ret = false remove_io = false handled_commands = false __FUNCTION__ = "client_handle_input" #9 0x0000000000415f22 in client_input (client=0x16fa910) at imap-client.c:928 cmd = output = 0x16fb308 bytes = 112 __FUNCTION__ = "client_input" #10 0x00007f0a71309f66 in io_loop_call_io (io=0x16f8bd0) at ioloop.c:387 ioloop = 0x16df700 t_id = 2 #11 0x00007f0a7130add7 in io_loop_handler_run (ioloop=ioloop at entry=0x16df700) at ioloop-epoll.c:215 ctx = 0x16e0390 events = 0x0 event = 0x16e11f0 list = 0x16f8c20 io = tv = {tv_sec = 1799, tv_usec = 999792} events_count = msecs = ret = 1 i = call = __FUNCTION__ = "io_loop_handler_run" #12 0x00007f0a71309aa8 in io_loop_run (ioloop=0x16df700) at ioloop.c:406 No locals. ---Type to continue, or q to quit--- #13 0x00007f0a712bf1e3 in master_service_run (service=0x16df590, callback=callback at entry=0x41ed40 ) at master-service.c:560 No locals. #14 0x000000000040bb58 in main (argc=1, argv=0x16df390) at main.c:400 set_roots = {0x426320, 0x0} login_set = {auth_socket_path = 0x16d7040 "\001", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x41ebf0 , failure_callback = 0x41e900 , request_auth_token = 1} service_flags = storage_service_flags = username = 0x0 c = (gdb) quit root at mail:/var/core# dovecot -n # 2.2.4 (620876853f6f): /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.1 ext4 auth_cache_negative_ttl = 10 secs auth_cache_size = 10 M auth_cache_ttl = 2 mins auth_master_user_separator = * auth_mechanisms = plain login auth_worker_max_count = 4096 base_dir = /var/run/dovecot/ default_client_limit = 8192 default_process_limit = 2048 default_vsz_limit = 2 G dict { expire = pgsql:/etc/dovecot/dovecot-dict-expire.conf metadata = file:/var/lib/dovecot/shared-metadata } first_valid_gid = 8 first_valid_uid = 8 info_log_path = /var/log/dovecot/dovecot.log last_valid_gid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = *, [::] log_path = /var/log/dovecot/dovecot-errors.log log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Welcome to IMAP server. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c login_trusted_networks = 127.0.0.1 mail_gid = mail mail_location = maildir:/var/mail/%d/%n:LAYOUT=fs:INBOX=/var/mail/%d/%n/maildirfolder:DIRNAME=maildirfolder:INDEX=/var/mail/indexes/%d/%n mail_max_userip_connections = 1024 mail_plugins = virtual expire metadata mail_privileged_group = mail mail_uid = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { hidden = no inbox = yes list = yes location = maildir:/var/mail/%d/%n:LAYOUT=fs:INBOX=/var/mail/%d/%n/maildirfolder:DIRNAME=maildirfolder:INDEX=/var/mail/indexes/%d/%n:UTF-8 mailbox Archive { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace { hidden = no ignore_on_failure = no inbox = no list = yes location = virtual:/etc/dovecot/virtual:CONTROL=/var/mail/controls/%d/%n/??? ?????:INDEX=/var/mail/indexes/%d/%n/??? ?????:UTF-8 mailbox { auto = subscribe special_use = \All } prefix = ??? ?????/ separator = / subscriptions = no type = private } passdb { args = /etc/dovecot/dovecot-pgsql-master.conf driver = sql master = yes } passdb { args = /etc/dovecot/dovecot-pgsql.conf driver = sql } plugin { expire = Trash expire2 = Trash/* expire3 = Junk expire_dict = proxy::expire metadata_dict = proxy::metadata sieve = /var/mail/%d/%n/dovecot.sieve sieve_before = /var/lib/dovecot/sieve/ sieve_dir = /var/mail/%d/%n/maildirfolder sieve_max_actions = 32 sieve_max_redirects = 4 sieve_max_script_size = 1M } protocols = imap sieve service auth-worker { client_limit = 4096 process_limit = 2048 process_min_avail = 10 service_count = 0 unix_listener auth-worker { mode = 0600 } vsz_limit = 1 G } service auth { client_limit = 10240 process_min_avail = 1 service_count = 0 unix_listener auth-client { group = mail mode = 0660 user = mail } unix_listener auth-master { group = mail mode = 0664 user = mail } user = dovecot vsz_limit = 1 G } service dict { unix_listener dict { group = mail mode = 0660 user = mail } } service imap-login { chroot = login client_limit = 4096 process_limit = 2048 process_min_avail = 10 service_count = 0 user = dovecot vsz_limit = 1 G } service imap { client_limit = 4096 process_limit = 2048 process_min_avail = 10 service_count = 0 vsz_limit = 1 G } service managesieve-login { chroot = login client_limit = 4096 executable = /usr/lib/dovecot/managesieve-login inet_listener sieve { port = 4190 } process_limit = 2048 process_min_avail = 10 service_count = 0 user = dovecot vsz_limit = 1 G } service managesieve { client_limit = 4096 executable = /usr/lib/dovecot/managesieve process_limit = 2048 process_min_avail = 10 service_count = 0 vsz_limit = 1 G } ssl_cert = In Dovecot 2.2.4 metadata-plugin crach on setmetadata but worked on ascii folders? but not worked on utf7 (non ascii) folders. [13-Jul-2013 19:15:36 +0400]: [F537] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE METADATA ANNOTATEMORE] Logged in [13-Jul-2013 19:15:36 +0400]: [F537] C: A0003 CREATE &BB0EPgQyBEsEOQ-8 [13-Jul-2013 19:15:36 +0400]: [F537] S: A0003 OK Create completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0004 SUBSCRIBE &BB0EPgQyBEsEOQ-8 [13-Jul-2013 19:15:36 +0400]: [F537] S: A0004 OK Subscribe completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0005 SETMETADATA &BB0EPgQyBEsEOQ-8 (/shared/vendor/kolab/folder-type event /private/vendor/kolab/folder-type NIL) [13-Jul-2013 19:15:36 +0400]: [F537] S: A0005 NO Mailbox does not exist. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0006 SETMETADATA &BB0EPgQyBEsEOQ-8 (/private/vendor/kolab/folder-type event) [13-Jul-2013 19:15:36 +0400]: [F537] S: A0006 NO Mailbox does not exist. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0007 LIST "" "&BB0EPgQyBEsEOQ-8/*" [13-Jul-2013 19:15:36 +0400]: [F537] S: A0007 OK List completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0008 GETMETADATA "*" (/private/vendor/kolab/folder-type /shared/vendor/kolab/folder-type) [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Drafts" ("/private/vendor/kolab/folder-type" "mail.drafts") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Drafts" ("/shared/vendor/kolab/folder-type" "mail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Configuration" ("/private/vendor/kolab/folder-type" "configuration.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Configuration" ("/shared/vendor/kolab/folder-type" "configuration") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Notes" ("/private/vendor/kolab/folder-type" "note.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Notes" ("/shared/vendor/kolab/folder-type" "note") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Junk" ("/private/vendor/kolab/folder-type" "mail.junkemail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Junk" ("/shared/vendor/kolab/folder-type" "mail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "FreeBusy" ("/private/vendor/kolab/folder-type" "freebusy.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "FreeBusy" ("/shared/vendor/kolab/folder-type" "freebusy") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "INBOX" ("/private/vendor/kolab/folder-type" "mail.inbox") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "INBOX" ("/shared/vendor/kolab/folder-type" "mail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Sent" ("/private/vendor/kolab/folder-type" "mail.sentitems") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Sent" ("/shared/vendor/kolab/folder-type" "mail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "New8" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Tasks" ("/private/vendor/kolab/folder-type" "task.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Tasks" ("/shared/vendor/kolab/folder-type" "task") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Trash" ("/private/vendor/kolab/folder-type" "mail.wastebasket") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Trash" ("/shared/vendor/kolab/folder-type" "mail") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar" ("/private/vendor/kolab/folder-type" "event.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/New" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/New4" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/New3" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/Home" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/New2" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Calendar/New1" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "New7" ("/shared/vendor/kolab/folder-type" "event") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Addressbook" ("/private/vendor/kolab/folder-type" "contact.default") [13-Jul-2013 19:15:36 +0400]: [F537] S: * METADATA "Addressbook" ("/shared/vendor/kolab/folder-type" "contact") [13-Jul-2013 19:15:36 +0400]: [F537] S: A0008 OK Completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0009 DELETE &BB0EPgQyBEsEOQ-8 [13-Jul-2013 19:15:36 +0400]: [F537] S: A0009 OK Delete completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0010 UNSUBSCRIBE &BB0EPgQyBEsEOQ-8 [13-Jul-2013 19:15:36 +0400]: [F537] S: A0010 OK Unsubscribe completed. [13-Jul-2013 19:15:36 +0400]: [F537] C: A0011 LOGOUT [13-Jul-2013 19:15:36 +0400]: [F537] S: * BYE Logging out [13-Jul-2013 19:15:36 +0400]: [F537] S: A0011 OK Logout completed. -- Sidlyarenko Sergey https://github.com/lefoyer From freemail.grharry at gmail.com Sat Jul 13 18:49:48 2013 From: freemail.grharry at gmail.com (HL) Date: Sat, 13 Jul 2013 18:49:48 +0300 Subject: [Dovecot] Mail replication ... totally confused ! Message-ID: <51E1771C.3000404@gmail.com> Hello, I am totally confused configuring replication in dovecot. In my case I have 2 servers instead of running rsync as a daemon which takes a lot of time I would like SERVER-A will be the master and SERVER-B will be the slave My users directly interact with server A, Server B stands as a mails backup only I've setup SERVER-B ( backup ) like that, NO SPECIAL CONF on master SERVER-A Is this ok ?? I Don't want to miss any mails Since this is a live server service aggregator { # give enough permissions for mail processes # fifo_listener replication-notify-fifo { user = vmail mode = 0600 } unix_listener replication-notify { user = vmail mode = 0600 } } service replicator { # start replication at startup # process_min_avail = 1 } service doveadm { # if you're using a single virtual user, set this to start ssh as vmail # (not root) # user = vmail } service config { # needed to grant access to /var/run/dovecot/config for service doveadm # unix_listener config { user = vmail } } dsync_remote_cmd = ssh -p 1234 -l%{login} %{host} doveadm dsync-server -u%u -l%{lock_timeout} -n%{namespace} plugin { mail_replica = remote:vmail at master-server-a.tld replication_full_sync_interval = 1 hours } From gheskett at wdtv.com Sat Jul 13 20:56:30 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Sat, 13 Jul 2013 13:56:30 -0400 Subject: [Dovecot] new user questions Message-ID: <201307131356.30554.gheskett@wdtv.com> Greetings; Trying to follow along with the wiki2 setup instructions and thought I'd hit a snag with the first "send me a mail" snippet as it took several minutes to arrive, so I assume that somehow procmail was involved in the delivery and my procmail runs mail thought a whole bunch of checks before finally handing it off to a mailfile as /var/mail/gene. Then the next script seems to only try whats in my home dir, and of course doesn't find it as neither exists, yet... I assume that is because dovecot needs a kill -HUP. But I am not familiar with that, so how is it done, and as what user, me, or root, on a ubuntu 12.04.2 LTS install? Thanks. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views Beam me up, Scotty! A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From kim+dovecot at alleroedderne.adsl.dk Sun Jul 14 13:18:53 2013 From: kim+dovecot at alleroedderne.adsl.dk (Kim Bisgaard) Date: Sun, 14 Jul 2013 12:18:53 +0200 Subject: [Dovecot] constant Log synchronization error's Message-ID: <51E27B0D.1050706@alleroedderne.adsl.dk> Hi, I am seeing constant "Log synchronization error"s in my logs. See later for an example. This is dovecot 2.2.4, pigeonhole 0.4.1, and postfix 2.10.1 (with mailbox_command = /usr/libexec/dovecot/deliver) on a Fedora 19 system. I am using packages from Atrpms so there are some patches applied - ask for details. The mailboxes have resently been moved from a i386 system. I have tried to manually do "doveadm force-resync" for all users, but the problem persists :-( Here are an example from a user which does not use sieve: 11:45:48 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21531, TLS, session= 11:45:52 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21541, TLS, session= 11:45:54 Y dovecot: imap(X): Error: mdbox /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails: map uidvalidity mismatch (0 vs 1283330954) 11:45:54 Y dovecot: imap(X): Disconnected: Internal error occurred. Refer to server log for more information. [2013-07-14 11:45:54] in=353 out=115680 11:45:54 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/storage/dovecot.map.index 11:45:54 Y dovecot: imap(X): Warning: mdbox /var/mail/X/mdbox/storage: rebuilding indexes 11:45:54 Y dovecot: imap(X): Disconnected: Disconnected in IDLE in=707 out=437806 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index: Ex tension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=9,offset=156 for /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index: Extensi on header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=13,offset=156 for /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index: Extension h eader update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, session= 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21548, TLS, session= 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index 11:45:55 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21552, TLS, session= 11:45:55 Y dovecot: imap(X): Connection closed: Connection reset by peer in=118 out=111246 11:45:56 Y dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, session= 11:45:56 Y dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, session= 11:45:56 Y dovecot: imap(X): Error: mdbox /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails: map uidvalidity mismatch (0 vs 1283330954) 11:45:56 Y dovecot: imap(X): Disconnected: Internal error occurred. Refer to server log for more information. [2013-07-14 11:45:56] in=353 out=115647 11:45:56 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/storage/dovecot.map.index 11:45:56 Y dovecot: imap(X): Warning: mdbox /var/mail/X/mdbox/storage: rebuilding indexes 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=10,offset=156 for /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=14,offset=156 for /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index: Extension header update points outside header size 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index 11:45:57 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21563, TLS, session= 11:45:57 Y dovecot: imap(X): Connection closed: Connection reset by peer in=150 out=111316 11:45:57 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21568, TLS, session=<4y1hnHXhkQA+xz17> 11:46:05 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21574, TLS, session=<+zbNnHXhBAA+xz17> My config is: # dovecot -n # 2.2.4: /etc/dovecot/dovecot.conf # OS: Linux 3.9.9-301.fc19.x86_64 x86_64 Fedora release 19 (Schr?dinger?s Cat) ext4 mail_location = mdbox:/var/mail/%u/mdbox mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = . } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags sieve_subaddress_sep = - } postmaster_address = postmaster at alleroedderne.adsl.dk protocols = imap recipient_delimiter = - ssl = required ssl_cert = Hello, Dovecot is logging authentication failures this way: ------ Jul 12 18:07:19 vps0 dovecot: imap-login: Disconnected (auth failed, 22 attempts in 172 secs): user=, method=PLAIN, rip=82.95.148.152, lip=1.2.3.4, TLS, session= ------ Fail2ban is trying to catch them with this regex: ------ failregex = .*(?:pop3-login|imap-login):.*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P\S*),.* ------ This way fail2ban is counting 22 attempts as 1 attempt... I expect I need to change something on the logging, so that every attempt is seperate logged. But I don't know how. Is here somebody who knows how to get fail2ban correct working? No help on this on the wiki's: http://wiki1.dovecot.org/HowTo/Fail2Ban http://wiki1.dovecot.org/Logging http://www.fail2ban.org/wiki/index.php/Dovecot With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ From paul at vandervlis.nl Sun Jul 14 13:37:58 2013 From: paul at vandervlis.nl (Paul van der Vlis) Date: Sun, 14 Jul 2013 12:37:58 +0200 Subject: [Dovecot] new user questions In-Reply-To: <201307131356.30554.gheskett@wdtv.com> References: <201307131356.30554.gheskett@wdtv.com> Message-ID: On 13-07-13 19:56, Gene Heskett wrote: > Greetings; > > Trying to follow along with the wiki2 setup instructions and thought I'd > hit a snag with the first "send me a mail" snippet as it took several > minutes to arrive, so I assume that somehow procmail was involved in the > delivery and my procmail runs mail thought a whole bunch of checks before > finally handing it off to a mailfile as /var/mail/gene. Normally procmail is called from the MTA, e.g. Postfix. If you use Postfix disable this line in /etc/postfix/main.cf: mailbox_command = procmail -a "$EXTENSION" Look at /var/log/mail.log for more information. > Then the next script seems to only try whats in my home dir, and of course > doesn't find it as neither exists, yet... > > I assume that is because dovecot needs a kill -HUP. But I am not familiar > with that, so how is it done, and as what user, me, or root, on a ubuntu > 12.04.2 LTS install? I don't know what the wiki exactly says. But what you can do is a "service dovecot restart" as root. I think your questions are more MTA questions then Dovecot questions. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ From d.parthey at metaways.de Sun Jul 14 15:24:43 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Sun, 14 Jul 2013 14:24:43 +0200 Subject: [Dovecot] mail not reject when the mailbox is full (Dovecot-LDAP-Imap_quota) In-Reply-To: References: Message-ID: Hi Victor, you probably forgot to enable/configure quota for LMPT or LDA service which enforces quota during delivery of new mails. If you still need help, please post the complete output of doveconf -n Regards Daniel "Victor O?ate" schrieb: >Hello List. >Currently I have configured the share of users through the LDAP query >as >shown > >#dovecot.conf > >protocol imap { > mail_plugins = quota imap_quota >} > >plugin { > quota = dirsize >} > >userdb ldap { > args = /etc/dovecot/dovecot-ldap.conf > } > >#dovecot-ldap.conf >auth_bind = yes > >ldap_version = 3 >base = dc=XXX,dc=YY,dc=ZZ >deref = never >scope = subtree > >user_attrs = >homeDirectory=home,uidNumber=uid,gidNumber=gid,mail=Maildir,mailQuotaSize=quota_rule=*:storage=%$ >user_filter = (&(objectClass=posixAccount)(uid=%u)) > >pass_attrs = >uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid >pass_filter = (&(objectClass=posixAccount)(uid=%u)) > > >Additionally in thunderbird customers have the plug so they can see the >share. This works perfect! > >However, when the mailbox exceeds 100% users continue to receive mail >which >makes the risk set allocated disk space, the idea is that when full the >mail >reject >with a message "mailbox XXX full" . > > >As always appreciate the ideas. > >Victor O?ate From gheskett at wdtv.com Sun Jul 14 15:38:39 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Sun, 14 Jul 2013 08:38:39 -0400 Subject: [Dovecot] new user questions In-Reply-To: References: <201307131356.30554.gheskett@wdtv.com> Message-ID: <201307140838.39908.gheskett@wdtv.com> On Sunday 14 July 2013 07:28:21 Paul van der Vlis did opine: > On 13-07-13 19:56, Gene Heskett wrote: > > Greetings; > > > > Trying to follow along with the wiki2 setup instructions and thought > > I'd hit a snag with the first "send me a mail" snippet as it took > > several minutes to arrive, so I assume that somehow procmail was > > involved in the delivery and my procmail runs mail thought a whole > > bunch of checks before finally handing it off to a mailfile as > > /var/mail/gene. > > Normally procmail is called from the MTA, e.g. Postfix. > If you use Postfix disable this line in /etc/postfix/main.cf: > mailbox_command = procmail -a "$EXTENSION" > > Look at /var/log/mail.log for more information. > > > Then the next script seems to only try whats in my home dir, and of > > course doesn't find it as neither exists, yet... > > > > I assume that is because dovecot needs a kill -HUP. But I am not > > familiar with that, so how is it done, and as what user, me, or root, > > on a ubuntu 12.04.2 LTS install? > > I don't know what the wiki exactly says. But what you can do is a > "service dovecot restart" as root. > > I think your questions are more MTA questions then Dovecot questions. > > With regards, > Paul van der Vlis. I should have been a bit more verbose. My present setup uses fetchmail to call mailfilter, and scans 3 different mail servers for what survives mailfilter, handing the survivors to the MTA duties of procmail. Procmail in turn uses a bunch of recipes to black hole a few, then calls Spamd, clamd to catch and or mark the mail. What survives winds up as mailfiles in /var/spool/mail. I have a bash script that uses inotifywait to watch that spool dir, and when a file has been written and closed, inotifywait exits, returning the filename to my script, which in turn sends kmail a 'get this mail' to kmail over the dbus facility. And restarts inotifywait In this manner, with fetchmail doing 3 minute sleeps between runs, mail arrives in a fairly timely manner, usually around 3 or 4 seconds processing time from the port blinks on the router to an incremented count of unread messages in whatever folder kmail stores the mail in. kmail is so broken for the version installed for Ubuntu 12.04.2 LTS that it will not even start, hence the push to get claws working in imap mode, using dovecot on this machine as the imap server so that I can then access my email from any of the other 5 machines on my local network. It a bit of a PIMA to be out in the shop, carving metal on one of my cnc'd machines and have to run back to the house to check the mail because it isn't on an imap server. I am assuming that claws-mail can do filtering to individual "folders" in the same manner that kmail now sorts, putting anything from dovecot.org, in the dovecot folder as one example. I'd also at this point assume I can use a cron job to synchronize the claws-mail filtering lists, but that is of course not a dovecot problem. And of course I need to keep record copies of both incoming and replied to mails like this kmail does. Which is part of the problem here because of the size of the corpus, 4.5Gb in ~/gene/Mail, and for some unk reason, ~/gene/kde/.../nepomuk/.../sopranodb and virtuosodb are using 16 gigabytes! If I don't stop, and restart kmail at about 12 hour intervals, it gets so slow its pathetic. I had to convert kmail from mailfiles to maildirs several years ago because an earlier versions math could nut handle a single mailfile above 2.1Gb. I assume that dovecot can take the incoming mail in /var/spool/mail, leaving those files zero'd out, put it into an assigned dir in the users home dir, then serve it up to that user? So what I'd like to do is have dovecot serve up everything it finds in /var/spool/mail to any claws-mail client that sends the correct password to my local ipv4 network address ###.###.###.##:143. ipv6 has not arrived in any detectable form here in West Virginia. I am also assuming that claws-mail can handle its own mail sending, or does it depend on the imaps to do that?, at this initial stage I don't know. So far, I don't even have claws-mail set to look for an imaps. I suppose that's next because I'll need a way to test dovecot as I set it up. What do I put, in which file, in /etc/dovecot/conf.d to achieve that? The wiki2 pages I know about, but are a bit short on examples to define the exact syntax IMO. Thank you. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! From jerry at seibercom.net Sun Jul 14 17:00:44 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 14 Jul 2013 10:00:44 -0400 Subject: [Dovecot] new user questions In-Reply-To: <201307140838.39908.gheskett@wdtv.com> References: <201307131356.30554.gheskett@wdtv.com> <201307140838.39908.gheskett@wdtv.com> Message-ID: <20130714100044.6a80c4bb@scorpio> On Sun, 14 Jul 2013 08:38:39 -0400 Gene Heskett articulated: > On Sunday 14 July 2013 07:28:21 Paul van der Vlis did opine: > > > On 13-07-13 19:56, Gene Heskett wrote: > > > Greetings; > > > > > > Trying to follow along with the wiki2 setup instructions and > > > thought I'd hit a snag with the first "send me a mail" snippet as > > > it took several minutes to arrive, so I assume that somehow > > > procmail was involved in the delivery and my procmail runs mail > > > thought a whole bunch of checks before finally handing it off to > > > a mailfile as /var/mail/gene. > > > > Normally procmail is called from the MTA, e.g. Postfix. > > If you use Postfix disable this line in /etc/postfix/main.cf: > > mailbox_command = procmail -a "$EXTENSION" > > > > Look at /var/log/mail.log for more information. > > > > > Then the next script seems to only try whats in my home dir, and > > > of course doesn't find it as neither exists, yet... > > > > > > I assume that is because dovecot needs a kill -HUP. But I am not > > > familiar with that, so how is it done, and as what user, me, or > > > root, on a ubuntu 12.04.2 LTS install? > > > > I don't know what the wiki exactly says. But what you can do is a > > "service dovecot restart" as root. > > > > I think your questions are more MTA questions then Dovecot > > questions. > > > > With regards, > > Paul van der Vlis. > > I should have been a bit more verbose. > > My present setup uses fetchmail to call mailfilter, and scans 3 > different mail servers for what survives mailfilter, handing the > survivors to the MTA duties of procmail. > > Procmail in turn uses a bunch of recipes to black hole a few, then > calls Spamd, clamd to catch and or mark the mail. What survives > winds up as mailfiles in /var/spool/mail. See comment below. > I have a bash script that uses inotifywait to watch that spool dir, > and when a file has been written and closed, inotifywait exits, > returning the filename to my script, which in turn sends kmail a 'get > this mail' to kmail over the dbus facility. And restarts > inotifywait In this manner, with fetchmail doing 3 minute sleeps > between runs, mail arrives in a fairly timely manner, usually around > 3 or 4 seconds processing time from the port blinks on the router to > an incremented count of unread messages in whatever folder kmail > stores the mail in. > > kmail is so broken for the version installed for Ubuntu 12.04.2 LTS > that it will not even start, hence the push to get claws working in > imap mode, using dovecot on this machine as the imap server so that I > can then access my email from any of the other 5 machines on my local > network. It a bit of a PIMA to be out in the shop, carving metal on > one of my cnc'd machines and have to run back to the house to check > the mail because it isn't on an imap server. > > I am assuming that claws-mail can do filtering to individual > "folders" in the same manner that kmail now sorts, putting anything > from dovecot.org, in the dovecot folder as one example. I'd also at > this point assume I can use a cron job to synchronize the claws-mail > filtering lists, but that is of course not a dovecot problem. Way too much work. I use "sieve" with dovecot and accomplish all of the presorting, etcetera before it ever gets to "claws-mail". Claws-mail does not directly respect flagged messages with color attributes, but you can easily have the sieve script add a flag for that and then have claws-mail read the flag and implement it. > And of course I need to keep record copies of both incoming and > replied to mails like this kmail does. Which is part of the problem > here because of the size of the corpus, 4.5Gb in ~/gene/Mail, and for > some unk reason, ~/gene/kde/.../nepomuk/.../sopranodb and virtuosodb > are using 16 gigabytes! If I don't stop, and restart kmail at about > 12 hour intervals, it gets so slow its pathetic. I had to convert > kmail from mailfiles to maildirs several years ago because an earlier > versions math could nut handle a single mailfile above 2.1Gb. > > I assume that dovecot can take the incoming mail in /var/spool/mail, > leaving those files zero'd out, put it into an assigned dir in the > users home dir, then serve it up to that user? Of course, via sieve. > So what I'd like to do is have dovecot serve up everything it finds > in /var/spool/mail to any claws-mail client that sends the correct > password to my local ipv4 network address ###.###.###.##:143. ipv6 > has not arrived in any detectable form here in West Virginia. > > I am also assuming that claws-mail can handle its own mail sending, > or does it depend on the imaps to do that?, at this initial stage I > don't know. So far, I don't even have claws-mail set to look for an > imaps. I suppose that's next because I'll need a way to test dovecot > as I set it up. > > What do I put, in which file, in /etc/dovecot/conf.d to achieve that? > > The wiki2 pages I know about, but are a bit short on examples to > define the exact syntax IMO. Personally, it sounds like you are trying to reinvent the wheel here. Your setup seems to be way to complicated. I would start by redesigning you whole system and eliminating "procmail". It has not been touched in over a dozen years and there are far more powerful and reliable sorting methods. In your case, fetchmail combined with Postfix, Dovecot and having dovecot using a sieve script would make your life far easier. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From gheskett at wdtv.com Sun Jul 14 19:52:34 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Sun, 14 Jul 2013 12:52:34 -0400 Subject: [Dovecot] new user questions In-Reply-To: <20130714100044.6a80c4bb@scorpio> References: <201307131356.30554.gheskett@wdtv.com> <201307140838.39908.gheskett@wdtv.com> <20130714100044.6a80c4bb@scorpio> Message-ID: <201307141252.34865.gheskett@wdtv.com> On Sunday 14 July 2013 12:38:21 Jerry did opine: [...] > Personally, it sounds like you are trying to reinvent the wheel here. > Your setup seems to be way to complicated. I would start by redesigning > you whole system and eliminating "procmail". It has not been touched in > over a dozen years and there are far more powerful and reliable sorting > methods. In your case, fetchmail combined with Postfix, Dovecot and > having dovecot using a sieve script would make your life far easier. I've looked at postfix but it seems to have big treble fish-hooks all over it. Where does it fit in the 'chain of commands'? Or is this as simple as changing the MTA line in .fetchmailrc to dovecot from procmail? Interesting. Procmail used to nuke 50-100 incoming spams etc a day. But I just checked, mailfilter must be catching the huge majority of the crap, it only nuked 2 messages yesterday, so that loss is not doing to be that big a deal. So that takes care of where fetchmail hands it off to. The whole idea of removing as much of the fetching and filtering duties from kmail is because it goes to sleep when doing those things, so the user is frozen until it comes back from a mail run. Effectively making a multi-threaded system out of single threaded kmail. So I as the user sitting here, do not see, or feel, the other mail related background stuff at all. Thanks Jerry. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views To iterate is human, to recurse, divine. -- Robert Heller A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From AxelLuttgens at swing.be Sun Jul 14 19:54:05 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sun, 14 Jul 2013 18:54:05 +0200 Subject: [Dovecot] 2.2.4 - quota-status changing the user it is running as Message-ID: Hello, I'm currently experimenting with this quota-status service configuration: service quota-status { client_limit = 1 executable = quota-status -p postfix # Let's make the default explicit. user = root unix_listener /var/spool/postfix/private/quota-policyd { user = postfix } } The idea is to run the service as root during the preliminary tests (at worst, since the service is going to be used as a policy daemon by Postfix only, it shouldn't be very problematic to have it running as root anyway). A user, with address john.doe at example.com and identified as john.doe, is known to be over-quota. A "doveadm quota get" returns: $ sudo doveadm quota get -u john.doe Password: Quota name Type Value Limit % Quota utilisateur STORAGE 5 5 100 Quota utilisateur MESSAGE 9 - 0 and messages for that user are correctly rejected by lmtp: dovecot[4989]: lmtp(5069, john.doe at example.com): QWSWLgrP4lF7FAAA5Q0ykw: msgid=<20130714161643.9085DF176F2 at ALMba.local>: save failed to INBOX: Quota exceeded (mailbox for user is full) Let's now simulate a connection from Postfix: $ sudo -u postfix telnet /_ROOT/var/spool/postfix/private/quota-policyd Trying /_ROOT/var/spool/postfix/private/quota-policyd... Connected to (null). Escape character is '^]'. A look at the output of top (excerpt) confirms that quota-status is running as root: PID COMMAND UID 5100 quota-status 0 Going on with our telnet session: recipient=john.doe at example.com size=10000 action=OK Hmmm... OK, this may be a config problem of mine which may require further investigation. Anyway, looking at top's output: PID COMMAND UID 5100 quota-status 999 it appears that quota-status is now running as the mail_uid/mail_gid user; the switch happens immediately after having entered the empty line in the telnet session. Let's then try to go further within the telnet session: recipient=john.doe at example.com size=10000 action=DEFER_IF_PERMIT Internal error occurred. Refer to server log for more information. ^] telnet> quit Connection closed. and a look at the log indeed reveals that quota-status doesn't have sufficient privileges anymore: dovecot[4989]: quota-status(john.doe at example.com): Error: user john.doe at example.com: Error reading configuration: net_connect_unix(/_ROOT/var/run/dovecot/config) failed: Permission denied Is this the expected behavior, to have quota-status switch to another user? TIA, Axel From mark at msapiro.net Sun Jul 14 21:52:32 2013 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 14 Jul 2013 11:52:32 -0700 Subject: [Dovecot] Fail2ban and logging In-Reply-To: References: Message-ID: <51E2F370.7080802@msapiro.net> On 07/14/2013 03:26 AM, Paul van der Vlis wrote: > Hello, > > Dovecot is logging authentication failures this way: > ------ > Jul 12 18:07:19 vps0 dovecot: imap-login: Disconnected (auth failed, 22 > attempts in 172 secs): user=, method=PLAIN, rip=82.95.148.152, > lip=1.2.3.4, TLS, session= > ------ Is there a reason why you are allowing PLAIN text login (disable_plaintext_auth = no)? I do not allow plaintext login and I get messages like: Jul 12 16:03:27 sbh16 dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=219.84.103.232, lip=72.52.113.38, session= I also have service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } and for secure login failures I get messages like: Jul 14 11:38:57 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=APOP, rip=68.183.193.239, lip=72.52.113.16, TLS, session=<8/ZeDn3hNwBEt8Hv> and in fail2ban I have failregex = Aborted login \(.*\): .*rip=, Disconnected \(tried to use disabled.*\): .*rip=, warning:.*\[\]: SASL [^ ]+ authentication failed: I'm running Dovecot 2.2.4, but the above hasn't changed for a long time. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From me at junc.eu Mon Jul 15 01:26:43 2013 From: me at junc.eu (Benny Pedersen) Date: Mon, 15 Jul 2013 00:26:43 +0200 Subject: [Dovecot] =?utf-8?q?login=5Ftrusted=5Fnetworks_from_webmail_=3F?= In-Reply-To: <20130712105155.GA10387@mushkin.tanso.net> References: <20130703202904.GA12770@mushkin.tanso.net> <20130712105155.GA10387@mushkin.tanso.net> Message-ID: <70ce50f00844b38dd30bfcd24822e77e@junc.eu> Jan-Frode Myklebust skrev den 2013-07-12 12:51: > The webmail-server will use the HTTP REMOTE_ADDR header in the IMAP > ID > when initiating the IMAP connection. > a ID ("x-originating-ip" "$REMOTE_ADDR") aha, will remember on roundcube setup to add this header, just a bit unsure how apache can tell dovecot about it if its apache native ? From Murphy.and.Law at quantentunnel.de Sun Jul 14 18:06:35 2013 From: Murphy.and.Law at quantentunnel.de (Martin) Date: Sun, 14 Jul 2013 17:06:35 +0200 Subject: [Dovecot] User login for SMTP but not for IMAP/POP? Message-ID: <51E2BE7B.2040604@quantentunnel.de> Hello everybody, I have a question, though I'm not sure if it's a matter of dovecot or postfix. Or if it's even possible to do at all. If I understand it correctly, SMTP authentification is done via SASL. When a user wants to login Postfix queries an external user database (dovecot). Therefore the SMTP-users are identical to the IMAP/POP-users. I want to achieve the following: I want some user credentials (username&password) for a user that is able to login via SMTP, but who doesn't have a mailbox and therefore shouldn't be able to login via IMAP/POP. Is this even possible? How can it be achieved? Or: does this behaviour have a special name, which I can google for? Regards, Martin From gedalya at gedalya.net Mon Jul 15 02:38:00 2013 From: gedalya at gedalya.net (Gedalya) Date: Sun, 14 Jul 2013 19:38:00 -0400 Subject: [Dovecot] User login for SMTP but not for IMAP/POP? In-Reply-To: <51E2BE7B.2040604@quantentunnel.de> References: <51E2BE7B.2040604@quantentunnel.de> Message-ID: <51E33658.6090600@gedalya.net> On 07/14/2013 11:06 AM, Martin wrote: > Hello everybody, > > I have a question, though I'm not sure if it's a matter of dovecot or > postfix. Or if it's even possible to do at all. > > If I understand it correctly, SMTP authentification is done via SASL. > When a user wants to login Postfix queries an external user database > (dovecot). Therefore the SMTP-users are identical to the IMAP/POP-users. > > I want to achieve the following: I want some user credentials > (username&password) for a user that is able to login via SMTP, but who > doesn't have a mailbox and therefore shouldn't be able to login via > IMAP/POP. > > Is this even possible? > How can it be achieved? Or: does this behaviour have a special name, > which I can google for? > > > Regards, > Martin http://wiki2.dovecot.org/Variables Look at %s If you use sql, try: IF('%s' != 'smtp' and smtp_only, 'Y', NULL) as nologin I've never tried this with smtp, but I assume this would work, i.e. when postfix is authenticating %s == 'smtp'. From gheskett at wdtv.com Mon Jul 15 07:03:14 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Mon, 15 Jul 2013 00:03:14 -0400 Subject: [Dovecot] trying to configre dovecot Message-ID: <201307150003.15081.gheskett@wdtv.com> Hi all; Thinking I'd like to have a bit of security, I followed the example for dovecot from allgoodthings.org Guessing between the lines I made a few substitutions to localize it for me, but when I run the line to dump the configs, the output is very short because I do not have the *.pem files. Where can a usable set of these ssl 'keyfiles' be obtained? Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views Gee, I feel kind of LIGHT in the head now, knowing I can't make my satellite dish PAYMENTS! A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From professa at dementianati.com Mon Jul 15 07:38:12 2013 From: professa at dementianati.com (Professa Dementia) Date: Sun, 14 Jul 2013 21:38:12 -0700 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <201307150003.15081.gheskett@wdtv.com> References: <201307150003.15081.gheskett@wdtv.com> Message-ID: <51E37CB4.4060505@dementianati.com> On 7/14/2013 9:03 PM, Gene Heskett wrote: > Hi all; > > Thinking I'd like to have a bit of security, I followed the example for > dovecot from allgoodthings.org > > Guessing between the lines I made a few substitutions to localize it for > me, but when I run the line to dump the configs, the output is very short > because I do not have the *.pem files. > > Where can a usable set of these ssl 'keyfiles' be obtained? $ openssl genrsa -out server.key 2048 $ openssl req -sha256 -new -key server.key -out server.csr $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt $ cat server.key server.crt > server.pem Run the four commands. You will have a key file, certificate signing request file, a self signed cert and a pem file which is the concatenation of the key and cert (some systems need this, and some are ok with the key and cert being separate). This is everything you will need to get the server working with SSL or TLS. The third command generates a self signed certificate. If you are playing around or this is for internal / personal use, this is ok, but if you want real security, you need to have your cert signed by a real certificate authority (CA). If you are going to do this, the way you answer the questions in step two is important. You should do some research into the requirements of your chosen CA, but for example, the question about the state usually must be answered with the full state name, properly capitalized, and not an abbreviation. Example: "Florida" is correct, "FL" is not. If any doubts, contact your CA first before generating your csr. Dem From noel.butler at ausics.net Mon Jul 15 10:58:39 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 15 Jul 2013 17:58:39 +1000 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <51E37CB4.4060505@dementianati.com> References: <201307150003.15081.gheskett@wdtv.com> <51E37CB4.4060505@dementianati.com> Message-ID: <1373875119.11273.24.camel@tardis> On Sun, 2013-07-14 at 21:38 -0700, Professa Dementia wrote: > On 7/14/2013 9:03 PM, Gene Heskett wrote: > > > > Guessing between the lines I made a few substitutions to localize it for > > me, but when I run the line to dump the configs, the output is very short > > because I do not have the *.pem files. > > > > Where can a usable set of these ssl 'keyfiles' be obtained? > > > $ openssl genrsa -out server.key 2048 > $ openssl req -sha256 -new -key server.key -out server.csr > $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out > server.crt > $ cat server.key server.crt > server.pem > > Run the four commands. You will have a key file, certificate signing > request file, a self signed cert and a pem file which is the simplified: (4 lines into 1) openssl req -x509 -days 3650 -nodes -newkey rsa:4096 -keyout mail.pem -out mail.pem > if you want real security, you need to have your cert signed by a real > certificate authority (CA). good idea, a self sign cert is fine for playing around, however there are some situations some clients might get upset at SSC's in production, either way, if you want a free "real" certificate for your mail server (inc webmail), have a look at the offerings from startssl.com dont know if your linked site gave you any this sicne I've just returned from a break and catching up on some 1700 posts under my list a/c :) (which most will be 'mark all as read'), but anyway in this case use: openssl req -new -newkey rsa:4096 -days 365 -nodes -keyout mail.key -out mail.csr submit your csr file to startssl (or other provider), and get your mail.crt file _and_ the class1/CA files (they should offer them to you to d/l) Typically, I keep hte key separate and would use something like cat mail.crt /etc/ssl/CA/sub.class1.server.ca.pem /etc/ssl/CA/ca.pem > dovecot.pem and in dovecot: ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/certs/mail.key -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Mon Jul 15 12:31:05 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 15 Jul 2013 19:31:05 +1000 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <1373875119.11273.24.camel@tardis> References: <201307150003.15081.gheskett@wdtv.com> <51E37CB4.4060505@dementianati.com> <1373875119.11273.24.camel@tardis> Message-ID: <1373880665.11273.115.camel@tardis> On Mon, 2013-07-15 at 17:58 +1000, Noel Butler wrote: > ssl_key_file = /etc/ssl/certs/mail.key Hrmm the forced html -to- text conversion of this list (I sometimes wonder if this is 1993 not 2013) seems to have stripped out the less than bracket preceding the filename, but the actual entry would be ssl_cert_file = From gheskett at wdtv.com Mon Jul 15 16:01:17 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Mon, 15 Jul 2013 09:01:17 -0400 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <1373875119.11273.24.camel@tardis> References: <201307150003.15081.gheskett@wdtv.com> <51E37CB4.4060505@dementianati.com> <1373875119.11273.24.camel@tardis> Message-ID: <201307150901.17401.gheskett@wdtv.com> On Monday 15 July 2013 09:00:41 Noel Butler did opine: > On Sun, 2013-07-14 at 21:38 -0700, Professa Dementia wrote: > > On 7/14/2013 9:03 PM, Gene Heskett wrote: > > > Guessing between the lines I made a few substitutions to localize it > > > for me, but when I run the line to dump the configs, the output is > > > very short because I do not have the *.pem files. > > > > > > Where can a usable set of these ssl 'keyfiles' be obtained? > > > > $ openssl genrsa -out server.key 2048 > > $ openssl req -sha256 -new -key server.key -out server.csr > > $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out > > server.crt > > $ cat server.key server.crt > server.pem > > > > Run the four commands. You will have a key file, certificate signing > > request file, a self signed cert and a pem file which is the > > simplified: (4 lines into 1) > > openssl req -x509 -days 3650 -nodes -newkey rsa:4096 -keyout mail.pem > -out mail.pem > > > if you want real security, you need to have your cert signed by a real > > certificate authority (CA). > > good idea, a self sign cert is fine for playing around, however there > are some situations some clients might get upset at SSC's in production, > either way, if you want a free "real" certificate for your mail server > (inc webmail), have a look at the offerings from startssl.com > > > dont know if your linked site gave you any this sicne I've just returned > from a break and catching up on some 1700 posts under my list a/c :) > (which most will be 'mark all as read'), but anyway > > in this case use: > openssl req -new -newkey rsa:4096 -days 365 -nodes -keyout mail.key -out > mail.csr > > submit your csr file to startssl (or other provider), and get your > mail.crt file _and_ the class1/CA files (they should offer them to you > to d/l) > > Typically, I keep hte key separate and would use something like > > cat mail.crt /etc/ssl/CA/sub.class1.server.ca.pem /etc/ssl/CA/ca.pem > > dovecot.pem > > and in dovecot: > ssl_cert_file = /etc/ssl/certs/dovecot.pem > ssl_key_file = /etc/ssl/certs/mail.key Thank you very much, I believe that is exactly what I am looking for. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views no brainer: A decision which, viewed through the retrospectoscope, is "obvious" to those who failed to make it originally. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From gheskett at wdtv.com Mon Jul 15 16:03:08 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Mon, 15 Jul 2013 09:03:08 -0400 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <1373880665.11273.115.camel@tardis> References: <201307150003.15081.gheskett@wdtv.com> <1373875119.11273.24.camel@tardis> <1373880665.11273.115.camel@tardis> Message-ID: <201307150903.08862.gheskett@wdtv.com> On Monday 15 July 2013 09:02:12 Noel Butler did opine: > On Mon, 2013-07-15 at 17:58 +1000, Noel Butler wrote: > > ssl_key_file = /etc/ssl/certs/mail.key > > Hrmm the forced html -to- text conversion of this list (I sometimes > wonder if this is 1993 not 2013) seems to have stripped out the less > than bracket preceding the filename, but the actual entry would be > > ssl_cert_file = ssl_key_file = is up! My views no brainer: A decision which, viewed through the retrospectoscope, is "obvious" to those who failed to make it originally. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From AxelLuttgens at swing.be Mon Jul 15 17:06:45 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Mon, 15 Jul 2013 16:06:45 +0200 Subject: [Dovecot] 2.2.4 - quota-status changing the user it is running as In-Reply-To: References: Message-ID: <0152A37B-F168-4B1C-9B22-DA3B21629EEB@swing.be> Le 14 juil. 2013 ? 18:54, Axel Luttgens a ?crit : > [...] > > Is this the expected behavior, to have quota-status switch to another user? I should have added: "And to have it indefinitely running as that user?". Notwithstanding the permission problems that come with that behavior (see my previous post), this doesn't seem to be fully right for a service intended to be a policy server for Postfix. For example, let's consider the case of separate uid (or even uid/gid) for mail users. Suppose that the initial connection to quota-status happens for checking quota of user with uid 10001; if quota-status is configured to start as root, we know it will switch to user 10001 and stay running under that uid. Later, a query comes from Postfix for the quota of user with uid 100002. Unless quota-status hasn't fully dropped its root privileges but has just switched to user 10001 while still having the capability to switch to user 10002, I guess there could be a problem... How exactly is quota-status supposed to behave in such a case? TIA, Axel From paul at vandervlis.nl Mon Jul 15 19:09:15 2013 From: paul at vandervlis.nl (Paul van der Vlis) Date: Mon, 15 Jul 2013 18:09:15 +0200 Subject: [Dovecot] Fail2ban and logging In-Reply-To: <51E2F370.7080802@msapiro.net> References: <51E2F370.7080802@msapiro.net> Message-ID: <51E41EAB.8070901@vandervlis.nl> On 14-07-13 20:52, Mark Sapiro wrote: > On 07/14/2013 03:26 AM, Paul van der Vlis wrote: >> Hello, >> >> Dovecot is logging authentication failures this way: >> ------ >> Jul 12 18:07:19 vps0 dovecot: imap-login: Disconnected (auth failed, 22 >> attempts in 172 secs): user=, method=PLAIN, rip=82.95.148.152, >> lip=1.2.3.4, TLS, session= >> ------ > > > Is there a reason why you are allowing PLAIN text login > (disable_plaintext_auth = no)? I use starttls, so it's no plaintext over the internet. > I do not allow plaintext login and I get messages like: > > Jul 12 16:03:27 sbh16 dovecot: pop3-login: Disconnected (tried to use > disallowed plaintext auth): user=<>, rip=219.84.103.232, > lip=72.52.113.38, session= > > I also have > > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > } > > and for secure login failures I get messages like: > > Jul 14 11:38:57 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 2 secs): user=, method=APOP, rip=68.183.193.239, > lip=72.52.113.16, TLS, session=<8/ZeDn3hNwBEt8Hv> > > and in fail2ban I have > > failregex = Aborted login \(.*\): .*rip=, > Disconnected \(tried to use disabled.*\): .*rip=, > warning:.*\[\]: SASL [^ ]+ authentication failed: > > I'm running Dovecot 2.2.4, but the above hasn't changed for a long time. Are you blocked when you login a few times with a wrong password? I expect your log will say something like "auth failed, 22 attempts in 30 secs", and fail2ban will see that as 1 authentications error, so will not block you. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ From gheskett at wdtv.com Mon Jul 15 21:20:53 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Mon, 15 Jul 2013 14:20:53 -0400 Subject: [Dovecot] trying to configre dovecot In-Reply-To: <1373875119.11273.24.camel@tardis> References: <201307150003.15081.gheskett@wdtv.com> <51E37CB4.4060505@dementianati.com> <1373875119.11273.24.camel@tardis> Message-ID: <201307151420.53681.gheskett@wdtv.com> On Monday 15 July 2013 14:14:38 Noel Butler did opine: > On Sun, 2013-07-14 at 21:38 -0700, Professa Dementia wrote: > > On 7/14/2013 9:03 PM, Gene Heskett wrote: > > > Guessing between the lines I made a few substitutions to localize it > > > for me, but when I run the line to dump the configs, the output is > > > very short because I do not have the *.pem files. > > > > > > Where can a usable set of these ssl 'keyfiles' be obtained? > > > > $ openssl genrsa -out server.key 2048 > > $ openssl req -sha256 -new -key server.key -out server.csr > > $ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out > > server.crt > > $ cat server.key server.crt > server.pem > > > > Run the four commands. You will have a key file, certificate signing > > request file, a self signed cert and a pem file which is the > > simplified: (4 lines into 1) > > openssl req -x509 -days 3650 -nodes -newkey rsa:4096 -keyout mail.pem > -out mail.pem > > > if you want real security, you need to have your cert signed by a real > > certificate authority (CA). > > good idea, a self sign cert is fine for playing around, however there > are some situations some clients might get upset at SSC's in production, > either way, if you want a free "real" certificate for your mail server > (inc webmail), have a look at the offerings from startssl.com > > > dont know if your linked site gave you any this sicne I've just returned > from a break and catching up on some 1700 posts under my list a/c :) > (which most will be 'mark all as read'), but anyway > > in this case use: > openssl req -new -newkey rsa:4096 -days 365 -nodes -keyout mail.key -out > mail.csr > > submit your csr file to startssl (or other provider), and get your > mail.crt file _and_ the class1/CA files (they should offer them to you > to d/l) > > Typically, I keep hte key separate and would use something like > > cat mail.crt /etc/ssl/CA/sub.class1.server.ca.pem /etc/ssl/CA/ca.pem > > dovecot.pem > > and in dovecot: > ssl_cert_file = /etc/ssl/certs/dovecot.pem > ssl_key_file = /etc/ssl/certs/mail.key I got to the startssl site ok, but failed at that point because I haven't yet managed to get claws-mail to actually fetch the mail while I am booted to 12.04.2 LTS. Chicken/egg problem. So I guess I'm stuck with SSC's ATM. And because I'm doing full shutdowns to swap drives in a hot swap cage, I am killing my new and old drives with all this powerdown rebooting. Probably 30 such cycles in the last 10 days. :( Thank you for the help, its very much appreciated. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views Q: What's yellow, and equivalent to the Axiom of Choice? A: Zorn's Lemon. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From victormanuelo at gmail.com Mon Jul 15 23:41:25 2013 From: victormanuelo at gmail.com (=?UTF-8?Q?Victor_O=C3=B1ate?=) Date: Mon, 15 Jul 2013 16:11:25 -0430 Subject: [Dovecot] mail not reject when the mailbox is full (Dovecot-LDAP-Imap_quota) In-Reply-To: References: Message-ID: Hi list... this is my #dovecot -n thanks.. # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-mckinley ia64 Debian 6.0.5 base_dir: /var/run/dovecot/ log_path: /var/log/dovecot/dovecot.log info_log_path: /var/log/dovecot/info.log log_timestamp: %Y-%m-%d %H:%M:%S ssl_cert_file: /etc/ssl/correo.crt ssl_key_file: /etc/ssl/correo.key disable_plaintext_auth: no login_dir: /var/run/dovecot//login login_executable: /usr/lib/dovecot/imap-login login_greeting: Dovecot ready C6. login_process_per_connection: no login_processes_count: 50 login_max_processes_count: 60000 login_max_connections: 60000 max_mail_processes: 61760 first_valid_uid: 1000 first_valid_gid: 500 mail_access_groups: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u:INDEX=/home/indexes/%u mmap_disable: yes mail_process_size: 2048 mail_plugins: quota imap_quota lda: postmaster_address: victormanuelo at gmail.com quota_full_tempfail: no auth default: cache_size: 4096 user: nobody passdb: driver: pam userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf plugin: quota: dirsize quota_exceeded_message: Quota exceeded any idea is welcome 2013/7/14 Daniel Parthey > Hi Victor, > > you probably forgot to enable/configure quota for LMPT or LDA service > which enforces quota during delivery of new mails. > > If you still need help, please post the complete output of doveconf -n > > Regards > Daniel > > > > "Victor O?ate" schrieb: > >> Hello List. >> Currently I have configured the share of users through the LDAP query as >> shown >> >> #dovecot.conf >> >> protocol imap { >> mail_plugins = quota imap_quota >> } >> >> plugin { >> quota = dirsize >> } >> >> userdb ldap { >> args = /etc/dovecot/dovecot-ldap.conf >> } >> >> #dovecot-ldap.conf >> auth_bind = yes >> >> ldap_version = 3 >> base = dc=XXX,dc=YY,dc=ZZ >> deref = never >> scope = subtree >> >> user_attrs = >> homeDirectory=home,uidNumber=uid,gidNumber=gid,mail=Maildir,mailQuotaSize=quota_rule=*:storage=%$ >> user_filter = (&(objectClass=posixAccount)(uid=%u)) >> >> pass_attrs = >> uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid >> pass_filter = (&(objectClass=posixAccount)(uid=%u)) >> >> >> Additionally in thunderbird customers have the plug so they can see the >> share. This works perfect! >> >> However, when the mailbox exceeds 100% users continue to receive mail which >> makes the risk set allocated disk space, the idea is that when full the mail >> reject >> with a message "mailbox XXX full" . >> >> >> As always appreciate the ideas. >> >> Victor O?ate >> >> From tommyw at ntlworld.com Tue Jul 16 00:04:01 2013 From: tommyw at ntlworld.com (Tommy Wareing) Date: Mon, 15 Jul 2013 22:04:01 +0100 Subject: [Dovecot] Solved. Re: Services not starting in 2.1 (or 2.2) In-Reply-To: <51DD3893.5070102@Media-Brokers.com> References: <20130710092819.GA12628@mrwolf.afraid.org> <51DD3893.5070102@Media-Brokers.com> Message-ID: <20130715210400.GA26328@mrwolf.afraid.org> On Wed, Jul 10, 2013 at 06:33:55AM -0400, Charles Marcus wrote: > On 2013-07-10 5:28 AM, Tommy Wareing wrote: > >I'm trying to install Dovecot onto my QNAP NAS. > > QNAP NAS devices are notorious for having ancient versions of > critical OS software (like the kernel, glib, OpenSSL, etc)... It turns out that we were both maligining QNAP here. I installed strace (which I hadn't expected to be able to do, but there's an ipkg for it), and ran 2.1.17 through. The log file stopped at: 16:55:35.549868 stat64("/share/MD0_DATA", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0 16:55:35.550006 stat64("/proc/fs/nfsd", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 16:55:35.550163 stat64("/.eaccelerator.tmp", {st_mode=S_IFDIR|0777, st_size=360, ...}) = 0 16:55:35.550300 stat64("/var/syslog_maildir", {st_mode=S_IFDIR|0777, st_size=40, ...}) = 0 16:55:35.550438 stat64("/mnt/thecus", It's checking the machine's mount points, and that last is where I'd had my old NAS mounted, to slurp the data off it. I'd then powered down the NAS, but hadn't unmounted it first, so I'd left a stale NFS handle, which caused the newer versions to hang (it's possible that they'd have eventually timed out and started up normally, but I'd never given them long enough). umount -l /mnt/thecus, and everything runs fine. Would it be worth generating a log message before checking the mount points? > Otherwise, you'd probably get much better help on the QNAP forums... Complete silence, pretty much as I'd expected! -- Tommy From me at junc.eu Tue Jul 16 00:25:48 2013 From: me at junc.eu (Benny Pedersen) Date: Mon, 15 Jul 2013 23:25:48 +0200 Subject: [Dovecot] =?utf-8?q?mail_not_reject_when_the_mailbox_is_full_=28D?= =?utf-8?q?ovecot-LDAP-Imap=5Fquota=29?= In-Reply-To: References: Message-ID: <177e7603d74052d18a62f73f1c461917@junc.eu> Victor O?ate skrev den 2013-07-15 22:41: > this is my #dovecot -n > thanks.. make dovecot use dict storage quotas, then in mta query the dict tables in mta stage, that way it can be tempfailed the right place, dovecot-lda would be accept and bounce problem one day i get mad again and create the sql postfix map to solve it :) From jgao at veecall.com Tue Jul 16 01:13:54 2013 From: jgao at veecall.com (J Gao) Date: Mon, 15 Jul 2013 15:13:54 -0700 Subject: [Dovecot] courier to dovecot Message-ID: <51E47422.6010202@veecall.com> Hi, All, I am new here and I need your advises. Here is my story: I have a mail server like this: - CentOS 5 32 bit (LAMP) - Postfix 2.3 - Courier - MailScanner Courier use maildir to save emails in /home/vmail// / Now I want to build a new system on CentOS 6.4 64bit with postfix, dovecot and migrate all user accounts and their emails. I already installed CentOS 6.4, postfix and mysql. Also just installed Dovecot v2.2.4 from the RPM. Now I am looking into how to Is there a good instruction on how to do this kind of migration? I still prefer using the maildir system. If I just copy all users email from old server to new dovecot user maildir, will dovecot see these mails (and sub-folders) ? Do I need do anything extra? Thanks in advance. Gao -- __ _|==|_ ('')__/ >--(`^^') (`^'^'`) `======' From greminn at gmail.com Tue Jul 16 03:12:10 2013 From: greminn at gmail.com (Simon) Date: Tue, 16 Jul 2013 12:12:10 +1200 Subject: [Dovecot] Sieve scripts in mysql? Message-ID: <224E24B3-6FE0-42BC-9A99-A30DF8DE0A53@gmail.com> Hi There. We are using dovecot v2.2.4 with pigeonhole 0.4.1 (both compiled from source) Centos 6.4. We are storing our virtual user config in mysql. At the moment we are storing our sieve script configs in mysql and then running a script to write these out to a file.. But I'm wondering if there a way to store sieve scripts in mysql? Many thanks! Simon From greminn at gmail.com Tue Jul 16 03:15:18 2013 From: greminn at gmail.com (Simon) Date: Tue, 16 Jul 2013 12:15:18 +1200 Subject: [Dovecot] Sieve vacation variables reference Message-ID: <386C837D-8ACF-4EA0-A8DE-C8B179E04ED4@gmail.com> Hi There. We are using dovecot v2.2.4 with pigeonhole 0.4.1 (both compiled from source) Centos 6.4. Sorry for the dumb question in advance if I'm just missing an obvious link somewhere (also if I've got the terminology all wrong!), but could someone point me to the reference list for "vacation", e.g.: vacation :days :subject :addresses :from is there a definitive list of things like "days", "subject" etc? Thanks Simon From greminn at gmail.com Tue Jul 16 05:39:46 2013 From: greminn at gmail.com (Simon) Date: Tue, 16 Jul 2013 14:39:46 +1200 Subject: [Dovecot] Sieve scripts in mysql? In-Reply-To: <224E24B3-6FE0-42BC-9A99-A30DF8DE0A53@gmail.com> References: <224E24B3-6FE0-42BC-9A99-A30DF8DE0A53@gmail.com> Message-ID: Have just read the recent thread on this on the mailing list. Sorry for not checking first before emailing :) On 16/07/2013, at 12:12 PM, Simon wrote: > Hi There. > > We are using dovecot v2.2.4 with pigeonhole 0.4.1 (both compiled from source) Centos 6.4. We are storing our virtual user config in mysql. > > At the moment we are storing our sieve script configs in mysql and then running a script to write these out to a file.. But I'm wondering if there a way to store sieve scripts in mysql? > > Many thanks! > > Simon > > From mark at msapiro.net Tue Jul 16 06:00:14 2013 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 15 Jul 2013 20:00:14 -0700 Subject: [Dovecot] Fail2ban and logging In-Reply-To: <51E41EAB.8070901@vandervlis.nl> References: <51E2F370.7080802@msapiro.net> <51E41EAB.8070901@vandervlis.nl> Message-ID: <51E4B73E.2000504@msapiro.net> On 07/15/2013 09:09 AM, Paul van der Vlis wrote: > > Are you blocked when you login a few times with a wrong password? > > I expect your log will say something like "auth failed, 22 attempts in > 30 secs", and fail2ban will see that as 1 authentications error, so will > not block you. I am blocked. The log says Jul 15 19:36:06 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=APOP, rip=98.248.186.228, lip=72.52.113.16, TLS, session= Jul 15 19:36:16 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=APOP, rip=98.248.186.228, lip=72.52.113.16, TLS, session= Jul 15 19:36:29 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 10 secs): user=, method=APOP, rip=98.248.186.228, lip=72.52.113.16, TLS, session= Jul 15 19:36:49 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=, method=APOP, rip=98.248.186.228, lip=72.52.113.16, TLS, session= Jul 15 19:37:09 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=, method=APOP, rip=98.248.186.228, lip=72.52.113.16, TLS, session= The difference may be that I am connecting to pop3s, port 995 with SSL, not port 110 with STARTTLS. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From kim+dovecot at alleroedderne.adsl.dk Tue Jul 16 09:41:01 2013 From: kim+dovecot at alleroedderne.adsl.dk (kim Bisgaard) Date: Tue, 16 Jul 2013 08:41:01 +0200 Subject: [Dovecot] constant Log synchronization error's In-Reply-To: <51E27B0D.1050706@alleroedderne.adsl.dk> References: <51E27B0D.1050706@alleroedderne.adsl.dk> Message-ID: <51E4EAFD.3060805@alleroedderne.adsl.dk> Some more detail :-) The previous system (i386) worked fine with dovecot 2.2.2 and pigeonhole 0.4.0 packages also from Atrpms on Fedora 17. I have downgraded to 2.1.16 and pigeonhole 0.3.5 for the time being. Regards, Kim On 2013-07-14 12:18, Kim Bisgaard wrote: > Hi, > > I am seeing constant "Log synchronization error"s in my logs. See later for an example. > > This is dovecot 2.2.4, pigeonhole 0.4.1, and postfix 2.10.1 (with mailbox_command = /usr/libexec/dovecot/deliver) on a Fedora 19 system. > > I am using packages from Atrpms so there are some patches applied - ask for details. The mailboxes have resently been moved from a i386 > system. I have tried to manually do "doveadm force-resync" for all users, but the problem persists :-( > > Here are an example from a user which does not use sieve: > 11:45:48 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21531, TLS, session= > 11:45:52 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21541, TLS, session= > 11:45:54 Y dovecot: imap(X): Error: mdbox /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails: map uidvalidity mismatch (0 vs 1283330954) > 11:45:54 Y dovecot: imap(X): Disconnected: Internal error occurred. Refer to server log for more information. [2013-07-14 11:45:54] in=353 > out=115680 > 11:45:54 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/storage/dovecot.map.index > 11:45:54 Y dovecot: imap(X): Warning: mdbox /var/mail/X/mdbox/storage: rebuilding indexes > 11:45:54 Y dovecot: imap(X): Disconnected: Disconnected in IDLE in=707 out=437806 > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for > /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index: Ex tension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=9,offset=156 for > /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index: Extensi on header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=13,offset=156 for > /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index: Extension h eader update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for > /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for > /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, > session= > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for > /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21548, TLS, session= > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap(X): Error: Log synchronization error at seq=4,offset=156 for > /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:55 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index > 11:45:55 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21552, TLS, session= > 11:45:55 Y dovecot: imap(X): Connection closed: Connection reset by peer in=118 out=111246 > 11:45:56 Y dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, > session= > 11:45:56 Y dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=62.199.61.123, lip=192.168.0.5, TLS, > session= > 11:45:56 Y dovecot: imap(X): Error: mdbox /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails: map uidvalidity mismatch (0 vs 1283330954) > 11:45:56 Y dovecot: imap(X): Disconnected: Internal error occurred. Refer to server log for more information. [2013-07-14 11:45:56] in=353 > out=115647 > 11:45:56 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/storage/dovecot.map.index > 11:45:56 Y dovecot: imap(X): Warning: mdbox /var/mail/X/mdbox/storage: rebuilding indexes > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Kvitteringer/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=10,offset=156 for > /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/INBOX/Streams/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=14,offset=156 for > /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Facebook/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for > /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for > /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Sent/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Drafts/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Archives/2012/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for > /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=5,offset=156 for > /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index: Extension header update points outside header size > 11:45:57 Y dovecot: imap(X): Warning: fscking index file /var/mail/X/mdbox/mailboxes/Trash/Spam/dbox-Mails/dovecot.index > 11:45:57 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21563, TLS, session= > 11:45:57 Y dovecot: imap(X): Connection closed: Connection reset by peer in=150 out=111316 > 11:45:57 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21568, TLS, session=<4y1hnHXhkQA+xz17> > 11:46:05 Y dovecot: imap-login: Login: user=, method=PLAIN, rip=62.199.61.123, lip=192.168.0.5, mpid=21574, TLS, session=<+zbNnHXhBAA+xz17> > > My config is: > # dovecot -n > # 2.2.4: /etc/dovecot/dovecot.conf > # OS: Linux 3.9.9-301.fc19.x86_64 x86_64 Fedora release 19 (Schr?dinger?s Cat) ext4 > mail_location = mdbox:/var/mail/%u/mdbox > mbox_write_locks = fcntl > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = . > } > passdb { > driver = pam > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_extensions = +imapflags > sieve_subaddress_sep = - > } > postmaster_address = postmaster at alleroedderne.adsl.dk > protocols = imap > recipient_delimiter = - > ssl = required > ssl_cert = ssl_key = userdb { > driver = passwd > } > protocol lda { > mail_plugins = " sieve" > } > > > Regards, > Kim > > From roundcube at lefoyer.ru Tue Jul 16 09:47:02 2013 From: roundcube at lefoyer.ru (Sergey Sidlyarenko) Date: Tue, 16 Jul 2013 10:47:02 +0400 Subject: [Dovecot] dovecot-metadata-plugin v14 patches Message-ID: <5f03f6654914772a83ebc7c1f1685b0a@lefoyer.ru> Please apply patches for dovecot-metadata-plugin v14. 1. dovecot-metadata-plugin-value_nil - fix plugin crach if entry->value == NULL (strlen(NULL) - segfault). 2. dovecot-metadata-plugin-utf7_support - add support metadata for UTF8 mailfolder. -- Sidlyarenko Sergey https://github.com/lefoyer -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-metadata-plugin-value_nil.patch Type: text/x-diff Size: 473 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-metadata-plugin-utf7_support.patch Type: text/x-diff Size: 2879 bytes Desc: not available URL: From AxelLuttgens at swing.be Tue Jul 16 09:53:47 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 16 Jul 2013 08:53:47 +0200 Subject: [Dovecot] Sieve vacation variables reference In-Reply-To: <386C837D-8ACF-4EA0-A8DE-C8B179E04ED4@gmail.com> References: <386C837D-8ACF-4EA0-A8DE-C8B179E04ED4@gmail.com> Message-ID: Le 16 juil. 2013 ? 02:15, Simon a ?crit : > Hi There. > > [...] > > is there a definitive list of things like "days", "subject" etc? Hello Simon, You might go to: http://www.rfc-editor.org/search/rfc_search.php and perform there a search on "sieve". For the vacation extension, there's document RFC 5230. The overall working of sieve is described in RFC 5228. HTH, Axel From greminn at gmail.com Tue Jul 16 10:09:02 2013 From: greminn at gmail.com (Simon) Date: Tue, 16 Jul 2013 19:09:02 +1200 Subject: [Dovecot] Sieve vacation variables reference In-Reply-To: References: <386C837D-8ACF-4EA0-A8DE-C8B179E04ED4@gmail.com> Message-ID: On Tue, Jul 16, 2013 at 6:53 PM, Axel Luttgens wrote: Hello Simon, > > You might go to: > > http://www.rfc-editor.org/search/rfc_search.php > > and perform there a search on "sieve". > > For the vacation extension, there's document RFC 5230. > The overall working of sieve is described in RFC 5228. > Thanks Axel - perfect. From genie at geniechka.ru Tue Jul 16 10:29:37 2013 From: genie at geniechka.ru (Eugene) Date: Tue, 16 Jul 2013 11:29:37 +0400 Subject: [Dovecot] courier to dovecot In-Reply-To: <51E47422.6010202@veecall.com> References: <51E47422.6010202@veecall.com> Message-ID: Hello, Yes, I did that some years ago. Just create a working Dovecot installation and then copy the Maildirs (with correct permissions/owners etc). They probably have some additional housekeeping files from Courier, I believe Dovecot even can use some of them, but anyway they do no harm. Best wishes Eugene -----Original Message----- From: J Gao Sent: Tuesday, July 16, 2013 2:13 AM To: dovecot at dovecot.org Subject: [Dovecot] courier to dovecot Hi, All, I am new here and I need your advises. Here is my story: I have a mail server like this: - CentOS 5 32 bit (LAMP) - Postfix 2.3 - Courier - MailScanner Courier use maildir to save emails in /home/vmail// / Now I want to build a new system on CentOS 6.4 64bit with postfix, dovecot and migrate all user accounts and their emails. I already installed CentOS 6.4, postfix and mysql. Also just installed Dovecot v2.2.4 from the RPM. Now I am looking into how to Is there a good instruction on how to do this kind of migration? I still prefer using the maildir system. If I just copy all users email from old server to new dovecot user maildir, will dovecot see these mails (and sub-folders) ? Do I need do anything extra? Thanks in advance. Gao -- __ _|==|_ ('')__/ >--(`^^') (`^'^'`) `======' From grundman at ipbs.fr Tue Jul 16 12:29:24 2013 From: grundman at ipbs.fr (grundman) Date: Tue, 16 Jul 2013 02:29:24 -0700 (PDT) Subject: [Dovecot] Proxying improvements in v2.1.2 In-Reply-To: <8AA21A89-D80B-4B82-A9A8-9E14A3A1F385@iki.fi> References: <77FC9C82-EAB0-4A0A-87BD-F6BEC1D0E342@iki.fi> <8AA21A89-D80B-4B82-A9A8-9E14A3A1F385@iki.fi> Message-ID: <1373966964322-43314.post@n4.nabble.com> I have a configuration of two dovecot servers ( 192.168.251.134 192.168.251.135 ) with a director setup. I have passdb { driver = static args = "proxy_maybe=y nopassword=y starttls=any-cert" } } passdb { driver = pam args="*" } userdb { driver = passwd } It seems that "auth_proxy_self = 192.168.251.134" and even " auth_proxy_self = 192.168.251.134 192.168.251.135" are ignored. I receive always "imap-login: Error: Proxying loops to itself: user= ..." I have a dovecot version 2.2.2. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Proxying-improvements-in-v2-1-2-tp988p43314.html Sent from the Dovecot mailing list archive at Nabble.com. From AxelLuttgens at swing.be Tue Jul 16 13:51:36 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 16 Jul 2013 12:51:36 +0200 Subject: [Dovecot] 2.2.4 - Some questions about and needing help with quota-status Message-ID: <99EDABF1-7E72-4044-B6B9-58E936248C14@swing.be> Help! I'm stuck. :-( The config of my experimental setup appears at the end of this message; I'm providing hereafter some more info that may not be immediately obvious. This is dovecot 2.2.4 with changesets 9091d0f2d971 and 2be295a0b64f. All involved databases are sqlite ones. passdb and userdb are devised so as to change usernames. For example, I could have a user with addresses "doe at oldexample.com", "johnd at oldexample.com" and "john.doe at example.com" needing to be able to log in as "jdoe" or "u123456"; all db lookups for that user then end with name "john.doe". This is a single mail user setup (user/group "dovemailer", uid/gid 999). Service lmtp has been configured to run as that user; that required a slight adjustment at the auth-userdb socket level. As a general rule, the quota dict appears to be correctly updated upon message arrivals and removals (thru lmtp, pop, imap), and to be correctly queried/interpreted by the various parts of the server. For example, thru the userdb query, user john.doe has been given an even lower quota limit than the already low default defined for testings: $ sudo doveadm quota get -u john.doe Quota name Type Value Limit % Quota utilisateur STORAGE 20 5 400 Quota utilisateur MESSAGE 14 - 0 and is clearly recognized as being over-quota by lmtp: $ telnet /_ROOT/var/run/dovecot/lmtp Trying /_ROOT/var/run/dovecot/lmtp... Connected to (null). Escape character is '^]'. 220 almba.local Dovecot ready. mail from: 250 2.1.0 OK rcpt to: 250 2.1.5 OK data 354 OK Subject: test . 552 5.2.2 Quota exceeded (mailbox for user is full) Note that both services config and dict are launched if they aren't running. Since it has been previously seen that running quota-status as root comes with its own problems, and since it is a single user setup anyway, I'm trying to run it as dovemailer as well. So, let's try to see what quota-status thinks about john.doe: $ sudo -u _postfix telnet /_ROOT/var/spool/postfix/private/quota-policyd Trying /_ROOT/var/spool/postfix/private/quota-policyd... Connected to (null). Escape character is '^]'. Connection closed by foreign host. Clearly, not much... Looking in the log: dovecot[10554]: quota-status: Fatal: Error reading configuration: net_connect_unix(/_ROOT/var/run/dovecot/config) failed: Permission denied This thus raises a first question: Q1. What makes lmtp and quota-status different? How does lmtp manage to fetch all needed info, while quota-status seems to require an access to the config socket? Let's then slightly adjust dovecot.conf, in the hope to make quota-status happy: service config { unix_listener config { group = dovemailer mode = 0660 } } Q2. Should the above really be needed, wouldn't there be a better way? I ask, because it seems to me that I'm starting to seriously lose the benefits of privilege separation... Anyway, let's ask quota-status again: $ sudo -u _postfix telnet /_ROOT/var/spool/postfix/private/quota-policyd Password: Trying /_ROOT/var/spool/postfix/private/quota-policyd... Connected to (null). Escape character is '^]'. recipient=john.doe at example.com size=10000 action=OK ^] telnet> quit Connection closed. In the log: dovecot[11050]: auth: Debug: userdb out: USER 1 john.doe at example.com quota_rule=*:storage=5k dovecot[11050]: quota-status: Debug: auth input: john.doe at example.com quota_rule=*:storage=5k dovecot[11050]: quota-status: Debug: Added userdb setting: plugin/quota_rule=*:storage=5k dovecot[11050]: quota-status(john.doe at example.com): Debug: Effective uid=999, gid=999, home=/_Mailstores/john.doe dovecot[11050]: quota-status(john.doe at example.com): Debug: Quota root: name=Quota utilisateur backend=dict args=john.doe:proxy::sql_quota dovecot[11050]: quota-status(john.doe at example.com): Debug: Quota rule: root=Quota utilisateur mailbox=* bytes=5120 messages=0 dovecot[11050]: quota-status(john.doe at example.com): Debug: Quota grace: root=Quota utilisateur bytes=512 (10%) dovecot[11050]: quota-status(john.doe at example.com): Debug: dict quota: user=john.doe, uri=proxy::sql_quota, noenforcing=0 dovecot[11050]: quota-status(john.doe at example.com): Debug: fs: root=/_Mailstores/john.doe/mboxes, index=, indexpvt=, control=, inbox=/_Mailstores/john.doe/mboxes/inbox, alt= It is to be noted that the config server is now launched as expected, but that the dict server still isn't. Trying a dirsize backend instead of the dict backend doesn't help. The problem seems to be circumscribed to the interaction with the quota backend since, for example, querying quota-status for an unknown recipient yields an expected "action=REJECT Unknown user". Hence my last question, after having tried a lot of things for several days now, with no more success: Q3. What am I doing wrong? Many thanks in advance, Axel # 2.2.4: /_ROOT/etc/dovecot/dovecot.conf # OS: Darwin 12.4.0 x86_64 auth_debug = yes dict { sql_quota = sqlite:/_ROOT/etc/dovecot/dict-quota.conf } disable_plaintext_auth = no listen = * mail_debug = yes mail_gid = dovemailer mail_home = /_Mailstores/%n mail_location = mbox:~/mboxes:INBOX=~/mboxes/inbox mail_plugins = quota mail_uid = dovemailer managesieve_sieve_capability = vacation mbox_write_locks = fcntl passdb { args = /_ROOT/etc/dovecot/db.conf driver = sql } plugin { quota = dict:Quota utilisateur:%n:proxy::sql_quota quota_rule = *:storage=50M sieve = ~/sieve/active_script.sieve sieve_dir = ~/sieve/scripts sieve_extensions = vacation sieve_max_actions = 3 sieve_max_redirects = 2 sieve_max_script_size = 10K sieve_user_log = ~/sieve/log } service auth { unix_listener auth-userdb { group = dovemailer mode = 0660 user = $default_internal_user } } service dict { unix_listener dict { group = dovemailer mode = 0660 } } service lmtp { group = dovemailer user = dovemailer } service quota-status { client_limit = 1 executable = quota-status -p postfix group = dovemailer unix_listener /_ROOT/var/spool/postfix/private/quota-policyd { user = _postfix } user = dovemailer } ssl = no userdb { driver = prefetch } userdb { args = /_ROOT/etc/dovecot/db.conf driver = sql } protocol lmtp { mail_plugins = quota sieve postmaster_address = postmaster at example.com sendmail_path = /_ROOT/postfix/sbin/sendmail } protocol pop3 { pop3_uidl_format = %08Xv%08Xu } From AxelLuttgens at swing.be Tue Jul 16 14:34:03 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 16 Jul 2013 13:34:03 +0200 Subject: [Dovecot] mail not reject when the mailbox is full (Dovecot-LDAP-Imap_quota) In-Reply-To: References: Message-ID: <1ED77C29-F381-4A31-A78B-EFFC0EA10D05@swing.be> Le 15 juil. 2013 ? 22:41, Victor O?ate a ?crit : > Hi list... > > this is my #dovecot -n > thanks.. > > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-mckinley ia64 Debian 6.0.5 > base_dir: /var/run/dovecot/ > [...] > > any idea is welcome Hello Victor, I don't remember exactly, but wasn't it needed with 1.x to explicitly enable the wanted plugins for each "protocol" section? Or was the global mail_plugins setting already sufficient? Axel From hajo.locke at gmx.de Tue Jul 16 14:44:30 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Tue, 16 Jul 2013 13:44:30 +0200 Subject: [Dovecot] reload without shutting imap connections down Message-ID: Hello, we have some problems with users who report connectionproblems to dovecot sometimes. According to the logs there are dovecot reloads at this times. Seems that a reload also causes dovecot to shut all imapconnections down: Jul 16 13:31:40 myhostname dovecot: master: Warning: SIGHUP received - reloading configuration Jul 16 13:31:40 myhostname dovecot: imap: Server shutting down. bytes=251/675 I tried to reload by initscript or sending -HUP manually to pid, dovecot is shutting down imapconnections and i think this is the reason for users to report this problems with some clients. This seems to be new with versions 2.x, i have some old 1.2.x dovecots running and cant find "Server shutting down" in their logs after reload. I have still potential to reduce reloads, but cant avoid them completely. Is there a workaround? Thanks, Hajo From cryptodan at gmail.com Tue Jul 16 14:49:33 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Tue, 16 Jul 2013 11:49:33 +0000 Subject: [Dovecot] reload without shutting imap connections down In-Reply-To: References: Message-ID: Hajo, >From the looks and sounds of things your Dovecot installation and configuration is crashing without creating a dump. What happens prior to the aforementioned log entries? Thanks, Dan On Tue, Jul 16, 2013 at 11:44 AM, Hajo Locke wrote: > Hello, > > we have some problems with users who report connectionproblems to dovecot > sometimes. According to the logs there are dovecot reloads at this times. > Seems that a reload also causes dovecot to shut all imapconnections down: > > Jul 16 13:31:40 myhostname dovecot: master: Warning: SIGHUP received - > reloading configuration > Jul 16 13:31:40 myhostname dovecot: imap: Server shutting down. > bytes=251/675 > > I tried to reload by initscript or sending -HUP manually to pid, dovecot > is shutting down imapconnections and i think this is the reason for users > to report this problems with some clients. > This seems to be new with versions 2.x, i have some old 1.2.x dovecots > running and cant find "Server shutting down" in their logs after reload. > > I have still potential to reduce reloads, but cant avoid them completely. > Is there a workaround? > > Thanks, > Hajo > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From h.reindl at thelounge.net Tue Jul 16 14:54:52 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 16 Jul 2013 13:54:52 +0200 Subject: [Dovecot] reload without shutting imap connections down In-Reply-To: References: Message-ID: <51E5348C.9020705@thelounge.net> where do you suspect a crash in "Warning: SIGHUP received"? https://en.wikipedia.org/wiki/Unix_signal SIGHUP is used for a lot of software to indicate reload the configuration without completly restart a service Am 16.07.2013 13:49, schrieb Daniel Reinhardt: > From the looks and sounds of things your Dovecot installation and > configuration is crashing without creating a dump. What happens prior to > the aforementioned log entries? > > On Tue, Jul 16, 2013 at 11:44 AM, Hajo Locke wrote: > >> Hello, >> >> we have some problems with users who report connectionproblems to dovecot >> sometimes. According to the logs there are dovecot reloads at this times. >> Seems that a reload also causes dovecot to shut all imapconnections down: >> >> Jul 16 13:31:40 myhostname dovecot: master: Warning: SIGHUP received - >> reloading configuration >> Jul 16 13:31:40 myhostname dovecot: imap: Server shutting down. >> bytes=251/675 >> >> I tried to reload by initscript or sending -HUP manually to pid, dovecot >> is shutting down imapconnections and i think this is the reason for users >> to report this problems with some clients. >> This seems to be new with versions 2.x, i have some old 1.2.x dovecots >> running and cant find "Server shutting down" in their logs after reload. >> >> I have still potential to reduce reloads, but cant avoid them completely. >> Is there a workaround? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From hajo.locke at gmx.de Tue Jul 16 14:56:39 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Tue, 16 Jul 2013 13:56:39 +0200 Subject: [Dovecot] reload without shutting imap connections down References: Message-ID: <74AE49E025A64E9DA017BB266DD6530A@ai.local> Hello, > From the looks and sounds of things your Dovecot installation and > configuration is crashing without creating a dump. What happens prior to > the aforementioned log entries? none unexpected behaviour. I run now with debugoptions. There is no evidence of problem. some regular mailtraffic and some people are imap-ideling...then comes the reload and connections are shut down. 2.0.19 ist default of Ubuntu 12.10, but we also use 2.1.7 with same effect. Older Machines with 1.2 dont show this behaviour. Thanks, Hajo From AxelLuttgens at swing.be Tue Jul 16 15:40:18 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 16 Jul 2013 14:40:18 +0200 Subject: [Dovecot] Difference between using auth_realms and setting up virtual mailboxes in postfix? In-Reply-To: References: Message-ID: <60346643-DC59-4858-BCF9-6198089F4922@swing.be> Le 12 juil. 2013 ? 21:32, Gab IIpop a ?crit : > Hi, there is a possibility in the future that I might have to support > multiple domain names(but using the same IP address). Postfix has something > called 'virtual mailboxes' to help handle this. Hello Gab, Let's suppose you have a simple Postfix/Dovecot server and two domains. With Postfix, this is basically handled by telling it that emails for recipients in those domains are to be delivered thru Dovecot's lda or lmtp. On the Dovecot side, it is essentially a matter of having a mapping address->mailbox, so that lda or lmtp know where/how to store emails. > But I also noticed that dovecot has a setting "auth_realms" where I can > specify domains separated by a space. > > What is the relationship between the two? Very distant... Such realms may be used by some authentication mechanisms, and their names, even if often looking like domain names, may be quite arbitrary. HTH, Axel From heupink at merit.unu.edu Tue Jul 16 15:40:12 2013 From: heupink at merit.unu.edu (mourik jan heupink) Date: Tue, 16 Jul 2013 14:40:12 +0200 Subject: [Dovecot] reload without shutting imap connections down In-Reply-To: References: Message-ID: <51E53F2C.5080508@merit.unu.edu> Hi, > we have some problems with users who report connectionproblems to > dovecot sometimes. According to the logs there are dovecot reloads at > this times. > Seems that a reload also causes dovecot to shut all imapconnections down: Just a wile guess: Could it have something to do with the "shutdown_clients" setting, perhaps..? From hajo.locke at gmx.de Tue Jul 16 16:18:18 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Tue, 16 Jul 2013 15:18:18 +0200 Subject: [Dovecot] reload without shutting imap connections down References: <51E53F2C.5080508@merit.unu.edu> Message-ID: Hello, > Could it have something to do with the "shutdown_clients" setting, > perhaps..? arrgh, did not see there is a adequate setting. works good.... default of shutdown_clients is yes, must be changed between versions? Thanks, Hajo From h.reindl at thelounge.net Tue Jul 16 16:25:09 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 16 Jul 2013 15:25:09 +0200 Subject: [Dovecot] reload without shutting imap connections down In-Reply-To: References: <51E53F2C.5080508@merit.unu.edu> Message-ID: <51E549B5.3000508@thelounge.net> Am 16.07.2013 15:18, schrieb Hajo Locke: >> Could it have something to do with the "shutdown_clients" setting, perhaps..? > > arrgh, did not see there is a adequate setting. works good.... > default of shutdown_clients is yes, must be changed between versions? yes - depends of what you need and want keep in mind that without this and in case of IMAP with long running connections (over days maybe) the existing connections are still running with the old configuration and depending on the config changes this may or may not be a problem -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From e-frog at gmx.de Tue Jul 16 20:07:41 2013 From: e-frog at gmx.de (e-frog) Date: Tue, 16 Jul 2013 19:07:41 +0200 Subject: [Dovecot] Dovecot v2.2.4 (ebbe00999da8) doveadm crash Message-ID: <51E57DDD.6090200@gmx.de> Hello, Current Dovecot v2.2 HG crashes using the following command: $ doveadm mailbox status -A -t unseen 'virtual/unread' Please see backtrace below and dovecot -n output attached. Thanks, e-frog gdb /usr/bin/doveadm 24023 GNU gdb (GDB) 7.5.91.20130417-cvs-ubuntu Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/bin/doveadm...Reading symbols from /usr/lib/debug/usr/bin/doveadm...done. done. Attaching to program: /usr/bin/doveadm, process 24023 warning: unable to open /proc file '/proc/24023/status' warning: unable to open /proc file '/proc/24023/status' ptrace: No such process. [New LWP 24023] warning: Can't read pathname for load map: Input/output error. [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". Core was generated by `doveadm mailbox status -A -t unseen virtual/unread'. Program terminated with signal 11, Segmentation fault. #0 i_stream_next_line (stream=0x0) at istream.c:382 382 istream.c: No such file or directory. (gdb) bt full #0 i_stream_next_line (stream=0x0) at istream.c:382 _stream = pos = #1 0xb754656b in auth_master_user_list_next (ctx=0xb91bfbd8) at auth-master.c:689 line = #2 0xb7634a0b in mail_storage_service_all_next (ctx=0xb91c4ba8, username_r=username_r at entry=0xbf8e6630) at mail-storage-service.c:1260 __FUNCTION__ = "mail_storage_service_all_next" #3 0xb7752d46 in doveadm_mail_cmd_get_next_user (ctx=0xb91be478, username_r=0xbf8e6630) at doveadm-mail.c:416 No locals. #4 0xb7753e95 in doveadm_mail_all_users (wildcard_user=0x0, argv=0xb91ba1ec, ctx=0xb91be478) at doveadm-mail.c:368 ret = input = {module = 0x0, service = 0xb77918f3 "doveadm", username = 0xb91bf8a0 "test1 at local.lan", session_id = 0x0, local_ip = {family = 0, u = { ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = { s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = (unknown: 0), flags_override_remove = (unknown: 0), no_userdb_lookup = 0} user_idx = 0 user = 0xb91bf8a0 "test1 at local.lan" error = 0x10
#5 doveadm_mail_cmd (argv=0xb91ba1ec, argc=-1189371412, cmd=0xbf8e668c) at doveadm-mail.c:523 ctx = 0xb91be478 getopt_args = ret = c = wildcard_user = 0x0 error = #6 doveadm_mail_try_run (cmd_name=cmd_name at entry=0xb91ba200 "mailbox", argc=5, argc at entry=6, argv=argv at entry=0xb91ba1dc) at doveadm-mail.c:608 cmd = 0xbf8e668c #7 0xb7752903 in main (argc=6, argv=0xb91ba1dc) at doveadm.c:398 cmd_name = 0xb91ba200 "mailbox" i = quick_init = false c = (gdb) -------------- next part -------------- # 2.2.4 (ebbe00999da8): /etc/dovecot/dovecot.conf # OS: Linux 3.8.0-26-generic i686 Ubuntu 13.04 deliver_log_format = msgid=%m: from=%f: %$ dict { dictionary = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } imap_client_workarounds = tb-extra-mailbox-sep imap_id_log = * lda_mailbox_autocreate = yes mail_gid = vmail mail_home = /home/vmail/%Ld/%Ln mail_location = mdbox:~/mdbox mail_plugins = quota virtual fts fts_lucene mail_uid = vmail mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vnd.dovecot.duplicate vnd.dovecot.pipe namespace inbox { hidden = no inbox = yes list = yes location = prefix = separator = / subscriptions = yes type = private } namespace virtual { location = virtual:~/virtual prefix = virtual/ separator = / subscriptions = no type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { antispam_backend = spool2dir antispam_spam = Junk antispam_spool2dir_notspam = /home/vmail/learn-ham/%%020lu-%u-%%05luh antispam_spool2dir_spam = /home/vmail/learn-spam/%%020lu-%u-%%05lus antispam_trash = Trash fts = lucene fts_lucene = whitespace_chars=@. mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename append mail_log_fields = uid box from subject msgid size flags quota = dict:user::proxy::dictionary sieve = ~/dovecot.sieve sieve_before = /home/vmail/etc/sieve-global/ sieve_dir = ~/sieve sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.duplicate sieve_pipe_bin_dir = /home/vmail/etc/sieve-pipe sieve_pipe_exec_timeout = 30s sieve_plugins = sieve_extprograms } postmaster_address = postmaster at localhost.lan protocols = " imap lmtp sieve" quota_full_tempfail = yes service anvil { unix_listener anvil { user = vmail } } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } } service config { unix_listener config { mode = 0600 user = vmail } } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { inet_listener imaps { port = 0 } process_min_avail = 2 service_count = 0 } service imap { executable = imap postlogin } service lmtp { process_min_avail = 2 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } user = vmail } service postlogin { executable = script-login /home/vmail/bin/dovecot-postlogin.sh user = vmail } ssl = required ssl_cert = References: <51E47422.6010202@veecall.com> Message-ID: <20130716235721.GY17470@corp.sonic.net> On Mon, Jul 15, 2013 at 03:13:54PM -0700, J Gao wrote: > Now I want to build a new system on CentOS 6.4 64bit with postfix, > dovecot and migrate all user accounts and their emails. I assume you've already reviewed the migration pages on the wiki? http://wiki2.dovecot.org/Migration/Courier My only advice would be to consider dropping the INBOX. prefix - this has some significant affects for the migration but will prevent headaches from clients that don't handle namespaces correctly (like all iOS devices.) Or, maybe add a second hidden namespace for INBOX. compatibility so existing clients that are hard coded hopefully wont trip up on themselves too bad. -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From felixrubiodalmau at gmail.com Wed Jul 17 09:24:50 2013 From: felixrubiodalmau at gmail.com (Felix Rubio Dalmau) Date: Wed, 17 Jul 2013 08:24:50 +0200 Subject: [Dovecot] plugin expire Message-ID: <12843399.FiN4AJ1Ac1@jarvis> Hi everybody, I'm trying to configure the expire plugin, unsuccessfully. This is my configuration, the part related to this plugin. Could somebody give a look to it? I can not figure out why is not working :-S. Thank you, and regards! Felix ############ doveconf output dict { expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext } plugin { expire = Trash 15 Junk 15 expire_dict = proxy::expire } protocol imap { mail_plugins = " zlib expire" } ########### dovecot-dict-expire.conf.ext # CREATE TABLE virtual_expires ( # username varchar(100) not null, # mailbox varchar(255) not null, # expire_stamp integer not null, # primary key (username, mailbox) # ); map { pattern = shared/expire/$user/$mailbox table = virtual_expires value_field = expire_stamp fields { username = $user mailbox = $mailbox } } From gedalya at gedalya.net Wed Jul 17 13:36:12 2013 From: gedalya at gedalya.net (Gedalya) Date: Wed, 17 Jul 2013 06:36:12 -0400 Subject: [Dovecot] pop3c migration? Message-ID: <51E6739C.5030001@gedalya.net> Hi, I'm running dsync migrations using imapc and the source IMAP server is just too slow. It has taken 8 hours to migrate a mailbox with 47,000 messages. It seems most of the mailboxes are never accessed with IMAP, so it would be just as good to migrate them via POP3 which should work faster in my case. Is this actually meant to work? doveadm -D -o pop3c_user=xxxxxx at example.com -o 'pop3c_password=*******' -o pop3c_host=120.121.122.123 backup -u yyyyy at example.com -R pop3c: gives: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_listescape_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_init (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(yyyyy at example.com): Debug: Added userdb setting: mail=maildir:/stor/real/domains/example.com/yy/yyyyy/Maildir doveadm(yyyyy at example.com): Debug: Added userdb setting: plugin/quota_rule=*:storage=5120M doveadm(yyyyy at example.com): Debug: Effective uid=1001, gid=1001, home=/stor/real/domains/example.com/yy/yyyyy doveadm(yyyyy at example.com): Debug: Namespace : type=private, prefix=POP3-MIGRATION-NS/, sep=, inbox=no, hidden=yes, list=no, subscriptions=yes location=pop3c: doveadm(yyyyy at example.com): Debug: fs: root=, index=, control=, inbox=, alt= doveadm(yyyyy at example.com): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/stor/real/domains/example.com/yy/yyyyy/Maildir doveadm(yyyyy at example.com): Debug: maildir++: root=/stor/real/domains/example.com/yy/yyyyy/Maildir, index=, control=, inbox=/stor/real/domains/example.com/yy/yyyyy/Maildir, alt= dsync(yyyyy at example.com): Debug: Effective uid=1001, gid=1001, home=/stor/real/domains/example.com/yy/yyyyy dsync(yyyyy at example.com): Debug: Namespace : type=private, prefix=POP3-MIGRATION-NS/, sep=, inbox=no, hidden=yes, list=no, subscriptions=yes location=pop3c: dsync(yyyyy at example.com): Debug: fs: root=, index=, control=, inbox=, alt= dsync(yyyyy at example.com): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=pop3c: dsync(yyyyy at example.com): Debug: fs: root=, index=, control=, inbox=, alt= Segmentation fault remembering something about that... : # mkdir /tmp/pop3c # chown vmail:vmail /tmp/pop3c/ # doveadm -D -o pop3c_user=xxxxxx at example.com -o 'pop3c_password=*******' -o pop3c_host=120.121.122.123 backup -u yyyyy at example.com -R pop3c:/tmp/pop3c doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_listescape_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_init (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(yyyyy at example.com): Debug: Added userdb setting: mail=maildir:/stor/real/domains/example.com/yy/yyyyy/Maildir doveadm(yyyyy at example.com): Debug: Added userdb setting: plugin/quota_rule=*:storage=5120M doveadm(yyyyy at example.com): Debug: Effective uid=1001, gid=1001, home=/stor/real/domains/example.com/yy/yyyyy doveadm(yyyyy at example.com): Debug: Namespace : type=private, prefix=POP3-MIGRATION-NS/, sep=, inbox=no, hidden=yes, list=no, subscriptions=yes location=pop3c: doveadm(yyyyy at example.com): Debug: fs: root=, index=, control=, inbox=, alt= doveadm(yyyyy at example.com): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/stor/real/domains/example.com/yy/yyyyy/Maildir doveadm(yyyyy at example.com): Debug: maildir++: root=/stor/real/domains/example.com/yy/yyyyy/Maildir, index=, control=, inbox=/stor/real/domains/example.com/yy/yyyyy/Maildir, alt= dsync(yyyyy at example.com): Debug: Effective uid=1001, gid=1001, home=/stor/real/domains/example.com/yy/yyyyy dsync(yyyyy at example.com): Debug: Namespace : type=private, prefix=POP3-MIGRATION-NS/, sep=, inbox=no, hidden=yes, list=no, subscriptions=yes location=pop3c: dsync(yyyyy at example.com): Debug: fs: root=, index=, control=, inbox=, alt= dsync(yyyyy at example.com): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=pop3c:/tmp/pop3c dsync(yyyyy at example.com): Debug: fs: root=/tmp/pop3c/., index=/tmp/pop3c, control=, inbox=, alt= dsync(yyyyy at example.com): Debug: Namespace : Using permissions from /tmp/pop3c/.: mode=0755 gid=-1 dsync(yyyyy at example.com): Debug: Namespace : Using permissions from /stor/real/domains/example.com/yy/yyyyy/Maildir: mode=0700 gid=-1 dsync(yyyyy at example.com): Debug: Namespace : /tmp/pop3c/./INBOX doesn't exist yet, using default permissions dsync(yyyyy at example.com): Debug: Namespace : Using permissions from /tmp/pop3c/.: mode=0755 gid=-1 dsync(yyyyy at example.com): Debug: pop3c(120.121.122.123): Looking up IP address dsync(yyyyy at example.com): Debug: pop3c(120.121.122.123): Connecting to 120.121.122.123:110 dsync(yyyyy at example.com): Debug: pop3c(120.121.122.123): Authenticating as xxxxxx at example.com dsync(yyyyy at example.com): Panic: file mail-storage.c: line 1311 (mailbox_get_metadata): assertion failed: ((items & MAILBOX_METADATA_GUID) == 0 || !guid_128_is_empty(metadata_r->guid)) dsync(yyyyy at example.com): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x45caa) [0xb761ccaa] -> /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x47) [0xb761cdc7] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0xb761d647] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_get_metadata+0x120) [0xb76f3040] -> doveadm() [0x80740bc] -> doveadm(dsync_worker_mailbox_iter_next+0x21) [0x8071c11] -> doveadm() [0x806c1f7] -> doveadm(dsync_brain_sync+0x6c0) [0x806b890] -> doveadm(dsync_brain_sync_all+0x18) [0x806c4f8] -> doveadm() [0x806961b] -> doveadm() [0x8069bbf] -> doveadm() [0x80541ec] -> doveadm(doveadm_mail_try_run+0x257) [0x8054ee7] -> doveadm(main+0x391) [0x805d0c1] -> /lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xe6) [0xb748ae46] -> doveadm() [0x8054001] Aborted Now I'm lost... Am I in the right direction? Thanks, Gedalya # dovecot -n # 2.1.17: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.1 auth_default_realm = example.com auth_mechanisms = plain login cram-md5 auth_verbose = yes auth_verbose_passwords = plain default_client_limit = 8096 dict { expire = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no imapc_host = mail01.example.com mail_gid = vmail mail_plugins = listescape mail_prefetch_count = 50 mail_uid = vmail namespace { hidden = yes list = no location = pop3c: prefix = POP3-MIGRATION-NS/ } namespace inbox { inbox = yes location = prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { expire = Trash expire2 = Trash.* expire3 = Junk expire_dict = proxy::expire pop3_migration_mailbox = POP3-MIGRATION-NS/INBOX sieve = ~/.dovecot.sieve sieve_before = /var/local/lib/dovecot/sieve/global/fileinto-spam.sieve sieve_dir = ~/sieve } pop3c_host = 120.121.122.123 postmaster_address = postmaster at example.com service auth-worker { user = $default_internal_user } service auth { client_limit = 20480 } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { process_min_avail = 4 service_count = 0 vsz_limit = 128 M } service imap { process_limit = 10240 } service lmtp { inet_listener lmtp { address = 0.0.0.0 port = 7025 } } service pop3-login { process_min_avail = 4 service_count = 0 vsz_limit = 128 M } service pop3 { process_limit = 4096 } ssl_cert = Hi, Does not create, or something I did wrong? Here http://wiki2.dovecot.org/VirtualUsers/Home it is written Home vs. mail directory Home directory shouldn't be the same as mail directory. It's possible to do that, but you might run into trouble with it sooner or later. Some problems with this are: and Ways to set up home directory The home directory is the same as the mail directory. If for example home=/var/vmail/domain/user/ mail=/var/vmail/domain/user/mail/, set: mail_home = /var/vmail/%d/%n mail_location = maildir:~/mail I think I've done it so. And yet, here http://wiki.dovecot.org/HowTo/SimpleVirtualInstall it is written Users can be added by editing this file. Dovecot automatically notices the new users immediately after they're added. It also creates their home directories when the user logs in. However, the directory is not created. My config: # dovecot -n # 2.2.4: /etc/dovecot/dovecot.conf # OS: Linux 3.9.6 x86_64 Slackware 14.0 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login digest-md5 cram-md5 rpa apop auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot/dovecot.debug.log disable_plaintext_auth = no info_log_path = /var/log/dovecot/dovecot.info.log lda_mailbox_autocreate = yes listen = 192.168.1.1 log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = dovecot mail_uid = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { antispam_allow_append_to_spam = NO antispam_backend = dspam antispam_debug_target = syslog antispam_dspam_args = --user;%Lu;--deliver=;--source=error;--signature=%%s antispam_dspam_binary = /usr/bin/dspam antispam_dspam_notspam = --class=innocent antispam_dspam_result_blacklist = Virus;Blocklisted;Blacklisted antispam_dspam_result_header = X-DSPAM-Result antispam_dspam_spam = --class=spam antispam_signature = X-DSPAM-Signature antispam_signature_missing = move antispam_skip_from_line = NO antispam_spam = Spam;spam;SPAM;Junk;junk;JUNK; antispam_trash = Trash;trash;Deleted;deleted;Deleted Items;Deleted Messages; antispam_verbose_debug = 1 sieve = ~/.dovecot.sieve sieve_default = /etc/dovecot/sieve/default.sieve sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/ } protocols = imap pop3 lmtp sieve service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = ): query: SELECT password FROM users WHERE email = 'test at example.com' AND enabled = 1 Jul 17 12:49:41 auth: Debug: password(test at example.com,192.168.1.2,): Generating CRAM-MD5 from user 'test at example.com@', password 'test' Jul 17 12:49:41 auth: Debug: password(test at example.com,192.168.1.2,): Credentials: 6062bc903ac97de43f0b5d33ebe8c1a63bb9ae1a88ec39cf6fd85a645de8c63a Jul 17 12:49:41 auth: Debug: client passdb out: OK 1 user= test at example.com Jul 17 12:49:41 auth: Debug: master in: REQUEST 2206334977 10501 1 49e1fcdcc5e1c2becb50c3b47d31cdeb session_pid=10506 Jul 17 12:49:41 auth: Debug: sql(test at example.com,192.168.1.2,): SELECT concat('/var/spool/vmail/', home) AS home, concat('maildir:', maildir) AS mail FROM users WHERE email = 'test at example.com' AND enabled = 1 Jul 17 12:49:41 auth: Debug: master userdb out: USER 2206334977 test at example.com home=/var/spool/vmail/example.com/test/ mail=maildir:Maildir/ auth_token=670c839af976e3c0c74db1754e28ff40a2557095 Jul 17 12:49:41 imap: Debug: Loading modules from directory: /usr/lib64/dovecot Jul 17 12:49:41 imap: Debug: Module loaded: /usr/lib64/dovecot/lib90_antispam_plugin.so Jul 17 12:49:41 imap: Debug: Added userdb setting: mail=maildir:Maildir/ Jul 17 12:49:41 imap(test at example.com): Debug: Effective uid=1202, gid=202, home=/var/spool/vmail/example.com/test/ Jul 17 12:49:41 imap(test at example.com): Debug: Home dir not found: /var/spool/vmail/example.com/test/ Jul 17 12:49:41 imap(test at example.com): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:Maildir/ Jul 17 12:49:41 imap(test at example.com): Debug: maildir++: root=Maildir, index=, indexpvt=, control=, inbox=Maildir, alt= Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Maildir doesn't exist yet, using default permissions Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Using permissions from Maildir: mode=0700 gid=default Thank you! Regards, Dmitry From odhiambo at gmail.com Wed Jul 17 15:42:08 2013 From: odhiambo at gmail.com (Odhiambo Washington) Date: Wed, 17 Jul 2013 15:42:08 +0300 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: The MTA/MDA creates home directories during delivery. On 17 July 2013 15:32, Dmitry . wrote: > Hi, > > Does not create, or something I did wrong? > > Here > http://wiki2.dovecot.org/VirtualUsers/Home > it is written > > Home vs. mail directory > Home directory shouldn't be the same as mail directory. It's possible to do > that, but you might run into trouble with it sooner or later. Some problems > with this are: > > and > > Ways to set up home directory > The home directory is the same as the mail directory. > If for example home=/var/vmail/domain/user/ > mail=/var/vmail/domain/user/mail/, set: > mail_home = /var/vmail/%d/%n > mail_location = maildir:~/mail > > I think I've done it so. > > And yet, here > http://wiki.dovecot.org/HowTo/SimpleVirtualInstall > it is written > Users can be added by editing this file. Dovecot automatically notices the > new users immediately after they're added. It also creates their home > directories when the user logs in. > > However, the directory is not created. > > My config: > > # dovecot -n > # 2.2.4: /etc/dovecot/dovecot.conf > # OS: Linux 3.9.6 x86_64 Slackware 14.0 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login digest-md5 cram-md5 rpa apop > auth_verbose = yes > auth_verbose_passwords = plain > debug_log_path = /var/log/dovecot/dovecot.debug.log > disable_plaintext_auth = no > info_log_path = /var/log/dovecot/dovecot.info.log > lda_mailbox_autocreate = yes > listen = 192.168.1.1 > log_path = /var/log/dovecot/dovecot.log > mail_debug = yes > mail_gid = dovecot > mail_uid = dovecot > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > auto = subscribe > special_use = \Drafts > } > mailbox Sent { > auto = subscribe > special_use = \Sent > } > mailbox Spam { > auto = subscribe > special_use = \Junk > } > mailbox Trash { > auto = subscribe > special_use = \Trash > } > prefix = > } > passdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > plugin { > antispam_allow_append_to_spam = NO > antispam_backend = dspam > antispam_debug_target = syslog > antispam_dspam_args = > --user;%Lu;--deliver=;--source=error;--signature=%%s > antispam_dspam_binary = /usr/bin/dspam > antispam_dspam_notspam = --class=innocent > antispam_dspam_result_blacklist = Virus;Blocklisted;Blacklisted > antispam_dspam_result_header = X-DSPAM-Result > antispam_dspam_spam = --class=spam > antispam_signature = X-DSPAM-Signature > antispam_signature_missing = move > antispam_skip_from_line = NO > antispam_spam = Spam;spam;SPAM;Junk;junk;JUNK; > antispam_trash = Trash;trash;Deleted;deleted;Deleted Items;Deleted > Messages; > antispam_verbose_debug = 1 > sieve = ~/.dovecot.sieve > sieve_default = /etc/dovecot/sieve/default.sieve > sieve_dir = ~/sieve > sieve_global_dir = /etc/dovecot/sieve/ > } > protocols = imap pop3 lmtp sieve > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 24 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/dovecot-sql.conf > driver = sql > } > verbose_ssl = yes > protocol lmtp { > mail_plugins = " sieve" > } > protocol lda { > mail_plugins = " sieve" > } > protocol imap { > mail_max_userip_connections = 15 > mail_plugins = " antispam" > } > protocol imaps { > mail_max_userip_connections = 15 > mail_plugins = " antispam" > } > > > # grep -v '^ *\(#.*\)\?$' dovecot-sql.conf > driver = pgsql > connect = host=localhost dbname=dbname user=user password=password > default_pass_scheme = PLAIN > password_query = SELECT password FROM users WHERE email = '%u' AND enabled > = 1 > user_query = SELECT \ > concat('/var/spool/vmail/', home) AS home, \ > concat('maildir:', maildir) AS mail \ > FROM users WHERE email = '%u' AND enabled = 1 > > where in db > home = "example.com/test/" > maildir = "Maildir/" > > /etc/passwd > dovecot:x:1202:202:Dovecot:/dev/null:/bin/bash > dovenull:x:1203:203:Dovenull:/dev/null:/bin/false > > /etc/group > dovecot:x:202: > dovenull:x:203: > > cd /var/spool > # ls -l > drwxrwxr-x 4 dovecot dovecot 4096 Jul 17 12:41 vmail > > > /var/log/dovecot/dovecot.debug.log > > Jul 17 12:49:41 auth: Debug: Loading modules from directory: > /usr/lib64/dovecot/auth > Jul 17 12:49:41 auth: Debug: Read auth token secret from > /var/run/dovecot/auth-token-secret.dat > Jul 17 12:49:41 auth: Debug: auth client connected (pid=10501) > Jul 17 12:49:41 auth: Debug: client in: AUTH 1 CRAM-MD5 > service=imap session=RONGFqLhrgDAqAPO lip=192.168.1.1 > rip=192.168.1.2 lport=143 rport=50094 > Jul 17 12:49:41 auth: Debug: client passdb out: CONT 1 > PDk3MDcyMzA1OTYxMTU0MzguMTM3Mzk4NjE4MUBtYWlsPg== > Jul 17 12:49:41 auth: Debug: client in: CONT 1 > dGVzdEBoYXJkcmV2aWV3LnJ1IDFhOTE0NDBmZDk1OGE5ZWI0MWVkN2Q4ZDdhOGIzNzFi > (previous base64 data may contain sensitive data) > Jul 17 12:49:41 auth: Debug: > sql(test at example.com,192.168.1.2,): > query: SELECT password FROM users WHERE email = 'test at example.com' AND > enabled = 1 > Jul 17 12:49:41 auth: Debug: > password(test at example.com,192.168.1.2,): > Generating CRAM-MD5 from user 'test at example.com@', password 'test' > Jul 17 12:49:41 auth: Debug: > password(test at example.com,192.168.1.2,): > Credentials: > 6062bc903ac97de43f0b5d33ebe8c1a63bb9ae1a88ec39cf6fd85a645de8c63a > Jul 17 12:49:41 auth: Debug: client passdb out: OK 1 user= > test at example.com > > Jul 17 12:49:41 auth: Debug: master in: REQUEST 2206334977 10501 > 1 49e1fcdcc5e1c2becb50c3b47d31cdeb session_pid=10506 > Jul 17 12:49:41 auth: Debug: > sql(test at example.com,192.168.1.2,): > SELECT concat('/var/spool/vmail/', home) AS home, concat('maildir:', > maildir) AS mail FROM users WHERE email = 'test at example.com' AND enabled > = 1 > Jul 17 12:49:41 auth: Debug: master userdb out: USER 2206334977 > test at example.com home=/var/spool/vmail/example.com/test/ > mail=maildir:Maildir/ auth_token=670c839af976e3c0c74db1754e28ff40a2557095 > Jul 17 12:49:41 imap: Debug: Loading modules from directory: > /usr/lib64/dovecot > Jul 17 12:49:41 imap: Debug: Module loaded: > /usr/lib64/dovecot/lib90_antispam_plugin.so > Jul 17 12:49:41 imap: Debug: Added userdb setting: mail=maildir:Maildir/ > Jul 17 12:49:41 imap(test at example.com): Debug: Effective uid=1202, > gid=202, > home=/var/spool/vmail/example.com/test/ > Jul 17 12:49:41 imap(test at example.com): Debug: Home dir not found: > /var/spool/vmail/example.com/test/ > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace inbox: > type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, > subscriptions=yes location=maildir:Maildir/ > Jul 17 12:49:41 imap(test at example.com): Debug: maildir++: root=Maildir, > index=, indexpvt=, control=, inbox=Maildir, alt= > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Maildir doesn't > exist yet, using default permissions > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Using > permissions from Maildir: mode=0700 gid=default > > > > Thank you! > > Regards, > Dmitry > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler." From paul at vandervlis.nl Wed Jul 17 16:23:31 2013 From: paul at vandervlis.nl (Paul van der Vlis) Date: Wed, 17 Jul 2013 15:23:31 +0200 Subject: [Dovecot] Fail2ban and logging In-Reply-To: <51E4B73E.2000504@msapiro.net> References: <51E2F370.7080802@msapiro.net> <51E41EAB.8070901@vandervlis.nl> <51E4B73E.2000504@msapiro.net> Message-ID: <51E69AD3.1090908@vandervlis.nl> Hello Mark (and others), On 16-07-13 05:00, Mark Sapiro wrote: > On 07/15/2013 09:09 AM, Paul van der Vlis wrote: >> >> Are you blocked when you login a few times with a wrong password? >> >> I expect your log will say something like "auth failed, 22 attempts in >> 30 secs", and fail2ban will see that as 1 authentications error, so will >> not block you. > > > I am blocked. The log says > > Jul 15 19:36:06 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 2 secs): user=, method=APOP, rip=98.248.186.228, > lip=72.52.113.16, TLS, session= > > Jul 15 19:36:16 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 6 secs): user=, method=APOP, rip=98.248.186.228, > lip=72.52.113.16, TLS, session= > > Jul 15 19:36:29 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 10 secs): user=, method=APOP, rip=98.248.186.228, > lip=72.52.113.16, TLS, session= > > Jul 15 19:36:49 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 17 secs): user=, method=APOP, rip=98.248.186.228, > lip=72.52.113.16, TLS, session= > > Jul 15 19:37:09 sbh16 dovecot: pop3-login: Aborted login (auth failed, 1 > attempts in 17 secs): user=, method=APOP, rip=98.248.186.228, > lip=72.52.113.16, TLS, session= > > > The difference may be that I am connecting to pop3s, port 995 with SSL, > not port 110 with STARTTLS. What wonders me is that every attempt is logged. With me the attemps are counted together. I think it's not very important which port or protocol is used. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ From AxelLuttgens at swing.be Wed Jul 17 16:24:15 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Wed, 17 Jul 2013 15:24:15 +0200 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: Le 17 juil. 2013 ? 14:32, "Dmitry ." a ?crit : > Hi, > > [...] > > And yet, here > http://wiki.dovecot.org/HowTo/SimpleVirtualInstall > it is written > Users can be added by editing this file. Dovecot automatically notices the > new users immediately after they're added. It also creates their home > directories when the user logs in. Hello Dmitry, As a side note: the above documents Dovecot 1.x, and you're using 2.2.4. > However, the directory is not created. > > [...] > Jul 17 12:49:41 imap(test at example.com): Debug: Effective uid=1202, gid=202, > home=/var/spool/vmail/example.com/test/ > Jul 17 12:49:41 imap(test at example.com): Debug: Home dir not found: > /var/spool/vmail/example.com/test/ > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace inbox: > type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, > subscriptions=yes location=maildir:Maildir/ > Jul 17 12:49:41 imap(test at example.com): Debug: maildir++: root=Maildir, > index=, indexpvt=, control=, inbox=Maildir, alt= > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Maildir doesn't > exist yet, using default permissions > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Using > permissions from Maildir: mode=0700 gid=default This is a bit strange... are you really sure the home directory hasn't been created? If yes, do you have some messages in your info.log? Axel From AxelLuttgens at swing.be Wed Jul 17 17:01:08 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Wed, 17 Jul 2013 16:01:08 +0200 Subject: [Dovecot] Variable similar to %u but providing the username changed by a database lookup? In-Reply-To: <9B3B1E1E-A897-4328-A4EF-BD1FBDCD6C89@swing.be> References: <83F71B78-F013-4A3D-BD6E-6E3D907C05F6@swing.be> <9B3B1E1E-A897-4328-A4EF-BD1FBDCD6C89@swing.be> Message-ID: Le 5 juil. 2013 ? 19:14, Axel Luttgens a ?crit : > [...] > > Hello Steffen, > > You helped me to look twice at those matters. > So, it seems that variable %u (or, for what matters, even %n) indeed expands to the value as changed thru a database lookup. > > In fact, I now understand that I was struggling with a somewhat unexpected behavior of the prefetch database, and that I failed to correctly interpret the behaviors I was encountering. > Will be a question for a next post. ;-) Thanks to Timo (see http://www.dovecot.org/list/dovecot/2013-July/091315.html), that prefetch question has been solved. But... But this allowed me to track more narrowly a differing behavior of the prefetch and the user databases. If you allow, I'll try to explain what I mean. Let's consider these settings from dovecot.conf: mail_uid = dovemailer mail_gid = dovemailer mail_home = /some/path/%u plugin { quota = dict:Quota utilisateur:%u:proxy::sql_quota } and a password query looking like this one: password_query = \ SELECT \ passwd AS password, \ nickname AS user, \ mail_home AS userdb_home, \ [...] WHERE \ [...] John Doe, with nickname "john.doe" and a NULL mail_home, authenticates for a pop session as "u123456": auth: Debug: auth client connected (pid=15516) [...] auth-worker(15518): Debug: auth(u123456,127.0.0.1): username changed u123456 -> john.doe auth: Debug: auth(u123456,127.0.0.1,): username changed u123456 -> john.doe [...] auth: Debug: prefetch(john.doe,127.0.0.1,): success [...] pop3(john.doe): Debug: Effective uid=999, gid=999, home=/some/path/john.doe pop3(john.doe): Debug: Quota root: name=Quota utilisateur backend=dict args=john.doe:proxy::sql_quota [...] pop3(john.doe): Disconnected: Logged out top=0/0, retr=0/0, del=0/92, size=144038 Note the "username changed" lines. And it clearly appears that variable %u appearing in dovecot.conf has been expanded to the converted name ("john.doe"), not the original one ("u123456"). Let's now consider a userdb query similar to this one: userdb_query = \ SELECT \ nickname AS user, \ mail_home AS userdb_home, \ [...] WHERE \ [...] and send a message to john.doe at example.com: lmtp(15823): Connect from local [...] auth: Debug: master in: USER 1 john.doe at example.com service=lmtp auth: Debug: prefetch(john.doe at example.com): passdb didn't return userdb entries, trying the next userdb [...] auth-worker(15825): Debug: auth(john.doe at example.com): username changed john.doe at example.com -> john.doe auth: Debug: userdb out: USER 1 john.doe at example.com lmtp(15823): Debug: auth input: john.doe at example.com lmtp(15823): Debug: Added userdb setting: plugin/=yes lmtp(15823, john.doe at example.com): Debug: Effective uid=999, gid=999, home=/some/path/john.doe at example.com lmtp(15823, john.doe at example.com): Debug: Quota root: name=Quota utilisateur backend=dict args=john.doe at example.com:proxy::sql_quota [...] lmtp(15823): Disconnect from local: Successful quit There's a "username changed" line too, leading to great hopes... Yet, variable %u from dovecot.conf has been expanded to "john.doe at example.com", not "john.doe". And John Doe now has two mailboxes: one for receiving emails, the other for reading emails. I understand I am on the fringe here, since the wiki doesn't say anything about the possible effects of a "AS username" (or "AS user") clause in the userdb_query. On the other hand, this could also just reflect an omission in the documentation, since the "username changed" line written to the log tend to indicate there could/should be an effect. Hence my question: what's the intended behavior? TIA, Axel From rcpt.dmitry at gmail.com Wed Jul 17 17:11:52 2013 From: rcpt.dmitry at gmail.com (Dmitry .) Date: Wed, 17 Jul 2013 18:11:52 +0400 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: > Hello Dmitry, > > As a side note: the above documents Dovecot 1.x, and you're using 2.2.4. > I thought that if it works in 1.x to 2.x then be all the more > This is a bit strange... are you really sure the home directory hasn't been created? > If yes, do you have some messages in your info.log? Really ... unfortunately. /var/log/dovecot/dovecot.info.log Jul 17 12:49:41 imap-login: Info: Login: user=, method=CRAM-MD5, rip=192.168.1.2, lip=192.168.1.1, mpid=10506, session= /var/log/dovecot/dovecot.log Jul 17 12:49:41 imap(test at example.com): Error: user test at example.com: Initialization failed: Namespace '': mkdir(Maildir) in directory /var/run/dovecot failed: Permission denied (euid=1202(dovecot) egid=202(dovecot) missing +w perm: /var/run/dovecot, dir owned by 0:0 mode=0755) Jul 17 12:49:41 imap(test at example.com): Error: Invalid user settings. Refer to server log for more information. 2013/7/17 Axel Luttgens > Le 17 juil. 2013 ? 14:32, "Dmitry ." a ?crit : > > > Hi, > > > > [...] > > > > And yet, here > > http://wiki.dovecot.org/HowTo/SimpleVirtualInstall > > it is written > > Users can be added by editing this file. Dovecot automatically notices > the > > new users immediately after they're added. It also creates their home > > directories when the user logs in. > > Hello Dmitry, > > As a side note: the above documents Dovecot 1.x, and you're using 2.2.4. > > > > However, the directory is not created. > > > > [...] > > Jul 17 12:49:41 imap(test at example.com): Debug: Effective uid=1202, > gid=202, > > home=/var/spool/vmail/example.com/test/ > > Jul 17 12:49:41 imap(test at example.com): Debug: Home dir not found: > > /var/spool/vmail/example.com/test/ > > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace inbox: > > type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, > > subscriptions=yes location=maildir:Maildir/ > > Jul 17 12:49:41 imap(test at example.com): Debug: maildir++: root=Maildir, > > index=, indexpvt=, control=, inbox=Maildir, alt= > > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Maildir > doesn't > > exist yet, using default permissions > > Jul 17 12:49:41 imap(test at example.com): Debug: Namespace : Using > > permissions from Maildir: mode=0700 gid=default > > This is a bit strange... are you really sure the home directory hasn't > been created? > If yes, do you have some messages in your info.log? > > Axel > > > From lists at sterenborg.info Wed Jul 17 17:35:21 2013 From: lists at sterenborg.info (Rob Sterenborg (lists)) Date: Wed, 17 Jul 2013 16:35:21 +0200 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: <51E6ABA9.5050506@sterenborg.info> On 17-07-13 16:11, Dmitry . wrote: Isn't the log actually saying what's wrong here? (I didn't see a file listing that shows what owner/permissions are set.) > Initialization failed: Namespace '': mkdir(Maildir) in directory > /var/run/dovecot failed: Permission denied (euid=1202(dovecot) > egid=202(dovecot) missing +w perm: /var/run/dovecot, dir owned by 0:0 > mode=0755) > Jul 17 12:49:41 imap(test at example.com): Error: Invalid user settings. Refer > to server log for more information. The log says: - mkdir(Maildir) in directory /var/run/dovecot failed: Permission denied Dovecot couldn't create a directory in /var/run/dovecot. Personally, I would not want to create mail directories there, but if you're okay with it then I'm okay too. - (euid=1202(dovecot) egid=202(dovecot) Dovecot is running as dovecot:dovecot (1202:202). - missing +w perm: /var/run/dovecot, dir owned by 0:0 mode=0755) The base directory is owned by root:root with 755 permissions, so dovecot has no permission to write anything. I'd choose another place where your mail directories are created and have the correct owner/permissions set. -- Rob From AxelLuttgens at swing.be Wed Jul 17 17:54:05 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Wed, 17 Jul 2013 16:54:05 +0200 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: Le 17 juil. 2013 ? 16:11, "Dmitry ." a ?crit : >> Hello Dmitry, >> >> As a side note: the above documents Dovecot 1.x, and you're using 2.2.4. >> > > I thought that if it works in 1.x to 2.x then be all the more Probably. :-) But sometimes with incompatibilities. > [...] > /var/log/dovecot/dovecot.log > Jul 17 12:49:41 imap(test at example.com): Error: user test at example.com: > Initialization failed: Namespace '': mkdir(Maildir) in directory > /var/run/dovecot failed: Permission denied (euid=1202(dovecot) > egid=202(dovecot) missing +w perm: /var/run/dovecot, dir owned by 0:0 > mode=0755) Aaaah! Those small details... I didn't notice it immediately in your original message: > user_query = SELECT \ > concat('/var/spool/vmail/', home) AS home, \ > concat('maildir:', maildir) AS mail \ I guess you should have something like this: concat('maildir:~/', maildir) AS mail \ HTH, Axel From rcpt.dmitry at gmail.com Wed Jul 17 18:02:33 2013 From: rcpt.dmitry at gmail.com (Dmitry .) Date: Wed, 17 Jul 2013 19:02:33 +0400 Subject: [Dovecot] Dovecot 2.2.4 does not create home directory? In-Reply-To: References: Message-ID: Thank you very much! You are absolutely right. 2013/7/17 Axel Luttgens > Le 17 juil. 2013 ? 16:11, "Dmitry ." a ?crit : > > >> Hello Dmitry, > >> > >> As a side note: the above documents Dovecot 1.x, and you're using 2.2.4. > >> > > > > I thought that if it works in 1.x to 2.x then be all the more > > Probably. :-) > But sometimes with incompatibilities. > > > > [...] > > /var/log/dovecot/dovecot.log > > Jul 17 12:49:41 imap(test at example.com): Error: user test at example.com: > > Initialization failed: Namespace '': mkdir(Maildir) in directory > > /var/run/dovecot failed: Permission denied (euid=1202(dovecot) > > egid=202(dovecot) missing +w perm: /var/run/dovecot, dir owned by 0:0 > > mode=0755) > > Aaaah! > > Those small details... > I didn't notice it immediately in your original message: > > > user_query = SELECT \ > > concat('/var/spool/vmail/', home) AS home, \ > > concat('maildir:', maildir) AS mail \ > > I guess you should have something like this: > > concat('maildir:~/', maildir) AS mail \ > > HTH, > Axel > > From cedrict at derytelecom.ca Wed Jul 17 23:43:05 2013 From: cedrict at derytelecom.ca (Cedric) Date: Wed, 17 Jul 2013 16:43:05 -0400 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases Message-ID: <51E701D9.2@derytelecom.ca> Hi, We are currently moving from linuxconf/dovecot to a dovecot setup with sql support, the problem we currently facing is having a message sent to a aliase delivered to the user email inbox with dovecot-lda, i have created cedrict at mail.vdl and a alias test at mail.vdl, when i send to cedrict at mail.vdl the message is included in the user inbox file, but when i send to test at mail.vdl it should do the same and not create a new created file named test, thank in advance for your help. # dovecot --version 2.2.4 dovecot.conf auth_debug = yes auth_debug_passwords = yes auth_verbose = yes default_internal_user = root default_login_user = mail disable_plaintext_auth = no first_valid_uid = 100 mail_access_groups = mail users sysadmin popusers mail_location = mbox:%h/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=%h/mail/control:INBOX=/var/spool/vmail/%d/%n mail_max_userip_connections = 40 mail_plugins = " quota sieve" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_lazy_writes = no passdb { args = /vdl/etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = %h/mail/sieve/%n sieve_global_dir = /vdl/etc/dovecot/ sieve_vacation_default_period = 1d sieve_vacation_max_period = 7d } postmaster_address = x at x.x protocols = imap pop3 service auth { unix_listener auth-userdb { mode = 0600 user = popusers } } service imap-login { inet_listener imap { port = 143 } process_min_avail = 4 vsz_limit = 256 M } service pop3-login { inet_listener pop3 { port = 110 } process_min_avail = 16 } ssl = no submission_host = localhost:25 userdb { args = /vdl/etc/dovecot/dovecot-sql.conf driver = sql } protocol imap { mail_plugins = quota imap_quota mail_log notify } protocol pop3 { mail_plugins = quota } protocol lda { mail_plugins = quota sieve } dovecot-sql.conf password_query = SELECT \ concat(s_courriel_utilisateur.utilisateur, '@', s_courriel_domaine.nom) AS user,s_courriel_utilisateur.password as password \ FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine \ WHERE s_courriel_utilisateur.archive !=1 \ and s_courriel_domaine.archive !=1 \ and s_courriel_utilisateur.domaine=s_courriel_domaine.id \ and s_courriel_domaine.nom = '%d' \ and ( s_courriel_utilisateur.utilisateur = '%n' or s_courriel_alias.alias = '%n' ) user_query = SELECT \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, \ concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, \ "maildir++" as layout, \ s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid \ FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine \ WHERE s_courriel_utilisateur.archive !=1 \ and s_courriel_domaine.archive !=1 \ and s_courriel_utilisateur.domaine=s_courriel_domaine.id \ and s_courriel_domaine.nom = '%d' \ and ( s_courriel_utilisateur.utilisateur = '%n' or s_courriel_alias.alias = '%n' ) Transaction debug for cedrict at mail.vdl with message added to file /var/spool/vmail/mail.vdl/cedrict SELECT concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'cedrict' or s_courriel_alias.alias = 'cedrict'); +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ | home | index | control | inbox | layout | uid | gid | +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ | /vhome/mail.vdl/home/cedrict | /vhome/mail.vdl/home/cedrict/mail/index | /vhome/mail.vdl/home/cedrict/mail/control | /var/spool/vmail/mail.vdl/cedrict | maildir++ | 60001 | 231 | +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ Jul 17 14:00:56 devshed dovecot: auth: Debug: master in: USER 1 cedrict at mail.vdl service=lda Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: Loading modules from directory: /vdl/lib/dovecot/auth Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: sql(cedrict at mail.vdl): SELECT concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'cedrict' or s_courriel_alias.alias = 'cedrict' Jul 17 14:00:56 devshed dovecot: auth: Debug: userdb out: USER 1 cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:00:56 devshed dovecot: lda: Debug: auth input: cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/cedrict, alt= Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: Destination address: cedrict at mail.vdl (source: user at hostname) Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict not found Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict doesn't exist (trying default script location instead) Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: no default script configured for user Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): msgid=<201307171800.r6HI0unE007004 at devshed.derytelecom.ca>: saved mail to INBOX Transaction debug for alias test at mail.vdl with message added to file /var/spool/vmail/mail.vdl/test mysql> SELECT concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' ); +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ | home | index | control | inbox | layout | uid | gid | +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ | /vhome/mail.vdl/home/cedrict | /vhome/mail.vdl/home/cedrict/mail/index | /vhome/mail.vdl/home/cedrict/mail/control | /var/spool/vmail/mail.vdl/cedrict | maildir++ | 60001 | 231 | +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ 1 row in set (0,00 sec) Jul 17 14:03:10 devshed dovecot: auth-worker(7135): Debug: sql(test at mail.vdl): SELECT concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' ) Jul 17 14:03:10 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:03:10 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying default script location instead) Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default script configured for user Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. I also tried adding the username in the sql query, same problem, there's the debug : [root at devshed ~]# Jul 17 14:11:59 devshed dovecot: lda: Debug: Loading modules from directory: /vdl/lib/dovecot Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib10_quota_plugin.so Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib90_sieve_plugin.so Jul 17 14:11:59 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: Loading modules from directory: /vdl/lib/dovecot/auth Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: sql(test at mail.vdl): SELECT s_courriel_utilisateur.utilisateur as username, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'tes Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl Jul 17 14:11:59 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:11:59 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying default script location instead) Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default script configured for user Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): msgid=<201307171811.r6HIBxWe007380 at devshed.derytelecom.ca>: saved mail to INBOX Cedric From greminn at gmail.com Thu Jul 18 03:40:50 2013 From: greminn at gmail.com (Simon) Date: Thu, 18 Jul 2013 12:40:50 +1200 Subject: [Dovecot] Password encryption type for dovecot & postfix saslauthd with mysql Message-ID: <76AD6DB0-F9DB-4D6A-A57B-61C52B41E299@gmail.com> Hi There, We are using dovecot v2.2.4 (compiled from source) and postfix (yum install) on Centos 6.4. We are storing our virtual user config in mysql. Server 1 has dovecot/postfix and accepts incoming mail from our mail filter servers - this is purely for IMAP/POP services. Server 2 has postfix for our clients to send email via TLS/saslauthd. Both use the same (separate) mysql server for config. One issue is that we have a requirement to merge user / passwords for sending clients from two sources: 1) the dovecot mailbox list 2). another list. The dovecot user list is email + password. The other list is username + password. To that end we have created a view table in mysql that merges the two.. tables + view look a little like this: table: mail_users (for dovecot) email,password test at test1.com,CRAM-MD5_PASSWORD test2 at test1.com,CRAM-MD5_PASSWORD bla at bla.com,CRAM-MD5_PASSWORD table: mail_senders_other username,password username1,CRAM-MD5_PASSWORD something_else,CRAM-MD5_PASSWORD view: mail_senders (for postfix) username,password test at test1.com,CRAM-MD5_PASSWORD test2 at test1.com,CRAM-MD5_PASSWORD bla at bla.com,CRAM-MD5_PASSWORD username1,CRAM-MD5_PASSWORD something_else,CRAM-MD5_PASSWORD I have dovecot working fine, but just need a little push in the correct direction (please) to figure out the correct settings and password encryption scheme to make the above work. Many thanks! Simon From skdovecot at smail.inf.fh-brs.de Thu Jul 18 11:35:44 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 18 Jul 2013 10:35:44 +0200 (CEST) Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <51E701D9.2@derytelecom.ca> References: <51E701D9.2@derytelecom.ca> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 17 Jul 2013, Cedric wrote: > We are currently moving from linuxconf/dovecot to a dovecot setup with sql > support, the problem we currently facing is having a message sent to a aliase > delivered to the user email inbox with dovecot-lda, i have created > cedrict at mail.vdl and a alias test at mail.vdl, when i send to cedrict at mail.vdl > the message is included in the user inbox file, but when i send to > test at mail.vdl it should do the same and not create a new created file named > test, thank in advance for your help. I don't understand your problem. cedrict > Jul 17 14:00:56 devshed dovecot: auth: Debug: userdb out: USER 1 > cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 test as alias > Jul 17 14:03:10 devshed dovecot: auth: Debug: userdb out: USER 1 > test at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 Both entries look the same to me. Both messages should be delivered to the same INBOX located at /var/spool/vmail/mail.vdl/cedrict. Are you talking about: > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script > file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found ? The Sieve script comes from the setting: sieve = %h/mail/sieve/%n and depends on the username, hence, test and cedrict differ. Here you try to override the user: > password_query = SELECT \ > concat(s_courriel_utilisateur.utilisateur, '@', s_courriel_domaine.nom) AS > user,s_courriel_utilisateur.password as password \ > FROM s_courriel_utilisateur left join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and > s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%d' \ > and ( s_courriel_utilisateur.utilisateur = '%n' or > s_courriel_alias.alias = '%n' ) In your last log section, there is a "auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl" entry, but the Sieve script still expands %n with "test". Actually I never tried to override "username", but I would try to override username as well: http://wiki2.dovecot.org/PasswordDatabase Maybe you need to do this for the userdb as well? I don't think so, but well. > > # dovecot --version > 2.2.4 > > > dovecot.conf > auth_debug = yes > auth_debug_passwords = yes > auth_verbose = yes > default_internal_user = root > default_login_user = mail > disable_plaintext_auth = no > first_valid_uid = 100 > mail_access_groups = mail users sysadmin popusers > mail_location = > mbox:%h/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=%h/mail/control:INBOX=/var/spool/vmail/%d/%n > mail_max_userip_connections = 40 > mail_plugins = " quota sieve" > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > mbox_lazy_writes = no > passdb { > args = /vdl/etc/dovecot/dovecot-sql.conf > driver = sql > } > plugin { > sieve = %h/mail/sieve/%n > sieve_global_dir = /vdl/etc/dovecot/ > sieve_vacation_default_period = 1d > sieve_vacation_max_period = 7d > } > postmaster_address = x at x.x > protocols = imap pop3 > service auth { > unix_listener auth-userdb { > mode = 0600 > user = popusers > } > } > service imap-login { > inet_listener imap { > port = 143 > } > process_min_avail = 4 > vsz_limit = 256 M > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > process_min_avail = 16 > } > ssl = no > submission_host = localhost:25 > userdb { > args = /vdl/etc/dovecot/dovecot-sql.conf > driver = sql > } > protocol imap { > mail_plugins = quota imap_quota mail_log notify > } > protocol pop3 { > mail_plugins = quota > } > protocol lda { > mail_plugins = quota sieve > } > > > dovecot-sql.conf > password_query = SELECT \ > concat(s_courriel_utilisateur.utilisateur, '@', s_courriel_domaine.nom) AS > user,s_courriel_utilisateur.password as password \ > FROM s_courriel_utilisateur left join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and > s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%d' \ > and ( s_courriel_utilisateur.utilisateur = '%n' or > s_courriel_alias.alias = '%n' ) > > user_query = SELECT \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, \ > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, \ > "maildir++" as layout, \ > s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid \ > FROM s_courriel_utilisateur left join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and > s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%d' \ > and ( s_courriel_utilisateur.utilisateur = '%n' or > s_courriel_alias.alias = '%n' ) > > Transaction debug for cedrict at mail.vdl with message added to file > /var/spool/vmail/mail.vdl/cedrict > > SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join > s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur > and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and > s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur > = 'cedrict' or s_courriel_alias.alias = 'cedrict'); > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > | home | index | > control | inbox > | layout | uid | gid | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > | /vhome/mail.vdl/home/cedrict | /vhome/mail.vdl/home/cedrict/mail/index | > /vhome/mail.vdl/home/cedrict/mail/control | /var/spool/vmail/mail.vdl/cedrict > | maildir++ | 60001 | 231 | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > Jul 17 14:00:56 devshed dovecot: auth: Debug: master in: USER 1 > cedrict at mail.vdl service=lda > Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: Loading modules > from directory: /vdl/lib/dovecot/auth > Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: > sql(cedrict at mail.vdl): SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join > s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur > and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and > s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur > = 'cedrict' or s_courriel_alias.alias = 'cedrict' > Jul 17 14:00:56 devshed dovecot: auth: Debug: userdb out: USER 1 > cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:00:56 devshed dovecot: lda: Debug: auth input: cedrict at mail.vdl > home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: Effective > uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: maildir++: > root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/cedrict, alt= > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: none: root=, > index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: Destination > address: cedrict at mail.vdl (source: user at hostname) > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > Pigeonhole version 0.4.1 initializing > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: script > file /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict not found > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: user's > script /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict doesn't exist (trying > default script location instead) > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: no > default script configured for user > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: user > has no valid location for a personal script > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: no > scripts to execute: reverting to default delivery. > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): > msgid=<201307171800.r6HI0unE007004 at devshed.derytelecom.ca>: saved mail to > INBOX > > Transaction debug for alias test at mail.vdl with message added to file > /var/spool/vmail/mail.vdl/test > > mysql> SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join > s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur > and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and > s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur > = 'test' or s_courriel_alias.alias = 'test' ); > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > | home | index | > control | inbox > | layout | uid | gid | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > | /vhome/mail.vdl/home/cedrict | /vhome/mail.vdl/home/cedrict/mail/index | > /vhome/mail.vdl/home/cedrict/mail/control | /var/spool/vmail/mail.vdl/cedrict > | maildir++ | 60001 | 231 | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > 1 row in set (0,00 sec) > > Jul 17 14:03:10 devshed dovecot: auth-worker(7135): Debug: > sql(test at mail.vdl): SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join > s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur > and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and > s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur > = 'test' or s_courriel_alias.alias = 'test' ) > Jul 17 14:03:10 devshed dovecot: auth: Debug: userdb out: USER 1 > test at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:03:10 devshed dovecot: lda: Debug: auth input: test at mail.vdl > home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: Effective > uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota > setting - plugin disabled > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: > root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/test, alt= > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota > setting - plugin disabled > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, > index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: Destination > address: test at mail.vdl (source: user at hostname) > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole > version 0.4.1 initializing > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script > file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's > script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying > default script location instead) > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default > script configured for user > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has > no valid location for a personal script > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts > to execute: reverting to default delivery. > > I also tried adding the username in the sql query, same problem, there's the > debug : > > [root at devshed ~]# Jul 17 14:11:59 devshed dovecot: lda: Debug: Loading > modules from directory: /vdl/lib/dovecot > Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: > /vdl/lib/dovecot/lib10_quota_plugin.so > Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: > /vdl/lib/dovecot/lib90_sieve_plugin.so > Jul 17 14:11:59 devshed dovecot: auth: Debug: master in: USER 1 > test at mail.vdl service=lda > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: Loading modules > from directory: /vdl/lib/dovecot/auth > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: > sql(test at mail.vdl): SELECT s_courriel_utilisateur.utilisateur as username, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join > s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur > and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and > s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur > = 'tes > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: > auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl > Jul 17 14:11:59 devshed dovecot: auth: Debug: userdb out: USER 1 > test at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:11:59 devshed dovecot: lda: Debug: auth input: test at mail.vdl > home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: Effective > uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota > setting - plugin disabled > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: > root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/test, alt= > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota > setting - plugin disabled > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, > index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: Destination > address: test at mail.vdl (source: user at hostname) > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole > version 0.4.1 initializing > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script > file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's > script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying > default script location instead) > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default > script configured for user > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has > no valid location for a personal script > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts > to execute: reverting to default delivery. > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): > msgid=<201307171811.r6HIBxWe007380 at devshed.derytelecom.ca>: saved mail to > INBOX > > Cedric > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUeeo4F3r2wJMiz2NAQI3lggAlGqFMg1OkV0m4sei+8DPz8Rn3jxw2uL2 mA48JqZR81QaTNGNTqq61NUPma2d1TUm0ug2dOcsB/NDIPn7kBAo5o0vN+xV2Sk2 tovlSWarOvZjuY02Piut9R5eYY0zVzjIosAsel31jp1Sg3yU0a1v/c1pSUh1uvz3 7wRLeFb2MMluDfse8NBO0CbS4ESEaRlcrBXyWT9p5OHsA2llXXwgDmlMyTnaGg/q 2facChlH26hk630ePYGPOunXmpBUqYrysogyhmXtHGD/TO7S/Rr9+YLmzBvVtaxX ALy/tf2yuLIL2NrDknbLA6PnqvUzC5H1nGQ9DLBsu255SCfYPWMkMA== =7I0n -----END PGP SIGNATURE----- From AxelLuttgens at swing.be Thu Jul 18 12:25:55 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Thu, 18 Jul 2013 11:25:55 +0200 Subject: [Dovecot] 2.2.4 - Some questions about and needing help with quota-status In-Reply-To: <99EDABF1-7E72-4044-B6B9-58E936248C14@swing.be> References: <99EDABF1-7E72-4044-B6B9-58E936248C14@swing.be> Message-ID: <2CFCCEC9-3CBD-4A3C-8256-620FED5B957D@swing.be> Hello, I ended my previous message with : > [...] > Q3. What am I doing wrong? > [...] Given the details discussed in another thread (http://www.dovecot.org/list/dovecot/2013-July/091309.html), I tried by changing the user_query's SELECT from: user_query = \ SELECT DISTINCT \ nickname AS user, \ mail_home AS home, \ mail_location AS mail, \ quota_rule AS quota_rule \ FROM \ [...] to: user_query = \ SELECT DISTINCT \ nickname AS user, \ coalesce(mail_home, '/_Mailstores/' || nickname) AS home, \ mail_location AS mail, \ 'dict:Quota utilisateur:' || nickname || ':proxy::sql_quota' AS quota, \ quota_rule AS quota_rule \ FROM \ [...] while keeping dovecot.conf unchanged (see my previous message). The idea is to not rely anymore on the expansion of %u (or %n or %d) in dovecot.conf, while still keeping the ability to have per-user settings. Currently, a doveadm quota get -u john.doe yields: Quota name Type Value Limit % Quota utilisateur STORAGE 31 34 91 Quota utilisateur MESSAGE 23 - 0 So, let's ask quota-status what it believes about a message with a size of 100000. The reply is still "action=OK", the dict server still isn't launched, and the log shows: auth: Debug: userdb out: USER 1 john.doe at example.com home=/_Mailstores/john.doe quota=dict:Quota utilisateur:john.doe:proxy::sql_quota quota_rule=*:storage=35000b quota-status: Debug: auth input: john.doe at example.com home=/_Mailstores/john.doe quota=dict:Quota utilisateur:john.doe:proxy::sql_quota quota_rule=*:storage=35000b quota-status: Debug: Added userdb setting: plugin/quota=dict:Quota utilisateur:john.doe:proxy::sql_quota quota-status: Debug: Added userdb setting: plugin/quota_rule=*:storage=35000b quota-status(john.doe at example.com): Debug: Effective uid=999, gid=999, home=/_Mailstores/john.doe quota-status(john.doe at example.com): Debug: Quota root: name=Quota utilisateur backend=dict args=john.doe:proxy::sql_quota quota-status(john.doe at example.com): Debug: Quota rule: root=Quota utilisateur mailbox=* bytes=35000 messages=0 quota-status(john.doe at example.com): Debug: Quota grace: root=Quota utilisateur bytes=3500 (10%) quota-status(john.doe at example.com): Debug: dict quota: user=john.doe, uri=proxy::sql_quota, noenforcing=0 quota-status(john.doe at example.com): Debug: fs: root=/_Mailstores/john.doe/mboxes, index=, indexpvt=, control=, inbox=/_Mailstores/john.doe/mboxes/inbox, alt= To rule out any other side-effects potentially introduced by the user_query, I even tried with the "nickname AS user" removed from the SELECT. Even with that, the reply is "action=OK", the dict server still isn't launched, and the lines written to the log are undistinguishable from above ones... It is to be noted that no lines in the log are related to possible problems encountered for launching it. It is a bit as if quota_check() in src/plugins/quota/quota-status.c always immediately returned with 1 at the first test. Anyway, I'm still stuck. And still very interested in replies to Q1, Q2 and Q3. ;-) TIA, Axel From rs at sys4.de Thu Jul 18 13:09:32 2013 From: rs at sys4.de (Robert Schetterer) Date: Thu, 18 Jul 2013 12:09:32 +0200 Subject: [Dovecot] Error: stat dove 2.1.16 failed: File name too long Message-ID: <51E7BEDC.1070006@sys4.de> Hi , from some migration i have some long subfolder list sdbox ( for sure nonsense ) any good idea how to fix ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From hajo.locke at gmx.de Thu Jul 18 14:58:50 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Thu, 18 Jul 2013 13:58:50 +0200 Subject: [Dovecot] INBOX protected foldername? Message-ID: Hello, have a little problem with folders with name INBOX created by Users. Some Clients use a Prefix for their Folders. In our old setup (dovecot 1.2) it was possible to create a Folder INBOX in mbox-space with some Subfolders. These Subfolders of INBOX showed up in Mailclient at toplevel. Now we updatet to 2.1.7. In higher dovecot versions INBOX seems to be a kind of protected foldername. dovecot is not offering this folder in folderlist. If i rename it, the folder is available again. There are only a few users, so i could fix this manually. But how to explain this? I did not find a setting etc. which could explain this behaviour. Our Config is pretty standard: mail_location is unchanged some dovecot versions we use: mail_location = mbox:~/mail:INBOX=/var/mail/%u most of conf is out of the box and also used in older versions. only new is namespace inbox, but should also be default: namespace inbox { inbox = yes } Is there an explaination for this behaviour? Thanks, Hajo From dovecot at ace-electronics.be Thu Jul 18 15:14:02 2013 From: dovecot at ace-electronics.be (Koenraad Lelong) Date: Thu, 18 Jul 2013 14:14:02 +0200 Subject: [Dovecot] Archiving mail Message-ID: <51E7DC0A.2000700@ace-electronics.be> Hi, I'm going to migrate my company-mailserver to new hardware. I would like to take the opportunity to archive some older mail. But I would like to have it still accessible, would this be possible with dovecot ? I mean, I would like to put that older mail from different users (I got about 50 users) on some read-only media but mount that media in the users mail-dirs. That way I will have less to backup after I backup that old mail and store it safely away. I can't convince my users to really clean up their mailboxes, so I backup more than 100GB mail while the total backup is a bit more than 300GB. Writing this I realise I could give each user a folder oldmail and symlink that to a read-only oldmail folder. Would this work ? I will have to find out how my backup-software can ignore the oldmail-folder. Thanks for any suggestions, Koenraad Lelong From raabe at froglogic.com Thu Jul 18 15:21:56 2013 From: raabe at froglogic.com (Frerich Raabe) Date: Thu, 18 Jul 2013 14:21:56 +0200 Subject: [Dovecot] Archiving mail In-Reply-To: <51E7DC0A.2000700@ace-electronics.be> References: <51E7DC0A.2000700@ace-electronics.be> Message-ID: <95ad3a6d76f27b9b7f89da638efcd124@roundcube.froglogic.com> On 2013-07-18 14:14, Koenraad Lelong wrote: > I'm going to migrate my company-mailserver to new hardware. I would > like to take the opportunity to archive some older mail. But I would > like to have it still accessible, would this be possible with dovecot > ? > I mean, I would like to put that older mail from different users (I > got about 50 users) on some read-only media but mount that media in > the users mail-dirs. That way I will have less to backup after I > backup that old mail and store it safely away. > I can't convince my users to really clean up their mailboxes, so I > backup more than 100GB mail while the total backup is a bit more than > 300GB. I cannot really answer your question, but seeing that the size of the backups is what triggers your question: We use Maildir as the mail format and our backups are done using rsync (rsnapshot, to be precise). This seems to scale reasonably well, i.e. rsync just copies those files which need to be copide, and rsnapshot creates hardlinks to previous backups as far as possible. So our nightly backups are actually fairly small, most of them consist of hardlinks to the next older backup we did. -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From dbrooks at mdah.state.ms.us Thu Jul 18 15:48:59 2013 From: dbrooks at mdah.state.ms.us (Donny Brooks) Date: Thu, 18 Jul 2013 07:48:59 -0500 Subject: [Dovecot] Archiving mail In-Reply-To: <51E7DC0A.2000700@ace-electronics.be> Message-ID: <262e-51e7e400-b-79291c0@176784580> On Thursday, July 18, 2013 07:14 AM CDT, Koenraad Lelong wrote: > Hi, > > I'm going to migrate my company-mailserver to new hardware. I would like > to take the opportunity to archive some older mail. But I would like to > have it still accessible, would this be possible with dovecot ? > I mean, I would like to put that older mail from different users (I got > about 50 users) on some read-only media but mount that media in the > users mail-dirs. That way I will have less to backup after I backup that > old mail and store it safely away. > I can't convince my users to really clean up their mailboxes, so I > backup more than 100GB mail while the total backup is a bit more than 300GB. > > Writing this I realise I could give each user a folder oldmail and > symlink that to a read-only oldmail folder. Would this work ? > I will have to find out how my backup-software can ignore the > oldmail-folder. > > Thanks for any suggestions, > > Koenraad Lelong It sounds like you are looking for something similar to dbmail: www.dbmail.org. It will allow all the mail to still be readable by the end user but the "archived" mail will not be deletable or editable. We were looking at something like that but are probably going to end up going with something like enkive: http://www.enkive.org/ -- Donny B. From AxelLuttgens at swing.be Thu Jul 18 16:03:24 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Thu, 18 Jul 2013 15:03:24 +0200 Subject: [Dovecot] INBOX protected foldername? In-Reply-To: References: Message-ID: Le 18 juil. 2013 ? 13:58, Hajo Locke a ?crit : > Hello, > > [...] > In higher dovecot versions INBOX seems to be a kind of protected foldername. dovecot is not offering this folder in folderlist. If i rename it, the folder is available again. > [...] > > Is there an explaination for this behaviour? Hello Hajo, From RFC 3501: The case-insensitive mailbox name INBOX is a special name reserved to mean "the primary mailbox for this user on this server". The interpretation of all other names is implementation-dependent. IIRC, several changes have been brought to Dovecot's code wrt the handling of that "inbox" name. HTH, Axel From wildfire at progsoc.org Thu Jul 18 19:33:37 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Thu, 18 Jul 2013 17:33:37 +0100 Subject: [Dovecot] SSL warning messages Message-ID: Hi, I've had the following appear in my logfile, and am just wondering what the warning means? dovecot: managesieve-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [a.b.c.d] dovecot: imap-login: Warning: SSL alert: where=0x4004, ret=256: warning close notify [w.x.y.z] Should I be worrying about these kinds of messages? Dovecot 2.2.4 on Ubuntu 12.04 LTS if it is important. Thanks, Anand From AxelLuttgens at swing.be Fri Jul 19 16:02:54 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 19 Jul 2013 15:02:54 +0200 Subject: [Dovecot] 2.2.4 - Some questions about and needing help with quota-status In-Reply-To: <2CFCCEC9-3CBD-4A3C-8256-620FED5B957D@swing.be> References: <99EDABF1-7E72-4044-B6B9-58E936248C14@swing.be> <2CFCCEC9-3CBD-4A3C-8256-620FED5B957D@swing.be> Message-ID: Le 18 juil. 2013 ? 11:25, Axel Luttgens a ?crit : > [...] > It is to be noted that no lines in the log are related to possible problems encountered for launching [the dict server]. It is a bit as if quota_check() in src/plugins/quota/quota-status.c always immediately returned with 1 at the first test. > [...] Tracing with gdb, it appears this is indeed the case. Here's the beginning of quota_check(): static int quota_check(struct mail_user *user, uoff_t mail_size, const char **error_r) { struct quota_user *quser = QUOTA_USER_CONTEXT(user); [...] if (quser == NULL) { /* no quota for user */ return 1; } [...] and one has for quser: (gdb) p quser $1 = (struct quota_user *) 0x0 Yet, struct user passed as argument doesn't show obvious problems (but I have to confess the details are faaar beyond me); I reproduce it at the end of this message. So, either my users aren't recognized as being subjected to quotas, or something goes wrong with macro QUOTA_USER_CONTEXT (which in turn translates into macro MODULE_CONTEXT which I just don't understand), or both. As a reminder, with the same configs, "doveadm quota" and lmtp do not show such a behavior: they both take quotas into account for my users. Any ideas? TIA, Axel (gdb) p *user $2 = { pool = 0x7fed9b829020, v = { deinit = 0x10b190dd0 }, vlast = 0x7fed9b82a188, refcount = 1, username = 0x7fed9b829110 "john.doe at example.com", _home = 0x7fed9b829e08 "/_Mailstores/john.doe", uid = 999, gid = 999, service = 0x7fed9b829e30 "quota-status", local_ip = 0x0, remote_ip = 0x0, auth_token = 0x0, var_expand_table = 0x7fed9b829e40, error = 0x0, set_info = 0x7fed9b814d60, unexpanded_set = 0x7fed9b829138, set = 0x7fed9b829770, namespaces = 0x7fed9b4046b0, storages = 0x7fed9b404780, hooks = { arr = { buffer = 0x7fed9b82a130, element_size = 8 }, v = 0x7fed9b82a130, v_modifiable = 0x7fed9b82a130 }, mountpoints = 0x0, default_normalizer = 0x10b0c1d00 , _attr_dict = 0x0, module_contexts = { arr = { buffer = 0x7fed9b829da8, element_size = 8 }, v = 0x7fed9b829da8, v_modifiable = 0x7fed9b829da8 }, nonexistent = 0, home_looked_up = 1, anonymous = 0, autocreated = 0, initialized = 1, mail_debug = 1, inbox_open_error_logged = 0, fuzzy_search = 0, dsyncing = 0, attr_dict_failed = 0 } From weber at papaya-cms.com Fri Jul 19 16:43:22 2013 From: weber at papaya-cms.com (Alexander Weber) Date: Fri, 19 Jul 2013 15:43:22 +0200 Subject: [Dovecot] zlib plugin "undefined symbol: imap_module_register" Message-ID: <51E9427A.8090001@papaya-cms.com> Hi all, i've tried to enable the zlib plugin within die LDA, but i've got some strange errors dovecot: lda: Error: dlopen(/usr/lib/dovecot/modules/lib30_imap_zlib_plugin.so) failed: /usr/lib/dovecot/modules/lib30_imap_zlib_plugin.so: undefined symbol: imap_module_register dovecot: lda: Fatal: Couldn't load required plugins am i missing something within the config? doveconf -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-49-generic x86_64 Ubuntu 12.04.2 LTS base_dir = /var/run/dovecot/ disable_plaintext_auth = no hostname = mail.local mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = yes location = maildir:/home/shared:CONTROL=~/.Maildir/control/Shared:INDEX=~/.Maildir/index/Shared prefix = shared/ separator = / subscriptions = yes type = public } namespace { inbox = yes location = prefix = separator = / type = private } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at localhost protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } ssl_ca = was automatically rejected:%n%r } protocol imap { mail_plugins = zlib, acl, imap_zlib } Mit freundlichen Gruessen / best regards papaya Software GmbH i.A. Alexander Weber -- papaya Software GmbH | Im MediaPark 5 | 50670 Koeln | Germany Tel./Ph.: +49-221-5743-8070 | Fax: +49-221-5743-8099 mailto:weber at papaya-cms.com | http://www.papaya-cms.com/ -- Geschaeftsfuehrer: Andreas Jacobi, Andr? Schnitzler, Daniel Sch?fer Sitz& Registergericht: Koeln | HRB 60030 | USt.-Id.-Nr.: DE 255642963 -- From AxelLuttgens at swing.be Fri Jul 19 17:45:51 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Fri, 19 Jul 2013 16:45:51 +0200 Subject: [Dovecot] zlib plugin "undefined symbol: imap_module_register" In-Reply-To: <51E9427A.8090001@papaya-cms.com> References: <51E9427A.8090001@papaya-cms.com> Message-ID: <7665B599-63A9-4E87-992D-610F1C25F0A8@swing.be> Le 19 juil. 2013 ? 15:43, Alexander Weber a ?crit : > Hi all, > > i've tried to enable the zlib plugin within die LDA, but i've got some strange errors > > dovecot: lda: Error: dlopen(/usr/lib/dovecot/modules/lib30_imap_zlib_plugin.so) failed: /usr/lib/dovecot/modules/lib30_imap_zlib_plugin.so: undefined symbol: imap_module_register > dovecot: lda: Fatal: Couldn't load required plugins > > > [...] > protocol lda { > deliver_log_format = msgid=%m: %$ > mail_plugins = sieve, zlib, acl, imap_zlib > postmaster_address = postmaster > quota_full_tempfail = yes > rejection_reason = Your message to <%t> was automatically rejected:%n%r > } Hello Alexander, Should the imap_zlib plugin be listed in the above? Axel From p.heinlein at heinlein-support.de Fri Jul 19 18:11:18 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Fri, 19 Jul 2013 17:11:18 +0200 Subject: [Dovecot] mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient Message-ID: <51E95716.4000101@heinlein-support.de> Hi, looks like we detected a serious bug in dovecot's lmtp proxying where e-mails are delivered to the wrong user. The setup is: *) Dovecot is configured with "lmtp_proxy=yes" # Support proxying to other LMTP/SMTP servers by performing passdb lookups. lmtp_proxy = yes *) Postfix uses "dynamic recipient verification", so Postfix starts sending a (verify) mail by LMTP to dovecot, but quits the lmtp-session right after the RCPT TO:. No DATA-stage is reached in the protocol and no real e-mail is sent. But Postfix had a LMTP-connection for "user1". *) Just some seconds later a "real" e-mail to "user2" has to be delivered to dovecot by LMTP. But Dovecot will deliver this mail to the wrong "user1" instead of "user2". Looks like dovecot re-uses the (still opened?) lmtp-proxy-connection from "user1" to deliver an e-mail to "user2". Have a log at the protocol: 1) There's a verify call to user1 from Postfix: Jul 19 13:49:49 mailms postfix/lmtp[9842]: DE653280C51: to=, relay=localhost[127.0.0.1]:24, conn_use=2, delay=120, delays=117/0.45/0/2.5, dsn=2.1.5, status=deliverable (250 2.1.5 OK) 2) Just five seconds later the e-mail to user2 (see Postfix' point of view in the last line) is delivered to user2 (see result from Dovecot in the last line): Jul 19 13:50:04 mailms dovecot: lmtp(10965, kraemer): save: box=INBOX, uid=49880, msgid=<59798276-E5D1-4053-A570-9901B731DF5D at example.come>, size=11020 Jul 19 13:50:04 mailms dovecot: lmtp(10965, kraemer): 1zTeKrMn6VHVKgAAhyqEuA: msgid=<59798276-E5D1-4053-A570-9901B731DF5D at example.com>: saved mail to INBOX Jul 19 13:50:04 mailms postfix/lmtp[10953]: C25FC280BE5: to=, relay=localhost[127.0.0.1]:24, conn_use=19, delay=116, delays=115/0.53/0/0.33, dsn=2.0.0, status=sent (250 2.0.0 1zTeKrMn6VHVKgAAhyqEuA Saved) Same with user3 and user4: Jul 19 14:47:53 mailms postfix/lmtp[10845]: C389A2809D7: to=, relay=localhost[127.0.0.1]:24, delay=4.7, delays=3.7/0.87/0/0.19, dsn=2.1.5, status=deliverable (250 2.1.5 OK) Jul 19 14:47:55 mailms dovecot: lmtp(26546, fs211113): save: box=INBOX, uid=8504, msgid=<928729810.113.1374238063381 at example.com>, size=233151 Jul 19 14:47:55 mailms dovecot: lmtp(26546, fs211113): MbMvI2816VGyZwAAhyqEuA: msgid=<928729810.113.1374238063381 at example.com>: saved mail to INBOX Jul 19 14:47:55 mailms postfix/lmtp[22524]: 6F0D2280A6E: to=, relay=localhost[127.0.0.1]:24, conn_use=2, delay=10, delays=8.4/1/0/0.8, dsn=2.0.0, status=sent (250 2.0.0 MbMvI2816VGyZwAAhyqEuA Saved) The user itself is quite normal in the user database (but has a mailhost=127.0.0.1 set): root at mailms:/etc/dovecot/conf.d# doveadm user user2 at example.com userdb: user2 at example.com uid : 5000 gid : 5000 home : /srv/mail/user2 root at mailms:/etc/dovecot/conf.d# doveadm auth user2 at example.com Password: passdb: user2 at example.com auth failed extra fields: user=user2 Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From CMarcus at Media-Brokers.com Fri Jul 19 18:58:25 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 19 Jul 2013 11:58:25 -0400 Subject: [Dovecot] mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient In-Reply-To: <51E95716.4000101@heinlein-support.de> References: <51E95716.4000101@heinlein-support.de> Message-ID: <51E96221.7010000@Media-Brokers.com> doveconf -n and postconf -n output might shed some light? On 2013-07-19 11:11 AM, Peer Heinlein wrote: > Hi, > > looks like we detected a serious bug in dovecot's lmtp proxying where > e-mails are delivered to the wrong user. > > The setup is: > > *) Dovecot is configured with "lmtp_proxy=yes" > > # Support proxying to other LMTP/SMTP servers by performing passdb lookups. > lmtp_proxy = yes > > *) Postfix uses "dynamic recipient verification", so Postfix starts > sending a (verify) mail by LMTP to dovecot, but quits the lmtp-session > right after the RCPT TO:. No DATA-stage is reached in the protocol and > no real e-mail is sent. But Postfix had a LMTP-connection for "user1". > > *) Just some seconds later a "real" e-mail to "user2" has to be > delivered to dovecot by LMTP. But Dovecot will deliver this mail to the > wrong "user1" instead of "user2". Looks like dovecot re-uses the (still > opened?) lmtp-proxy-connection from "user1" to deliver an e-mail to "user2". > > Have a log at the protocol: > > 1) There's a verify call to user1 from Postfix: > > Jul 19 13:49:49 mailms postfix/lmtp[9842]: DE653280C51: > to=, relay=localhost[127.0.0.1]:24, conn_use=2, > delay=120, delays=117/0.45/0/2.5, dsn=2.1.5, status=deliverable (250 > 2.1.5 OK) > > 2) Just five seconds later the e-mail to user2 (see Postfix' point of > view in the last line) is delivered to user2 (see result from Dovecot in > the last line): > > Jul 19 13:50:04 mailms dovecot: lmtp(10965, kraemer): save: box=INBOX, > uid=49880, msgid=<59798276-E5D1-4053-A570-9901B731DF5D at example.come>, > size=11020 > Jul 19 13:50:04 mailms dovecot: lmtp(10965, kraemer): > 1zTeKrMn6VHVKgAAhyqEuA: > msgid=<59798276-E5D1-4053-A570-9901B731DF5D at example.com>: saved mail to > INBOX > Jul 19 13:50:04 mailms postfix/lmtp[10953]: C25FC280BE5: > to=, relay=localhost[127.0.0.1]:24, conn_use=19, > delay=116, delays=115/0.53/0/0.33, dsn=2.0.0, status=sent (250 2.0.0 > 1zTeKrMn6VHVKgAAhyqEuA Saved) > > > Same with user3 and user4: > > Jul 19 14:47:53 mailms postfix/lmtp[10845]: C389A2809D7: > to=, relay=localhost[127.0.0.1]:24, delay=4.7, > delays=3.7/0.87/0/0.19, dsn=2.1.5, status=deliverable (250 2.1.5 OK) > Jul 19 14:47:55 mailms dovecot: lmtp(26546, fs211113): save: box=INBOX, > uid=8504, msgid=<928729810.113.1374238063381 at example.com>, size=233151 > Jul 19 14:47:55 mailms dovecot: lmtp(26546, fs211113): > MbMvI2816VGyZwAAhyqEuA: msgid=<928729810.113.1374238063381 at example.com>: > saved mail to INBOX > Jul 19 14:47:55 mailms postfix/lmtp[22524]: 6F0D2280A6E: > to=, relay=localhost[127.0.0.1]:24, conn_use=2, > delay=10, delays=8.4/1/0/0.8, dsn=2.0.0, status=sent (250 2.0.0 > MbMvI2816VGyZwAAhyqEuA Saved) > > > > The user itself is quite normal in the user database (but has a > mailhost=127.0.0.1 set): > > root at mailms:/etc/dovecot/conf.d# doveadm user user2 at example.com > userdb: user2 at example.com > uid : 5000 > gid : 5000 > home : /srv/mail/user2 > > root at mailms:/etc/dovecot/conf.d# doveadm auth user2 at example.com > Password: > passdb: user2 at example.com auth failed > extra fields: > user=user2 > > Peer > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax From CMarcus at Media-Brokers.com Sat Jul 20 17:20:30 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sat, 20 Jul 2013 10:20:30 -0400 Subject: [Dovecot] OT: SAN vs Flash only SAN-less VM architecture for data storage Message-ID: <51EA9CAE.9050904@Media-Brokers.com> Hello all, I am investigating options for leveraging our companies two locations, to provide fault tolerance/redundancy for our VM infrastructure. I was looking at SAN storage options, but ran across an interesting article, and would like opinions. It sounds great, a real win-win as to cost *and* performance... We have redundant/identical hosts at each location that can fulfill the requirements discussed... http://www.storage-switzerland.com/Articles/Entries/2012/9/20_The_Benefits_of_a_Flash_Only,_SAN-less_Virtual_Architecture.html or http://tinyurl.com/khwuspo Stan, I'm especially interested in your take, considering your experience with high end SANs and VM storage environments... Thanks, -- Best regards, Charles From rs at sys4.de Sat Jul 20 21:30:26 2013 From: rs at sys4.de (Robert Schetterer) Date: Sat, 20 Jul 2013 20:30:26 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir Message-ID: <51EAD742.1090902@sys4.de> Hi Timo, i have reports from few users about lost performance with 2.17 maildir bigger mailboxes ( up to 2 GB ), i also use zlib plugin what about this patch.....,may not working as i should? http://hg.dovecot.org/dovecot-2.1/rev/9c23d1fb8969 Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Sat Jul 20 23:12:19 2013 From: rs at sys4.de (Robert Schetterer) Date: Sat, 20 Jul 2013 22:12:19 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <51EAD742.1090902@sys4.de> References: <51EAD742.1090902@sys4.de> Message-ID: <51EAEF23.9050406@sys4.de> Am 20.07.2013 20:30, schrieb Robert Schetterer: > Hi Timo, i have reports from few users about lost performance with 2.17 > maildir bigger mailboxes ( up to 2 GB ), i also use zlib plugin > > what about this patch.....,may not working as i should? > > http://hg.dovecot.org/dovecot-2.1/rev/9c23d1fb8969 > > Best Regards > MfG Robert Schetterer > i checked this reverting to 2.1.15 (had only this pre compiled) perfomance gets better with this, looks like the problem is getting more worst with having bigger mailboxes and heavy use of subfolder trees any idea? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From harmonicnm7h at gmail.com Sun Jul 21 01:34:59 2013 From: harmonicnm7h at gmail.com (Sam Flint) Date: Sat, 20 Jul 2013 17:34:59 -0500 Subject: [Dovecot] Sieve info Message-ID: I'm using Dovecot v2, and I can't seem to find any info abut using sieve with the LDA, or the ManageSieve protocol, can you please point me un the right direction? Sam From h.reindl at thelounge.net Sun Jul 21 01:39:15 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 21 Jul 2013 00:39:15 +0200 Subject: [Dovecot] Sieve info In-Reply-To: References: Message-ID: <51EB1193.5090408@thelounge.net> Am 21.07.2013 00:34, schrieb Sam Flint: > I'm using Dovecot v2, and I can't seem to find any info abut using sieve > with the LDA, or the ManageSieve protocol, can you please point me un the > right direction? google "dovecot sieve" leads to http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From h.reindl at thelounge.net Sun Jul 21 01:47:54 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 21 Jul 2013 00:47:54 +0200 Subject: [Dovecot] Sieve info In-Reply-To: References: <51EB1193.5090408@thelounge.net> Message-ID: <51EB139A.3070208@thelounge.net> Am 21.07.2013 00:45, schrieb Sam Flint: > > On Jul 20, 2013 5:39 PM, "Reindl Harald" > wrote: >> >> Am 21.07.2013 00:34, schrieb Sam Flint: >> > I'm using Dovecot v2, and I can't seem to find any info abut using sieve >> > with the LDA, or the ManageSieve protocol, can you please point me un the >> > right direction? >> >> google "dovecot sieve" leads to >> http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration > > Thank you very muuch! The pointer on the v1 wiki pointed to a non-existent page http://wiki2.dovecot.org/ is for version >= 2.0 many configs are completly different in v2 http://wiki.dovecot.org/ This documentation is for Dovecot v1.x, see wiki2 for v2.0 documentation -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From rs at sys4.de Sun Jul 21 08:45:12 2013 From: rs at sys4.de (Robert Schetterer) Date: Sun, 21 Jul 2013 07:45:12 +0200 Subject: [Dovecot] dsync backup mails compressed Message-ID: <51EB7568.1@sys4.de> Hi Timo , looks like if zlib plugin is enabled all backupmails ( Maildir ) getting compressed i tested this dsync -o plugin/acl= -o plugin/quota= -u user at beispiel.de backup maildir://nfs-backup-data/user at beispiel.de adding -o plugin/zlib= didnt help i am not sure , what is the expected behave , and why -o plugin/quota= does not work ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Sun Jul 21 08:49:48 2013 From: rs at sys4.de (Robert Schetterer) Date: Sun, 21 Jul 2013 07:49:48 +0200 Subject: [Dovecot] Error: stat dove 2.1.16 failed: File name too long In-Reply-To: <51E7BEDC.1070006@sys4.de> References: <51E7BEDC.1070006@sys4.de> Message-ID: <51EB767C.8040407@sys4.de> Am 18.07.2013 12:09, schrieb Robert Schetterer: > Hi , from some migration i have some long subfolder list sdbox ( for > sure nonsense ) any good idea how to fix ? > > Best Regards > MfG Robert Schetterer > fixed this by find all mails ( dovecot search ) since migration date and reconstruct the mailbox, i would wish there would be a "jedi-force" at dovecot copy for all folder (mailboxes), would be very helpfull at reconstruct broke mailboxes Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Sun Jul 21 08:53:12 2013 From: rs at sys4.de (Robert Schetterer) Date: Sun, 21 Jul 2013 07:53:12 +0200 Subject: [Dovecot] dsync backup mails compressed In-Reply-To: <51EB7568.1@sys4.de> References: <51EB7568.1@sys4.de> Message-ID: <51EB7748.1080208@sys4.de> Am 21.07.2013 07:45, schrieb Robert Schetterer: > Hi Timo , looks like if zlib plugin is enabled > all backupmails ( Maildir ) getting compressed > > i tested this > > dsync -o plugin/acl= -o plugin/quota= -u user at beispiel.de backup > maildir://nfs-backup-data/user at beispiel.de > > adding > > -o plugin/zlib= > > didnt help > > i am not sure , what is the expected behave , and why -o plugin/quota= sorry for typo -o plugin/zlib= > does not work ? > > > Best Regards > MfG Robert Schetterer > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From stan at hardwarefreak.com Sun Jul 21 12:13:39 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sun, 21 Jul 2013 04:13:39 -0500 Subject: [Dovecot] OT: SAN vs Flash only SAN-less VM architecture for data storage In-Reply-To: <51EA9CAE.9050904@Media-Brokers.com> References: <51EA9CAE.9050904@Media-Brokers.com> Message-ID: <51EBA643.1070400@hardwarefreak.com> On 7/20/2013 9:20 AM, Charles Marcus wrote: > It sounds great, a real win-win as to cost *and* performance... Until you read the article carefully and note the network requirement: "Data is synchronously written to another host with a PCIe SSD for data protection and high availability via a simple, private *10GbE* network." -- Stan From lists at wildgooses.com Sun Jul 21 14:01:05 2013 From: lists at wildgooses.com (Ed W) Date: Sun, 21 Jul 2013 12:01:05 +0100 Subject: [Dovecot] OT: SAN vs Flash only SAN-less VM architecture for data storage In-Reply-To: <51EBA643.1070400@hardwarefreak.com> References: <51EA9CAE.9050904@Media-Brokers.com> <51EBA643.1070400@hardwarefreak.com> Message-ID: <51EBBF71.7040805@wildgooses.com> On 21/07/2013 10:13, Stan Hoeppner wrote: > On 7/20/2013 9:20 AM, Charles Marcus wrote: > >> It sounds great, a real win-win as to cost *and* performance... > Until you read the article carefully and note the network requirement: > > "Data is synchronously written to another host with a PCIe SSD for data > protection and high availability via a simple, private *10GbE* network." > > I have no opinion on the subject, but for others who haven't read the article the 10gbe referred to is to keep the server in sync with a backup server somewhere presumed in the same room. As such 10gbe seems reasonable and inexpensive (newer supermicro can come with them built-in and standalone cards are reasonably inexpensive. The new Netgear 10gbe switch is even quite affordable) As near as I can tell they advocate putting all the storage on the host machine and using network to sync off the machine (vs SAN where all the storage is off machine) I don't really get where they are going with this solution though? Ed W From gedalya at gedalya.net Sun Jul 21 14:06:36 2013 From: gedalya at gedalya.net (Gedalya) Date: Sun, 21 Jul 2013 07:06:36 -0400 Subject: [Dovecot] pop3c migration? In-Reply-To: <51E6739C.5030001@gedalya.net> References: <51E6739C.5030001@gedalya.net> Message-ID: <51EBC0BC.8030701@gedalya.net> OK so now I tried a doveadm backup -R with pop3c using dovecot 2.2.4 (50117c22151e) (auto build) and it works fine, and indeed very fast. Funny, I ran into a segmentation fault by mistakenly passing pop3c_password instead of imapc_password, thought it would be worth posting. I'm using the cutting-edge dovecot over NFS storing to the production server running 2.1.7. I'll be seeing "Corrupted index cache file .. Invalid magic in hole header" when every account logs in for the first time post-migration. Is this OK? I'm using Maildir. Segfault: Starting program: /usr/bin/doveadm -D -o imapc_user=xxxx at example.com -o pop3c_password=******* -o imapc_host=mail01.example.com import -s -u xxxx at example.com imapc: '' NOT mailbox INBOX [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1". doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_listescape_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(root): Debug: Effective uid=0, gid=0, home=/root Program received signal SIGSEGV, Segmentation fault. imapc_storage_client_unref (_client=_client at entry=0x80c3130) at imapc-storage.c:256 256 imapc-storage.c: No such file or directory. (gdb) bt full #0 imapc_storage_client_unref (_client=_client at entry=0x80c3130) at imapc-storage.c:256 client = 0x0 cb = __FUNCTION__ = "imapc_storage_client_unref" #1 0xb7ed4660 in imapc_list_deinit (_list=0x80c3028) at imapc-list.c:106 list = 0x80c3028 #2 0xb7ef5c44 in mailbox_list_create (driver=driver at entry=0xb7f57ad2 "imapc", ns=ns at entry=0x80c2f78, set=set at entry=0xbffff854, flags=MAILBOX_LIST_FLAG_NO_MAIL_FILES, list_r=list_r at entry=0xbffff844, error_r=error_r at entry=0xbffff928) at mailbox-list.c:184 list = 0x80c3028 idx = 6 __FUNCTION__ = "mailbox_list_create" #3 0xb7eedadb in mail_storage_create_full (ns=ns at entry=0x80c2f78, driver=, driver at entry=0x0, data=, flags=flags at entry=0, storage_r=storage_r at entry=0xbffff8cc, error_r=error_r at entry=0xbffff928) at mail-storage.c:356 storage_class = 0xb7f8d060 storage = 0x0 list = 0xbffff880 list_set = {layout = 0xb7f57ad2 "imapc", root_dir = 0x0, index_dir = 0x0, index_pvt_dir = 0x0, control_dir = 0x0, alt_dir = 0x0, inbox_path = 0x0, subscription_fname = 0x0, maildir_name = 0xb7f52fbc "", mailbox_dir_name = 0xb7f52fbc "", escape_char = 37 '%', broken_char = 0 '\000', utf8 = false, alt_dir_nocheck = false} list_flags = p = __FUNCTION__ = "mail_storage_create_full" #4 0xb7eede35 in mail_storage_create (ns=ns at entry=0x80c2f78, driver=driver at entry=0x0, flags=flags at entry=0, error_r=error_r at entry=0xbffff928) at mail-storage.c:407 storage = 0xb7eeddf0 #5 0xb7ee788f in mail_namespaces_init_location (user=0x80bef90, location=location at entry=0x80b12ab "imapc:", error_r=error_r at entry=0xbffff978) at mail-namespace.c:460 inbox_set = 0x80bfd50 unexpanded_inbox_set = 0x80bfd80 ns = 0x80c2f78 mail_set = 0x80bf638 error = driver = location_source = default_location = __FUNCTION__ = "mail_namespaces_init_location" #6 0x0805b072 in cmd_import_init (_ctx=0x80b4ed8, args=0x80b1200) at doveadm-mail-import.c:179 ctx = 0x80b4ed8 input = {module = 0x808e8e5 "mail", service = 0x0, username = 0x8092f03 "doveadm", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 2056, flags_override_remove = MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP, no_userdb_lookup = 0} service_user = 0x80b8e90 user = 0x80bef90 ---Type to continue, or q to quit--- src_location = 0x80b12ab "imapc:" error = 0x4
#7 0x080575f8 in doveadm_mail_single_user (ctx=0x80b4ed8, input=0xbffffa6c, error_r=0xbffffa64) at doveadm-mail.c:328 __FUNCTION__ = "doveadm_mail_single_user" #8 0x08057c37 in doveadm_mail_cmd (argv=0x80b1200, argc=, cmd=0x80b4388) at doveadm-mail.c:516 input = {module = 0x0, service = 0x8092f03 "doveadm", username = 0x80b1299 "xxxx at example.com", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = { __in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} ctx = 0x80b4ed8 getopt_args = ret = c = wildcard_user = 0x0 error = #9 doveadm_mail_try_run (cmd_name=cmd_name at entry=0x80b128c "import", argc=argc at entry=9, argv=argv at entry=0x80b11f0) at doveadm-mail.c:608 cmd = 0x80b4388 #10 0x08056b26 in main (argc=9, argv=0x80b11f0) at doveadm.c:398 cmd_name = i = quick_init = false c = From wildfire at progsoc.org Sun Jul 21 17:12:43 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Mon, 22 Jul 2013 00:12:43 +1000 Subject: [Dovecot] attachments not with email causing FETCH BODY[] failed Message-ID: Hi, Anyone else experiencing this (Dovecot 2.2.4, attachments stored separately): dovecot: imap(user at kamdha.com): Error: file_istream.open(/home/ example.com/user/attachments/f5/f0/f5f0f2c08c4311fa404d090a703c3b492f2ea718-a52388285a04eb51820c0000d485234e-c92f64f79f0d1ed01e6d5b314f04886c-42501) failed: No such file or directory dovecot: imap(user at example.com): Error: read(BODY[]) failed: No such file or directory (FETCH for mailbox INBOX UID 42501) dovecot: imap(user at example.com): Disconnected: FETCH failed in=186 out=86389 My dovecot.conf attachment related config is: mail_attachment_dir = /home/%d/%n/attachments mail_attachment_min_size = 128k mail_attachment_fs = sis posix mail_attachment_hash = %{sha1} So, questions: - anyone else experiencing this? - how might this occurred? - what is the best way to find the corrupted message? - how should I go about fixing this? Any help or pointers would be appreciated. Thanks, Anand From adrian.minta at gmail.com Sun Jul 21 17:26:57 2013 From: adrian.minta at gmail.com (Adrian Minta) Date: Sun, 21 Jul 2013 17:26:57 +0300 Subject: [Dovecot] OT: SAN vs Flash only SAN-less VM architecture for data storage In-Reply-To: <51EA9CAE.9050904@Media-Brokers.com> References: <51EA9CAE.9050904@Media-Brokers.com> Message-ID: <51EBEFB1.3030501@gmail.com> How about all flash storage like the one from Skyera ? http://www.skyera.com/products/skyhawk/tech-specs/ -- Best regards, Adrian Minta From list.dovecot at tiri.li Sun Jul 21 23:11:30 2013 From: list.dovecot at tiri.li (Thomas Baumann) Date: Sun, 21 Jul 2013 22:11:30 +0200 Subject: [Dovecot] dovecot fts solr plugin Message-ID: Hello list, * apache-solr-3.6.2 * dovecot-2.1.7 I configured fts_solr for dovecot, but I have two issues When doing a search request within telnet 127.0.0.1 143 it connects to solr. Jul 21, 2013 4:38:15 PM org.apache.solr.core.SolrCore execute INFO: [] webapp=/solr path=/select params={rows=1&q=box:10361d30f8c4ea51ad7c00002ecaff3b+user:" tom at tirism.support.tiri.li"&sort=uid+desc&fl=uid} hits=0 status=0 QTime=10 Jul 21, 2013 4:38:15 PM org.apache.solr.core.SolrCore execute INFO: [] webapp=/solr path=/select params={rows=3&q=(hdr:"test"+OR+body:"test")&fq=%2Bbox:10361d30f8c4ea51ad7c00002ecaff3b+%2Buser:" tom at tirism.support.tiri.li"&sort=uid+asc&fl=uid,score} hits=0 status=0 QTime=7 But (1) doveadm fts fails: $ doveadm fts rescan -u tom at domain.com Error message: doveadm(tom at tirism.support.tiri.li): Error: fts not enabled for user's namespace (null) (2) solr schema has errors Jul 21, 2013 4:35:46 PM org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: undefined field text at org.apache.solr.schema.IndexSchema.getDynamicFieldType(IndexSchema.java:1330) at org.apache.solr.schema.IndexSchema$SolrQueryAnalyzer.getAnalyzer(IndexSchema.java:408) at org.apache.solr.schema.IndexSchema$SolrIndexAnalyzer.reusableTokenStream(IndexSchema.java:383) at org.apache.lucene.queryParser.QueryParser.getFieldQuery(QueryParser.java:574) at org.apache.solr.search.SolrQueryParser.getFieldQuery(SolrQueryParser.java:206) at org.apache.lucene.queryParser.QueryParser.Term(QueryParser.java:1436) at org.apache.lucene.queryParser.QueryParser.Clause(QueryParser.java:1319) at org.apache.lucene.queryParser.QueryParser.Query(QueryParser.java:1245) at org.apache.lucene.queryParser.QueryParser.TopLevelQuery(QueryParser.java:1234) at org.apache.lucene.queryParser.QueryParser.parse(QueryParser.java:206) at org.apache.solr.search.LuceneQParser.parse(LuceneQParserPlugin.java:79) at org.apache.solr.search.QParser.getQuery(QParser.java:143) at org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:105) at org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:165) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:129) at org.apache.solr.core.SolrCore.execute(SolrCore.java:1376) at org.apache.solr.core.QuerySenderListener.newSearcher(QuerySenderListener.java:59) at org.apache.solr.core.SolrCore$3.call(SolrCore.java:1182) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:314) at java.util.concurrent.FutureTask.run(FutureTask.java:149) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:897) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:919) at java.lang.Thread.run(Thread.java:736) Hope somebody can help! Best regards, Thomas # dovecot --version 2.1.7 # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.0.74-0.6.10-default x86_64 SUSE Linux Enterprise Server 11 (x86_64) xfs base_dir = /var/run/dovecot/ dict { expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 5000 listen = * login_greeting = tiri Mail ready. login_trusted_networks = 127.0.0.1 mail_location = maildir:/var/vmail/%u/ mail_plugins = fts fts_solr managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } ssl = no userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { plugin { fts = solr fts_solr = break-imap-search url=http://localhost:8983/solr/ } } protocol pop3 { plugin { fts = solr fts_solr = break-imap-search url=http://localhost:8983/solr/ } } From mls at adnane.me Mon Jul 22 06:03:06 2013 From: mls at adnane.me (Adnane) Date: Mon, 22 Jul 2013 04:03:06 +0100 Subject: [Dovecot] dovecot: imap-login: Aborted login Message-ID: <51ECA0EA.1060608@adnane.me> Hello every one first I'am new to mail servers, I have followed this tutorial --> https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql?format=print to set up an Ubuntu 12.04 Dovecot postfix mail box for a subdomain mailer.adnane.me, I think I followed every thing right but I get disconnected when I try to access adnane at mailer.adnane.me with thunderbird dig mx mailer.adnane.me +short 1 mailer.adnane.me. root at mailer:~# postmap -q mailer.adnane.me mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf 1 root at mailer:~# postmap -q adnane at mailer.adnane.me mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf 1 I think the issue is with authentication root at mailer:~# tail -f /var/log/syslogJul Jul 22 03:34:41 mailer dovecot:imap-login: Disconnected (no auth attempts): rip=41.251.155.145, lip=5.135.151.43, TLS Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: Disconnected Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: Disconnected Jul 22 03:35:03 mailer dovecot: imap-login: Disconnected (no auth attempts): rip=41.251.155.145, lip=5.135.151.43, TLS: Disconnected plz let me know which conf files I need to post here, tnx. From skdovecot at smail.inf.fh-brs.de Mon Jul 22 10:36:31 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jul 2013 09:36:31 +0200 (CEST) Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: <51ECA0EA.1060608@adnane.me> References: <51ECA0EA.1060608@adnane.me> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jul 2013, Adnane wrote: > I think the issue is with authentication > > root at mailer:~# tail -f /var/log/syslogJul > Jul 22 03:34:41 mailer dovecot:imap-login: Disconnected (no auth attempts): > rip=41.251.155.145, lip=5.135.151.43, TLS > Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth attempts): > rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: Disconnected > Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth attempts): > rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: Disconnected > Jul 22 03:35:03 mailer dovecot: imap-login: Disconnected (no auth attempts): > rip=41.251.155.145, lip=5.135.151.43, TLS: Disconnected There is "no auth attempts", so you do not have an issue with authentication. Because of the "TLS handshaking: Disconnected" it looks like the connection gets cut during the initial TLS handshake. To debug this, first increare logging, then try from localhost without encryption, e.g.: telnet localhost 143 1 login "loginname" "password" and watch the human friendly output. Terminate the IMAP connection via 2 logout Maybe that client does not like your SSL cert and drops the connection thereof? Or maybe a firewall thinks it has to fiddle in, e.g. change Thunderbird to use SSL on port 993 instead of STARTTLS on 143. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUezg/13r2wJMiz2NAQKjkQf+MSiRcG8h4C3cdH2uKQNvc4K1UkJVmPjx tZvsBQmMQB0kY9y9GC9YiDKKCx3Cua6lxQ89Mbh4UDkjWdIV6T617QXT55HglLoY +fS1vVAIjCQlOD42GW1W8XKrQN9mfzCDw2CvdtMX8weiXPvsMA0ZMT/m5ZCWOtzR 8eP1Jjd8APuTPQqYg13+vWBSWNOfeyeY69m3loqKAuSw4ntSRglx5qlMrK8IRSji MHXkX2HJmbSV+iFstDRvbqVRWkJCGj6mzt+N34HU3py1H5zxiCjOSF9Q3UkU4psO 7xIGEDHbIrLpAca+6B2ZRIcfU0BgRAsvmcLLogqH40G/F7edud9YGw== =9TD0 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jul 22 10:45:40 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 22 Jul 2013 09:45:40 +0200 (CEST) Subject: [Dovecot] mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient In-Reply-To: <51E95716.4000101@heinlein-support.de> References: <51E95716.4000101@heinlein-support.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 19 Jul 2013, Peer Heinlein wrote: > looks like we detected a serious bug in dovecot's lmtp proxying where > e-mails are delivered to the wrong user. > > The setup is: > > *) Dovecot is configured with "lmtp_proxy=yes" > > # Support proxying to other LMTP/SMTP servers by performing passdb lookups. > lmtp_proxy = yes > > *) Postfix uses "dynamic recipient verification", so Postfix starts > sending a (verify) mail by LMTP to dovecot, but quits the lmtp-session > right after the RCPT TO:. No DATA-stage is reached in the protocol and > no real e-mail is sent. But Postfix had a LMTP-connection for "user1". > > *) Just some seconds later a "real" e-mail to "user2" has to be > delivered to dovecot by LMTP. But Dovecot will deliver this mail to the > wrong "user1" instead of "user2". Looks like dovecot re-uses the (still > opened?) lmtp-proxy-connection from "user1" to deliver an e-mail to "user2". Is the communication between postfix and Dovecot LMTP encrypted? If not, can you trace the LMTP transmission using something like wireshark or strace? So one get the impression of: + how many connections uses postfix to communicate with LMTP + which LMTP commands are transmitted in which order on which connection - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUezjJF3r2wJMiz2NAQJNAwf/RfmOLlAb1BTw/b2hSNGPiz/USdrQUQhw 6ryPDZdOY89ajemNUbKgXDHUPQb1fgjex3magY1Ri2xLW0fQVZdggF6d4T5+vpD3 E+TMfd2go0Dnp9GeVi+As7EcrXBfuN/9hwnkdAnyBDNEwZMmHORXpu5OseGMZqWD CsK8hvdbcsqMycy1pP0r+gOWm63nRQ0phn4l18zd5r7181kYGn87V3nV8gF5rAXi U0uyzHhyia/YV6Gto34MEsL4oRUeBxQFBkbYGKstbBofOLlk955bJRNyOI2Toid7 ehkcTfWPmJoI1MlBur0bMPJZ2fefLce0Dy17sv6l/H4SQyp4p/VDMA== =T+dr -----END PGP SIGNATURE----- From r at sys4.de Mon Jul 22 14:50:37 2013 From: r at sys4.de (Ralf Hildebrandt) Date: Mon, 22 Jul 2013 13:50:37 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <51EAEF23.9050406@sys4.de> References: <51EAD742.1090902@sys4.de> <51EAEF23.9050406@sys4.de> Message-ID: <20130722115036.GC30221@sys4.de> * Robert Schetterer : > Am 20.07.2013 20:30, schrieb Robert Schetterer: > > Hi Timo, i have reports from few users about lost performance with 2.17 > > maildir bigger mailboxes ( up to 2 GB ), i also use zlib plugin > > > > what about this patch.....,may not working as i should? > > > > http://hg.dovecot.org/dovecot-2.1/rev/9c23d1fb8969 > > > > Best Regards > > MfG Robert Schetterer > > > > > i checked this reverting to 2.1.15 (had only this pre compiled) > perfomance gets better with this, looks like the problem is getting more > worst with having bigger mailboxes and heavy use of subfolder trees > any idea? I wonder why this would matter. zlib is compressing EACH message individually, so the actual SIZE of the mailbox would not matter (the number of message would matter, though). Which operations are slow? Folder listing? Actually accessing messages? -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From CMarcus at Media-Brokers.com Mon Jul 22 15:09:35 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 22 Jul 2013 08:09:35 -0400 Subject: [Dovecot] attachments not with email causing FETCH BODY[] failed In-Reply-To: References: Message-ID: <51ED20FF.8090607@Media-Brokers.com> On 2013-07-21 10:12 AM, Anand Kumria wrote: > My dovecot.conf attachment related config is: No, please don't provide copy/pastes of config files. Always provide FULL doveconf -n output (and postfix -n output when it may be related to postfix)... -- Best regards, Charles From rs at sys4.de Mon Jul 22 15:23:02 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 22 Jul 2013 14:23:02 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <20130722115036.GC30221@sys4.de> References: <51EAD742.1090902@sys4.de> <51EAEF23.9050406@sys4.de> <20130722115036.GC30221@sys4.de> Message-ID: <51ED2426.4070005@sys4.de> Am 22.07.2013 13:50, schrieb Ralf Hildebrandt: > * Robert Schetterer : >> Am 20.07.2013 20:30, schrieb Robert Schetterer: >>> Hi Timo, i have reports from few users about lost performance with 2.17 >>> maildir bigger mailboxes ( up to 2 GB ), i also use zlib plugin >>> >>> what about this patch.....,may not working as i should? >>> >>> http://hg.dovecot.org/dovecot-2.1/rev/9c23d1fb8969 >>> >>> Best Regards >>> MfG Robert Schetterer >>> >> >> >> i checked this reverting to 2.1.15 (had only this pre compiled) >> perfomance gets better with this, looks like the problem is getting more >> worst with having bigger mailboxes and heavy use of subfolder trees >> any idea? > > I wonder why this would matter. zlib is compressing EACH message > individually, so the actual SIZE of the mailbox would not matter (the > number of message would matter, though). > > Which operations are slow? Folder listing? Actually accessing messages? accessing , list messsages , copy, move delete operations it must not be zlib related, that was a guess there are two other patches only maildir related might be a better guess http://hg.dovecot.org/dovecot-2.1/rev/7389ff729d2e http://hg.dovecot.org/dovecot-2.1/rev/4c05b9447a10 other patches dont look related to me, however i use a lot of other plugins which might also involved sorry not easy to measure , but performance here is def better with 2.1.15 , same client setup, no special failures about that in debug logs > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From andreas.schulze at datev.de Mon Jul 22 15:56:20 2013 From: andreas.schulze at datev.de (Andreas Schulze) Date: Mon, 22 Jul 2013 14:56:20 +0200 Subject: [Dovecot] 2.2.4 + metadata plugin: autoconf failed Message-ID: <20130722125620.GA15492@spider.services.datevnet.de> Hello, I can compile metadata plugin using debian squeeze + wheezy. But build on suse enterprise server 9,10 and 11 failed. The metadata plugin require autoconf-2.65 which i too new. On the other side I can build the dovecot-2.2.4 and pigeonhole-0.4.0 plugin without problems: dovecot require autoconf-2.59 and pigeonhole does not require any specific autoconf version. I asked the authors of the plugin for support but got no response. Maybe somebody could review the plugin. Thanks Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From christian.wiese at securepoint.de Mon Jul 22 16:31:11 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Mon, 22 Jul 2013 15:31:11 +0200 Subject: [Dovecot] 2.2.4 + metadata plugin: autoconf failed In-Reply-To: <20130722125620.GA15492@spider.services.datevnet.de> References: <20130722125620.GA15492@spider.services.datevnet.de> Message-ID: <20130722153111.43e76548@pccw> Hi Andreas, it would be helpful to provide the error message(s). Meanwhile you can try to call the 'autogen.sh' script which is shipped with the sources of the metadata-plugin before running 'configure'. This will try to regenerate all the autotools related files using your installed version. Cheers, Chris On Mon, 22 Jul 2013 14:56:20 +0200 Andreas Schulze wrote: > Hello, > > I can compile metadata plugin using debian squeeze + wheezy. > But build on suse enterprise server 9,10 and 11 failed. > > The metadata plugin require autoconf-2.65 which i too new. > On the other side I can build the dovecot-2.2.4 and pigeonhole-0.4.0 > plugin without problems: dovecot require autoconf-2.59 and pigeonhole > does not require any specific autoconf version. > > I asked the authors of the plugin for support but got no response. > Maybe somebody could review the plugin. > > Thanks > Andreas > From christian.wiese at securepoint.de Mon Jul 22 16:37:22 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Mon, 22 Jul 2013 15:37:22 +0200 Subject: [Dovecot] 2.2.4 + metadata plugin: autoconf failed In-Reply-To: <20130722153111.43e76548@pccw> References: <20130722125620.GA15492@spider.services.datevnet.de> <20130722153111.43e76548@pccw> Message-ID: <20130722153722.0d2afd7e@pccw> I guess you had to call 'autogen.sh' anyway so maybe you could also try to simply remove the first line of 'configure.ac'. http://hg.dovecot.org/dovecot-metadata-plugin/file/2a17386d4dbc/configure.ac#l1 This obviously defines the minimal version of autoconf and who knows if that is really needed ;) Cheers, Chris On Mon, 22 Jul 2013 15:31:11 +0200 Christian Wiese wrote: > Hi Andreas, > > it would be helpful to provide the error message(s). > Meanwhile you can try to call the 'autogen.sh' script which is shipped > with the sources of the metadata-plugin before running 'configure'. > This will try to regenerate all the autotools related files using your > installed version. > > Cheers, > Chris > > On Mon, 22 Jul 2013 14:56:20 +0200 > Andreas Schulze wrote: > > > Hello, > > > > I can compile metadata plugin using debian squeeze + wheezy. > > But build on suse enterprise server 9,10 and 11 failed. > > > > The metadata plugin require autoconf-2.65 which i too new. > > On the other side I can build the dovecot-2.2.4 and pigeonhole-0.4.0 > > plugin without problems: dovecot require autoconf-2.59 and > > pigeonhole does not require any specific autoconf version. > > > > I asked the authors of the plugin for support but got no response. > > Maybe somebody could review the plugin. > > > > Thanks > > Andreas > > > -- Kind regards, Mit freundlichen Gr??en, Christian Wiese Follow us on Facebook: Follow us on Twitter: --------------------------------------------------------------------- Securepoint GmbH Christian Wiese Salzstr. 1 D-21335 Lueneburg http://www.securepoint.de Tele: ++49 4131 2401-0 Fax: ++49 4131 2401-50 Lueneburg HRB 1776 --------------------------------------------------------------------- CONFIDENTIALITY : This e-mail and any attachments are confidential and may be privileged. If you are not a named recipient, please notify the sender immediately and do not disclose the contents to another person, use it for any purpose or store or copy the information in any medium. GEHEIMHALTUNGSPFLICHT : Dieses E-Mail und alle damit verbundenen Anlagen sind vertraulich und d?rfen nur bestimmten Personen zug?nglich gemacht werden. Sofern Sie nicht zu den angegebenen Empf?ngern geh?ren, benachrichtigen Sie bitte unverz?glich den Absender. Der Inhalt darf weder an Dritte weitergegeben noch zu anderen Zwecken verwendet werden. Die Informationen d?rfen auch nicht auf einem Datentr?ger gespeichert oder auf einen Datentr?ger kopiert werden. From cedrict at derytelecom.ca Mon Jul 22 17:24:47 2013 From: cedrict at derytelecom.ca (Cedric) Date: Mon, 22 Jul 2013 10:24:47 -0400 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <51E701D9.2@derytelecom.ca> References: <51E701D9.2@derytelecom.ca> Message-ID: <51ED40AF.8020100@derytelecom.ca> HI, I'll try to explain my problem another way just in case. For message delivery i'm using sendmail/dovecot-lda The problem is that dovecot-lda is not using the inbox variable pass by dovecot preventing the message to be delivered to the correct file. Example : Jul 22 09:42:15 devshed dovecot: auth-worker(24806): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict Jul 22 09:42:15 devshed dovecot: auth-worker(24806): Debug: auth(cedrict): username changed cedrict -> cedrict at mail.vdl Jul 22 09:42:15 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 09:42:15 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 09:42:15 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 22 09:42:15 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 22 09:42:15 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 22 09:42:15 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 22 09:42:15 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= As you can see dovecot set the inbox to inbox=/var/spool/vmail/mail.vdl/cedrict lda part set the inbox to : plugin/inbox=/var/spool/vmail/mail.vdl/cedric But change it back later to inbox=/var/spool/vmail/mail.vdl/test How can i ensure that the inbox variable stay intact ? Regards Cedric Le 2013-07-17 16:43, Cedric a ?crit : > Hi, > > We are currently moving from linuxconf/dovecot to a dovecot setup with > sql support, the problem we currently facing is having a message sent > to a aliase delivered to the user email inbox with dovecot-lda, i have > created cedrict at mail.vdl and a alias test at mail.vdl, when i send to > cedrict at mail.vdl the message is included in the user inbox file, but > when i send to test at mail.vdl it should do the same and not create a > new created file named test, thank in advance for your help. > > # dovecot --version > 2.2.4 > > > dovecot.conf > auth_debug = yes > auth_debug_passwords = yes > auth_verbose = yes > default_internal_user = root > default_login_user = mail > disable_plaintext_auth = no > first_valid_uid = 100 > mail_access_groups = mail users sysadmin popusers > mail_location = > mbox:%h/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=%h/mail/control:INBOX=/var/spool/vmail/%d/%n > mail_max_userip_connections = 40 > mail_plugins = " quota sieve" > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mbox_lazy_writes = no > passdb { > args = /vdl/etc/dovecot/dovecot-sql.conf > driver = sql > } > plugin { > sieve = %h/mail/sieve/%n > sieve_global_dir = /vdl/etc/dovecot/ > sieve_vacation_default_period = 1d > sieve_vacation_max_period = 7d > } > postmaster_address = x at x.x > protocols = imap pop3 > service auth { > unix_listener auth-userdb { > mode = 0600 > user = popusers > } > } > service imap-login { > inet_listener imap { > port = 143 > } > process_min_avail = 4 > vsz_limit = 256 M > } > service pop3-login { > inet_listener pop3 { > port = 110 > } > process_min_avail = 16 > } > ssl = no > submission_host = localhost:25 > userdb { > args = /vdl/etc/dovecot/dovecot-sql.conf > driver = sql > } > protocol imap { > mail_plugins = quota imap_quota mail_log notify > } > protocol pop3 { > mail_plugins = quota > } > protocol lda { > mail_plugins = quota sieve > } > > > dovecot-sql.conf > password_query = SELECT \ > concat(s_courriel_utilisateur.utilisateur, '@', > s_courriel_domaine.nom) AS user,s_courriel_utilisateur.password as > password \ > FROM s_courriel_utilisateur left join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and > s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%d' \ > and ( s_courriel_utilisateur.utilisateur = > '%n' or s_courriel_alias.alias = '%n' ) > > user_query = SELECT \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, \ > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, \ > "maildir++" as layout, \ > s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid \ > FROM s_courriel_utilisateur left join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and > s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%d' \ > and ( s_courriel_utilisateur.utilisateur = > '%n' or s_courriel_alias.alias = '%n' ) > > Transaction debug for cedrict at mail.vdl with message added to file > /var/spool/vmail/mail.vdl/cedrict > > SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left > join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 > and s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( > s_courriel_utilisateur.utilisateur = 'cedrict' or > s_courriel_alias.alias = 'cedrict'); > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > | home | > index | > control | > inbox | layout | uid | gid | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > | /vhome/mail.vdl/home/cedrict | > /vhome/mail.vdl/home/cedrict/mail/index | > /vhome/mail.vdl/home/cedrict/mail/control | > /var/spool/vmail/mail.vdl/cedrict | maildir++ | 60001 | 231 | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > > Jul 17 14:00:56 devshed dovecot: auth: Debug: master in: USER 1 > cedrict at mail.vdl service=lda > Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: Loading > modules from directory: /vdl/lib/dovecot/auth > Jul 17 14:00:56 devshed dovecot: auth-worker(7009): Debug: > sql(cedrict at mail.vdl): SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left > join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 > and s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( > s_courriel_utilisateur.utilisateur = 'cedrict' or > s_courriel_alias.alias = 'cedrict' > Jul 17 14:00:56 devshed dovecot: auth: Debug: userdb out: USER 1 > cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ > uid=60001 gid=231 > Jul 17 14:00:56 devshed dovecot: lda: Debug: auth input: > cedrict at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:00:56 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: > Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: > No quota setting - plugin disabled > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: > maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/cedrict, alt= > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: quota: > No quota setting - plugin disabled > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: none: > root=, index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: > Destination address: cedrict at mail.vdl (source: user at hostname) > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > Pigeonhole version 0.4.1 initializing > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > script file /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict not found > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > user's script /vhome/mail.vdl/home/cedrict/mail/sieve/cedrict doesn't > exist (trying default script location instead) > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > no default script configured for user > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > user has no valid location for a personal script > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): Debug: sieve: > no scripts to execute: reverting to default delivery. > Jul 17 14:00:56 devshed dovecot: lda(cedrict at mail.vdl): > msgid=<201307171800.r6HI0unE007004 at devshed.derytelecom.ca>: saved mail > to INBOX > > Transaction debug for alias test at mail.vdl with message added to file > /var/spool/vmail/mail.vdl/test > > mysql> SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left > join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 > and s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( > s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias > = 'test' ); > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > | home | > index | > control | > inbox | layout | uid | gid | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > | /vhome/mail.vdl/home/cedrict | > /vhome/mail.vdl/home/cedrict/mail/index | > /vhome/mail.vdl/home/cedrict/mail/control | > /var/spool/vmail/mail.vdl/cedrict | maildir++ | 60001 | 231 | > +------------------------------+-----------------------------------------+-------------------------------------------+-----------------------------------+-----------+-------+------+ > > 1 row in set (0,00 sec) > > Jul 17 14:03:10 devshed dovecot: auth-worker(7135): Debug: > sql(test at mail.vdl): SELECT > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left > join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 > and s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( > s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias > = 'test' ) > Jul 17 14:03:10 devshed dovecot: auth: Debug: userdb out: USER 1 > test at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ > uid=60001 gid=231 > Jul 17 14:03:10 devshed dovecot: lda: Debug: auth input: test at mail.vdl > home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:03:10 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: Effective > uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: > root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/test, alt= > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: none: > root=, index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: > Destination address: test at mail.vdl (source: user at hostname) > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > Pigeonhole version 0.4.1 initializing > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't > exist (trying default script location instead) > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no > default script configured for user > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > user has no valid location for a personal script > Jul 17 14:03:10 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no > scripts to execute: reverting to default delivery. > > I also tried adding the username in the sql query, same problem, > there's the debug : > > [root at devshed ~]# Jul 17 14:11:59 devshed dovecot: lda: Debug: Loading > modules from directory: /vdl/lib/dovecot > Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: > /vdl/lib/dovecot/lib10_quota_plugin.so > Jul 17 14:11:59 devshed dovecot: lda: Debug: Module loaded: > /vdl/lib/dovecot/lib90_sieve_plugin.so > Jul 17 14:11:59 devshed dovecot: auth: Debug: master in: USER 1 > test at mail.vdl service=lda > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: Loading > modules from directory: /vdl/lib/dovecot/auth > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: > sql(test at mail.vdl): SELECT s_courriel_utilisateur.utilisateur as > username, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) > as home, > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") > as "index", > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") > as control, > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) > as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as > uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left > join s_courriel_alias on > s_courriel_utilisateur.id=s_courriel_alias.utilisateur and > s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE > s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 > and s_courriel_utilisateur.domaine=s_courriel_domaine.id and > s_courriel_domaine.nom = 'mail.vdl' and ( > s_courriel_utilisateur.utilisateur = 'tes > Jul 17 14:11:59 devshed dovecot: auth-worker(7385): Debug: > auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl > Jul 17 14:11:59 devshed dovecot: auth: Debug: userdb out: USER 1 > test at mail.vdl home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ > uid=60001 gid=231 > Jul 17 14:11:59 devshed dovecot: lda: Debug: auth input: test at mail.vdl > home=/vhome/mail.vdl/home/cedrict > index=/vhome/mail.vdl/home/cedrict/mail/index > control=/vhome/mail.vdl/home/cedrict/mail/control > inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 > gid=231 > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 17 14:11:59 devshed dovecot: lda: Debug: Added userdb setting: > plugin/layout=maildir++ > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: Effective > uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: > root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, > control=/vhome/mail.vdl/home/cedrict/mail/control, > inbox=/var/spool/vmail/mail.vdl/test, alt= > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: quota: No > quota setting - plugin disabled > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: none: > root=, index=, indexpvt=, control=, inbox=, alt= > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: > Destination address: test at mail.vdl (source: user at hostname) > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > Pigeonhole version 0.4.1 initializing > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't > exist (trying default script location instead) > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no > default script configured for user > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: > user has no valid location for a personal script > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no > scripts to execute: reverting to default delivery. > Jul 17 14:11:59 devshed dovecot: lda(test at mail.vdl): > msgid=<201307171811.r6HIBxWe007380 at devshed.derytelecom.ca>: saved mail > to INBOX > > Cedric -- From mlong at mlong.us Mon Jul 22 18:01:28 2013 From: mlong at mlong.us (Michael Long) Date: Mon, 22 Jul 2013 11:01:28 -0400 Subject: [Dovecot] zlib error when running doveadm Message-ID: <51ED4948.9040304@mlong.us> Upgraded to dovecot 2.2.4 from 2.1.16 Error I see is: doveadm(root): Error: Module is for different ABI version 2.1.16 (we have 2.2.ABIv3(2.2.4)): /usr/local/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so How do I resolve this? Configure options: ./configure --with-bzlib --with-ssl --with-mysql --with-zlib --with-pam Configuration: # 2.2.4: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-48-generic x86_64 Ubuntu 12.04.2 LTS doveconf: Warning: Dovecot was last started using /etc/dovecot/dovecot-postfix.conf, but this config is /usr/local/etc/dovecot/dovecot.conf auth_mechanisms = plain login cram-md5 disable_plaintext_auth = no listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " mail_access_groups = mail mail_debug = yes mail_gid = 8 mail_location = maildir:~/Maildir mail_plugins = " zlib" mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /etc/dovecot/passdb driver = passwd-file } passdb { driver = pam } plugin { fts = squat sieve = ~/.dovecot.sieve sieve_debug = yes sieve_dir = ~/ sieve_global_dir = /etc/dovecot sieve_global_path = /etc/dovecot/dovecot.sieve zlib_save = gz zlib_save_level = 6 } protocols = imap pop3 sieve service auth { unix_listener /var/run/dovecot/auth-master { group = postfix mode = 0666 user = postfix } unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0666 user = postfix } user = root } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_cert = was automatically rejected:%n%r } From CMarcus at Media-Brokers.com Mon Jul 22 19:24:40 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 22 Jul 2013 12:24:40 -0400 Subject: [Dovecot] zlib error when running doveadm In-Reply-To: <51ED4948.9040304@mlong.us> References: <51ED4948.9040304@mlong.us> Message-ID: <51ED5CC8.3030301@Media-Brokers.com> On 2013-07-22 11:01 AM, Michael Long wrote: > Configuration: > # 2.2.4: /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-48-generic x86_64 Ubuntu 12.04.2 LTS > doveconf: Warning: Dovecot was last started using > /etc/dovecot/dovecot-postfix.conf, but this config is > /usr/local/etc/dovecot/dovecot.conf Looks like you have two versions installed and are mixing them up. -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax From AxelLuttgens at swing.be Mon Jul 22 19:47:36 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Mon, 22 Jul 2013 18:47:36 +0200 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <51ED40AF.8020100@derytelecom.ca> References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> Message-ID: <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> Le 22 juil. 2013 ? 16:24, Cedric a ?crit : > HI, > > I'll try to explain my problem another way just in case. Hello Cedric, It's still a bit difficult to be sure of all the details, as it seems that the doveconf -n output and the password_query/user_query you have provided are a bit out of sync with your log excerpts. So could you please provide that configuration (doveconf -n, password_query/user_query) again, and ensure your log entries are emitted under that configuration? > For message delivery i'm using sendmail/dovecot-lda Do you mean that you are running commands such as: me$ sendmail cedrict at mail.vdl [...] . me$ and: me$ sendmail test at mail.vdl [...] . me$ and that postfix is configured to deliver those messages thru dovecot-lda? BTW, how in postfix' main.cf do you invoke dovecot-lda? And could you tell us a bit more about that alias "test at mail.vdl" (or is it "test")? Finally, could you post the whole log excerpt (including the entries written by both postfix and dovecot) related to the sending of a message to test at mail.vdl? Thanks, Axel From rs at sys4.de Mon Jul 22 19:59:22 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 22 Jul 2013 18:59:22 +0200 Subject: [Dovecot] zlib error when running doveadm In-Reply-To: <51ED4948.9040304@mlong.us> References: <51ED4948.9040304@mlong.us> Message-ID: <51ED64EA.6010907@sys4.de> Am 22.07.2013 17:01, schrieb Michael Long: > doveadm(root): Error: Module is for different ABI version 2.1.16 (we > have 2.2.ABIv3(2.2.4)): > /usr/local/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so normally this simple says there is somthing from old dovecot version ( process ) still running, try stop all dove, reinstall again ( might use force etc ) Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From cedrict at derytelecom.ca Mon Jul 22 20:31:03 2013 From: cedrict at derytelecom.ca (Cedric) Date: Mon, 22 Jul 2013 13:31:03 -0400 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> Message-ID: <51ED6C57.7060101@derytelecom.ca> Hi, There's the information again : I use sendmail with dovecot-lda delivery : Mvirtual, P=/vdl/libexec/dovecot/dovecot-lda, F=lsDFMShP, S=10, R=20/40, A=/vdl/libexec/dovecot/dovecot-lda -d $u@$h The current query : user_query = SELECT \ s_courriel_utilisateur.utilisateur as user, \ s_courriel_utilisateur.utilisateur as username, \ s_courriel_domaine.nom as domain, \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", \ concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, \ concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, \ "maildir++" as layout, \ s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid \ FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine \ WHERE s_courriel_utilisateur.archive !=1 \ and s_courriel_domaine.archive !=1 \ and s_courriel_utilisateur.domaine=s_courriel_domaine.id \ and s_courriel_domaine.nom = '%Ld' \ and ( s_courriel_utilisateur.utilisateur = '%Ln' or s_courriel_alias.alias = '%Ln' ) The query, including the output : mysql> SELECT concat(s_courriel_utilisateur.utilisateur,"@",s_courriel_domaine.nom) as user,s_courriel_utilisateur.utilisateur as username,concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' )\G; *************************** 1. row *************************** user: cedrict at mail.vdl username: cedrict home: /vhome/mail.vdl/home/cedrict index: /vhome/mail.vdl/home/cedrict/mail/index control: /vhome/mail.vdl/home/cedrict/mail/control inbox: /var/spool/vmail/mail.vdl/cedrict layout: maildir++ uid: 60001 The dovecot log , you can see dovecot lda deliver the message to inbox=/var/spool/vmail/mail.vdl/test and not inbox=/var/spool/vmail/mail.vdl/cedrict [root at devshed vdl]# Jul 22 13:29:47 devshed sendmail[32409]: dangerous permissions=40777 on queue directory /var/spool/clientmqueue/ Jul 22 13:29:47 devshed sendmail[32409]: r6MHTlCf032409: from=root, size=34, class=0, nrcpts=1, msgid=<201307221729.r6MHTlCf032409 at devshed.derytelecom.ca>, relay=root at localhost Jul 22 13:29:47 devshed sendmail[32410]: STARTTLS=server, relay=devshed.derytelecom.ca [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jul 22 13:29:47 devshed sendmail[32409]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jul 22 13:29:47 devshed sendmail[32410]: r6MHTlQS032410: from=, size=330, class=0, nrcpts=1, msgid=<201307221729.r6MHTlCf032409 at devshed.derytelecom.ca>, proto=ESMTP, daemon=MTA-RX, relay=devshed.derytelecom.ca [127.0.0.1] Jul 22 13:29:47 devshed sendmail[32409]: r6MHTlCf032409: to=test at mail.vdl, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30034, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (r6MHTlQS032410 Message accepted for delivery) Jul 22 13:29:47 devshed dovecot: lda: Debug: Loading modules from directory: /vdl/lib/dovecot Jul 22 13:29:47 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib10_quota_plugin.so Jul 22 13:29:47 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib90_sieve_plugin.so Jul 22 13:29:47 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: sql(test at mail.vdl): SELECT s_courriel_utilisateur.utilisateur as user, s_courriel_utilisateur.utilisateur as username, s_courriel_domaine.nom as domain, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_co Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(cedrict): username changed cedrict -> cedrict at mail.vdl Jul 22 13:29:47 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 13:29:47 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying default script location instead) Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default script configured for user Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): msgid=<201307221729.r6MHTlCf032409 at devshed.derytelecom.ca>: saved mail to INBOX Jul 22 13:29:47 devshed sendmail[32412]: r6MHTlQS032410: to=, ctladdr= (0/0), delay=00:00:00, xdelay=00:00:00, mailer=virtual, pri=120330, relay=mail.vdl, d Thank in advance. Le 2013-07-22 12:47, Axel Luttgens a ?crit : > Le 22 juil. 2013 ? 16:24, Cedric a ?crit : > >> HI, >> >> I'll try to explain my problem another way just in case. > Hello Cedric, > > It's still a bit difficult to be sure of all the details, as it seems that the doveconf -n output and the password_query/user_query you have provided are a bit out of sync with your log excerpts. > > So could you please provide that configuration (doveconf -n, password_query/user_query) again, and ensure your log entries are emitted under that configuration? > > >> For message delivery i'm using sendmail/dovecot-lda > Do you mean that you are running commands such as: > me$ sendmail cedrict at mail.vdl > [...] > . > me$ > and: > me$ sendmail test at mail.vdl > [...] > . > me$ > and that postfix is configured to deliver those messages thru dovecot-lda? > > BTW, how in postfix' main.cf do you invoke dovecot-lda? > And could you tell us a bit more about that alias "test at mail.vdl" (or is it "test")? > > Finally, could you post the whole log excerpt (including the entries written by both postfix and dovecot) related to the sending of a message to test at mail.vdl? > > Thanks, > Axel > From mlong at mlong.us Mon Jul 22 21:43:45 2013 From: mlong at mlong.us (Michael Long) Date: Mon, 22 Jul 2013 14:43:45 -0400 Subject: [Dovecot] zlib error when running doveadm Message-ID: <51ED7D61.2070807@mlong.us> > Looks like you have two versions installed and are mixing them up. I checked and only one binary is on the system. I took a look in the directory /usr/local/lib/dovecot/doveadm/ and it appears the upgrade rebuilt all libraries EXCEPT zlib. Any ideas? -rw-r--r-- 1 root root 125910 Jul 22 10:58 lib10_doveadm_acl_plugin.a -rwxr-xr-x 1 root root 1070 Jul 22 10:58 lib10_doveadm_acl_plugin.la -rwxr-xr-x 1 root root 88190 Jul 22 10:58 lib10_doveadm_acl_plugin.so -rw-r--r-- 1 root root 54812 Jul 22 10:58 lib10_doveadm_expire_plugin.a -rwxr-xr-x 1 root root 1091 Jul 22 10:58 lib10_doveadm_expire_plugin.la -rwxr-xr-x 1 root root 44763 Jul 22 10:58 lib10_doveadm_expire_plugin.so -rw-r--r-- 1 root root 89116 Jul 22 10:58 lib10_doveadm_quota_plugin.a -rwxr-xr-x 1 root root 1084 Jul 22 10:58 lib10_doveadm_quota_plugin.la -rwxr-xr-x 1 root root 61137 Jul 22 10:58 lib10_doveadm_quota_plugin.so -rw-r--r-- 1 root root 369576 Jul 22 10:47 lib10_doveadm_sieve_plugin.a -rwxr-xr-x 1 root root 1248 Jul 22 10:47 lib10_doveadm_sieve_plugin.la -rwxr-xr-x 1 root root 208863 Jul 22 10:47 lib10_doveadm_sieve_plugin.so -rw-r--r-- 1 root root 26166 Apr 9 14:30 lib10_doveadm_zlib_plugin.a -rwxr-xr-x 1 root root 1077 Apr 9 14:30 lib10_doveadm_zlib_plugin.la -rwxr-xr-x 1 root root 25243 Apr 9 14:30 lib10_doveadm_zlib_plugin.so -rw-r--r-- 1 root root 100120 Jul 22 10:58 lib20_doveadm_fts_plugin.a -rwxr-xr-x 1 root root 1070 Jul 22 10:58 lib20_doveadm_fts_plugin.la -rwxr-xr-x 1 root root 65515 Jul 22 10:58 lib20_doveadm_fts_plugin.so Configure does seem to see it though: checking zlib.h usability... yes checking zlib.h presence... yes checking for zlib.h... yes checking bzlib.h usability... yes checking bzlib.h presence... yes checking for bzlib.h... yes checking for BZ2_bzdopen in -lbz2... yes From fuer-foren at nurfuerspam.de Mon Jul 22 22:00:07 2013 From: fuer-foren at nurfuerspam.de (FF) Date: Mon, 22 Jul 2013 20:00:07 +0100 Subject: [Dovecot] =?windows-1252?q?Managing_IMAP_IDLE/Push_with_Sieve_=96?= =?windows-1252?q?_possible=3F?= Message-ID: <51ED8137.50402@nurfuerspam.de> Hello, I've been using Dovecot with Sieve for a long time already, and I'm very happy with it. Push is working fine too. I was wondering, however, whether it would be possible to define a Sieve rule (perhaps using some plug-in), such that an IMAP push message gets sent out only for specific senders etc.? Have you come across anything like that? Thanks a lot, F.F. From mlong at mlong.us Mon Jul 22 22:03:25 2013 From: mlong at mlong.us (Michael Long) Date: Mon, 22 Jul 2013 15:03:25 -0400 Subject: [Dovecot] zlib error when running doveadm Message-ID: <51ED81FD.10408@mlong.us> I manually fixed it by copying src/plugins/zlib/lib20_zlib_plugin.la to /usr/local/lib/dovecot/doveadm I do not understand why 'make install' won't do that? A bug perhaps? From mls at adnane.me Mon Jul 22 23:50:48 2013 From: mls at adnane.me (Adnane) Date: Mon, 22 Jul 2013 21:50:48 +0100 Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: References: <51ECA0EA.1060608@adnane.me> Message-ID: <51ED9B28.1070502@adnane.me> here is the dovecot -n dump dovecot -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.8.13-xxxx-grs-ipv6-64-vps x86_64 Ubuntu 12.04.2 LTS ext3 auth_mechanisms = plain login mail_location = maildir:/var/mail/vhosts/%d/%n mail_privileged_group = mail passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocols = imap pop3 lmtp service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service imap-login { inet_listener imap { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3 { port = 0 } } ssl = required ssl_cert = -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 22 Jul 2013, Adnane wrote: > >> I think the issue is with authentication >> >> root at mailer:~# tail -f /var/log/syslogJul >> Jul 22 03:34:41 mailer dovecot:imap-login: Disconnected (no auth >> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS >> Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth >> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: >> Disconnected >> Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth >> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: >> Disconnected >> Jul 22 03:35:03 mailer dovecot: imap-login: Disconnected (no auth >> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS: Disconnected > > There is "no auth attempts", so you do not have an issue with > authentication. > > Because of the "TLS handshaking: Disconnected" it looks like the > connection gets cut during the initial TLS handshake. To debug this, > first increare logging, then try from localhost without encryption, e.g.: > > telnet localhost 143 > 1 login "loginname" "password" > > and watch the human friendly output. Terminate the IMAP connection via > > 2 logout > > Maybe that client does not like your SSL cert and drops the connection > thereof? Or maybe a firewall thinks it has to fiddle in, e.g. change > Thunderbird to use SSL on port 993 instead of STARTTLS on 143. > > Kind regards, > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUezg/13r2wJMiz2NAQKjkQf+MSiRcG8h4C3cdH2uKQNvc4K1UkJVmPjx > tZvsBQmMQB0kY9y9GC9YiDKKCx3Cua6lxQ89Mbh4UDkjWdIV6T617QXT55HglLoY > +fS1vVAIjCQlOD42GW1W8XKrQN9mfzCDw2CvdtMX8weiXPvsMA0ZMT/m5ZCWOtzR > 8eP1Jjd8APuTPQqYg13+vWBSWNOfeyeY69m3loqKAuSw4ntSRglx5qlMrK8IRSji > MHXkX2HJmbSV+iFstDRvbqVRWkJCGj6mzt+N34HU3py1H5zxiCjOSF9Q3UkU4psO > 7xIGEDHbIrLpAca+6B2ZRIcfU0BgRAsvmcLLogqH40G/F7edud9YGw== > =9TD0 > -----END PGP SIGNATURE----- From AxelLuttgens at swing.be Tue Jul 23 01:02:07 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 23 Jul 2013 00:02:07 +0200 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <51ED6C57.7060101@derytelecom.ca> References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> <51ED6C57.7060101@derytelecom.ca> Message-ID: Le 22 juil. 2013 ? 19:31, Cedric a ?crit : > Hi, > > There's the information again : > > I use sendmail with dovecot-lda delivery : > > Mvirtual, P=/vdl/libexec/dovecot/dovecot-lda, F=lsDFMShP, S=10, R=20/40, > A=/vdl/libexec/dovecot/dovecot-lda -d $u@$h Ha... So, there are still people using Sendmail for new installations. ;-) Sorry, I don't know why I have thought about postfix. My memories about Sendmail are very, very tiny, so I'll assume the above is correct (doesn't seem too audacious, given the lines with "to=test at mail.vdl ... mailer=virtual" written by Sendmail in the log). Please find hereafter my quick interpretation of what's happening when sending a message to "test at mail.vdl" (note that the same description should apply for a message to "cedrict at mail.vdl" as well). > The current query : > > user_query = SELECT \ > s_courriel_utilisateur.utilisateur as user, \ According to the query output you provide below, you are replacing here "test at mail.vdl" by "cedrict at mail.vdl" > s_courriel_utilisateur.utilisateur as username, \ and here "test" by "cedrict" > s_courriel_domaine.nom as domain, \ and here "mail.vdl" by NULL? Or something like that. Anyway, those substitutions should explain the "username changed test at mail.vdl -> cedrict" and "cedrict -> cedrict at mail.vdl" infos in the log. The problem is, the effect of such substitutions isn't really defined in a user_query: at best they don't do anything, at worse they may lead to strange interpretations of %n, %u, %d in doevecot.conf. > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", \ > concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, \ > concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, \ Not sure, but I think you are trying to split into three pieces (index, control, inbox) what Dovecot expects to be returned as a single column "mail" (which, when not NULL, overrides mail_location) from a user_query. > "maildir++" as layout, \ Is this OK in the context of a user_query? > s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid \ > FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine \ > WHERE s_courriel_utilisateur.archive !=1 \ > and s_courriel_domaine.archive !=1 \ > and s_courriel_utilisateur.domaine=s_courriel_domaine.id \ > and s_courriel_domaine.nom = '%Ld' \ > and ( s_courriel_utilisateur.utilisateur = '%Ln' or s_courriel_alias.alias = '%Ln' ) > > > The query, including the output : > > > [...] > *************************** 1. row *************************** > user: cedrict at mail.vdl > username: cedrict > home: /vhome/mail.vdl/home/cedrict > index: /vhome/mail.vdl/home/cedrict/mail/index > control: /vhome/mail.vdl/home/cedrict/mail/control > inbox: /var/spool/vmail/mail.vdl/cedrict > layout: maildir++ > uid: 60001 > > The dovecot log , you can see dovecot lda deliver the message to inbox=/var/spool/vmail/mail.vdl/test and not inbox=/var/spool/vmail/mail.vdl/cedrict > > [root at devshed vdl]# Jul 22 13:29:47 devshed sendmail[32409]: dangerous permissions=40777 on queue directory /var/spool/clientmqueue/ > [...] > Jul 22 13:29:47 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda > [...] > Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict > Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(cedrict): username changed cedrict -> cedrict at mail.vdl > Jul 22 13:29:47 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 > Jul 22 13:29:47 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 > Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control > Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict > Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index > Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Note here "plugin/control", "plugin/inbox", "plugin/index" and "plugin/layout": considered as unknown settings and placed into plugin sections. > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= The home directory is thus the one provided without ambiguity by the user_query. See below for the control and the inbox. > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= > Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Dovecot is now a bit lost and seems to revert to "reasonable" guesses: the domain seems to have been lost (hence the hostname), but the original user ("test") is still at hand. So, there was still a way to find out something, with the help of that line in dovecot.conf: mail_location = mbox:%h/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=%h/mail/control:INBOX=/var/spool/vmail/%d/%n > [...] > > Thank in advance. HTH, Axel From michael.abbott at apple.com Tue Jul 23 01:17:37 2013 From: michael.abbott at apple.com (Mike Abbott) Date: Mon, 22 Jul 2013 17:17:37 -0500 Subject: [Dovecot] script to test CATENATE Message-ID: <2FE70D92-8C50-4D9F-BBAF-387995E714CE@apple.com> Attached please find a perl script which tests the CATENATE support in dovecot. I used this to test my CATENATE implementation a few years ago and it runs fine against dovecot in OS X Server. When run against dovecot-2.2.4 though it always fails or hangs, which in some cases means we interpreted RFCs differently and in other cases means it's finding bugs; both conditions are worthy of scrutiny. (It's random-number driven so every run is different.) A couple months ago I reported a few simple bugs which this script found and you fixed them; thanks. Then it started finding problems for which it's harder to isolate simple reproducible test cases. Vacations and other work interceded but now Apple is pleased to give you the script itself to allow you to iterate faster. Here are some examples of it running. One time only, pass the --init argument to store some template messages used by the real tests: $ ./catenate.pl --host your.test.server --user testuser --password 1234 --init connecting (imaps)... capability... logging in... deleting old templates mailbox... creating templates mailbox... append1... Append succeeded append2... Append succeeded logout... success $ ./catenate.pl --host your.test.server --user testuser --password 1234 connecting (imaps)... capability... logging in... append1... Append failed as it should have (bad url): append2... Append failed as it should have (bad url): append3... Append succeeded [...] All tests passed. $ If it concludes with anything other than "All tests passed" or hangs then it found something that it didn't expect and that should be examined. Use the --verbose option to see the entire client-server conversation. We hope that you find this script helpful to harden your CATENATE code. I will be happy to answer any questions. -------------- next part -------------- A non-text attachment was scrubbed... Name: catenate.pl Type: text/x-perl-script Size: 20045 bytes Desc: not available URL: From jtam.home at gmail.com Tue Jul 23 02:19:44 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 22 Jul 2013 16:19:44 -0700 (PDT) Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: References: Message-ID: From: Adnane writes: > Jul 22 22:32:53 mailer dovecot: pop3-login: Disconnected (tried to use > disabled plaintext auth): rip=196.217.182.199, lip=5.135.151.43 > Jul 22 22:36:04 mailer dovecot: pop3(adnane at mailer.adnane.me): > Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Looks like a mail client issue: you're not enabling STARTTLS on port 110. Fiddle with the SSL configuration. Joseph Tam From cedrict at derytelecom.ca Tue Jul 23 03:41:30 2013 From: cedrict at derytelecom.ca (Cedric) Date: Mon, 22 Jul 2013 20:41:30 -0400 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> <51ED6C57.7060101@derytelecom.ca> Message-ID: <51EDD13A.9040804@derytelecom.ca> Hi, Ok thank for the interpretation, we used sendmail the last 16 years and I'm trying to migrate a old linuxconf/imapd setup here. Le 2013-07-22 18:02, Axel Luttgens a ?crit : > Le 22 juil. 2013 ? 19:31, Cedric a ?crit : > >> Hi, >> >> There's the information again : >> >> I use sendmail with dovecot-lda delivery : >> >> Mvirtual, P=/vdl/libexec/dovecot/dovecot-lda, F=lsDFMShP, S=10, R=20/40, >> A=/vdl/libexec/dovecot/dovecot-lda -d $u@$h > Ha... So, there are still people using Sendmail for new installations. ;-) > Sorry, I don't know why I have thought about postfix. > My memories about Sendmail are very, very tiny, so I'll assume the above is correct (doesn't seem too audacious, given the lines with "to=test at mail.vdl ... mailer=virtual" written by Sendmail in the log). > > Please find hereafter my quick interpretation of what's happening when sending a message to "test at mail.vdl" (note that the same description should apply for a message to "cedrict at mail.vdl" as well). > > >> The current query : >> >> user_query = SELECT \ >> s_courriel_utilisateur.utilisateur as user, \ > According to the query output you provide below, you are replacing here "test at mail.vdl" by "cedrict at mail.vdl" > > >> s_courriel_utilisateur.utilisateur as username, \ > and here "test" by "cedrict" > > >> s_courriel_domaine.nom as domain, \ > and here "mail.vdl" by NULL? > Or something like that. > Anyway, those substitutions should explain the "username changed test at mail.vdl -> cedrict" and "cedrict -> cedrict at mail.vdl" infos in the log. > The problem is, the effect of such substitutions isn't really defined in a user_query: at best they don't do anything, at worse they may lead to strange interpretations of %n, %u, %d in doevecot.conf. > > >> concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, \ >> concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", \ >> concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, \ >> concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, \ > Not sure, but I think you are trying to split into three pieces (index, control, inbox) what Dovecot expects to be returned as a single column "mail" (which, when not NULL, overrides mail_location) from a user_query. > > >> "maildir++" as layout, \ > Is this OK in the context of a user_query? nope it was all in hope to resolve the issue. > >> s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid \ >> FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine \ >> WHERE s_courriel_utilisateur.archive !=1 \ >> and s_courriel_domaine.archive !=1 \ >> and s_courriel_utilisateur.domaine=s_courriel_domaine.id \ >> and s_courriel_domaine.nom = '%Ld' \ >> and ( s_courriel_utilisateur.utilisateur = '%Ln' or s_courriel_alias.alias = '%Ln' ) >> >> >> The query, including the output : >> >> >> [...] >> *************************** 1. row *************************** >> user: cedrict at mail.vdl >> username: cedrict >> home: /vhome/mail.vdl/home/cedrict >> index: /vhome/mail.vdl/home/cedrict/mail/index >> control: /vhome/mail.vdl/home/cedrict/mail/control >> inbox: /var/spool/vmail/mail.vdl/cedrict >> layout: maildir++ >> uid: 60001 >> >> The dovecot log , you can see dovecot lda deliver the message to inbox=/var/spool/vmail/mail.vdl/test and not inbox=/var/spool/vmail/mail.vdl/cedrict >> >> [root at devshed vdl]# Jul 22 13:29:47 devshed sendmail[32409]: dangerous permissions=40777 on queue directory /var/spool/clientmqueue/ >> [...] >> Jul 22 13:29:47 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda >> [...] >> Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict >> Jul 22 13:29:47 devshed dovecot: auth-worker(32406): Debug: auth(cedrict): username changed cedrict -> cedrict at mail.vdl >> Jul 22 13:29:47 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 >> Jul 22 13:29:47 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 >> Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control >> Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict >> Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index >> Jul 22 13:29:47 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ > Note here "plugin/control", "plugin/inbox", "plugin/index" and "plugin/layout": considered as unknown settings and placed into plugin sections. > > >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= > The home directory is thus the one provided without ambiguity by the user_query. > See below for the control and the inbox. > > >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= >> Jul 22 13:29:47 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) > Dovecot is now a bit lost and seems to revert to "reasonable" guesses: the domain seems to have been lost (hence the hostname), but the original user ("test") is still at hand. > > So, there was still a way to find out something, with the help of that line in dovecot.conf: > > mail_location = mbox:%h/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=%h/mail/control:INBOX=/var/spool/vmail/%d/%n Below i provided two differents sql attempt, your input on how to make dovecot lda understand it should deliver the mail to the correct file are welcome > >> [...] >> >> Thank in advance. > HTH, > Axel There's a new debug output fixing the domain entry The querry i pasted seem to be wrong for a previous configuration there's the correct one : mysql> SELECT concat(s_courriel_utilisateur.utilisateur,"@",s_courriel_domaine.nom) as user,s_courriel_utilisateur.utilisateur as username,s_courriel_domaine.nom as domain,concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' )\G; *************************** 1. row *************************** user: cedrict at mail.vdl username: cedrict domain: mail.vdl home: /vhome/mail.vdl/home/cedrict index: /vhome/mail.vdl/home/cedrict/mail/index control: /vhome/mail.vdl/home/cedrict/mail/control inbox: /var/spool/vmail/mail.vdl/cedrict layout: maildir++ uid: 60001 gid: 231 Jul 22 20:27:05 devshed sendmail[11778]: r6N0R5bq011778: from=root, size=36, class=0, nrcpts=1, msgid=<201307230027.r6N0R5bq011778 at devshed.derytelecom.ca>, relay=root at localhost Jul 22 20:27:05 devshed sendmail[11779]: STARTTLS=server, relay=devshed.derytelecom.ca [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jul 22 20:27:05 devshed sendmail[11778]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jul 22 20:27:05 devshed sendmail[11779]: r6N0R5hL011779: from=, size=332, class=0, nrcpts=1, msgid=<201307230027.r6N0R5bq011778 at devshed.derytelecom.ca>, proto=ESMTP, daemon=MTA-RX, relay=devshed.derytelecom.ca [127.0.0.1] Jul 22 20:27:05 devshed sendmail[11778]: r6N0R5bq011778: to=test at mail.vdl, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30036, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (r6N0R5hL011779 Message accepted for delivery) Jul 22 20:27:05 devshed dovecot: lda: Debug: Loading modules from directory: /vdl/lib/dovecot Jul 22 20:27:05 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib10_quota_plugin.so Jul 22 20:27:05 devshed dovecot: lda: Debug: Module loaded: /vdl/lib/dovecot/lib90_sieve_plugin.so Jul 22 20:27:05 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda Jul 22 20:27:05 devshed dovecot: auth-worker(11783): Debug: Loading modules from directory: /vdl/lib/dovecot/auth Jul 22 20:27:05 devshed dovecot: auth-worker(11783): Debug: sql(test at mail.vdl): SELECT concat(s_courriel_utilisateur.utilisateur,'@',s_courriel_domaine.nom) as user, s_courriel_utilisateur.utilisateur as username, s_courriel_domaine.nom as domain, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/index") as "index", concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur,"/mail/control") as control, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, "maildir++" as layout, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.dom Jul 22 20:27:06 devshed dovecot: auth-worker(11783): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl Jul 22 20:27:06 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 20:27:06 devshed dovecot: lda: Debug: auth input: test at mail.vdl home=/vhome/mail.vdl/home/cedrict index=/vhome/mail.vdl/home/cedrict/mail/index control=/vhome/mail.vdl/home/cedrict/mail/control inbox=/var/spool/vmail/mail.vdl/cedrict layout=maildir++ uid=60001 gid=231 Jul 22 20:27:06 devshed dovecot: lda: Debug: Added userdb setting: plugin/control=/vhome/mail.vdl/home/cedrict/mail/control Jul 22 20:27:06 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 22 20:27:06 devshed dovecot: lda: Debug: Added userdb setting: plugin/index=/vhome/mail.vdl/home/cedrict/mail/index Jul 22 20:27:06 devshed dovecot: lda: Debug: Added userdb setting: plugin/layout=maildir++ Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying default script location instead) Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default script configured for user Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. Jul 22 20:27:06 devshed dovecot: lda(test at mail.vdl): msgid=<201307230027.r6N0R5bq011778 at devshed.derytelecom.ca>: saved mail to INBOX Jul 22 20:27:06 devshed sendmail[11781]: r6N0R5hL011779: to=, ctladdr= (0/0), delay=00:00:01, xdelay=00:00:01, mailer=virtual, pri=120332, relay=mail.vdl, dsn=2.0.0, stat=Sent There's a second config with without domain,maildir,control or user mysql> SELECT concat(s_courriel_utilisateur.utilisateur,'@',s_courriel_domaine.nom) as user, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' )\G; *************************** 1. row *************************** user: cedrict at mail.vdl inbox: /var/spool/vmail/mail.vdl/cedrict home: /vhome/mail.vdl/home/cedrict uid: 60001 gid: 231 1 row in set (0,54 sec) Jul 22 20:39:22 devshed dovecot: auth: Debug: master in: USER 1 test at mail.vdl service=lda Jul 22 20:39:22 devshed dovecot: auth-worker(12131): Debug: sql(test at mail.vdl): SELECT concat(s_courriel_utilisateur.utilisateur,'@',s_courriel_domaine.nom) as user, concat("/var/spool/vmail/",s_courriel_domaine.nom,"/",s_courriel_utilisateur.utilisateur) as inbox, concat("/vhome/",s_courriel_domaine.nom,"/home/",s_courriel_utilisateur.utilisateur) as home, s_courriel_utilisateur.uid as uid,s_courriel_domaine.gid as gid FROM s_courriel_utilisateur left join s_courriel_alias on s_courriel_utilisateur.id=s_courriel_alias.utilisateur and s_courriel_alias.archive !=1 ,s_courriel_domaine WHERE s_courriel_utilisateur.archive !=1 and s_courriel_domaine.archive !=1 and s_courriel_utilisateur.domaine=s_courriel_domaine.id and s_courriel_domaine.nom = 'mail.vdl' and ( s_courriel_utilisateur.utilisateur = 'test' or s_courriel_alias.alias = 'test' ) Jul 22 20:39:22 devshed dovecot: auth-worker(12131): Debug: auth(test at mail.vdl): username changed test at mail.vdl -> cedrict at mail.vdl Jul 22 20:39:22 devshed dovecot: auth: Debug: userdb out: USER 1 test at mail.vdl inbox=/var/spool/vmail/mail.vdl/cedrict home=/vhome/mail.vdl/home/cedrict uid=60001 gid=231 Jul 22 20:39:22 devshed dovecot: lda: Debug: auth input: test at mail.vdl inbox=/var/spool/vmail/mail.vdl/cedrict home=/vhome/mail.vdl/home/cedrict uid=60001 gid=231 Jul 22 20:39:22 devshed dovecot: lda: Debug: Added userdb setting: plugin/inbox=/var/spool/vmail/mail.vdl/cedrict Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: Effective uid=60001, gid=231, home=/vhome/mail.vdl/home/cedrict Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: maildir++: root=/vhome/mail.vdl/home/cedrict/mail, index=, indexpvt=, control=/vhome/mail.vdl/home/cedrict/mail/control, inbox=/var/spool/vmail/mail.vdl/test, alt= Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: quota: No quota setting - plugin disabled Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: Destination address: test at mail.vdl (source: user at hostname) Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: Pigeonhole version 0.4.1 initializing Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: script file /vhome/mail.vdl/home/cedrict/mail/sieve/test not found Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user's script /vhome/mail.vdl/home/cedrict/mail/sieve/test doesn't exist (trying default script location instead) Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no default script configured for user Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: user has no valid location for a personal script Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): Debug: sieve: no scripts to execute: reverting to default delivery. Jul 22 20:39:22 devshed dovecot: lda(test at mail.vdl): msgid=<201307230039.r6N0dLKl012153 at devshed.derytelecom.ca>: saved mail to INBOX Jul 22 20:39:22 devshed sendmail[12156]: r6N0dL0O012154: to=, ctladdr= (0/0), delay=00:00:00, xdelay=00:00:00, mailer=virtual, pri=120329, relay=mail.vdl, dsn=2.0.0, stat=Sent Thank in advance Cedric From mls at adnane.me Tue Jul 23 04:20:33 2013 From: mls at adnane.me (Adnane) Date: Tue, 23 Jul 2013 02:20:33 +0100 Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: <51ED9B28.1070502@adnane.me> References: <51ECA0EA.1060608@adnane.me> <51ED9B28.1070502@adnane.me> Message-ID: <51EDDA61.1000700@adnane.me> Hello again I can connect with thunderbird now and retrieve mails, I changed auth to ssl and normal password, Jul 23 02:58:14 mailer postfix/lmtp[9253]: D5E7FF81D2: to=, relay=mailer.adnane.me[private/dovecot-lmtp], delay=0.35, delays=0.29/0/0/0.05, dsn=2.0.0, status=sent (250 2.0.0 DbyiBCbV7VEmJAAALj+mJA Saved) Jul 23 02:58:14 mailer postfix/qmgr[8283]: D5E7FF81D2: removed Jul 23 02:58:14 mailer postfix/smtpd[9243]: disconnect from mail-vc0-f177.google.com[209.85.220.177] but I cant send mails Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection rate 1/60s for (smtp:209.85.220.177) at Jul 23 02:58:13 Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection count 1 for (smtp:209.85.220.177) at Jul 23 02:58:13 Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max cache size 1 at Jul 23 02:58:13 any help plz On 07/22/2013 09:50 PM, Adnane wrote: > here is the dovecot -n dump > > dovecot -n > # 2.0.19: /etc/dovecot/dovecot.conf > # OS: Linux 3.8.13-xxxx-grs-ipv6-64-vps x86_64 Ubuntu 12.04.2 LTS ext3 > auth_mechanisms = plain login > mail_location = maildir:/var/mail/vhosts/%d/%n > mail_privileged_group = mail > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocols = imap pop3 lmtp > service auth-worker { > user = vmail > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > mode = 0600 > user = vmail > } > user = dovecot > } > service imap-login { > inet_listener imap { > port = 0 > } > } > service lmtp { > unix_listener /var/spool/postfix/private/dovecot-lmtp { > group = postfix > mode = 0600 > user = postfix > } > } > service pop3-login { > inet_listener pop3 { > port = 0 > } > } > ssl = required > ssl_cert = ssl_key = userdb { > args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n > driver = static > } > root at mailer:~# telnet localhost 143 > Trying 127.0.0.1... > telnet: Unable to connect to remote host: Connection refused > > > netstat -la -pute | grep dovecot > tcp 0 0 *:pop3s *:* LISTEN root > 12974 5098/dovecot > tcp 0 0 *:imaps *:* LISTEN root > 12989 5098/dovecot > tcp6 0 0 [::]:pop3s [::]:* LISTEN > root 12975 5098/dovecot > tcp6 0 0 [::]:imaps [::]:* LISTEN > root 12990 5098/dovecot > > I dont like the "port = 0" but thats what was mentionned in the tutorial > > > so I changed /etc/dovecot/conf.d/10-master.conf > / > > service imap-login { > inet_listener imap { > port = 143 > } > ... > } > > service pop3-login { > inet_listener pop3 { > port = 110 > } > ... > } > > > now > > netstat -la -pute | grep dovecot > tcp 0 0 *:pop3s *:* LISTEN > root 162828 8341/dovecot > tcp 0 0 *:pop3 *:* LISTEN > root 162826 8341/dovecot > tcp 0 0 *:imap2 *:* LISTEN > root 162845 8341/dovecot > tcp 0 0 *:imaps *:* LISTEN > root 162847 8341/dovecot > tcp6 0 0 [::]:pop3s [::]:* LISTEN > root 162829 8341/dovecot > tcp6 0 0 [::]:pop3 [::]:* LISTEN > root 162827 8341/dovecot > tcp6 0 0 [::]:imap2 [::]:* LISTEN > root 162846 8341/dovecot > tcp6 0 0 [::]:imaps [::]:* LISTEN > root 162848 8341/dovecot > > telnet localhost 110 > Trying 127.0.0.1... > Connected to localhost.localdomain. > Escape character is '^]'. > +OK Dovecot ready. > user adnane at mailer.adnane.me > +OK > pass mypasseword > +OK Logged in. > LIST > +OK 0 messages: > > root at mailer:~# telnet mailer.adnane.me 143 > Trying 2001:41d0:52:200::326... > Connected to mailer.adnane.me. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > 1 login adnane at mailer.adnane.me mypassword > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND > UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 > CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH > LIST-STATUS] Logged in > 2 logout > * BYE Logging out > 2 OK Logout completed. > Connection closed by foreign host. > > / > /but for thunderbird I got this in logs > > Jul 22 22:32:53 mailer dovecot: pop3-login: Disconnected (tried to use > disabled plaintext auth): rip=196.217.182.199, lip=5.135.151.43 > Jul 22 22:36:04 mailer dovecot: pop3(adnane at mailer.adnane.me): > Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 > > > > On 07/22/2013 08:36 AM, Steffen Kaiser wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Mon, 22 Jul 2013, Adnane wrote: >> >>> I think the issue is with authentication >>> >>> root at mailer:~# tail -f /var/log/syslogJul >>> Jul 22 03:34:41 mailer dovecot:imap-login: Disconnected (no auth >>> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS >>> Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth >>> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: >>> Disconnected >>> Jul 22 03:35:02 mailer dovecot: imap-login: Disconnected (no auth >>> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS handshaking: >>> Disconnected >>> Jul 22 03:35:03 mailer dovecot: imap-login: Disconnected (no auth >>> attempts): rip=41.251.155.145, lip=5.135.151.43, TLS: Disconnected >> >> There is "no auth attempts", so you do not have an issue with >> authentication. >> >> Because of the "TLS handshaking: Disconnected" it looks like the >> connection gets cut during the initial TLS handshake. To debug this, >> first increare logging, then try from localhost without encryption, >> e.g.: >> >> telnet localhost 143 >> 1 login "loginname" "password" >> >> and watch the human friendly output. Terminate the IMAP connection via >> >> 2 logout >> >> Maybe that client does not like your SSL cert and drops the >> connection thereof? Or maybe a firewall thinks it has to fiddle in, >> e.g. change Thunderbird to use SSL on port 993 instead of STARTTLS on >> 143. >> >> Kind regards, >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.11 (GNU/Linux) >> >> iQEVAwUBUezg/13r2wJMiz2NAQKjkQf+MSiRcG8h4C3cdH2uKQNvc4K1UkJVmPjx >> tZvsBQmMQB0kY9y9GC9YiDKKCx3Cua6lxQ89Mbh4UDkjWdIV6T617QXT55HglLoY >> +fS1vVAIjCQlOD42GW1W8XKrQN9mfzCDw2CvdtMX8weiXPvsMA0ZMT/m5ZCWOtzR >> 8eP1Jjd8APuTPQqYg13+vWBSWNOfeyeY69m3loqKAuSw4ntSRglx5qlMrK8IRSji >> MHXkX2HJmbSV+iFstDRvbqVRWkJCGj6mzt+N34HU3py1H5zxiCjOSF9Q3UkU4psO >> 7xIGEDHbIrLpAca+6B2ZRIcfU0BgRAsvmcLLogqH40G/F7edud9YGw== >> =9TD0 >> -----END PGP SIGNATURE----- > > From jtam.home at gmail.com Tue Jul 23 04:30:53 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 22 Jul 2013 18:30:53 -0700 (PDT) Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: References: Message-ID: Adnane writes: > but I cant send mails > > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > rate 1/60s for (smtp:209.85.220.177) at Jul 23 02:58:13 > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > count 1 for (smtp:209.85.220.177) at Jul 23 02:58:13 > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max cache size 1 > at Jul 23 02:58:13 Not a dovecot issue. In fact, neither was your previous problem, which was a mail reader configuration problem. Joseph Tam From noel.butler at ausics.net Tue Jul 23 08:24:50 2013 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 23 Jul 2013 15:24:50 +1000 Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: <51EDDA61.1000700@adnane.me> References: <51ECA0EA.1060608@adnane.me> <51ED9B28.1070502@adnane.me> <51EDDA61.1000700@adnane.me> Message-ID: <1374557090.10545.23.camel@tardis> On Tue, 2013-07-23 at 02:20 +0100, Adnane wrote: > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > rate 1/60s for (smtp:209.85.220.177) at Jul 23 02:58:13 > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > count 1 for (smtp:209.85.220.177) at Jul 23 02:58:13 > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max cache size 1 > at Jul 23 02:58:13 > > any help plz > anvil logs wont help much, look for your connect from: lines, it should show your connecting IP, and few lines after it detailing what it is doing, I suspect you may have the same issues as with dovecot, never ever ever force ssl on clients unless you know what you (and they) are doing, and not knowing what version you are using makes it more difficult. Should be using postfix 2.10.1 (the latest) " smtpd_tls_security_level = may " -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Tue Jul 23 08:27:19 2013 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 23 Jul 2013 15:27:19 +1000 Subject: [Dovecot] dovecot: imap-login: Aborted login In-Reply-To: References: Message-ID: <1374557239.10545.25.camel@tardis> On Mon, 2013-07-22 at 18:30 -0700, Joseph Tam wrote: > Adnane writes: > > > but I cant send mails > > > > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > > rate 1/60s for (smtp:209.85.220.177) at Jul 23 02:58:13 > > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max connection > > count 1 for (smtp:209.85.220.177) at Jul 23 02:58:13 > > Jul 23 03:01:34 mailer postfix/anvil[9245]: statistics: max cache size 1 > > at Jul 23 02:58:13 > > Not a dovecot issue. In fact, neither was your previous problem, which > was a mail reader configuration problem. > > Joseph Tam Thats helpful how... The fact he uses dovecot for auth, would likely mean smtp-auth which does involve dovecot. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From andreas.schulze at datev.de Tue Jul 23 08:32:35 2013 From: andreas.schulze at datev.de (Andreas Schulze) Date: Tue, 23 Jul 2013 07:32:35 +0200 Subject: [Dovecot] 2.2.4 + metadata plugin: autoconf failed Message-ID: <20130723053234.GA19123@spider.services.datevnet.de> Hello, (had disabled maildelivery for the list, so I can't reply) I changed the minimal version from 2.65 to 2.59 then I run ./autogen.sh && ./configure --foo ... sles9: (autoconf-2.59) ---------------------- + cd dovecot-metadata-plugin-2a17386d4dbc + ./autogen.sh + creating m4/ ... + running autoreconf ... configure.ac:13: error: possibly undefined macro: AC_PROG_CC_C99 If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. autoreconf: /usr/bin/autoconf failed with exit status: 1 sles10: (autoconf-2.59) ----------------------- + cd dovecot-metadata-plugin-2a17386d4dbc + ./autogen.sh + creating m4/ ... + running autoreconf ... configure.ac:13: error: possibly undefined macro: AC_PROG_CC_C99 If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. autoreconf: /usr/bin/autoconf failed with exit status: 1 sles11: (autoconf-2.63) ----------------------- + cd dovecot-metadata-plugin-2a17386d4dbc + ./autogen.sh + creating m4/ ... + running autoreconf ... libtoolize: putting auxiliary files in `.'. libtoolize: copying file `./ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'. libtoolize: copying file `m4/libtool.m4' libtoolize: copying file `m4/ltoptions.m4' libtoolize: copying file `m4/ltsugar.m4' libtoolize: copying file `m4/ltversion.m4' libtoolize: copying file `m4/lt~obsolete.m4' configure.ac:7: installing `./config.guess' configure.ac:7: installing `./config.sub' configure.ac:4: installing `./install-sh' configure.ac:4: installing `./missing' src/Makefile.am:33: DOVECOT_PLUGIN_DEPS does not appear in AM_CONDITIONAL src/Makefile.am:41: DOVECOT_PLUGIN_DEPS does not appear in AM_CONDITIONAL src/Makefile.am:10: `dovecot_pkglib_LTLIBRARIES' is used but `dovecot_pkglibdir' is undefined src/Makefile.am: installing `./depcomp' src/Makefile.am:13: variable `libdovecot_metadata_la_SOURCES' is defined but no program or src/Makefile.am:13: library has `libdovecot_metadata_la' as canonic name (possible typo) autoreconf: automake failed with exit status: 1 openSUSE_Factory: (autoconf-2.69) --------------------------------- + cd dovecot-metadata-plugin-2a17386d4dbc + ./autogen.sh + creating m4/ ... + running autoreconf ... libtoolize: putting auxiliary files in `.'. libtoolize: copying file `./ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'. libtoolize: copying file `m4/libtool.m4' libtoolize: copying file `m4/ltoptions.m4' libtoolize: copying file `m4/ltsugar.m4' libtoolize: copying file `m4/ltversion.m4' libtoolize: copying file `m4/lt~obsolete.m4' configure.ac:7: installing './config.guess' configure.ac:7: installing './config.sub' configure.ac:4: installing './install-sh' configure.ac:4: installing './missing' src/Makefile.am:33: error: DOVECOT_PLUGIN_DEPS does not appear in AM_CONDITIONAL src/Makefile.am:41: error: DOVECOT_PLUGIN_DEPS does not appear in AM_CONDITIONAL src/Makefile.am:10: error: 'dovecot_pkglib_LTLIBRARIES' is used but 'dovecot_pkglibdir' is undefined src/Makefile.am: installing './depcomp' src/Makefile.am:13: warning: variable 'libdovecot_metadata_la_SOURCES' is defined but no program or src/Makefile.am:13: library has 'libdovecot_metadata_la' as canonical name (possible typo) autoreconf: automake failed with exit status: 1 -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 N?rnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 N?rnberg, Paumgartnerstr. 6-14 | Registergericht N?rnberg, GenReg Nr.70 Vorstand Prof. Dieter Kempf (Vorsitzender) Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender) Dipl.-Kfm. Michael Leistenschneider Dipl.-Kfm. Dr. Robert Mayr J?rg Rabe v. Pappenheim Dipl.-Vw. Eckhard Schwarzer Vorsitzender des Aufsichtsrates: Reinhard Verholen From blevi.linux at gmail.com Tue Jul 23 10:08:57 2013 From: blevi.linux at gmail.com (Birta Levente) Date: Tue, 23 Jul 2013 10:08:57 +0300 Subject: [Dovecot] convert to mdbox Message-ID: <51EE2C09.9020701@gmail.com> Hi How can I convert all virtual mailboxes from maildir to mdbox? Manually, one by one, working, but I have a lot ... Virtual users and domains stored in sql database. Thats what I want: mail_location = maildir:/var/vmail/%d/%n/Maildir to mail_location = mdbox:/var/vmail/%d/%n/mdbox Thanks Levi -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3889 bytes Desc: S/MIME Cryptographic Signature URL: From skdovecot at smail.inf.fh-brs.de Tue Jul 23 10:39:10 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 23 Jul 2013 09:39:10 +0200 (CEST) Subject: [Dovecot] =?utf-8?q?Managing_IMAP_IDLE/Push_with_Sieve_=E2=80=93_?= =?utf-8?q?possible=3F?= In-Reply-To: <51ED8137.50402@nurfuerspam.de> References: <51ED8137.50402@nurfuerspam.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jul 2013, FF wrote: > I've been using Dovecot with Sieve for a long time already, and I'm very > happy with it. Push is working fine too. I was wondering, however, whether it > would be possible to define a Sieve rule (perhaps using some plug-in), such > that an IMAP push message gets sent out only for specific senders etc.? I think you cannot. But you could split your INBOX into senders with PUSH (that are delivered to the INBOX) and others, that are delivered to INBOX2. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUe4zH13r2wJMiz2NAQLd4gf/ZcfpXHUQCOozFV5L464voasate3T+aDf W6dnk9s+jOZiYmZZzaxZPw2z14v0GA5BAJdp4h/klbFPxg7Fs9MjUdoi2kusKaw6 ofbQwCsGnGD+kxme0JKtnayWo07Vwdo1rjbhxtSSGU7K4RVtnh4Kj6wTySCYrzKN +0mPIU1XUVJqw6ir+xrJSmcWY5joOnQ1+m1TI6J4E+qIqc+QjJkX1LFOMz+1Lz0x QR05UaH0+bWQPZqknWrxEEHz0eIXZsbrTuosMDHnHjDv1jRe1RzPFi6k+JvbCXcj N4ip0MNuMuYp/tXG9ntYjRwUvjJ8Du9smwh4FE72Uv11povihr7PzA== =0Afu -----END PGP SIGNATURE----- From rs at sys4.de Tue Jul 23 10:44:11 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 23 Jul 2013 09:44:11 +0200 Subject: [Dovecot] convert to mdbox In-Reply-To: <51EE2C09.9020701@gmail.com> References: <51EE2C09.9020701@gmail.com> Message-ID: <51EE344B.4040602@sys4.de> Am 23.07.2013 09:08, schrieb Birta Levente: > Hi > > How can I convert all virtual mailboxes from maildir to mdbox? Manually, > one by one, working, but I have a lot ... > > Virtual users and domains stored in sql database. > > Thats what I want: > > mail_location = maildir:/var/vmail/%d/%n/Maildir > to > mail_location = mdbox:/var/vmail/%d/%n/mdbox > > Thanks > Levi > http://wiki2.dovecot.org/Tools/Dsync dsync should do it , but be aware from dsync bugs in some versions do heavy testing before doing something live, for many users do i.e with bash script export your users from sql to a file, or use live query for i in `cat user.lst` do dsync ..... done for avoid acl and quota problems dsync -o plugin/acl= -o plugin/quota= -u .... perhaps look at http://sys4.de/de/blog/2013/07/20/fallstricke-mit-acl-und-quota-bei-backup-mit-dsync-dovecot/ be aware of, if use zlib plugin all backup mails get compressed too Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From rs at sys4.de Tue Jul 23 10:46:45 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 23 Jul 2013 09:46:45 +0200 Subject: [Dovecot] =?windows-1252?q?Managing_IMAP_IDLE/Push_with_Sieve_=96?= =?windows-1252?q?_possible=3F?= In-Reply-To: References: <51ED8137.50402@nurfuerspam.de> Message-ID: <51EE34E5.3030507@sys4.de> Am 23.07.2013 09:39, schrieb Steffen Kaiser: > On Mon, 22 Jul 2013, FF wrote: > >> I've been using Dovecot with Sieve for a long time already, and I'm >> very happy with it. Push is working fine too. I was wondering, >> however, whether it would be possible to define a Sieve rule (perhaps >> using some plug-in), such that an IMAP push message gets sent out only >> for specific senders etc.? > > I think you cannot. > > But you could split your INBOX into senders with PUSH (that are > delivered to the INBOX) and others, that are delivered to INBOX2. > > -- Steffen Kaiser perhaps the imap lemonade extensions may do that ....have you investigated by that? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From AxelLuttgens at swing.be Tue Jul 23 10:49:46 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 23 Jul 2013 09:49:46 +0200 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <51EDD13A.9040804@derytelecom.ca> References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> <51ED6C57.7060101@derytelecom.ca> <51EDD13A.9040804@derytelecom.ca> Message-ID: <0430D3A5-FB49-4886-A0F2-B1C739B67D18@swing.be> Le 23 juil. 2013 ? 02:41, Cedric a ?crit : > Hi, > > Ok thank for the interpretation, we used sendmail the last 16 years and I'm trying to migrate a old linuxconf/imapd setup here. > [...] > Below i provided two differents sql attempt, your input on how to make dovecot lda understand it should deliver the mail to the correct file are welcome > [...] > There's a new debug output fixing the domain entry > > The querry i pasted seem to be wrong for a previous configuration there's the correct one : > > [...] > *************************** 1. row *************************** > user: cedrict at mail.vdl > username: cedrict > domain: mail.vdl > home: /vhome/mail.vdl/home/cedrict > index: /vhome/mail.vdl/home/cedrict/mail/index > control: /vhome/mail.vdl/home/cedrict/mail/control > inbox: /var/spool/vmail/mail.vdl/cedrict > layout: maildir++ > uid: 60001 > gid: 231 > > [...] > *************************** 1. row *************************** > user: cedrict at mail.vdl > inbox: /var/spool/vmail/mail.vdl/cedrict > home: /vhome/mail.vdl/home/cedrict > uid: 60001 > gid: 231 > 1 row in set (0,54 sec) > > [...] Hello C?dric, In both cases, your queries provide sufficient info for overriding or for providing a full substitute to mail_home (left empty in your dovecot.conf), but fail to do the same for mail_location. Perhaps could you try something like this: SELECT concat( s_courriel_utilisateur.utilisateur, '@', s_courriel_domaine.nom ) AS user, concat( 'mbox:~/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=~/mail/control:INBOX=/var/spool/vmail/', s_courriel_domaine.nom, '/', s_courriel_utilisateur.utilisateur ) AS mail, concat( "/vhome/", s_courriel_domaine.nom, "/home/", s_courriel_utilisateur.utilisateur ) AS home, s_courriel_utilisateur.uid AS uid, s_courriel_domaine.gid AS gid FROM [...] Not sure whether you still need the "AS user" part, but it should not hurt with such a query. More info at: http://wiki2.dovecot.org/UserDatabase http://wiki2.dovecot.org/AuthDatabase/SQL HTH, Axel From blevi.linux at gmail.com Tue Jul 23 10:50:57 2013 From: blevi.linux at gmail.com (Birta Levente) Date: Tue, 23 Jul 2013 10:50:57 +0300 Subject: [Dovecot] convert to mdbox In-Reply-To: <51EE344B.4040602@sys4.de> References: <51EE2C09.9020701@gmail.com> <51EE344B.4040602@sys4.de> Message-ID: <51EE35E1.8050402@gmail.com> On 23/07/2013 10:44, Robert Schetterer wrote: > Am 23.07.2013 09:08, schrieb Birta Levente: >> Hi >> >> How can I convert all virtual mailboxes from maildir to mdbox? Manually, >> one by one, working, but I have a lot ... >> >> Virtual users and domains stored in sql database. >> >> Thats what I want: >> >> mail_location = maildir:/var/vmail/%d/%n/Maildir >> to >> mail_location = mdbox:/var/vmail/%d/%n/mdbox >> >> Thanks >> Levi >> > > http://wiki2.dovecot.org/Tools/Dsync > > dsync should do it , but be aware from dsync bugs in some versions > do heavy testing before doing something live, for many users do i.e with > bash script > > export your users from sql to a file, or use live query > > for i in `cat user.lst` > do > dsync ..... > done > I thought dsync can do natively, just I don't figure out how. I use the latest 2.2.4 dovecot, so I hope there was no problem. > for avoid acl and quota problems > > dsync -o plugin/acl= -o plugin/quota= -u .... Thanks for the hint. > > perhaps look at > > http://sys4.de/de/blog/2013/07/20/fallstricke-mit-acl-und-quota-bei-backup-mit-dsync-dovecot/ > > be aware of, if use zlib plugin all backup mails get compressed too > > > Best Regards > MfG Robert Schetterer > Thank you!! Levi -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3889 bytes Desc: S/MIME Cryptographic Signature URL: From fuer-foren at nurfuerspam.de Tue Jul 23 13:58:14 2013 From: fuer-foren at nurfuerspam.de (FF) Date: Tue, 23 Jul 2013 11:58:14 +0100 Subject: [Dovecot] =?utf-8?q?Managing_IMAP_IDLE/Push_with_Sieve_=E2=80=93_?= =?utf-8?q?possible=3F?= In-Reply-To: References: <51ED8137.50402@nurfuerspam.de> Message-ID: <5a68bc0fee97243aef5c0aff9aefd778@sandrobauer.eu> Hi, Thanks, that's interesting -- two questions: 1) Why is it not possible? Just not implemented, or is there any technical reason that actually prevents it from being implemented? 2) What do you mean by INBOX? Another, completely separate email account? Yes, that would be my backup plan. Thanks, F.F. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 22 Jul 2013, FF wrote: > >> I've been using Dovecot with Sieve for a long time already, and I'm >> very happy with it. Push is working fine too. I was wondering, >> however, whether it would be possible to define a Sieve rule (perhaps >> using some plug-in), such that an IMAP push message gets sent out only >> for specific senders etc.? > > I think you cannot. > > But you could split your INBOX into senders with PUSH (that are > delivered to the INBOX) and others, that are delivered to INBOX2. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUe4zH13r2wJMiz2NAQLd4gf/ZcfpXHUQCOozFV5L464voasate3T+aDf > W6dnk9s+jOZiYmZZzaxZPw2z14v0GA5BAJdp4h/klbFPxg7Fs9MjUdoi2kusKaw6 > ofbQwCsGnGD+kxme0JKtnayWo07Vwdo1rjbhxtSSGU7K4RVtnh4Kj6wTySCYrzKN > +0mPIU1XUVJqw6ir+xrJSmcWY5joOnQ1+m1TI6J4E+qIqc+QjJkX1LFOMz+1Lz0x > QR05UaH0+bWQPZqknWrxEEHz0eIXZsbrTuosMDHnHjDv1jRe1RzPFi6k+JvbCXcj > N4ip0MNuMuYp/tXG9ntYjRwUvjJ8Du9smwh4FE72Uv11povihr7PzA== > =0Afu > -----END PGP SIGNATURE----- From cedrict at derytelecom.ca Tue Jul 23 14:51:32 2013 From: cedrict at derytelecom.ca (Cedric) Date: Tue, 23 Jul 2013 07:51:32 -0400 Subject: [Dovecot] Dovecot 2.2.4/sendmail with sql user and aliases In-Reply-To: <0430D3A5-FB49-4886-A0F2-B1C739B67D18@swing.be> References: <51E701D9.2@derytelecom.ca> <51ED40AF.8020100@derytelecom.ca> <03B0E1DE-111E-4B0F-9BA3-6B355BA1C424@swing.be> <51ED6C57.7060101@derytelecom.ca> <51EDD13A.9040804@derytelecom.ca> <0430D3A5-FB49-4886-A0F2-B1C739B67D18@swing.be> Message-ID: <51EE6E44.3000308@derytelecom.ca> Hi, Thank you,it fixed the issue i had. Regards Cedric Le 2013-07-23 03:49, Axel Luttgens a ?crit : > Le 23 juil. 2013 ? 02:41, Cedric a ?crit : > >> Hi, >> >> Ok thank for the interpretation, we used sendmail the last 16 years and I'm trying to migrate a old linuxconf/imapd setup here. >> [...] >> Below i provided two differents sql attempt, your input on how to make dovecot lda understand it should deliver the mail to the correct file are welcome >> [...] >> There's a new debug output fixing the domain entry >> >> The querry i pasted seem to be wrong for a previous configuration there's the correct one : >> >> [...] >> *************************** 1. row *************************** >> user:cedrict at mail.vdl >> username: cedrict >> domain: mail.vdl >> home: /vhome/mail.vdl/home/cedrict >> index: /vhome/mail.vdl/home/cedrict/mail/index >> control: /vhome/mail.vdl/home/cedrict/mail/control >> inbox: /var/spool/vmail/mail.vdl/cedrict >> layout: maildir++ >> uid: 60001 >> gid: 231 >> >> [...] >> *************************** 1. row *************************** >> user:cedrict at mail.vdl >> inbox: /var/spool/vmail/mail.vdl/cedrict >> home: /vhome/mail.vdl/home/cedrict >> uid: 60001 >> gid: 231 >> 1 row in set (0,54 sec) >> >> [...] > Hello C?dric, > > In both cases, your queries provide sufficient info for overriding or for providing a full substitute to mail_home (left empty in your dovecot.conf), but fail to do the same for mail_location. > > Perhaps could you try something like this: > > SELECT > concat( > s_courriel_utilisateur.utilisateur, > '@', > s_courriel_domaine.nom > ) AS user, > concat( > 'mbox:~/mail:LAYOUT=maildir++:INDEX=MEMORY:CONTROL=~/mail/control:INBOX=/var/spool/vmail/', > s_courriel_domaine.nom, > '/', > s_courriel_utilisateur.utilisateur > ) AS mail, > concat( > "/vhome/", > s_courriel_domaine.nom, > "/home/", > s_courriel_utilisateur.utilisateur > ) AS home, > s_courriel_utilisateur.uid AS uid, > s_courriel_domaine.gid AS gid > FROM > [...] > > Not sure whether you still need the "AS user" part, but it should not hurt with such a query. > > More info at: > > http://wiki2.dovecot.org/UserDatabase > http://wiki2.dovecot.org/AuthDatabase/SQL > > HTH, > Axel From rs at sys4.de Tue Jul 23 15:02:37 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 23 Jul 2013 14:02:37 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <51ED2426.4070005@sys4.de> References: <51EAD742.1090902@sys4.de> <51EAEF23.9050406@sys4.de> <20130722115036.GC30221@sys4.de> <51ED2426.4070005@sys4.de> Message-ID: <51EE70DD.9020801@sys4.de> Am 22.07.2013 14:23, schrieb Robert Schetterer: > Am 22.07.2013 13:50, schrieb Ralf Hildebrandt: >> * Robert Schetterer : >>> Am 20.07.2013 20:30, schrieb Robert Schetterer: >>>> Hi Timo, i have reports from few users about lost performance with 2.17 >>>> maildir bigger mailboxes ( up to 2 GB ), i also use zlib plugin >>>> >>>> what about this patch.....,may not working as i should? >>>> >>>> http://hg.dovecot.org/dovecot-2.1/rev/9c23d1fb8969 >>>> >>>> Best Regards >>>> MfG Robert Schetterer >>>> >>> >>> >>> i checked this reverting to 2.1.15 (had only this pre compiled) >>> perfomance gets better with this, looks like the problem is getting more >>> worst with having bigger mailboxes and heavy use of subfolder trees >>> any idea? >> >> I wonder why this would matter. zlib is compressing EACH message >> individually, so the actual SIZE of the mailbox would not matter (the >> number of message would matter, though). >> >> Which operations are slow? Folder listing? Actually accessing messages? > > accessing , list messsages , copy, move delete operations > > it must not be zlib related, that was a guess > there are two other patches only maildir related might be a better guess > > http://hg.dovecot.org/dovecot-2.1/rev/7389ff729d2e > http://hg.dovecot.org/dovecot-2.1/rev/4c05b9447a10 > > other patches dont look related to me, however i use a lot of other > plugins which might also involved > > sorry not easy to measure , but performance here is def better with > 2.1.15 , same client setup, no special failures about that in debug logs > > > >> > > > > Best Regards > MfG Robert Schetterer > back to 2.1.17 looks like rising values for /proc/sys/fs/inotify/max_user_instances helped however i got no warning in the logs so wait and and see for now Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From lists at wildgooses.com Tue Jul 23 15:12:36 2013 From: lists at wildgooses.com (Ed W) Date: Tue, 23 Jul 2013 13:12:36 +0100 Subject: [Dovecot] script to test CATENATE In-Reply-To: <2FE70D92-8C50-4D9F-BBAF-387995E714CE@apple.com> References: <2FE70D92-8C50-4D9F-BBAF-387995E714CE@apple.com> Message-ID: <51EE7334.3080709@wildgooses.com> On 22/07/2013 23:17, Mike Abbott wrote: > Attached please find a perl script which tests the CATENATE support in dovecot. I used this to test my CATENATE implementation a few years ago and it runs fine against dovecot in OS X Server. Hi Mike Do you think you might re-submit the matching BURL support to Postfix? It seems like it accidentally fell on the floor due to arriving at a bad moment some years back? Cheers Ed W From Ralf.Hildebrandt at charite.de Tue Jul 23 15:17:06 2013 From: Ralf.Hildebrandt at charite.de (Ralf Hildebrandt) Date: Tue, 23 Jul 2013 14:17:06 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <51EE70DD.9020801@sys4.de> References: <51EAD742.1090902@sys4.de> <51EAEF23.9050406@sys4.de> <20130722115036.GC30221@sys4.de> <51ED2426.4070005@sys4.de> <51EE70DD.9020801@sys4.de> Message-ID: <20130723121706.GI12629@charite.de> * Robert Schetterer : > back to 2.1.17 > > looks like > > rising values for /proc/sys/fs/inotify/max_user_instances > helped however i got no warning in the logs > > so wait and and see for now Wasn't this the bug I encountered with inotify & the linux kernel? -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de From rs at sys4.de Tue Jul 23 15:34:23 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 23 Jul 2013 14:34:23 +0200 Subject: [Dovecot] performance 2.1.17 zlib maildir In-Reply-To: <20130723121706.GI12629@charite.de> References: <51EAD742.1090902@sys4.de> <51EAEF23.9050406@sys4.de> <20130722115036.GC30221@sys4.de> <51ED2426.4070005@sys4.de> <51EE70DD.9020801@sys4.de> <20130723121706.GI12629@charite.de> Message-ID: <51EE784F.6020804@sys4.de> Am 23.07.2013 14:17, schrieb Ralf Hildebrandt: > * Robert Schetterer : > >> back to 2.1.17 >> >> looks like >> >> rising values for /proc/sys/fs/inotify/max_user_instances >> helped however i got no warning in the logs >> >> so wait and and see for now > > Wasn't this the bug I encountered with inotify & the linux kernel? yes , since then it should produce a warning in the logs ( havent found that at mine) , things now look better ,but i ll wait what power users will report, i am not a good tester in this case , cause i do too qualified mail handling *g > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From michael.abbott at apple.com Tue Jul 23 16:30:59 2013 From: michael.abbott at apple.com (Mike Abbott) Date: Tue, 23 Jul 2013 08:30:59 -0500 Subject: [Dovecot] script to test CATENATE In-Reply-To: <51EE7334.3080709@wildgooses.com> References: <2FE70D92-8C50-4D9F-BBAF-387995E714CE@apple.com> <51EE7334.3080709@wildgooses.com> Message-ID: <0F9D6E10-8154-42E7-BCEA-FADDA411E18A@apple.com> > Do you think you might re-submit the matching BURL support to Postfix? I don't think re-submitting is a good idea unless Wietse & co. request it, which I doubt will happen. From lists at wildgooses.com Tue Jul 23 17:19:12 2013 From: lists at wildgooses.com (Ed W) Date: Tue, 23 Jul 2013 15:19:12 +0100 Subject: [Dovecot] script to test CATENATE In-Reply-To: <0F9D6E10-8154-42E7-BCEA-FADDA411E18A@apple.com> References: <2FE70D92-8C50-4D9F-BBAF-387995E714CE@apple.com> <51EE7334.3080709@wildgooses.com> <0F9D6E10-8154-42E7-BCEA-FADDA411E18A@apple.com> Message-ID: <51EE90E0.6070104@wildgooses.com> On 23/07/2013 14:30, Mike Abbott wrote: >> Do you think you might re-submit the matching BURL support to Postfix? > I don't think re-submitting is a good idea unless Wietse & co. request it, which I doubt will happen. My reading of it at the time was something like "There are no clients that support this. We don't understand the need" Now that there is at least one large client (I'm presuming that IOS does support it?) I think the world has changed and of course the patch has now had large scale testing (since I'm presuming again that it's included in the Apple distributed Postfix version?) I personally think that the idea is perfect and I would like to see it break into mainstream use and from there I think we will possibly see support added to additional clients (I think this is how to break the chicken/egg cycle). The idea that you can use IMAP commands to construct a message server side from "bits of other messages", and then post it out server side is fantastic. Please consider having at least one more go. I think there is likely to be much better reception now that clients exist, the patch is well tested and Dovecot at least supports the IMAP side. Please...? Cheers Ed W From me at junc.eu Tue Jul 23 23:04:00 2013 From: me at junc.eu (Benny Pedersen) Date: Tue, 23 Jul 2013 22:04:00 +0200 Subject: [Dovecot] Sieve info In-Reply-To: References: Message-ID: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> Sam Flint skrev den 2013-07-21 00:34: > I'm using Dovecot v2, and I can't seem to find any info abut using > sieve > with the LDA, or the ManageSieve protocol, can you please point me > un the > right direction? http://sieve.info/ ? From h.reindl at thelounge.net Tue Jul 23 23:07:55 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 23 Jul 2013 22:07:55 +0200 Subject: [Dovecot] Sieve info In-Reply-To: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> Message-ID: <51EEE29B.3090505@thelounge.net> Am 23.07.2013 22:04, schrieb Benny Pedersen: > Sam Flint skrev den 2013-07-21 00:34: >> I'm using Dovecot v2, and I can't seem to find any info abut using sieve >> with the LDA, or the ManageSieve protocol, can you please point me un the >> right direction? > > http://sieve.info/ and why do you need to respond days later with generic stuff with no dovecot-context to a already answered question where the asner is simply the *dovecot2* wiki? -------- Original-Nachricht -------- Betreff: Re: [Dovecot] Sieve info Datum: Sun, 21 Jul 2013 00:47:54 +0200 Von: Reindl Harald An: Mailing-List dovecot Am 21.07.2013 00:45, schrieb Sam Flint: > > On Jul 20, 2013 5:39 PM, "Reindl Harald" > wrote: >> >> Am 21.07.2013 00:34, schrieb Sam Flint: >> > I'm using Dovecot v2, and I can't seem to find any info abut using sieve >> > with the LDA, or the ManageSieve protocol, can you please point me un the >> > right direction? >> >> google "dovecot sieve" leads to >> http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration > > Thank you very muuch! The pointer on the v1 wiki pointed to a non-existent page http://wiki2.dovecot.org/ is for version >= 2.0 many configs are completly different in v2 http://wiki.dovecot.org/ This documentation is for Dovecot v1.x, see wiki2 for v2.0 documentation -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From wildfire at progsoc.org Wed Jul 24 04:55:20 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Wed, 24 Jul 2013 02:55:20 +0100 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space Message-ID: Hi, I've noticed that the redirect sieve extension is placing an extra space before the headers of email when the 'redirect' command is used. Unfortunately this break gmail, yahoo, and most other email programs. I am using pigeonhole 0.4.0-14 with Dovecot 2.2.4.3; I see change 1781:e439789e3211 but it appears to only change how the X-Sieve header is generated. I only have the one dovecot instance but I will note that the setting 'mail_save_crlf = yes' is specified. Thanks, Anand From stephan at rename-it.nl Wed Jul 24 09:12:42 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 24 Jul 2013 08:12:42 +0200 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: References: Message-ID: <51EF705A.5090502@rename-it.nl> On 7/24/2013 3:55 AM, Anand Kumria wrote: > I've noticed that the redirect sieve extension is placing an extra space > before the headers of email when the 'redirect' command is used. > > Unfortunately this break gmail, yahoo, and most other email programs. > > I am using pigeonhole 0.4.0-14 with Dovecot 2.2.4.3; I see change > > 1781:e439789e3211 but it appears to only change how the X-Sieve header is > generated. > > > I only have the one dovecot instance but I will note that the setting > 'mail_save_crlf = yes' is specified. Could you send us the following: Output of `dovecot -n` More information on your MTA An example of a mangled message Regards, Stephan. From stan at hardwarefreak.com Wed Jul 24 10:21:10 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 24 Jul 2013 02:21:10 -0500 Subject: [Dovecot] Sieve info In-Reply-To: <51EEE29B.3090505@thelounge.net> References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> <51EEE29B.3090505@thelounge.net> Message-ID: <51EF8066.70704@hardwarefreak.com> On 7/23/2013 3:07 PM, Reindl Harald wrote: > Am 23.07.2013 22:04, schrieb Benny Pedersen: >> Sam Flint skrev den 2013-07-21 00:34: >>> I'm using Dovecot v2, and I can't seem to find any info abut using sieve >>> with the LDA, or the ManageSieve protocol, can you please point me un the >>> right direction? >> >> http://sieve.info/ > > and why do you need to respond days later with generic stuff > with no dovecot-context to a already answered question where > the asner is simply the *dovecot2* wiki? Reindl, keep this kind of crap off the list. It benefits nobody here and simply wastes resources. Either send it off list, or better yet, don't sent it at all. You got yourself booted from Postfix-users for this type of behavior. Apparently that didn't prompt you to change. I keep all list mail for a while, 170 Dovecot msgs from you. Keep this stupid behavior up and I'll compile some choice excerpts, take a poll, and get you booted from here as well. I'm pretty sure I'm not the only member tired of your stupid behavior on this list. -- Stan From h.reindl at thelounge.net Wed Jul 24 10:43:42 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 24 Jul 2013 09:43:42 +0200 Subject: [Dovecot] Sieve info In-Reply-To: <51EF8066.70704@hardwarefreak.com> References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> <51EEE29B.3090505@thelounge.net> <51EF8066.70704@hardwarefreak.com> Message-ID: <51EF85AE.1050209@thelounge.net> Am 24.07.2013 09:21, schrieb Stan Hoeppner: > Reindl, keep this kind of crap off the list. It benefits nobody here > and simply wastes resources. Either send it off list, or better yet, > don't sent it at all. You got yourself booted from Postfix-users for > this type of behavior no - i got removed because *of you* and your message below which resulted in undersatndable anger you behaved the same way telling others they "have less to zero knowledge" with exactly this words and Wietse as well as Viktor did point you that your behavior is not that of a saint in context of provocate me and doing the same -------- Original-Nachricht -------- Betreff: Re: Reject email Datum: Thu, 09 May 2013 09:44:36 -0500 Von: Stan Hoeppner Antwort an: stan at hardwarefreak.com Normally I'd avoid arguing with your Reindl as it simply clutters the list. However you made some invalid points that need to be corrected for those who may browse the archives in the future. On 5/9/2013 7:26 AM, Reindl Harald wrote: > if you have a A-record for "example.com" and you incoming > mail-server is on this IP you do not need any MX record > and postfix will happily use the A-record to deliver mail When did you last come across a domain configured strictly for fallback to A? While RFC may require it, and some used it in the 70s and 80s, no receivers rely on fallback to A in 2013. Anyone versed sufficiently in SMTP to know of the existence of fallback to A isn't going to rely on it. They'll have proper MX records. > another story is if there is a MX-Record but the listed > hostname does not resolve and at least for me the intention > of "if the MX does not exist" is not clear enough if it means > > a) no MX record for the domain > b) a MX record with a non-resloving hostname > > reject b) would be fine Only if the response is 4xx. People fat finger records all the time. > reject a) would be stupid If generic and not selective then yes, but not because of fallback to A. The real problem here is legitimate send-only domains, such as some mailing lists, bulk mail campaigns, emergency alert and other notification systems, etc. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From simon.buongiorno at gmail.com Wed Jul 24 11:07:07 2013 From: simon.buongiorno at gmail.com (Simon B) Date: Wed, 24 Jul 2013 10:07:07 +0200 Subject: [Dovecot] Sieve info In-Reply-To: <51EF85AE.1050209@thelounge.net> References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> <51EEE29B.3090505@thelounge.net> <51EF8066.70704@hardwarefreak.com> <51EF85AE.1050209@thelounge.net> Message-ID: On 24 Jul 2013 09:44, "Reindl Harald" wrote: > > > > Am 24.07.2013 09:21, schrieb Stan Hoeppner: > > Reindl, keep this kind of crap off the list. It benefits nobody here > > and simply wastes resources. Either send it off list, or better yet, > > don't sent it at all. You got yourself booted from Postfix-users for > > this type of behavior > > no - i got removed because *of you* and your message below > which resulted in undersatndable anger Really Reindl, I find myself unable to support you in any of the salient points you make because of your attitude and anger management issues. If the calm, rational email below resulted in understandable anger then you have issues best not dealt with in a public forum. Simon > you behaved the same way telling others they "have less to zero knowledge" > with exactly this words and Wietse as well as Viktor did point you that your > behavior is not that of a saint in context of provocate me and doing the same > > -------- Original-Nachricht -------- > Betreff: Re: Reject email > Datum: Thu, 09 May 2013 09:44:36 -0500 > Von: Stan Hoeppner > Antwort an: stan at hardwarefreak.com > > Normally I'd avoid arguing with your Reindl as it simply clutters the > list. However you made some invalid points that need to be corrected > for those who may browse the archives in the future. > > On 5/9/2013 7:26 AM, Reindl Harald wrote: > > > if you have a A-record for "example.com" and you incoming > > mail-server is on this IP you do not need any MX record > > and postfix will happily use the A-record to deliver mail > > When did you last come across a domain configured strictly for fallback > to A? While RFC may require it, and some used it in the 70s and 80s, no > receivers rely on fallback to A in 2013. Anyone versed sufficiently in > SMTP to know of the existence of fallback to A isn't going to rely on > it. They'll have proper MX records. > > > another story is if there is a MX-Record but the listed > > hostname does not resolve and at least for me the intention > > of "if the MX does not exist" is not clear enough if it means > > > > a) no MX record for the domain > > b) a MX record with a non-resloving hostname > > > > reject b) would be fine > > Only if the response is 4xx. People fat finger records all the time. > > > reject a) would be stupid > > If generic and not selective then yes, but not because of fallback to A. > The real problem here is legitimate send-only domains, such as some > mailing lists, bulk mail campaigns, emergency alert and other > notification systems, etc. > From h.reindl at thelounge.net Wed Jul 24 11:16:13 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 24 Jul 2013 10:16:13 +0200 Subject: [Dovecot] Sieve info In-Reply-To: References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> <51EEE29B.3090505@thelounge.net> <51EF8066.70704@hardwarefreak.com> <51EF85AE.1050209@thelounge.net> Message-ID: <51EF8D4D.9090102@thelounge.net> Am 24.07.2013 10:07, schrieb Simon B: > On 24 Jul 2013 09:44, "Reindl Harald" wrote: >> Am 24.07.2013 09:21, schrieb Stan Hoeppner: >> > Reindl, keep this kind of crap off the list. It benefits nobody here >> > and simply wastes resources. Either send it off list, or better yet, >> > don't sent it at all. You got yourself booted from Postfix-users for >> > this type of behavior >> >> no - i got removed because *of you* and your message below >> which resulted in undersatndable anger > > Really Reindl, I find myself unable to support you in any of the salient points you make because of your attitude > and anger management issues. If the calm, rational email below resulted in understandable anger then you have > issues best not dealt with in a public forum. ah and "Normally I'd avoid arguing with your Reindl as it simply clutters the list" is a good attitude followed by technical nonsense? >> When did you last come across a domain configured strictly for fallback >> to A? While RFC may require it, and some used it in the 70s and 80s, no >> receivers rely on fallback to A in 2013 is wrong, i came across such domains 2011 and not in the 70s and 80s period > Anyone versed sufficiently in SMTP to know of the existence of fallback > to A isn't going to rely on it - They'll have proper MX records is nice, but in the real world there are *way to much* not versed admins proven daily on several mailings-lists where you face admins never should have connected a server to the internet as well as you do not need a MX record at all if your incoming mailserver is on the A-Record the MX-Record is for the cases where on http://your-domain/ is a website while the same machine is not your incoming mailserver -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From wildfire at progsoc.org Wed Jul 24 13:32:18 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Wed, 24 Jul 2013 11:32:18 +0100 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: <51EF705A.5090502@rename-it.nl> References: <51EF705A.5090502@rename-it.nl> Message-ID: Hi Stephan, Attached is the configuration and both the original message as received (sieve redirect test.eml) and what it was like at the location where the redirect was received (1373811315.24616_23.niflheim:2,S) Let me know if you need anything else to diagnose the problem. Thanks, Anand On 24 July 2013 07:12, Stephan Bosch wrote: > On 7/24/2013 3:55 AM, Anand Kumria wrote: > >> I've noticed that the redirect sieve extension is placing an extra space >> before the headers of email when the 'redirect' command is used. >> >> Unfortunately this break gmail, yahoo, and most other email programs. >> >> I am using pigeonhole 0.4.0-14 with Dovecot 2.2.4.3; I see change >> >> 1781:e439789e3211 but it appears to only change how the X-Sieve header is >> generated. >> >> >> I only have the one dovecot instance but I will note that the setting >> 'mail_save_crlf = yes' is specified. >> > > Could you send us the following: > > Output of `dovecot -n` > More information on your MTA > An example of a mangled message > > Regards, > > Stephan. > > > -------------- next part -------------- Return-Path: Delivered-To: Received: from mail1.example.net ([127.0.0.1]) by mail1.example.net (Dovecot) with LMTP id /a/bMMqn4lG1SgAA1IUjTg for ; Sun, 14 Jul 2013 13:29:46 +0000 Received: from acmsmtp01.acm.org ([64.238.147.78]) by mail1.example.net with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1UyMN0-0005Jx-9K for anand at example.com; Sun, 14 Jul 2013 13:29:46 +0000 Received: from psmtp.com by acmsmtp01.acm.org (ACM Email Forwarding Service) with SMTP (SSL) id 1201307140929342592 for ; Sun, 14 Jul 2013 09:29:34 -0400 Received: from mail1.example.net ([10.0.0.1]) (using TLSv1) by na3sys009amx182.postini.com ([74.125.148.10]) with SMTP; Sun, 14 Jul 2013 09:29:34 EDT Received: from [203.7.227.249] by mail1.example.net with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1UyMMk-0005J8-7N for akumria at acm.org; Sun, 14 Jul 2013 13:29:30 +0000 Message-ID: <51E2A7B0.9000303 at example.com> Date: Sun, 14 Jul 2013 14:29:20 +0100 From: Anand Kumria User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:23.0) Gecko/20100101 Thunderbird/23.0 MIME-Version: 1.0 To: Anand Kumria Subject: sieve redirect test X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-pstn-neptune: 0/0/0.00/0 X-pstn-levels: (S: 0.00186/92.94654 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) X-pstn-dkim: 0 skipped:not-enabled X-pstn-settings: 3 (1.0000:1.0000) s cv gt4 gt3 gt2 gt1 p X-pstn-addresses: from forward (user good) [1131/47] A -------------- next part -------------- A non-text attachment was scrubbed... Name: 1373811315.24616_23.niflheim:2,S Type: application/octet-stream Size: 2764 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecont.conf-public Type: application/octet-stream Size: 2656 bytes Desc: not available URL: From stephan at rename-it.nl Wed Jul 24 13:52:24 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 24 Jul 2013 12:52:24 +0200 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: References: <51EF705A.5090502@rename-it.nl> Message-ID: <51EFB1E8.8010408@rename-it.nl> Op 7/24/2013 12:32 PM, Anand Kumria schreef: > Hi Stephan, > > Attached is the configuration and both the original message as > received (sieve redirect test.eml) and what it was like at the > location where the redirect was received > (1373811315.24616_23.niflheim:2,S) > > Let me know if you need anything else to diagnose the problem. Bizarre. I haven't seen this before, I cannot reproduce it and I don't see how Sieve could be introducing additional spaces. Anything is possible, but are you sure this is caused by Sieve? Is `sieve redirect test.eml' the same as what is saved by Sieve using fileinto? I'm wondering what exact message is being passed to Sieve, since this problem could also be caused by the LMTP transfer. Regards, Stephan. From wildfire at progsoc.org Wed Jul 24 14:04:10 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Wed, 24 Jul 2013 12:04:10 +0100 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: <51EFB1E8.8010408@rename-it.nl> References: <51EF705A.5090502@rename-it.nl> <51EFB1E8.8010408@rename-it.nl> Message-ID: Hi Stephan, On 24 July 2013 11:52, Stephan Bosch wrote: > Op 7/24/2013 12:32 PM, Anand Kumria schreef: > > Hi Stephan, >> >> Attached is the configuration and both the original message as received >> (sieve redirect test.eml) and what it was like at the location where the >> redirect was received (1373811315.24616_23.niflheim:**2,S) >> >> Let me know if you need anything else to diagnose the problem. >> > > Bizarre. I haven't seen this before, I cannot reproduce it and I don't see > how Sieve could be introducing additional spaces. Anything is possible, but > are you sure this is caused by Sieve? > The only sieve script in use is: if anyof( address :is "to" "akumria at acm.org", exists "List-ID") { redirect "wildfire at progsoc.org"; keep; } > Is `sieve redirect test.eml' the same as what is saved by Sieve using > fileinto? I'm wondering what exact message is being passed to Sieve, since > this problem could also be caused by the LMTP transfer. > I'm not sure what you mean by your first question, but from what I understand if there was no 'keep' in the above script I would not have a local copy. As I said, my suspicions are on 'mail_crlf_save = yes', since that *is* specifically modifying the headers associated with the message. Regards, Anand From gheskett at wdtv.com Wed Jul 24 15:25:46 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Wed, 24 Jul 2013 08:25:46 -0400 Subject: [Dovecot] dbus support in dovecot? Message-ID: <201307240825.46329.gheskett@wdtv.com> Greetings; I am trying to transition from ubu10.04.4 LTS to ubu12.04.2 LTS, but in the changeover I want to setup dovecot as a local only imap server so that I can read & respond to email from any of the other 4 or so machines on my local net. To that end, and given that I have a well working setup right now, using fetchmail driving mailfilter as a pre-check, procmail as the MTA delivering to /var/spool/mail/me, with clamav and spamd in the mix to intercept and send to /dev/null the worst of the spam, or to a quarantine file if clamav triggers. The current transfer mechanism is driven by a script that uses inotifywait to detect newly delivered mail in that directory, and which then sends kmail a dbus message to go get the mail. Since I want to insert dovecot into this chain, does dovecot have a dbus port, and if so, what is the format of the command it expects? Thanks all. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From stephan at rename-it.nl Wed Jul 24 16:30:32 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 24 Jul 2013 15:30:32 +0200 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: References: <51EF705A.5090502@rename-it.nl> <51EFB1E8.8010408@rename-it.nl> Message-ID: <51EFD6F8.6030102@rename-it.nl> Op 7/24/2013 1:04 PM, Anand Kumria schreef: > > As I said, my suspicions are on 'mail_crlf_save = yes', since that > *is* specifically modifying the headers associated with the message. > This setting has no effect on Sieve redirect since the message is not saved. However, redirect does use Dovecot functionality that filters headers and fixes line endings. What could be happening here is that the header of the message is somehow consolidated into one big Delivered-To header. I'll discuss this some more with Timo. Regards, Stephan. From h.reindl at thelounge.net Wed Jul 24 16:32:57 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 24 Jul 2013 15:32:57 +0200 Subject: [Dovecot] Sieve info In-Reply-To: <1374668979.6496.48.camel@tardis> References: <4cd8699acd50ef6036c89f8a99070be2@junc.eu> <51EEE29B.3090505@thelounge.net> <51EF8066.70704@hardwarefreak.com> <51EF85AE.1050209@thelounge.net> <1374668979.6496.48.camel@tardis> Message-ID: <51EFD789.7070602@thelounge.net> Am 24.07.2013 14:29, schrieb Noel Butler: > dnsbl - yes, his IP range is now listed in two lists. > > insisted to one dnsbl that they should list the dovecot mailing list > server IP's not his, why? because the list server directly sent his > abuse, not his mail server direct to, not only mine, but others :) you do not understand the problem i never said you should blacklist any mailing-list-server i only said that it is pretty dumb to block a /24 network on a DNSBL because one user from one of the IP's is disliked by you with this brain-dead logic you would need to block also all google-ranges if you dislike a single person with a gmail-address but for *that* you are too faint-hearted serious people can decide by theirself what the want or want not to read and do not need to misuse their position of controlling a RBL > Ahhh if only he was not dev nulled, I would likely have another abusive > email from him jumping up and down claiming yet again he is the innocent > victim, yes, we are all wrong.... the problem is that you can not read anything i write directly because your /dev/nulling, so in the worst case you see only stripped answers of some nitpickers and -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From stephan at rename-it.nl Wed Jul 24 17:10:10 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Wed, 24 Jul 2013 16:10:10 +0200 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: <51EFD6F8.6030102@rename-it.nl> References: <51EF705A.5090502@rename-it.nl> <51EFB1E8.8010408@rename-it.nl> <51EFD6F8.6030102@rename-it.nl> Message-ID: <51EFE042.4020609@rename-it.nl> Op 7/24/2013 3:30 PM, Stephan Bosch schreef: > Op 7/24/2013 1:04 PM, Anand Kumria schreef: >> >> As I said, my suspicions are on 'mail_crlf_save = yes', since that >> *is* specifically modifying the headers associated with the message. >> > > This setting has no effect on Sieve redirect since the message is not > saved. However, redirect does use Dovecot functionality that filters > headers and fixes line endings. What could be happening here is that > the header of the message is somehow consolidated into one big > Delivered-To header. > > I'll discuss this some more with Timo. As you suggested earlier, this change may have something to do with it: http://hg.rename-it.nl/dovecot-2.2-pigeonhole/rev/e439789e3211 The reporter of the bug that led to this change indicated that Exim presents strange behavior when the message mixes LF and CRLF line endings in the header. Since your next-hop MTA is also Exim, this may have the same root cause. Please try to apply this change and see whether this problem persists. If this fixes it, I should make a new release soon. When the problem persists, try to capture the outgoing message before it enters the MTA, e.g. by pointing sendmail_path to a shell script that saves the message somewhere. That way we can see what mail is actually being sent to the MTA. Regards, Stephan. From TIHiggins at uss.com Wed Jul 24 18:50:38 2013 From: TIHiggins at uss.com (Thomas I Higgins) Date: Wed, 24 Jul 2013 11:50:38 -0400 Subject: [Dovecot] POP3 issues Message-ID: I have been trying off and on for the better part of a year to get a dovecot server migrated from one machine to another. It is currently working on CENTOS and we are trying to get it on Redhat. Currently I have everything migrated and working in IMAP, but we have one client device that requires POP3 (doesn't support IMAP). To this end, we have set up everything to work in POP3 as far as I can tell. In the dovecot.conf file, we show: protocols = imap imaps pop3 pop3s protocol pop3 { pop3_uidl_format = %08Xu%08Xv } The services running include: dovecot-auth imap-login imap-login imap-login pop3-login pop3-login pop3-login Everything else looks good including the logs which seem to show proper connectivity - messages are being received, accounts are connecting and disconnecting, etc. but the pop connections are not (apparently) passing messages found in that box. They are still just sitting there, not being read, picked up, or otherwise delivered by dovecot. Any ideas on what else I can check or change to get this to pick up? Thanks, Tom Higgins From TIHiggins at uss.com Wed Jul 24 19:02:44 2013 From: TIHiggins at uss.com (Thomas I Higgins) Date: Wed, 24 Jul 2013 12:02:44 -0400 Subject: [Dovecot] Fw: POP3 issues Message-ID: Sorry - forgot to mention it is on Dovecot version 1.0.7 and RHEL 5.6 Tom >I have been trying off and on for the better part of a year to get a dovecot server migrated from one machine to another. It is currently working on CENTOS and we are trying to get it on Redhat. Currently I have everything migrated and >working in IMAP, but we have one client device that requires POP3 (doesn't support IMAP). To this end, we have set up everything to work in POP3 as far as I can tell. > >In the dovecot.conf file, we show: > >protocols = imap imaps pop3 pop3s >protocol pop3 { > pop3_uidl_format = %08Xu%08Xv >} > >The services running include: > >dovecot-auth >imap-login >imap-login >imap-login >pop3-login >pop3-login >pop3-login > >Everything else looks good including the logs which seem to show proper connectivity - messages are being received, accounts are connecting and disconnecting, etc. but the pop connections are not (apparently) passing messages >found in that box. They are still just sitting there, not being read, picked up, or otherwise delivered by dovecot. Any ideas on what else I can check or change to get this to pick up? > >Thanks, >Tom Higgins From rs at sys4.de Wed Jul 24 19:20:17 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 24 Jul 2013 18:20:17 +0200 Subject: [Dovecot] Fw: POP3 issues In-Reply-To: References: Message-ID: <51EFFEC1.6080001@sys4.de> Am 24.07.2013 18:02, schrieb Thomas I Higgins: > Sorry - forgot to mention it is on Dovecot version 1.0.7 and RHEL 5.6 it makes small sense to support in such old version, anyway give us the output of dovecot -n you should not invest time in migrate to old versions go for 2.1.17 or 2.2.4 Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein From TIHiggins at uss.com Wed Jul 24 19:51:17 2013 From: TIHiggins at uss.com (Thomas I Higgins) Date: Wed, 24 Jul 2013 12:51:17 -0400 Subject: [Dovecot] Fw: POP3 issues In-Reply-To: <51EFFEC1.6080001@sys4.de> References: <51EFFEC1.6080001@sys4.de> Message-ID: Thanks for the fast response. Here is the output: [root at nocalert01 ~]# /usr/sbin/dovecot -n # 1.0.7: /etc/dovecot.conf Warning: mail_extra_groups setting was often used insecurely so it is now deprecated, use mail_access_groups or mail_privileged_group instead ssl_cert_file: /etc/pki/tls/certs/nocalert01.psc.uss.com.cert ssl_key_file: /etc/pki/tls/private/nocalert01.psc.uss.com.key login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_extra_groups: mail mail_access_groups: mail mail_location: maildir:~/Maildir mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib64/dovecot/imap mail_plugin_dir(imap): /usr/lib64/dovecot/imap mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3 namespace: type: private separator: / From wildfire at progsoc.org Thu Jul 25 09:06:58 2013 From: wildfire at progsoc.org (Anand Kumria) Date: Thu, 25 Jul 2013 07:06:58 +0100 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: <51EFE042.4020609@rename-it.nl> References: <51EF705A.5090502@rename-it.nl> <51EFB1E8.8010408@rename-it.nl> <51EFD6F8.6030102@rename-it.nl> <51EFE042.4020609@rename-it.nl> Message-ID: Hi Stephan, I'm not sure, I'm using Dovecot-managesieved 0.4.0-14, which I believe is commit 1771:b41f5cf04b8f, which is actually *before* the commit you mentioned. I'm not clear because you already have a release (v4.1) which does contain that patch; are you suggesting that an upgrade to that version might help? Regards, Anand On 24 July 2013 15:10, Stephan Bosch wrote: > Op 7/24/2013 3:30 PM, Stephan Bosch schreef: > > Op 7/24/2013 1:04 PM, Anand Kumria schreef: >> >>> >>> As I said, my suspicions are on 'mail_crlf_save = yes', since that *is* >>> specifically modifying the headers associated with the message. >>> >>> >> This setting has no effect on Sieve redirect since the message is not >> saved. However, redirect does use Dovecot functionality that filters >> headers and fixes line endings. What could be happening here is that the >> header of the message is somehow consolidated into one big Delivered-To >> header. >> >> I'll discuss this some more with Timo. >> > > As you suggested earlier, this change may have something to do with it: > > http://hg.rename-it.nl/**dovecot-2.2-pigeonhole/rev/**e439789e3211 > > The reporter of the bug that led to this change indicated that Exim > presents strange behavior when the message mixes LF and CRLF line endings > in the header. Since your next-hop MTA is also Exim, this may have the same > root cause. > > Please try to apply this change and see whether this problem persists. If > this fixes it, I should make a new release soon. > > When the problem persists, try to capture the outgoing message before it > enters the MTA, e.g. by pointing sendmail_path to a shell script that saves > the message somewhere. That way we can see what mail is actually being sent > to the MTA. > > Regards, > > Stephan. > > > > From skdovecot at smail.inf.fh-brs.de Thu Jul 25 10:02:14 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Jul 2013 09:02:14 +0200 (CEST) Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307240825.46329.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 24 Jul 2013, Gene Heskett wrote: > I am trying to transition from ubu10.04.4 LTS to ubu12.04.2 LTS, but in the > changeover I want to setup dovecot as a local only imap server so that I > can read & respond to email from any of the other 4 or so machines on my > local net. > > To that end, and given that I have a well working setup right now, using > fetchmail driving mailfilter as a pre-check, procmail as the MTA delivering > to /var/spool/mail/me, with clamav and spamd in the mix to intercept and > send to /dev/null the worst of the spam, or to a quarantine file if clamav > triggers. > > The current transfer mechanism is driven by a script that uses inotifywait > to detect newly delivered mail in that directory, and which then sends > kmail a dbus message to go get the mail. > > Since I want to insert dovecot into this chain, does dovecot have a dbus > port, and if so, what is the format of the command it expects? Dovecot does not have no dbus support, as far as I know. If you only want to monitor one (or some minor number of mailboxes), you would setup kmail using IMAP, then tag this mailboxes to be monitored. Dovecot then uses that open connection to signal a newly arrived message. Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfDNdl3r2wJMiz2NAQJP3ggAqiPfjSNJm+VVSirdnx3fhk2JVlu0EkgL GUFt2vEnrsoKnqnJbo9sygjH+qL81tFS+aqN1be7yLd03pz+gBNTBNil5iG3yht3 evFoFY8m8t59wIRL4D/knIHR74tsoPxctMTvr/SmnpnmfrOQ+JuMh/Ni9/by8v8k RfyGrv3nKD16E/A01TFNfrzsnkplG9uXyl9O37UWvkPIeD7kO1cv+qkne2IQrQrH /pUmdf0C9Ws8u0hayvqZlgG4rfp/azefyde8jaMQrvghYyDqov442CgHokbvQcqO 7Bp7jvL6+UnHftLmTIionCT2pRgQAfqf+lw03bjH+EUKb0MEBoIRzg== =lr21 -----END PGP SIGNATURE----- From stephan at rename-it.nl Thu Jul 25 10:11:15 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 25 Jul 2013 09:11:15 +0200 Subject: [Dovecot] piegonhole sieve prepending header lines with an extra space In-Reply-To: References: <51EF705A.5090502@rename-it.nl> <51EFB1E8.8010408@rename-it.nl> <51EFD6F8.6030102@rename-it.nl> <51EFE042.4020609@rename-it.nl> Message-ID: <51F0CF93.8070305@rename-it.nl> On 7/25/2013 8:06 AM, Anand Kumria wrote: > Hi Stephan, > > I'm not sure, I'm using Dovecot-managesieved 0.4.0-14, which I believe > is commit > > 1771:b41f5cf04b8f, which is actually *before* the commit you mentioned. > > > I'm not clear because you already have a release (v4.1) which does > contain that patch; are you suggesting that an upgrade to that version > might help? > Oh, right, it is already released. So, yes, upgrade. Regards, Stephan. From skdovecot at smail.inf.fh-brs.de Thu Jul 25 10:21:58 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Jul 2013 09:21:58 +0200 (CEST) Subject: [Dovecot] =?utf-8?q?Managing_IMAP_IDLE/Push_with_Sieve_=E2=80=93_?= =?utf-8?q?possible=3F?= In-Reply-To: <5a68bc0fee97243aef5c0aff9aefd778@sandrobauer.eu> References: <51ED8137.50402@nurfuerspam.de> <5a68bc0fee97243aef5c0aff9aefd778@sandrobauer.eu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Jul 2013, FF wrote: > Thanks, that's interesting -- two questions: > > 1) Why is it not possible? Just not implemented, or is there any technical > reason that actually prevents it from being implemented? Because the current implementation of IDLE signals any message to the waiting client. > 2) What do you mean by INBOX? Another, completely separate email account? > Yes, that would be my backup plan. When your client IDLEs, it monitors just one particular mailbox, say INBOX, top.sub.sub2.box, or whatever. So, if you have your client IDLE (monitor) INBOX and have all senders delivered to yet another, newly created mailbox (mail folder, ..., _not_ another mail account), which is not monitored with IDLE, you get no PUSH for them. You have to pull them. ===== Did you've read Robert's answer about LEMONADE? Maybe ESEARCH and NOTIFY do what you want, because RFC5465 / sec 5.2: " If a search context is in effect as specified in [RFC5267], an ESEARCH ADDTO will also be generated, if appropriate. In this case, the EXISTS response MUST precede the ESEARCH response. Both the NOTIFY command and the SEARCH and SORT commands (see Section 7) can specify attributes to be returned for new messages. These attributes SHOULD be combined into a single FETCH response. The server SHOULD avoid sending duplicate data. The FETCH response(s) MUST follow any ESEARCH ADDTO responses." You could flag "priority" senders in Sieve and let you notify for new messages with that flag. How well or if at all Dovecot supports this (and your client ;-) ), I don't know. kind regards, >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Mon, 22 Jul 2013, FF wrote: >> >>> I've been using Dovecot with Sieve for a long time already, and I'm very >>> happy with it. Push is working fine too. I was wondering, however, whether >>> it would be possible to define a Sieve rule (perhaps using some plug-in), >>> such that an IMAP push message gets sent out only for specific senders >>> etc.? >> >> I think you cannot. >> >> But you could split your INBOX into senders with PUSH (that are >> delivered to the INBOX) and others, that are delivered to INBOX2. >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.11 (GNU/Linux) >> >> iQEVAwUBUe4zH13r2wJMiz2NAQLd4gf/ZcfpXHUQCOozFV5L464voasate3T+aDf >> W6dnk9s+jOZiYmZZzaxZPw2z14v0GA5BAJdp4h/klbFPxg7Fs9MjUdoi2kusKaw6 >> ofbQwCsGnGD+kxme0JKtnayWo07Vwdo1rjbhxtSSGU7K4RVtnh4Kj6wTySCYrzKN >> +0mPIU1XUVJqw6ir+xrJSmcWY5joOnQ1+m1TI6J4E+qIqc+QjJkX1LFOMz+1Lz0x >> QR05UaH0+bWQPZqknWrxEEHz0eIXZsbrTuosMDHnHjDv1jRe1RzPFi6k+JvbCXcj >> N4ip0MNuMuYp/tXG9ntYjRwUvjJ8Du9smwh4FE72Uv11povihr7PzA== >> =0Afu >> -----END PGP SIGNATURE----- > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfDSFl3r2wJMiz2NAQIvPQf/ajXvgPyv4tViMjSQsVeZkk9OWv8sYh/V 9+X30olLhCWCkVRrt1RBpwmulYkQtXgbKT09wiK+Ro5dZcT9Xmr2g9+mKdPIPFFY StXW3k82S/4IwyWRoaJRfIq5qM7UFWTcxSZFZbc0+Wo903VBZ+MdFHeQv2B6K8uX fR0BRDgbmgUhqK71r2Bg76d+rzovEGUdr21RNFrTui/cuR26uf2tsMHqAYwIU/V6 rdmjy5d9Zg4GCUcBQWMkRSjXN5E9q6NKdzh2AtHtt5BerCbG0gCSU7mWEXMwjVRx fHoy4Lhwx5vlKaFBV9Gd8oc+5jQ+po4N7drmLwtDrAZUBvKbR7jrkQ== =NFGc -----END PGP SIGNATURE----- From kavish.karkera at yahoo.com Thu Jul 25 13:29:44 2013 From: kavish.karkera at yahoo.com (Kavish Karkera) Date: Thu, 25 Jul 2013 18:29:44 +0800 (SGT) Subject: [Dovecot] Duplicate Mails downloding issue Message-ID: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> Hi All, We are repeatedly getting the below warning / errors on our pop server. Please help us out buy knowing what could be the issue. ------------------------------------------------------------------------------------------------------------------------------------------------------- Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) --------------------------------------------------------------------------------------------------------------------------------------------------------- Regards, Kavish Karkera From gheskett at wdtv.com Thu Jul 25 14:57:55 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Thu, 25 Jul 2013 07:57:55 -0400 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: References: <201307240825.46329.gheskett@wdtv.com> Message-ID: <201307250757.55454.gheskett@wdtv.com> On Thursday 25 July 2013 07:10:38 Steffen Kaiser did opine: > On Wed, 24 Jul 2013, Gene Heskett wrote: > > I am trying to transition from ubu10.04.4 LTS to ubu12.04.2 LTS, but > > in the changeover I want to setup dovecot as a local only imap server > > so that I can read & respond to email from any of the other 4 or so > > machines on my local net. > > > > To that end, and given that I have a well working setup right now, > > using fetchmail driving mailfilter as a pre-check, procmail as the > > MTA delivering to /var/spool/mail/me, with clamav and spamd in the > > mix to intercept and send to /dev/null the worst of the spam, or to a > > quarantine file if clamav triggers. > > > > The current transfer mechanism is driven by a script that uses > > inotifywait to detect newly delivered mail in that directory, and > > which then sends kmail a dbus message to go get the mail. > > > > Since I want to insert dovecot into this chain, does dovecot have a > > dbus port, and if so, what is the format of the command it expects? > > Dovecot does not have no dbus support, as far as I know. > If you only want to monitor one (or some minor number of mailboxes), you > would setup kmail using IMAP, then tag this mailboxes to be monitored. > Dovecot then uses that open connection to signal a newly arrived > message. > > Kind regards, Might be a workable solution, if the 12.4.2 LTS supplied kmail would run. Unforch it throws an error no one on the kde-pim or kde mailing lists has ever seen, and exits when the failure advisory is closed. Fat lot of good at troubleshooting the problem that is, and one, just one of several reasons I want to switch to claws-mail. Not to mention that in order to post to either of those two lists, I have to nuke my whole sig else its held forever as potential spam. So, can this become a request for this dbus support to be added to dovecot? Or does it have its own mechanism that would cause a newly arrived message to be sieved or pigeonholed such that an imap client see's it asap? I am not fussy how the job gets done, as long as it does. Alternatively, if dovecot could take over for the fetchmail procmail/spamd/clamav chain I've been using for years, then it would know when a new message has been 'pop'ed from one of the servers I scan with fetchmail now. I printed and scanned the Steve Litt dovecot docs, but wasn't able to glean that info from what I have. And apparently the wiki2 pages have not been collated into a pdf for reference as I try to make it work. I may have something fubared there now, as my main mail server, which uses portsentry, and I am winding up in that machines hosts.deny file file every time I boot to 12.4.2 LTS + kde. I have that drive mounted in this boot. And I can't fix it once I'm blocked because my ip is blocked, so I'd have to ssh into one of the other machines at the tv station, and then ssh from that machine to the mail server. I don't keep those passwords on the wall, or use them that often. So, where in the boot sequence is dovecot started? I can mv the link in /etc/init.d, but since its a link to upstart, is that sufficient? Try it I guess. Thanks for reading this far. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views Everything might be different in the present if only one thing had been different in the past. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From skdovecot at smail.inf.fh-brs.de Thu Jul 25 15:19:10 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Jul 2013 14:19:10 +0200 (CEST) Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307250757.55454.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> <201307250757.55454.gheskett@wdtv.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Gene Heskett wrote: > Date: Thu, 25 Jul 2013 07:57:55 -0400 > From: Gene Heskett > To: dovecot at dovecot.org > Subject: Re: [Dovecot] dbus support in dovecot? > > On Thursday 25 July 2013 07:10:38 Steffen Kaiser did opine: > >> On Wed, 24 Jul 2013, Gene Heskett wrote: >>> I am trying to transition from ubu10.04.4 LTS to ubu12.04.2 LTS, but >>> in the changeover I want to setup dovecot as a local only imap server >>> so that I can read & respond to email from any of the other 4 or so >>> machines on my local net. >>> >>> To that end, and given that I have a well working setup right now, >>> using fetchmail driving mailfilter as a pre-check, procmail as the >>> MTA delivering to /var/spool/mail/me, with clamav and spamd in the >>> mix to intercept and send to /dev/null the worst of the spam, or to a >>> quarantine file if clamav triggers. >>> >>> The current transfer mechanism is driven by a script that uses >>> inotifywait to detect newly delivered mail in that directory, and >>> which then sends kmail a dbus message to go get the mail. >>> >>> Since I want to insert dovecot into this chain, does dovecot have a >>> dbus port, and if so, what is the format of the command it expects? >> >> Dovecot does not have no dbus support, as far as I know. >> If you only want to monitor one (or some minor number of mailboxes), you >> would setup kmail using IMAP, then tag this mailboxes to be monitored. >> Dovecot then uses that open connection to signal a newly arrived >> message. >> >> Kind regards, > > Might be a workable solution, if the 12.4.2 LTS supplied kmail would run. > Unforch it throws an error no one on the kde-pim or kde mailing lists has > ever seen, and exits when the failure advisory is closed. Fat lot of good > at troubleshooting the problem that is, and one, just one of several > reasons I want to switch to claws-mail. Not to mention that in order to > post to either of those two lists, I have to nuke my whole sig else its > held forever as potential spam. > > So, can this become a request for this dbus support to be added to dovecot? > Or does it have its own mechanism that would cause a newly arrived message > to be sieved or pigeonholed such that an imap client see's it asap? I am > not fussy how the job gets done, as long as it does. > > Alternatively, if dovecot could take over for the fetchmail > procmail/spamd/clamav chain I've been using for years, then it would know > when a new message has been 'pop'ed from one of the servers I scan with > fetchmail now. there might be a misunderstanding here, Dovecot is an IMAP and POP3 server. It ships tools that replicate messages from other Dovecot servers and in limits from other IMAP servers. If you intend to POP other servers, copy their messages to one local host and view your messages "offline", I would keep fetchmail and Co. Or when it suits more, maybe imapsync. If you keep that chain any local mailer should be able to pick up the locally spooled messages. Maybe you could switch to Maildir as backend, in order to minimizes locking issues. Of course, you could serve that local mail spool with Dovecot to other IMAP or POP3 clients. You also could fetchmail the remote hosts and inject them into a local Dovecot server via LMTP, you can then try to run clamav and spamd from Sieve and you have the other Sieve-capabilities as well. > I printed and scanned the Steve Litt dovecot docs, but wasn't able to glean > that info from what I have. And apparently the wiki2 pages have not been > collated into a pdf for reference as I try to make it work. I may have > something fubared there now, as my main mail server, which uses portsentry, > and I am winding up in that machines hosts.deny file file every time I boot > to 12.4.2 LTS + kde. I have that drive mounted in this boot. > > And I can't fix it once I'm blocked because my ip is blocked, so I'd have > to ssh into one of the other machines at the tv station, and then ssh from > that machine to the mail server. I don't keep those passwords on the wall, > or use them that often. > > So, where in the boot sequence is dovecot started? I can mv the link in > /etc/init.d, but since its a link to upstart, is that sufficient? Try it I > guess. > > Thanks for reading this far. > > Cheers, Gene > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfEXv13r2wJMiz2NAQJBFQf/aXqeUlzDa7u74cfyNhtPNPGbzwKg9TCJ LhO56PmSHP9pTQncOYcdgeOAu5brNv/zPB6xBifOrpnfbjcLRRov+78GGnTszozv Zn3LMqGXbvdPrxqdMa25W5/Znm3Ndpvtb8kdhK2GwW6tQFrs5gfW82P/OdQX4FU1 xNdL34xNImj8j74q1w9wHZ8xTcQMTJCdQKJheQktR/ftyi+Eu1obq7OVt9EoIrWY bu5TBcTOPnuOOC9AQLCk1K70usoUSRoQADHfnkymwX9BLQaWnhPTT/XsB4r9bBWp hmxQDsWof8Qm3AYqJcn7FibO9tLKGW9AldBwB0gM40z3CI1qIEUSyw== =Hxz+ -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Jul 25 15:24:08 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Jul 2013 14:24:08 +0200 (CEST) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Kavish Karkera wrote: > ------------------------------------------------------------------------------------------------------------------------------------------------------- > > Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds some process keeps the INBOX locked, but does not touch the file, so it looks like a stale lock. > Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) Therefore some other process had broken the lock and had appended a message. > Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory > > Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory then the former process(es) finish and try to clean up, but the "some other process" already deleted the lock file. > Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) > --------------------------------------------------------------------------------------------------------------------------------------------------------- So you have to check your system why a process, that as locked INBOX, is stalled for more than 120min. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfEY6F3r2wJMiz2NAQICHwf9HJG66UAHGJp1nT8Ql31n1Bk1KWb+wAhA p2nReYZVSbzZOJM84Dkw8xLu3WoHzFxFEIS+CJc7xGtaeWGrwrTik6d7LKjwI9gf HCun1rq9VzfS85sHvn1owVJxMnUrA3YcY90aQZ6SWHNwvrdmmqqIPhQdGx7xc3En N1jJ0wPEd9hbJyi+2MScZt0WxKuRR+Wpkl14gO6ZPcX95uONGzLcSTs071rAXT+c 6RWLxn2jhruk4qUIm+PGnHkwXTnKL2Dqfladj4/ybxTRn2hgNldK8w4piUwwPWIn HW/hN+sDM/hlRtyu0zHVfiFC7MES6s0JonzwDlOKAFt9dUUG4Mcr9Q== =mar+ -----END PGP SIGNATURE----- From kavish.karkera at yahoo.com Thu Jul 25 15:51:27 2013 From: kavish.karkera at yahoo.com (Kavish Karkera) Date: Thu, 25 Jul 2013 20:51:27 +0800 (SGT) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> Message-ID: <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> Thanks Steffen for the valuable knowledge. Need to know futher that, how could this lead to mails to get re-downloaded. ?? Regards, Kavish Karkera ________________________________ From: Steffen Kaiser To: Kavish Karkera Cc: "dovecot at dovecot.org" Sent: Thursday, 25 July 2013 5:54 PM Subject: Re: [Dovecot] Duplicate Mails downloding issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Kavish Karkera wrote: > ------------------------------------------------------------------------------------------------------------------------------------------------------- > > Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds some process keeps the INBOX locked, but does not touch the file, so it looks like a stale lock. > Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) Therefore some other process had broken the lock and had appended a message. > Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory > > Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory then the former process(es) finish and try to clean up, but the "some other process" already deleted the lock file. > Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) > --------------------------------------------------------------------------------------------------------------------------------------------------------- So you have to check your system why a process, that as locked INBOX, is stalled for more than 120min. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfEY6F3r2wJMiz2NAQICHwf9HJG66UAHGJp1nT8Ql31n1Bk1KWb+wAhA p2nReYZVSbzZOJM84Dkw8xLu3WoHzFxFEIS+CJc7xGtaeWGrwrTik6d7LKjwI9gf HCun1rq9VzfS85sHvn1owVJxMnUrA3YcY90aQZ6SWHNwvrdmmqqIPhQdGx7xc3En N1jJ0wPEd9hbJyi+2MScZt0WxKuRR+Wpkl14gO6ZPcX95uONGzLcSTs071rAXT+c 6RWLxn2jhruk4qUIm+PGnHkwXTnKL2Dqfladj4/ybxTRn2hgNldK8w4piUwwPWIn HW/hN+sDM/hlRtyu0zHVfiFC7MES6s0JonzwDlOKAFt9dUUG4Mcr9Q== =mar+ -----END PGP SIGNATURE----- From gheskett at wdtv.com Thu Jul 25 16:02:10 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Thu, 25 Jul 2013 09:02:10 -0400 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: References: <201307240825.46329.gheskett@wdtv.com> <201307250757.55454.gheskett@wdtv.com> Message-ID: <201307250902.11019.gheskett@wdtv.com> On Thursday 25 July 2013 08:38:33 Steffen Kaiser did opine: > there might be a misunderstanding here, Dovecot is an IMAP and POP3 > server. It ships tools that replicate messages from other Dovecot > servers and in limits from other IMAP servers. > > If you intend to POP other servers, copy their messages to one local > host and view your messages "offline", I would keep fetchmail and Co. That is the gist of what I have in mind. Dovecot can I assume, watch the mailfiles in /var/spool/mail? My present method of using inotifywait wrapped in a bash script to tell kmail to go get the new mail via a dbus message has worked well for years. But with no previous experience with imap, I haven't a clue how new mail arrival is handled in that sort of a setup. > Or when it suits more, maybe imapsync. If you keep that chain any local > mailer should be able to pick up the locally spooled messages. Maybe > you could switch to Maildir as backend, in order to minimizes locking > issues. Of course, you could serve that local mail spool with Dovecot > to other IMAP or POP3 clients. Already "pigeonhole"d or "sieve"d into the usual folder format? Once I get the sorting filter rules re manufactured, that would be great! > You also could fetchmail the remote hosts and inject them into a local > Dovecot server via LMTP, you can then try to run clamav and spamd from > Sieve and you have the other Sieve-capabilities as well. LTMP is a new acronym to me. Sorry. Synonymous to an MTA? Effectively replacing procmail with dovecot and sieve but still using spamd and clamav? Are there any better tutorials than Steve Litt's?, which seem to be getting a tad dated now. Thank you Steffen. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views fortune: cpu time/usefulness ratio too high -- core dumped. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From ben at morrow.me.uk Thu Jul 25 17:03:39 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 25 Jul 2013 15:03:39 +0100 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307250902.11019.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> <201307250757.55454.gheskett@wdtv.com> <201307250902.11019.gheskett@wdtv.com> Message-ID: <20130725140339.GA4785@anubis.morrow.me.uk> At 9AM -0400 on 25/07/13 you (Gene Heskett) wrote: > On Thursday 25 July 2013 08:38:33 Steffen Kaiser did opine: > > > there might be a misunderstanding here, Dovecot is an IMAP and POP3 > > server. It ships tools that replicate messages from other Dovecot > > servers and in limits from other IMAP servers. > > > > If you intend to POP other servers, copy their messages to one local > > host and view your messages "offline", I would keep fetchmail and Co. > > That is the gist of what I have in mind. > > Dovecot can I assume, watch the mailfiles in /var/spool/mail? > > My present method of using inotifywait wrapped in a bash script to tell > kmail to go get the new mail via a dbus message has worked well for years. > But with no previous experience with imap, I haven't a clue how new mail > arrival is handled in that sort of a setup. If a mail client (kmail or anything else which supports IDLE) has a logged-in IMAP session which is sitting in IDLE, Dovecot will watch that user's mailspool and notify the client when new mail arrives. What it won't do, however, is try to take that new mail out of the spool, filter it, and put it back. If you want Dovecot to filter mail you have to insert it into the delivery chain, before the mail gets to /var/spool/mail. There are two ways of doing this: with dovecot-lda, or with LMTP. > > Or when it suits more, maybe imapsync. If you keep that chain any local > > mailer should be able to pick up the locally spooled messages. Maybe > > you could switch to Maildir as backend, in order to minimizes locking > > issues. Of course, you could serve that local mail spool with Dovecot > > to other IMAP or POP3 clients. > > Already "pigeonhole"d or "sieve"d into the usual folder format? Once I get > the sorting filter rules re manufactured, that would be great! It sounds to me like you *just* want dovecot-lda. dovecot-lda is an MDA, that is, a program which does the same job as procmail or maildrop, and it supports Sieve. It also supports sieve extensions which let you run arbitrary programs, so you can run the mail through clamav/whatever. If you configure Dovecot to keep mail in /var/spool/mail, and to use sieve, and then replace your current call to procmail with an equivalent call to dovecot-lda, I believe this will do what you want. I'm not sure, but I think with Dovecot 2 you will need to run the basic Dovecot daemons in order to make things work, but you can turn off IMAP and POP. Of course, once you've got delivery working you could then turn IMAP back on, and get rid of that inotifywait hack. At that point there's no good reason to stick to an mbox format mailspool, since the only program which ever touches it is Dovecot, so you can switch to Maildir or dbox instead. However, I would strongly recommend changing only one thing at a time, and making sure the new setup works properly before changing anything else. > > You also could fetchmail the remote hosts and inject them into a local > > Dovecot server via LMTP, you can then try to run clamav and spamd from > > Sieve and you have the other Sieve-capabilities as well. > > LTMP is a new acronym to me. Sorry. Synonymous to an MTA? Effectively > replacing procmail with dovecot and sieve but still using spamd and clamav? You mean MDA. An MTA (Mail Transfer Agent) receives mail by SMTP and either hands it to an MDA or sends it out again by SMTP; an MDA takes mail from an MTA and does local delivery. LMTP is a protocol for MTAs to talk to MDAs; that is, instead of the MTA invoking the MDA with command-line arguments and passing the message on stdin, it opens a socket (usually Unix-domain) and talks to the MDA on the other end. (The protocol itself is very nearly the same as SMTP, with one rather important difference.) Using LMTP rather than a command-line MDA means the MDA runs as a daemon, and the MTA has to be configured to use an LMTP client rather than a command for delivery. As far as Dovecot is concerned this is pretty-much the only important difference. Ben From skdovecot at smail.inf.fh-brs.de Thu Jul 25 17:33:33 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 25 Jul 2013 16:33:33 +0200 (CEST) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Kavish Karkera wrote: > Thanks Steffen for the valuable knowledge. > Need to know futher that, how could this lead to mails to get re-downloaded. ?? Because Dovecot detects that the UID list is erroreous and therefore rebuilts it. To prevent data loss, either the complete list of messages or just the conflicting ones [the messages that had been delivered in parallel and caused the while problem] do appear as new to the clients. > ________________________________ > From: Steffen Kaiser > To: Kavish Karkera > Cc: "dovecot at dovecot.org" > Sent: Thursday, 25 July 2013 5:54 PM > Subject: Re: [Dovecot] Duplicate Mails downloding issue > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 25 Jul 2013, Kavish Karkera wrote: > >> ------------------------------------------------------------------------------------------------------------------------------------------------------- >> >> Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds > > some process keeps the INBOX locked, but does not touch the file, so it > looks like a stale lock. > >> Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) > > Therefore some other process had broken the lock and had appended a > message. > >> Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory >> >> Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory > > then the former process(es) finish and try to clean up, but the "some > other process" already deleted the lock file. > >> Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) >> --------------------------------------------------------------------------------------------------------------------------------------------------------- > > So you have to check your system why a process, that as locked INBOX, is > stalled for more than 120min. > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUfEY6F3r2wJMiz2NAQICHwf9HJG66UAHGJp1nT8Ql31n1Bk1KWb+wAhA > p2nReYZVSbzZOJM84Dkw8xLu3WoHzFxFEIS+CJc7xGtaeWGrwrTik6d7LKjwI9gf > HCun1rq9VzfS85sHvn1owVJxMnUrA3YcY90aQZ6SWHNwvrdmmqqIPhQdGx7xc3En > N1jJ0wPEd9hbJyi+2MScZt0WxKuRR+Wpkl14gO6ZPcX95uONGzLcSTs071rAXT+c > 6RWLxn2jhruk4qUIm+PGnHkwXTnKL2Dqfladj4/ybxTRn2hgNldK8w4piUwwPWIn > HW/hN+sDM/hlRtyu0zHVfiFC7MES6s0JonzwDlOKAFt9dUUG4Mcr9Q== > =mar+ > -----END PGP SIGNATURE----- - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfE3PV3r2wJMiz2NAQKdzAf9HY90QTSszIhaz7pMHYbQBMMU4XEiNBFU 3beZQLuZpYrw1aKr8xJB87DWcfyeULRgiEdWs6uSWgpYnmXYSBjDWV16HYW6+pY8 LTWr1tSY6AzUOxypx8GZfwQFhAmntwfFpoi/JiU8tDnEx2e1W44+V9hzDS4Kfy9i MQDDHRCOZL0cArAQ1DleXrQGnKY/Haa3clBfR72E/UdnGWzuGYxpORbHe9VUK8IP XrNUX1vV6RuS/cxg0/kLoVHk+0YAJCOk9kT2r2t9ZRSxSFHdzm8L/nTnQAgB+ZCR H9lNQxzi6UsRV8hT5mazMmIctW4BQsrJELV/5iWNoMDNxrYVH3Cqlg== =i01T -----END PGP SIGNATURE----- From stan at hardwarefreak.com Thu Jul 25 17:35:25 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 25 Jul 2013 09:35:25 -0500 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307250902.11019.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> <201307250757.55454.gheskett@wdtv.com> <201307250902.11019.gheskett@wdtv.com> Message-ID: <51F137AD.5030109@hardwarefreak.com> On 7/25/2013 8:02 AM, Gene Heskett wrote: > On Thursday 25 July 2013 08:38:33 Steffen Kaiser did opine: > >> there might be a misunderstanding here, Dovecot is an IMAP and POP3 >> server. It ships tools that replicate messages from other Dovecot >> servers and in limits from other IMAP servers. >> >> If you intend to POP other servers, copy their messages to one local >> host and view your messages "offline", I would keep fetchmail and Co. > > That is the gist of what I have in mind. > > Dovecot can I assume, watch the mailfiles in /var/spool/mail? It can be configured to do so. Or it can be configured to directly receive the mail via pipe from Postfix using LDA or LMTP, and then write it to /var/spool/mail in mbox format, or to user maildirs. > My present method of using inotifywait wrapped in a bash script to tell > kmail to go get the new mail via a dbus message has worked well for years. > But with no previous experience with imap, I haven't a clue how new mail > arrival is handled in that sort of a setup. Instant notification is built into IMAP4 w/the IDLE command. See: http://en.wikipedia.org/wiki/IMAP_IDLE >> Or when it suits more, maybe imapsync. If you keep that chain any local >> mailer should be able to pick up the locally spooled messages. Maybe >> you could switch to Maildir as backend, in order to minimizes locking >> issues. Of course, you could serve that local mail spool with Dovecot >> to other IMAP or POP3 clients. > > Already "pigeonhole"d or "sieve"d into the usual folder format? Once I get > the sorting filter rules re manufactured, that would be great! Not sure what you mean by "the usual folder format". Sieve will sort into your IMAP folders. These may or may not have a 1:1 correlation to filesystem folders. Depends on the mailbox storage format you choose. >> You also could fetchmail the remote hosts and inject them into a local >> Dovecot server via LMTP, you can then try to run clamav and spamd from >> Sieve and you have the other Sieve-capabilities as well. > > LTMP is a new acronym to me. Sorry. Synonymous to an MTA? Effectively > replacing procmail with dovecot and sieve but still using spamd and clamav? LMTP, Local Mail Transport protocol, is a subset of SMTP. It can be used locally or over the wire. With the Dovecot LMTP implementation, Sieve takes action on messages when they arrive, and Dovecot's indexes are updated appropriately as well. I'm not sure about spamd and clamav integration here. The vast majority of people using Dovecot deliver the mail via Postfix with LDA or LMTP, and do their AS/AV filtering in Postfix, where SPamassassin and clamav are but two of many possible packages. Many people run both of these via amavisd-new. > Are there any better tutorials than Steve Litt's?, which seem to be getting > a tad dated now. I'm not familiar with these tutorials. What I would suggest Gene, if possible, is using the 'standard' Postfit/Dovecot config, doing AS/AV in Postfix, have an upstream system gather the mail from your various POP mailboxes and deliver them to an address hosted by Postfix via SMTP. In other words, push all of the non standard IMAP server methodology away from, upstream of, your Dovecot installation. I'd think one of the mailbox collation services could do this. I.e. POP a dozen mailboxes and forward all the mail to a single SMTP address. Maybe fetchmail can do this. I've never used it. You may want to ask about this as OT on SDLU. Hundreds of years of combined mail experience there. -- Stan From kavish.karkera at yahoo.com Thu Jul 25 18:48:04 2013 From: kavish.karkera at yahoo.com (Kavish Karkera) Date: Thu, 25 Jul 2013 23:48:04 +0800 (SGT) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> Message-ID: <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> Got it ...Thanks a ton Steffen. :) Regards, Kavish Karkera ________________________________ From: Steffen Kaiser To: Kavish Karkera Cc: "dovecot at dovecot.org" Sent: Thursday, 25 July 2013 8:03 PM Subject: Re: [Dovecot] Duplicate Mails downloding issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Kavish Karkera wrote: > Thanks Steffen for the valuable knowledge. > Need to know futher that, how could this lead to mails to get re-downloaded. ?? Because Dovecot detects that the UID list is erroreous and therefore rebuilts it. To prevent data loss, either the complete list of messages or just the conflicting ones [the messages that had been delivered in parallel and caused the while problem] do appear as new to the clients. > ________________________________ > From: Steffen Kaiser > To: Kavish Karkera > Cc: "dovecot at dovecot.org" > Sent: Thursday, 25 July 2013 5:54 PM > Subject: Re: [Dovecot] Duplicate Mails downloding issue > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 25 Jul 2013, Kavish Karkera wrote: > >> ------------------------------------------------------------------------------------------------------------------------------------------------------- >> >> Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds > > some process keeps the INBOX locked, but does not touch the file, so it > looks like a stale lock. > >> Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) > > Therefore some other process had broken the lock and had appended a > message. > >> Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory >> >> Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory > > then the former process(es) finish and try to clean up, but the "some > other process" already deleted the lock file. > >> Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) >> --------------------------------------------------------------------------------------------------------------------------------------------------------- > > So you have to check your system why a process, that as locked INBOX, is > stalled for more than 120min. > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUfEY6F3r2wJMiz2NAQICHwf9HJG66UAHGJp1nT8Ql31n1Bk1KWb+wAhA > p2nReYZVSbzZOJM84Dkw8xLu3WoHzFxFEIS+CJc7xGtaeWGrwrTik6d7LKjwI9gf > HCun1rq9VzfS85sHvn1owVJxMnUrA3YcY90aQZ6SWHNwvrdmmqqIPhQdGx7xc3En > N1jJ0wPEd9hbJyi+2MScZt0WxKuRR+Wpkl14gO6ZPcX95uONGzLcSTs071rAXT+c > 6RWLxn2jhruk4qUIm+PGnHkwXTnKL2Dqfladj4/ybxTRn2hgNldK8w4piUwwPWIn > HW/hN+sDM/hlRtyu0zHVfiFC7MES6s0JonzwDlOKAFt9dUUG4Mcr9Q== > =mar+ > -----END PGP SIGNATURE----- - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfE3PV3r2wJMiz2NAQKdzAf9HY90QTSszIhaz7pMHYbQBMMU4XEiNBFU 3beZQLuZpYrw1aKr8xJB87DWcfyeULRgiEdWs6uSWgpYnmXYSBjDWV16HYW6+pY8 LTWr1tSY6AzUOxypx8GZfwQFhAmntwfFpoi/JiU8tDnEx2e1W44+V9hzDS4Kfy9i MQDDHRCOZL0cArAQ1DleXrQGnKY/Haa3clBfR72E/UdnGWzuGYxpORbHe9VUK8IP XrNUX1vV6RuS/cxg0/kLoVHk+0YAJCOk9kT2r2t9ZRSxSFHdzm8L/nTnQAgB+ZCR H9lNQxzi6UsRV8hT5mazMmIctW4BQsrJELV/5iWNoMDNxrYVH3Cqlg== =i01T -----END PGP SIGNATURE----- From rob0 at gmx.co.uk Thu Jul 25 19:29:56 2013 From: rob0 at gmx.co.uk (/dev/rob0) Date: Thu, 25 Jul 2013 11:29:56 -0500 Subject: [Dovecot] Case-insensitive "detail" mailboxes? Message-ID: <20130725162956.GC13717@harrier.slackbuilds.org> We're using sieve with LMTP. We want to have lda_mailbox_autocreate and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" case-insensitive? If so I have not found it yet. I suppose we could lowercase the input string for the SQL userdb query, but that's not what is wanted. The idea being that if a user makes a mailbox called "Test" is that user+test at example.com and user+TEST at example.com should both go to that "Test" mailbox. If it was lowercased, a mailbox called "Test" would be ignored and "test" used. With autocreate, this could be a problem if mail is delivered to autocreated case-sensitive mailboxes that the user won't see. Hmmm, maybe a global sieve script? -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From tss at iki.fi Thu Jul 25 19:43:00 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 25 Jul 2013 19:43:00 +0300 Subject: [Dovecot] Case-insensitive "detail" mailboxes? In-Reply-To: <20130725162956.GC13717@harrier.slackbuilds.org> References: <20130725162956.GC13717@harrier.slackbuilds.org> Message-ID: <003AE15E-7A18-4779-A6D8-E4A505EB0721@iki.fi> On 25.7.2013, at 19.29, /dev/rob0 wrote: > We're using sieve with LMTP. We want to have lda_mailbox_autocreate > and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" > case-insensitive? If so I have not found it yet. > > I suppose we could lowercase the input string for the SQL userdb > query, but that's not what is wanted. The idea being that if a user > makes a mailbox called "Test" is that user+test at example.com and > user+TEST at example.com should both go to that "Test" mailbox. If it > was lowercased, a mailbox called "Test" would be ignored and "test" > used. > > With autocreate, this could be a problem if mail is delivered to > autocreated case-sensitive mailboxes that the user won't see. If you used case-insensitive filesystem, it would already work like that. Maybe a new setting to make mailboxes case-insensitive also with case-sensitive filesystems.. From tss at iki.fi Thu Jul 25 19:44:27 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 25 Jul 2013 19:44:27 +0300 Subject: [Dovecot] Case-insensitive "detail" mailboxes? In-Reply-To: <003AE15E-7A18-4779-A6D8-E4A505EB0721@iki.fi> References: <20130725162956.GC13717@harrier.slackbuilds.org> <003AE15E-7A18-4779-A6D8-E4A505EB0721@iki.fi> Message-ID: <99A54050-9746-4E36-ACF5-9B78F90C97C5@iki.fi> On 25.7.2013, at 19.43, Timo Sirainen wrote: > On 25.7.2013, at 19.29, /dev/rob0 wrote: > >> We're using sieve with LMTP. We want to have lda_mailbox_autocreate >> and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" >> case-insensitive? If so I have not found it yet. >> >> I suppose we could lowercase the input string for the SQL userdb >> query, but that's not what is wanted. The idea being that if a user >> makes a mailbox called "Test" is that user+test at example.com and >> user+TEST at example.com should both go to that "Test" mailbox. If it >> was lowercased, a mailbox called "Test" would be ignored and "test" >> used. >> >> With autocreate, this could be a problem if mail is delivered to >> autocreated case-sensitive mailboxes that the user won't see. > > If you used case-insensitive filesystem, it would already work like that. Maybe a new setting to make mailboxes case-insensitive also with case-sensitive filesystems.. Oh, except then you get into trouble with non-ASCII characters. Which unicode chars should be equal? Maybe i;unicode-casemap would work well enough, since it's also used for other purposes. From gheskett at wdtv.com Thu Jul 25 22:45:17 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Thu, 25 Jul 2013 15:45:17 -0400 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <51F137AD.5030109@hardwarefreak.com> References: <201307240825.46329.gheskett@wdtv.com> <201307250902.11019.gheskett@wdtv.com> <51F137AD.5030109@hardwarefreak.com> Message-ID: <201307251545.17657.gheskett@wdtv.com> On Thursday 25 July 2013 15:13:58 Stan Hoeppner did opine: > On 7/25/2013 8:02 AM, Gene Heskett wrote: > > On Thursday 25 July 2013 08:38:33 Steffen Kaiser did opine: > >> there might be a misunderstanding here, Dovecot is an IMAP and POP3 > >> server. It ships tools that replicate messages from other Dovecot > >> servers and in limits from other IMAP servers. > >> > >> If you intend to POP other servers, copy their messages to one local > >> host and view your messages "offline", I would keep fetchmail and Co. > > > > That is the gist of what I have in mind. > > > > Dovecot can I assume, watch the mailfiles in /var/spool/mail? > > It can be configured to do so. Or it can be configured to directly > receive the mail via pipe from Postfix using LDA or LMTP, and then write > it to /var/spool/mail in mbox format, or to user maildirs. > > > My present method of using inotifywait wrapped in a bash script to > > tell kmail to go get the new mail via a dbus message has worked well > > for years. But with no previous experience with imap, I haven't a > > clue how new mail arrival is handled in that sort of a setup. > > Instant notification is built into IMAP4 w/the IDLE command. See: > http://en.wikipedia.org/wiki/IMAP_IDLE > > >> Or when it suits more, maybe imapsync. If you keep that chain any > >> local mailer should be able to pick up the locally spooled messages. > >> Maybe you could switch to Maildir as backend, in order to minimizes > >> locking issues. Of course, you could serve that local mail spool > >> with Dovecot to other IMAP or POP3 clients. > > > > Already "pigeonhole"d or "sieve"d into the usual folder format? Once > > I get the sorting filter rules re manufactured, that would be great! > > Not sure what you mean by "the usual folder format". Sieve will sort > into your IMAP folders. These may or may not have a 1:1 correlation to > filesystem folders. Depends on the mailbox storage format you choose. Where the email client see's the incoming email already sorted into what are subdirs, in the case of kmail, in the users $HOME/Mail dir. I see claws can see the directory tree kmail has built, but cannot see the kmail messages because it doesn't look into kde-pim/cur. Everything I have pulled from /var/spool/mail/gene with clawsmail has been put as individual numbered files, all in the kmail 'inbox'. Where I am the only user here, that is not a problem, but it seems to me this individual directory for each mailing list, really should be another tree in /var/mail, but then somehow is it shared such that if I am at one of the machines that run my cnc milling machine or cnc lathe, 150 feet of cat5 & and an 8 port switch, so that what I see from one of those machines is identical to what I would see on this machine? > >> You also could fetchmail the remote hosts and inject them into a > >> local Dovecot server via LMTP, you can then try to run clamav and > >> spamd from Sieve and you have the other Sieve-capabilities as well. There ought to be a tut someplace for this, but in my googling for such, nothing has popped up. And wiki2 doesn't seem to get into adequate 'depth', its TBT, closer to a sales pitch than a users howto manual, or I'm not hitting the right links in my 10,000 monkeys like performance. ;) > > LTMP is a new acronym to me. Sorry. Synonymous to an MTA? > > Effectively replacing procmail with dovecot and sieve but still using > > spamd and clamav? > > LMTP, Local Mail Transport protocol, is a subset of SMTP. It can be > used locally or over the wire. With the Dovecot LMTP implementation, > Sieve takes action on messages when they arrive, and Dovecot's indexes > are updated appropriately as well. I'm not sure about spamd and clamav > integration here. The vast majority of people using Dovecot deliver the > mail via Postfix with LDA or LMTP, and do their AS/AV filtering in > Postfix, where SPamassassin and clamav are but two of many possible > packages. Many people run both of these via amavisd-new. Something else to muddy the waters it seems, but I've not actually looked at it either. Possibly my bad. > > Are there any better tutorials than Steve Litt's?, which seem to be > > getting a tad dated now. > > I'm not familiar with these tutorials. He wrote an "escape from kmail' tutorial, 33 pages IIRC, but its a couple years old now. > What I would suggest Gene, if possible, is using the 'standard' > Postfit/Dovecot config, doing AS/AV in Postfix, have an upstream system > gather the mail from your various POP mailboxes and deliver them to an > address hosted by Postfix via SMTP. In other words, push all of the non > standard IMAP server methodology away from, upstream of, your Dovecot > installation. I'd think one of the mailbox collation services could do > this. I.e. POP a dozen mailboxes and forward all the mail to a single > SMTP address. Maybe fetchmail can do this. I've never used it. I actually do that now, popping 3 servers with fetchmail, 2 of which are actually google-mail since my ISP defaulted on keeping a server that actually worked going so they've contracted for gmail now, and one that I refused to use because they had a 5 char maximum passwd, something J-T-R can find in just a few seconds. I like long passwds for any external access. > You may want to ask about this as OT on SDLU. Hundreds of years of > combined mail experience there. I have been reading SDLU for quite some time. The combined level of expertise, and the variety of opinions there are amazing. However, I would really like to start with some in depth docs, docs I am not having a lot of luck finding. But I am not, as you can see, too bashful to go ask the source. ;) Thank you Stan. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views If a camel is a horse designed by a committee, then a consensus forecast is a camel's behind. -- Edgar R. Fiedler A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From stan at hardwarefreak.com Fri Jul 26 02:10:47 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Thu, 25 Jul 2013 18:10:47 -0500 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307251545.17657.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> <201307250902.11019.gheskett@wdtv.com> <51F137AD.5030109@hardwarefreak.com> <201307251545.17657.gheskett@wdtv.com> Message-ID: <51F1B077.30207@hardwarefreak.com> On 7/25/2013 2:45 PM, Gene Heskett wrote: > However, I would really like to start with some in depth docs, docs I am > not having a lot of luck finding. But I am not, as you can see, too > bashful to go ask the source. ;) The main problem you're facing right now is that you don't really yet grasp what IMAP is all about. In a nutshell, once you install Dovecot, or any IMAP server, it becomes the single point of control and access to all of your mail. You install an IMAP MUA on each client PC, point these at Dovecot, and you're basically done. They can all be logged into the same account simultaneously, and any new mail will show up in the INBOX on all clients simultaneously, or nearly so. You typically don't need to configure the clients other than telling them where the server is and plugging in login credentials. The rest is pretty much automatic. Any folders the user has access to should display automatically without needing to manually subscribe. At least this is how it works with Thunderbird. In other words, with an IMAP server, you simply ditch most of your old way of doing things with your MUAs. The only program that will write/read your mail files will be the IMAP server, Dovecot in this case. All the clients must access mail through an IMAP connection. -- Stan From gheskett at wdtv.com Fri Jul 26 06:25:33 2013 From: gheskett at wdtv.com (Gene Heskett) Date: Thu, 25 Jul 2013 23:25:33 -0400 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <51F1B077.30207@hardwarefreak.com> References: <201307240825.46329.gheskett@wdtv.com> <201307251545.17657.gheskett@wdtv.com> <51F1B077.30207@hardwarefreak.com> Message-ID: <201307252325.34012.gheskett@wdtv.com> On Thursday 25 July 2013 22:45:04 Stan Hoeppner did opine: > On 7/25/2013 2:45 PM, Gene Heskett wrote: > > However, I would really like to start with some in depth docs, docs I > > am not having a lot of luck finding. But I am not, as you can see, > > too bashful to go ask the source. ;) > > The main problem you're facing right now is that you don't really yet > grasp what IMAP is all about. Is wiki2 the sum total of the docs for this? If it is the definitive manual, great. > In a nutshell, once you install Dovecot, > or any IMAP server, it becomes the single point of control and access to > all of your mail. You install an IMAP MUA on each client PC, point > these at Dovecot, and you're basically done. They can all be logged > into the same account simultaneously, and any new mail will show up in > the INBOX on all clients simultaneously, or nearly so. This restriction to the INBOX bothers me because the present kmail setup I'm using has about 55 individual folders such that messages from a mailing list are sorted by kmail and placed in the appropriate folder/directory. That includes this mailing list. > You typically don't need to configure the clients other than telling > them where the server is and plugging in login credentials. The rest is > pretty much automatic. Any folders the user has access to should > display automatically without needing to manually subscribe. At least > this is how it works with Thunderbird. I know t-bird can do this message sorting when it is functioning as its own fetchmail as I have done that on my lappy when I am "on the road" which in this case might be yet another tv station that needs a consultant engineer, either to clean up the technical messes other "engineers" have constructed, or in the case of one station in upstate MI that doesn't have engineering staff, so I get flown in with the owners airplane when it upchucks. The market there is way too small to support a local tv station, but the commission put a license there anyway. But back to t-bird, can it be made to look the same in terms of folders vs folder contents, with say 3 local copies, one on this box, and one each on the boxes running the cnc machines? All accomplished hopefully by getting one copy working, and copying its configs to the other 2, or maybe 3 machines. I use the lappy in the shop to ssh into the cnc boxes so I can sit in relative comfort when making more copies of some part. 90% of the stuff I do is one off's, but I might need a 12 pack of a custom bolt or ?? > In other words, with an IMAP server, you simply ditch most of your old > way of doing things with your MUAs. The only program that will > write/read your mail files will be the IMAP server, Dovecot in this > case. All the clients must access mail through an IMAP connection. Where does dovecot actually keep the email corpus? I am assuming that is an assignment in 10-master.conf, but there is a quite lengthy list of stuff in the dovecot/conf.d tree that I haven't been able to find in the wiki2 pages. Sure, I can grep for a given variables name, but first, I need to know the name of the variable... Classic new user chicken v egg stuff. My present du -h on /home/gene/Mail is about 4.8Gb, and the databases kmail keeps for indices etc (and there seems to be an ever growing list of etc's, all convinced they have to have their own copies of everything) aren't there, but total another 16Gb at other locations on my HD's, between soprano and virtuoso. That alone is enough to convince me kmail has got to go. And the kde folks simply will not entertain the suggestion they have bloated it out of viability for even a user willing to restart it daily, and reboot the machine on a weekly basis because it gets so laggy. Thank you Stan. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) My web page: is up! My views A poet who reads his verse in public may have other nasty habits. A pen in the hand of this president is far more dangerous than 200 million guns in the hands of law-abiding citizens. From skdovecot at smail.inf.fh-brs.de Fri Jul 26 08:54:03 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 26 Jul 2013 07:54:03 +0200 (CEST) Subject: [Dovecot] Case-insensitive "detail" mailboxes? In-Reply-To: <99A54050-9746-4E36-ACF5-9B78F90C97C5@iki.fi> References: <20130725162956.GC13717@harrier.slackbuilds.org> <003AE15E-7A18-4779-A6D8-E4A505EB0721@iki.fi> <99A54050-9746-4E36-ACF5-9B78F90C97C5@iki.fi> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Timo Sirainen wrote: > On 25.7.2013, at 19.43, Timo Sirainen wrote: > >> On 25.7.2013, at 19.29, /dev/rob0 wrote: >> >>> We're using sieve with LMTP. We want to have lda_mailbox_autocreate >>> and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" >>> case-insensitive? If so I have not found it yet. >>> >>> I suppose we could lowercase the input string for the SQL userdb >>> query, but that's not what is wanted. The idea being that if a user >>> makes a mailbox called "Test" is that user+test at example.com and >>> user+TEST at example.com should both go to that "Test" mailbox. If it >>> was lowercased, a mailbox called "Test" would be ignored and "test" >>> used. >>> >>> With autocreate, this could be a problem if mail is delivered to >>> autocreated case-sensitive mailboxes that the user won't see. >> >> If you used case-insensitive filesystem, it would already work like that. Maybe a new setting to make mailboxes case-insensitive also with case-sensitive filesystems.. > > Oh, except then you get into trouble with non-ASCII characters. Which > unicode chars should be equal? Maybe i;unicode-casemap would work well > enough, since it's also used for other purposes. I see two other solvable problems: "if a user makes a mailbox called "Test" is that user+test at example.com and user+TEST at example.com should both go to that "Test" mailbox." Hence, the delivery process would need some sort of mapping (dict): case-insensitive -> real spelling i.e. the user creates teSt or teST a.s.o., in order to find the correct mailbox name in case-sensitive filesystems efficiently. Secondly, what happens, if the user wants to create two mailboxes with different case, say Test and tesT and test ? Either this is forbidden or the delivery process needs to first check, if there is a mailbox with the very exact name, but which one is to choose, if neither matches? Personally, I would forbid two mailboxes that differs in case only, if such mechanism is enabled. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfIO/F3r2wJMiz2NAQKUVggAhLSRrCiYvxEP5WKONqa78upQbER78Mo6 hW+7q6MJaGe28Hc7vROgV0pYzr3+zV5jBbWJescYrjAqsJ3Oeao39XQwJM8UWHOJ agfNkzytjyCW/KMtpXrzGdX0H2Cv49ek5bjKDeG8XDLJZuy0azen7aXxsNYXKC0X D31MslQkJ3VSlcyZiu/KTbo0caQyCx4Pyj5exTOp9aoAjL6SGaIyZvzSjfFwrJUx 2TuF7YtPr5PyH2OPG2T8uraw+TNm2St+oM04dG8BgOTo8p5Q0DO2OtuFTTZvVxtu 14bc8fomuYruAvrT0uoGJxSpUU1PID5UNEK2bj4Nw8bAm+C73Z6aAA== =1RLr -----END PGP SIGNATURE----- From mailinglist at darac.org.uk Fri Jul 26 12:04:22 2013 From: mailinglist at darac.org.uk (Darac Marjal) Date: Fri, 26 Jul 2013 10:04:22 +0100 Subject: [Dovecot] Case-insensitive "detail" mailboxes? In-Reply-To: <20130725162956.GC13717@harrier.slackbuilds.org> References: <20130725162956.GC13717@harrier.slackbuilds.org> Message-ID: <20130726090422.GB25972@darac.org.uk> On Thu, Jul 25, 2013 at 11:29:56AM -0500, /dev/rob0 wrote: > We're using sieve with LMTP. We want to have lda_mailbox_autocreate > and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" > case-insensitive? If so I have not found it yet. > > I suppose we could lowercase the input string for the SQL userdb > query, but that's not what is wanted. The idea being that if a user > makes a mailbox called "Test" is that user+test at example.com and > user+TEST at example.com should both go to that "Test" mailbox. If it > was lowercased, a mailbox called "Test" would be ignored and "test" > used. > > With autocreate, this could be a problem if mail is delivered to > autocreated case-sensitive mailboxes that the user won't see. > > Hmmm, maybe a global sieve script? I use the following sieve snippet rather than lmtp_save_to_detail_mailbox: if envelope :detail :regex "to" "(.+)" { set :upperfirst :lower "detail" "${1}"; fileinto :create "Tagged/${detail}"; stop; } So, if the detail portion of the TO address exists, set a variable "detail" to be the first-letter-uppercased version of that portion (test -> Test, TEST -> Test and so on) and file the message into "Tagged/Test", creating that if necessary. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: From srf at sanger.ac.uk Fri Jul 26 13:28:53 2013 From: srf at sanger.ac.uk (Simon Fraser) Date: Fri, 26 Jul 2013 11:28:53 +0100 Subject: [Dovecot] Expunged message reappeared, giving a new UID Message-ID: <1374834533.6696.10.camel@ubu101751> I am running dovecot 2.2.2 with tcp based replication, and experiencing some duplicated emails. `doveconf -n` output is below. I have narrowed it down to the following scenario: An email arrives, and is successfully replicated to both nodes. It is in INBOX/new/ at this point on both servers. Connect with a mail client, and delete the message - without delayed expunge. So, for example, mutt (press 'd' then '$' to sync the mailbox), or Evolution set to immediately delete. The following log entry appears on the server the client is connected to: Jul 26 10:40:55 intmail3a dovecot: imap(srf): Warning: /mail/spool/s/srf/mail/INBOX/dovecot-uidlist: Duplicate file entry at line 5: 1374831638.M830754P11591.intmail3a,S=1289,W=1321 (uid 733481 -> 733482) - retrying by re-reading from beginning Jul 26 10:40:55 intmail3a dovecot: imap(srf): Warning: Maildir /mail/spool/s/srf/mail/INBOX: Expunged message reappeared, giving a new UID (old uid=733481, file=1374831638.M830754P11591.intmail3a,S=1289,W=1321) The email reappears in the mailbox, although this time it is in INBOX/new on one node and INBOX/cur on the other. As best I can tell it's always in 'new' on the server the client was connected to and in 'cur' on the other. If any other mailbox operation occurs before the delete (Marking the message in question as 'read', receiving a new message into the mailbox in a different lmtp session, marking as read or deleting & expunging some other message) then this prevents the duplication from happening. What can I do to prevent this happening? Is there a synchronisation interval I can adjust, perhaps? Although the message does get synchronised initially. Thanks in advance, Simon. # 2.2.2: /mail/etc/dovecot/dovecot.conf # OS: Linux 3.5.0-23-generic x86_64 Ubuntu 12.04.2 LTS disable_plaintext_auth = no doveadm_password = secret first_valid_uid = 100 lda_mailbox_autocreate = yes mail_gid = dovecot mail_home = /mail/spool/%1n/%n mail_location = maildir:~/mail:INBOX=~/mail/INBOX mail_plugins = notify replication mail_uid = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = . } passdb { args = /mail/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { mail_replica = tcps:intmail3b:12345 sieve_dir = ~/sieve } protocols = imap lmtp sieve service aggregator { fifo_listener replication-notify-fifo { mode = 0600 user = dovecot } unix_listener replication-notify { mode = 0600 user = dovecot } } service config { unix_listener config { user = dovecot } } service doveadm { inet_listener { port = 12345 ssl = yes } user = dovecot } service replicator { process_min_avail = 1 } ssl_cert = Hello all, I have dovecot running under daemontools and I can't see dovecot-lda in action when I read the logs. I've set the logs to /dev/stderr because daemontools redirects /dev/stderr to /var/log/dovecot/current. The dovecot server works fine and I know that dovecot-lda is actually doing the delivery, because the sieve facility is working as well. I can get lda log working -but only on syslog- if I override the log_path in this way: protocol lda { mail_plugins = $mail_plugins sieve log_path = } I'm calling dovecot-lda in the usual qmail way. This is my .qmail-default: |/var/qmail/bin/preline -f /usr/libexec/dovecot/deliver -d $EXT@$USER As running dovecot under daemontools seems to be a common practice among qmail users, could any of you give me an hint on how dovecot should be configured to achieve the purpose? Thanks in advance. My doveconf follows Roberto Puzzanghera # dovecof -n # 2.2.4: /etc/dovecot/dovecot/dovecot.conf # OS: Linux 3.2.29-smp i686 Slackware 14.0 auth_default_realm = mydomain.net auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb auth_verbose = yes default_login_user = vpopmail disable_plaintext_auth = no first_valid_gid = 89 first_valid_uid = 89 last_valid_gid = 89 last_valid_uid = 89 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes log_path = /dev/stderr mail_access_groups = 89 mail_debug = yes mail_gid = 89 mail_location = maildir:%h/Maildir mail_plugins = " quota mail_log notify" mail_privileged_group = 89 mail_uid = 89 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave spamtest spamtestplus namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { autocreate = Sent autocreate2 = Drafts autocreate3 = Junk autocreate4 = Trash autosubscribe = Sent autosubscribe2 = Drafts autosubscribe3 = Junk autosubscribe4 = Trash mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = maildir:User quota sieve = ~/sieve/dovecot.sieve sieve_before = /etc/dovecot/sieve/ sieve_dir = ~/sieve sieve_extensions = +spamtest +spamtestplus +relational +comparator-i;ascii-numeric } postmaster_address = postmaster@%d protocols = imap pop3 sieve sendmail_path = /var/qmail/bin/sendmail service auth-worker { user = $default_internal_user } service auth { unix_listener auth-userdb { group = vchkpw mode = 0600 user = vpopmail } user = $default_internal_user } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 vsz_limit = 64 M } ssl_cert = References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> Message-ID: <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> Steffen , Cant understand what's happening here. ------------------------------------------------------------------------------------------------------------------------------------------------------- Jul 26 12:25:37 popserver dovecot: pop3(kavish.karkera at example.com): Error: Couldn't open INBOX: Timeout while waiting for lock Jul 26 12:25:37 popserver dovecot: pop3(kavish.karkera at example.com): Couldn't open INBOX top=0/0, retr=0/0, del=0/0, size=0 Jul 26 12:39:02 popserver dovecot: imap-login: Login: user=, method=PLAIN, rip=1.38.25.83, lip=121.241.242.35, mpid=27197, TLS, session= Jul 26 12:42:12 popserver dovecot: imap(kavish.karkera at example.com): Error: Timeout (180s) while waiting for lock for transaction log file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot.index.log Jul 26 12:42:12 popserver dovecot: imap(kavish.karkera at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot-uidlist.lock was modified (1374822548 vs 1374822714), assuming it wasn't overridden (kept it 180 secs) Jul 26 12:42:12 popserver dovecot: imap(kavish.karkera at example.com): Connection closed bytes=122/1222 Jul 26 12:45:53 popserver dovecot: imap(kavish.karkera at example.com): Warning: Maildir: Scanning /mail/v3store/example.com/kavish.karkera at example.com/Maildir/new took 1543 seconds (13 readdir()s, 13 rename()s to cur/, why=0x10) Jul 26 12:49:11 popserver dovecot: imap-login: Login: user=, method=PLAIN, rip=1.38.25.83, lip=121.241.242.35, mpid=26747, TLS, session= Jul 26 12:52:53 popserver dovecot: imap(kavish.karkera at example.com): Error: Timeout (180s) while waiting for lock for transaction log file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot.index.log ul 26 12:52:53 popserver dovecot: imap(kavish.karkera at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot-uidlist.lock was modified (1374823189 vs 1374823271), assuming it wasn't overridden (kept it 180 secs) Jul 26 12:52:53 popserver dovecot: imap(kavish.karkera at example.com): Connection closed bytes=122/1341 Jul 26 12:52:58 popserver dovecot: imap(kavish.karkera at example.com): Warning: Maildir: Scanning /mail/v3store/example.com/kavish.karkera at example.com/Maildir/new took 425 seconds (14 readdir()s, 14 rename()s to cur/, why=0x10) Jul 26 12:53:18 popserver dovecot: imap(kavish.karkera at example.com): Warning: Maildir /mail/v3store/example.com/kavish.karkera at example.com/Maildir: Synchronization took 1988 seconds (0 new msgs, 0 flag change attempts, 0 expunge attempts) Jul 26 12:53:18 popserver dovecot: imap(kavish.karkera at example.com): Warning: Transaction log file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot.index.log was locked for 1988 seconds Jul 26 12:53:18 popserver dovecot: imap(kavish.karkera at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot-uidlist.lock was modified (1374821406 vs 1374823373), assuming it wasn't overridden (kept it 1988 secs) --------------------------------------------------------------------------------------------------------------------------------------------------------- AND MAILS HAVE DOWNLOADED AGAIN.? it wouls be helpfull if you eloborate thsi logs in more detail. so we coluld resolve this ongoing issue. We have 3 POP/IMAP Servers, running as load balancers through DNS round robin. Dovecot version server 1 = 2.1.12 Dovecot version server 2 = 2.1.15 Dovecot version server 3 = 2.1.13 Mails and Indexes are stored over NFS? and we do have these setting enabled mail_nfs_storage = yes # Mail index files also exist in NFS. Setting this to yes requires # mmap_disable=yes and fsync_disable=no. mail_nfs_index = yes Regards, Kavish Karkera ________________________________ From: Kavish Karkera To: "dovecot at dovecot.org" Sent: Thursday, 25 July 2013 9:18 PM Subject: Re: [Dovecot] Duplicate Mails downloding issue Got it ...Thanks a ton Steffen. :) Regards, Kavish Karkera ________________________________ From: Steffen Kaiser To: Kavish Karkera Cc: "dovecot at dovecot.org" Sent: Thursday, 25 July 2013 8:03 PM Subject: Re: [Dovecot] Duplicate Mails downloding issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, Kavish Karkera wrote: > Thanks Steffen for the valuable knowledge. > Need to know futher that, how could this lead to mails to get re-downloaded. ?? Because Dovecot detects that the UID list is erroreous and therefore rebuilts it. To prevent data loss, either the complete list of messages or just the conflicting ones [the messages that had been delivered in parallel and caused the while problem] do appear as new to the clients. > ________________________________ > From: Steffen Kaiser > To: Kavish Karkera > Cc: "dovecot at dovecot.org" > Sent: Thursday, 25 July 2013 5:54 PM > Subject: Re: [Dovecot] Duplicate Mails downloding issue > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 25 Jul 2013, Kavish Karkera wrote: > >> ------------------------------------------------------------------------------------------------------------------------------------------------------- >> >> Jul 23 15:34:51 popserver dovecot: pop3(14949_kavish): Warning: Locking transaction log file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot.index.log took 133 seconds > > some process keeps the INBOX locked, but does not touch the file, so it > looks like a stale lock. > >> Jul 23 15:34:51 popserver dovecot: pop3(kavish at example.com): Error: Broken file /indexes//mail/v3store/example.com/14949_kavish/.INBOX/dovecot-uidlist line 180: UIDs not ordered (10156 >= 10156) > > Therefore some other process had broken the lock and had appended a > message. > >> Jul 23 15:35:01 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory >> >> Jul 23 15:35:11 popserver dovecot: pop3(kavish at example.com): Error: utime(/indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock) failed: No such file or directory > > then the former process(es) finish and try to clean up, but the "some > other process" already deleted the lock file. > >> Jul 23 15:35:21 popserver dovecot: pop3(kavish at example.com): Warning: Our dotlock file /indexes//mail/v3store/example.com/kavish/.INBOX/dovecot-uidlist.lock was deleted (kept it 30 secs) >> --------------------------------------------------------------------------------------------------------------------------------------------------------- > > So you have to check your system why a process, that as locked INBOX, is > stalled for more than 120min. > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUfEY6F3r2wJMiz2NAQICHwf9HJG66UAHGJp1nT8Ql31n1Bk1KWb+wAhA > p2nReYZVSbzZOJM84Dkw8xLu3WoHzFxFEIS+CJc7xGtaeWGrwrTik6d7LKjwI9gf > HCun1rq9VzfS85sHvn1owVJxMnUrA3YcY90aQZ6SWHNwvrdmmqqIPhQdGx7xc3En > N1jJ0wPEd9hbJyi+2MScZt0WxKuRR+Wpkl14gO6ZPcX95uONGzLcSTs071rAXT+c > 6RWLxn2jhruk4qUIm+PGnHkwXTnKL2Dqfladj4/ybxTRn2hgNldK8w4piUwwPWIn > HW/hN+sDM/hlRtyu0zHVfiFC7MES6s0JonzwDlOKAFt9dUUG4Mcr9Q== > =mar+ > -----END PGP SIGNATURE----- - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfE3PV3r2wJMiz2NAQKdzAf9HY90QTSszIhaz7pMHYbQBMMU4XEiNBFU 3beZQLuZpYrw1aKr8xJB87DWcfyeULRgiEdWs6uSWgpYnmXYSBjDWV16HYW6+pY8 LTWr1tSY6AzUOxypx8GZfwQFhAmntwfFpoi/JiU8tDnEx2e1W44+V9hzDS4Kfy9i MQDDHRCOZL0cArAQ1DleXrQGnKY/Haa3clBfR72E/UdnGWzuGYxpORbHe9VUK8IP XrNUX1vV6RuS/cxg0/kLoVHk+0YAJCOk9kT2r2t9ZRSxSFHdzm8L/nTnQAgB+ZCR H9lNQxzi6UsRV8hT5mazMmIctW4BQsrJELV/5iWNoMDNxrYVH3Cqlg== =i01T -----END PGP SIGNATURE----- From CMarcus at Media-Brokers.com Fri Jul 26 16:08:36 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 26 Jul 2013 09:08:36 -0400 Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> Message-ID: <51F274D4.80404@Media-Brokers.com> On 2013-07-26 8:28 AM, Kavish Karkera wrote: > We have 3 POP/IMAP Servers, running as load balancers through DNS round robin. > > > Dovecot version server 1 = 2.1.12 > Dovecot version server 2 = 2.1.15 > Dovecot version server 3 = 2.1.13 > > Mails and Indexes are stored over NFS and we do have these setting enabled > > > mail_nfs_storage = yes > # Mail index files also exist in NFS. Setting this to yes requires > # mmap_disable=yes and fsync_disable=no. > mail_nfs_index = yes There';s your problem. You need to implement the Dovecot Director, which was created specifically to address this kind of issue... http://wiki2.dovecot.org/Director -- Best regards, Charles From kavish.karkera at yahoo.com Fri Jul 26 16:22:43 2013 From: kavish.karkera at yahoo.com (Kavish Karkera) Date: Fri, 26 Jul 2013 21:22:43 +0800 (SGT) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <51F274D4.80404@Media-Brokers.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> <51F274D4.80404@Media-Brokers.com> Message-ID: <1374844963.37604.YahooMailNeo@web193504.mail.sg3.yahoo.com> Yes, Thanks Charles, Working with Director is in process, we will soon implement this, I hope it would help to solve this ongoing? issue. But, i want to? know the cause . why is it happening Regards, Kavish Karkera ________________________________ From: Charles Marcus To: dovecot at dovecot.org Sent: Friday, 26 July 2013 6:38 PM Subject: Re: [Dovecot] Duplicate Mails downloding issue On 2013-07-26 8:28 AM, Kavish Karkera wrote: > We have 3 POP/IMAP Servers, running as load balancers through DNS round robin. > > > Dovecot version server 1 = 2.1.12 > Dovecot version server 2 = 2.1.15 > Dovecot version server 3 = 2.1.13 > > Mails and Indexes are stored over NFS? and we do have these setting enabled > > > mail_nfs_storage = yes > # Mail index files also exist in NFS. Setting this to yes requires > # mmap_disable=yes and fsync_disable=no. > mail_nfs_index = yes There';s your problem. You need to implement the Dovecot Director, which was created specifically to address this kind of issue... http://wiki2.dovecot.org/Director -- Best regards, Charles From CMarcus at Media-Brokers.com Fri Jul 26 16:47:55 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 26 Jul 2013 09:47:55 -0400 Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <1374844963.37604.YahooMailNeo@web193504.mail.sg3.yahoo.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> <51F274D4.80404@Media-Brokers.com> <1374844963.37604.YahooMailNeo@web193504.mail.sg3.yahoo.com> Message-ID: <51F27E0B.1090704@Media-Brokers.com> On 2013-07-26 9:22 AM, Kavish Karkera wrote: > But, i want to know the cause . why is it happening Thought it was obvious... it is caused by the inherent problems with NFS file lock contention when accessed by multiple systems. Again, this is *why* the Director was written. -- Best regards, Charles From skdovecot at smail.inf.fh-brs.de Fri Jul 26 16:54:35 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 26 Jul 2013 15:54:35 +0200 (CEST) Subject: [Dovecot] Duplicate Mails downloding issue In-Reply-To: <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> References: <1374748184.69014.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374756687.93982.YahooMailNeo@web193501.mail.sg3.yahoo.com> <1374767284.48426.YahooMailNeo@web193502.mail.sg3.yahoo.com> <1374841718.99894.YahooMailNeo@web193504.mail.sg3.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 26 Jul 2013, Kavish Karkera wrote: > Jul 26 12:25:37 popserver dovecot: pop3(kavish.karkera at example.com): Error: Couldn't open INBOX: Timeout while waiting for lock > Jul 26 12:42:12 popserver dovecot: imap(kavish.karkera at example.com): Error: Timeout (180s) while waiting for lock for transaction log file /indexes//mail/v3store/example.com/kavish.karkera at example.com/.INBOX/dovecot.index.log > > it wouls be helpfull if you eloborate thsi logs in more detail. so we coluld resolve this ongoing issue. > > We have 3 POP/IMAP Servers, running as load balancers through DNS round robin. > > Dovecot version server 1 = 2.1.12 > Dovecot version server 2 = 2.1.15 > Dovecot version server 3 = 2.1.13 > > Mails and Indexes are stored over NFS? and we do have these setting enabled > > mail_nfs_storage = yes > # Mail index files also exist in NFS. Setting this to yes requires > # mmap_disable=yes and fsync_disable=no. > mail_nfs_index = yes you have three servers, into which the same user logs in simultaneously, but they share the same storage area. Say, kavish.karkera at example.com logs into server2 with IMAP and keeps the mailbox locked, because it IDLEs there. Now kavish.karkera at example.com logs into server1 and wants to access INBOX a second time in parallel to server2, which has the lock still. Because both servers do not communicating with each other, server2 do not give up the lock, in order to let server1 proceed. If kavish.karkera at example.com would only log into server2 (or server1, it does not matter which server, as long as kavish.karkera at example.com do not log into two servers the same time), Dovecot would handle it. But because you use DNS round robin as load balancer, you cannot ensure this. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfJ/m13r2wJMiz2NAQIWzAf7Bjyx8WarthCZLeSmLb1qGOxCrqmtzlmU qrq2b3+ccpo3/0H5czgfRhX4+bedzV+M0DPH9KzyOtwD7AZrQ8EdarrmG2g8vzZZ GP5vw+6NTZS/PCR+kj2wGgcF0qyPgyrcGp3cmUbCENwujAFwHXo2N+NRrqqEXuR1 l7zVVR7vWp3afQRtNBgyxeFeWI+Zd/MNKuEv6PoqQvfWu4y0KXl03aiImbrAx3eR ZKvpN26rQvRE0P5AIyoGy2n6xuh7V+itZf1UlydONVEE4nC1LFvM6eD9n3bPp3Dc JQmNvefv0OUVaNWxBSpafSN4uk4whZ+zwDNOyzhnDTO09Rdw+4rotw== =vHAq -----END PGP SIGNATURE----- From TIHiggins at uss.com Fri Jul 26 18:29:08 2013 From: TIHiggins at uss.com (Thomas I Higgins) Date: Fri, 26 Jul 2013 11:29:08 -0400 Subject: [Dovecot] Fw: POP3 issues In-Reply-To: References: <51EFFEC1.6080001@sys4.de> Message-ID: Nevermind - Due to your response, I was able to get the admin to agree to upgrade the version to a 2.x version. If the problem persists I will open a new thread. Thanks for reviewing. From srf at sanger.ac.uk Fri Jul 26 18:41:41 2013 From: srf at sanger.ac.uk (Simon Fraser) Date: Fri, 26 Jul 2013 16:41:41 +0100 Subject: [Dovecot] Expunged message reappeared, giving a new UID In-Reply-To: <1374834533.6696.10.camel@ubu101751> References: <1374834533.6696.10.camel@ubu101751> Message-ID: <1374853301.10948.1.camel@ubu101751> I've just converted the mailboxes to mdbox, so mail_location now looks like this: mail_location = mdbox:~/mail The log entry about messages reappearing no longer happens, but the symptoms are the same - if I delete a message, it instantly reappears. Simon. On Fri, 2013-07-26 at 11:28 +0100, Simon Fraser wrote: > I am running dovecot 2.2.2 with tcp based replication, and experiencing > some duplicated emails. `doveconf -n` output is below. > > I have narrowed it down to the following scenario: > > An email arrives, and is successfully replicated to both nodes. It is in > INBOX/new/ at this point on both servers. > > Connect with a mail client, and delete the message - without delayed > expunge. So, for example, mutt (press 'd' then '$' to sync the mailbox), > or Evolution set to immediately delete. > > The following log entry appears on the server the client is connected > to: > > Jul 26 10:40:55 intmail3a dovecot: imap(srf): > Warning: /mail/spool/s/srf/mail/INBOX/dovecot-uidlist: Duplicate file > entry at line 5: 1374831638.M830754P11591.intmail3a,S=1289,W=1321 (uid > 733481 -> 733482) - retrying by re-reading from beginning > Jul 26 10:40:55 intmail3a dovecot: imap(srf): Warning: > Maildir /mail/spool/s/srf/mail/INBOX: Expunged message reappeared, > giving a new UID (old uid=733481, > file=1374831638.M830754P11591.intmail3a,S=1289,W=1321) > > The email reappears in the mailbox, although this time it is in > INBOX/new on one node and INBOX/cur on the other. As best I can tell > it's always in 'new' on the server the client was connected to and in > 'cur' on the other. > > If any other mailbox operation occurs before the delete (Marking the > message in question as 'read', receiving a new message into the mailbox > in a different lmtp session, marking as read or deleting & expunging > some other message) then this prevents the duplication from happening. > > What can I do to prevent this happening? Is there a synchronisation > interval I can adjust, perhaps? Although the message does get > synchronised initially. > > Thanks in advance, > Simon. > > > # 2.2.2: /mail/etc/dovecot/dovecot.conf > # OS: Linux 3.5.0-23-generic x86_64 Ubuntu 12.04.2 LTS > disable_plaintext_auth = no > doveadm_password = secret > first_valid_uid = 100 > lda_mailbox_autocreate = yes > mail_gid = dovecot > mail_home = /mail/spool/%1n/%n > mail_location = maildir:~/mail:INBOX=~/mail/INBOX > mail_plugins = notify replication > mail_uid = dovecot > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = . > } > passdb { > args = /mail/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > mail_replica = tcps:intmail3b:12345 > sieve_dir = ~/sieve > } > protocols = imap lmtp sieve > service aggregator { > fifo_listener replication-notify-fifo { > mode = 0600 > user = dovecot > } > unix_listener replication-notify { > mode = 0600 > user = dovecot > } > } > service config { > unix_listener config { > user = dovecot > } > } > service doveadm { > inet_listener { > port = 12345 > ssl = yes > } > user = dovecot > } > service replicator { > process_min_avail = 1 > } > ssl_cert = ssl_client_ca_dir = /etc/ssl/certs > ssl_key = userdb { > args = /mail/etc/dovecot/dovecot-ldap.userdb.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = notify replication sieve > } > protocol lda { > mail_plugins = notify replication sieve > } > protocol imap { > mail_max_userip_connections = 30 > } > > > > > -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. From h.reindl at thelounge.net Fri Jul 26 18:47:38 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 26 Jul 2013 17:47:38 +0200 Subject: [Dovecot] Expunged message reappeared, giving a new UID In-Reply-To: <1374853301.10948.1.camel@ubu101751> References: <1374834533.6696.10.camel@ubu101751> <1374853301.10948.1.camel@ubu101751> Message-ID: <51F29A1A.2090805@thelounge.net> Am 26.07.2013 17:41, schrieb Simon Fraser: > I've just converted the mailboxes to mdbox, so mail_location now looks > like this: > > mail_location = mdbox:~/mail > > The log entry about messages reappearing no longer happens, but the > symptoms are the same - if I delete a message, it instantly reappears look in the thread "Duplicate Mails downloding issue" since you said "I am running dovecot 2.2.2 with tcp based replication" it sounds like the same problem -> hint: Dovecot Director -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From srf at sanger.ac.uk Fri Jul 26 18:58:13 2013 From: srf at sanger.ac.uk (Simon Fraser) Date: Fri, 26 Jul 2013 16:58:13 +0100 Subject: [Dovecot] Expunged message reappeared, giving a new UID In-Reply-To: <51F29A1A.2090805@thelounge.net> References: <1374834533.6696.10.camel@ubu101751> <1374853301.10948.1.camel@ubu101751> <51F29A1A.2090805@thelounge.net> Message-ID: <1374854293.10948.6.camel@ubu101751> On Fri, 2013-07-26 at 17:47 +0200, Reindl Harald wrote: > > Am 26.07.2013 17:41, schrieb Simon Fraser: > > I've just converted the mailboxes to mdbox, so mail_location now looks > > like this: > > > > mail_location = mdbox:~/mail > > > > The log entry about messages reappearing no longer happens, but the > > symptoms are the same - if I delete a message, it instantly reappears > > look in the thread "Duplicate Mails downloding issue" > > since you said "I am running dovecot 2.2.2 with tcp based replication" > it sounds like the same problem -> hint: Dovecot Director > I've read that thread. I'm not seeing any lock file errors, I'm not running over NFS but rather using dovecot's own replication for the mail store, and I'm not using pop3. I'm also not seeing the mails _downloaded_ again but rather reappear on the server after they have been removed: I can watch the message disappear from one server and then be replaced. I've looked at the documentation for Director and while it looks nice, I don't see how it relates to my problem, as it seems to be for shared-storage deployments. I have tested this with a mail client that's connecting to only one node - this is a test service, and so that one imap connection is the only client. Simon. -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. From d.parthey at metaways.de Fri Jul 26 21:26:19 2013 From: d.parthey at metaways.de (Daniel Parthey) Date: Fri, 26 Jul 2013 20:26:19 +0200 Subject: [Dovecot] Expunged message reappeared, giving a new UID In-Reply-To: <1374834533.6696.10.camel@ubu101751> References: <1374834533.6696.10.camel@ubu101751> Message-ID: Hi Simon, Version 2.2.2 is not current any more. I would try to update to the latest stable version 2.2.4 first, since some dsync bugs have been fixed between 2.2.2 and 2.2.4: http://www.dovecot.org/doc/NEWS-2.2 Regards Daniel From bugreporter at vescent.com Fri Jul 26 23:13:51 2013 From: bugreporter at vescent.com (Ben) Date: Fri, 26 Jul 2013 14:13:51 -0600 Subject: [Dovecot] Namespace, Sieve and upgrading to dovecot 2.0 -- no folder "INBOX/" Message-ID: <51F2D87F.5010901@vescent.com> I just upgraded from debian squeeze->wheezy. This meant upgrading from dovecot 1.2 to 2.1.7 and upgrading to Pigdeonhole sieve. I have dovecot configured to use sieve and virtual users (I'll post config below) Now any message that come in get filtered by sieve, but any messages that don't hit any filters gives the error (in the sieve log): msgid=: failed to store into mailbox 'INBOX/': Invalid mailbox name As far as I can tell, Pidgeonhole has hard-coded to the behavior of 'keep' (that is unfiltered emails) to be: fileinto "INBOX/" However, in my setup "INBOX/" is not a valid folder. "INBOX" is. Is there a way to get pidgeonhole sieve to treat 'keep' as fileinto "INBOX"? Or do I need to reconfigure my dovecot namespaces? I tried playing with them, but everything works right now (sharing, etc) and when I changed my prefix on the inbox, etc, it did weird things (INBOX.INBOX.FOLDER) instead of (INBOX.Folder). Suggestions? Here is, I believe the relevant config info: dovecot.conf: namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = maildir:/Mail/Users/%%n/:INDEX=/Mail/Users/%u/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } Thanks, Ben From alberto at unex.es Sat Jul 27 01:56:20 2013 From: alberto at unex.es (Alberto Cabello Sanchez) Date: Sat, 27 Jul 2013 00:56:20 +0200 Subject: [Dovecot] Namespace, Sieve and upgrading to dovecot 2.0 -- no folder "INBOX/" In-Reply-To: <51F2D87F.5010901@vescent.com> References: <51F2D87F.5010901@vescent.com> Message-ID: <3fced99a6369df1c18aa546ae93b8c5e.squirrel@cartero.unex.es> > Now any message that come in get filtered by sieve, but any messages > that don't hit any filters gives the error (in the sieve log): > msgid=: failed to store into mailbox 'INBOX/': Invalid > mailbox name > > As far as I can tell, Pidgeonhole has hard-coded to the behavior of > 'keep' (that is unfiltered emails) to be: > fileinto "INBOX/" Does "sieve-filter -m" switch help? From stan at hardwarefreak.com Sat Jul 27 02:06:14 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 26 Jul 2013 18:06:14 -0500 Subject: [Dovecot] dbus support in dovecot? In-Reply-To: <201307252325.34012.gheskett@wdtv.com> References: <201307240825.46329.gheskett@wdtv.com> <201307251545.17657.gheskett@wdtv.com> <51F1B077.30207@hardwarefreak.com> <201307252325.34012.gheskett@wdtv.com> Message-ID: <51F300E6.8070003@hardwarefreak.com> On 7/25/2013 10:25 PM, Gene Heskett wrote: > On Thursday 25 July 2013 22:45:04 Stan Hoeppner did opine: > >> On 7/25/2013 2:45 PM, Gene Heskett wrote: >>> However, I would really like to start with some in depth docs, docs I >>> am not having a lot of luck finding. But I am not, as you can see, >>> too bashful to go ask the source. ;) >> >> The main problem you're facing right now is that you don't really yet >> grasp what IMAP is all about. > > Is wiki2 the sum total of the docs for this? If it is the definitive > manual, great. AFAIK the wiki documentation isn't "complete", but should have everything needed to get a new Dovecot server up and running. What it won't have is anything remotely related to mail file import/migration from a workstation/MUA setup. Dovecot is server application. Any migration docs are geared toward migrating existing mail from other IMAP server platforms, such as Courier or UW-IMAP, etc. It is definitely NOT aimed at the desktop user space, i.e. it's not meant to run concurrently on a *nix PC that is used for desktop GUI applications. It surely can as it is just another *nix app, but as with any server app one will rely on to be up 100% you really want a dedicated box, UPS, the whole 9 yards. For a SOHO environment with few users it doesn't need to be an expensive hulk of a server, just reliable. The cheapest new PCs usually have a dual/quad core CPU, 4GB RAM, 1TB HD, and ethernet, and this would be overkill performance wise. Get a little 500 KVA APC UPS with data cable and setup apcupsd to do auto shutdown when the battery runs low during an outage. >> In a nutshell, once you install Dovecot, >> or any IMAP server, it becomes the single point of control and access to >> all of your mail. You install an IMAP MUA on each client PC, point >> these at Dovecot, and you're basically done. They can all be logged >> into the same account simultaneously, and any new mail will show up in >> the INBOX on all clients simultaneously, or nearly so. > > This restriction to the INBOX bothers me because the present kmail setup > I'm using has about 55 individual folders such that messages from a mailing > list are sorted by kmail and placed in the appropriate folder/directory. > That includes this mailing list. I've never used kmail. Does it have an IMAP connector? If so, once you have the Dovecot server up and working and kmail configured and working with IMAP, you'd simply copy the emails in the current folders over to newly created folders of the same name. AFAIK you can't just do any drag 'n drop existing mail folders. >> You typically don't need to configure the clients other than telling >> them where the server is and plugging in login credentials. The rest is >> pretty much automatic. Any folders the user has access to should >> display automatically without needing to manually subscribe. At least >> this is how it works with Thunderbird. ... > But back to t-bird, can it be made to look the same in terms of folders vs > folder contents, with say 3 local copies, one on this box, and one each on > the boxes running the cnc machines? All accomplished hopefully by getting > one copy working, and copying its configs to the other 2, or maybe 3 > machines. I use the lappy in the shop to ssh into the cnc boxes so I can > sit in relative comfort when making more copies of some part. 90% of the > stuff I do is one off's, but I might need a 12 pack of a custom bolt or ?? If you install default Tbird on each machine, all that's required afterward is to create an account profile, input the IMAP server IP address, SMTP relay server address, and enter the username/pwd when prompted. This assumes the user already exists on the Dovecot server. At that point the view and folder list should be identical on each Tbird. >> In other words, with an IMAP server, you simply ditch most of your old >> way of doing things with your MUAs. The only program that will >> write/read your mail files will be the IMAP server, Dovecot in this >> case. All the clients must access mail through an IMAP connection. > > Where does dovecot actually keep the email corpus? If you're referring to the user mail files, they are stored in the location you specify in dovecot.conf. This will be a local filesystem directory on the server box. All mail for all users will be stored here, once. You will no longer store any mail files on the client PCs. By having all the mail on the server you can access it from any computer running an MUA. And in fact from anywhere in the world with an internet connection, assuming you configure your local internet router properly. You can also install an webmail server that connects to Dovecot via IMAP. Then you can access the emails from any device with a web browser and net connection. I use Roundcube for this. Other options are SoGo, Squirrelmail, etc. In fact if you install such a webmail server alongside Dovecot, you don't need to have an MUA on any client PC. Just Firefox, or your favorite browser. > I am assuming that is an assignment in 10-master.conf, but there is a quite > lengthy list of stuff in the dovecot/conf.d tree that I haven't been able > to find in the wiki2 pages. Sure, I can grep for a given variables name, > but first, I need to know the name of the variable... Classic new user > chicken v egg stuff. Set the mail_location in conf.d/10-mail.conf You need to read up on the various mailbox formats before choosing one. If unsure, ask the list. > My present du -h on /home/gene/Mail is about 4.8Gb, and the databases kmail > keeps for indices etc (and there seems to be an ever growing list of etc's, > all convinced they have to have their own copies of everything) aren't > there, but total another 16Gb at other locations on my HD's, between > soprano and virtuoso. That alone is enough to convince me kmail has got to > go. And the kde folks simply will not entertain the suggestion they have > bloated it out of viability for even a user willing to restart it daily, > and reboot the machine on a weekly basis because it gets so laggy. 16-20GB of mail files for one user, or a handful of users, is ridiculous. If you have lots/large attachments in those email files detach those and save them appropriately as normal files BEFORE you start copying your existing mail to the new Dovecot server. It would make much sense to install Samba on your Dovecot server box and save all those attachments to a directory on the server. FYI I have 82,600+ emails in my two dozen or so IMAP mailbox folders. Including Dovecot indexes, the consumed space on disk is only 1.1GB. Most is archived list mail. Very few attachments. The Dovecot indexes alone are 160MB of that, slightly more than 10 percent. > Thank you Stan. No problem. I wouldn't say getting Dovecot running the first time is difficult for a first time user, if you're doing a standard Dovecot/Postfix setup with an MX record and delivery to your domain via smtp. In your case it's going to be much more difficult, because your current architecture is an ad hoc collection of PCs, and you have no central mail delivery to a local domain. The latter, with many external addresses/mailboxes, is going to be the hard part. -- Stan From claude.xavier at gmail.com Sat Jul 27 16:38:45 2013 From: claude.xavier at gmail.com (Xavier Claude) Date: Sat, 27 Jul 2013 15:38:45 +0200 Subject: [Dovecot] Unable to use dovecot-antispam plugin Message-ID: <1458010.NeIMt30kEy@linux-s4x4.site> Hello everybody, I'm trying to use the Dovecot antispam on Debian Wheezy (dovecot version 2.1.7), but it's not working, each time I put a mail in the "Spam" folder, it is send in its original folder. What bother me the most is that I don't see anything in the log. Here is my dovecot config related to the antispam plugin : plugin { antispam_allow_append_to_spam = yes antispam_backend = dspam antispam_debug_target = syslog antispam_dspam_args = --user;%Lu;--deliver=spam,innocent;--source=error;--signature=%%s antispam_dspam_binary = /usr/bin/dspam antispam_dspam_notspam = --class=innocent antispam_dspam_result_header = X-DSPAM-Result antispam_dspam_spam = --class=spam antispam_signature = X-DSPAM-Signature antispam_signature_missing = error antispam_spam = SPAM;Spam antispam_trash = trash;Trash;Deleted Items; Deleted Messages sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocol imap { mail_plugins = " antispam" } And in the log, the only thing I see is the plugin initialization : Jul 27 13:18:05 twoflowers imap: antispam: plugin initialising (2.0-notgit) Jul 27 13:18:05 twoflowers imap: antispam: "SPAM" is exact match spam folder Jul 27 13:18:05 twoflowers imap: antispam: "Spam" is exact match spam folder Jul 27 13:18:05 twoflowers imap: antispam: no unsure folders Jul 27 13:18:05 twoflowers imap: antispam: "trash" is exact match trash folder Jul 27 13:18:05 twoflowers imap: antispam: "Trash" is exact match trash folder Jul 27 13:18:05 twoflowers imap: antispam: "Deleted Items" is exact match trash folder Jul 27 13:18:05 twoflowers imap: antispam: " Deleted Messages" is exact match trash folder Jul 27 13:18:05 twoflowers imap: antispam: allowing APPEND to spam folders Jul 27 13:18:05 twoflowers imap: antispam: dspam binary set to /usr/bin/dspam Jul 27 13:18:05 twoflowers imap: antispam: dspam result set to X-DSPAM-Result Jul 27 13:18:05 twoflowers imap: antispam: dspam extra arg --user Jul 27 13:18:05 twoflowers imap: antispam: dspam extra arg xavier Jul 27 13:18:05 twoflowers imap: antispam: dspam extra arg --deliver=spam,innocent Jul 27 13:18:05 twoflowers imap: antispam: dspam extra arg --source=error Jul 27 13:18:05 twoflowers imap: antispam: dspam extra arg --signature=%s Jul 27 13:18:05 twoflowers imap: antispam: signature header line is "X-DSPAM-Signature" Thank you for your help. -- Xavier Claude claude.xavier at gmail.com From rob0 at gmx.co.uk Sat Jul 27 16:42:09 2013 From: rob0 at gmx.co.uk (/dev/rob0) Date: Sat, 27 Jul 2013 08:42:09 -0500 Subject: [Dovecot] Case-insensitive "detail" mailboxes? In-Reply-To: <20130726090422.GB25972@darac.org.uk> References: <20130725162956.GC13717@harrier.slackbuilds.org> <20130726090422.GB25972@darac.org.uk> Message-ID: <20130727134209.GF13717@harrier.slackbuilds.org> On Fri, Jul 26, 2013 at 10:04:22AM +0100, Darac Marjal wrote: > On Thu, Jul 25, 2013 at 11:29:56AM -0500, /dev/rob0 wrote: > > We're using sieve with LMTP. We want to have > > lda_mailbox_autocreate and lmtp_save_to_detail_mailbox. Is > > there a way to make the "detail" case-insensitive? If so I > > have not found it yet. > > > > I suppose we could lowercase the input string for the SQL > > userdb query, but that's not what is wanted. The idea being > > that if a user makes a mailbox called "Test" is that > > user+test at example.com and user+TEST at example.com should both > > go to that "Test" mailbox. If it was lowercased, a mailbox > > called "Test" would be ignored and "test" used. > > > > With autocreate, this could be a problem if mail is > > delivered to autocreated case-sensitive mailboxes that the > > user won't see. > > > > Hmmm, maybe a global sieve script? > > I use the following sieve snippet rather than > lmtp_save_to_detail_mailbox: > > if envelope :detail :regex "to" "(.+)" { > set :upperfirst :lower "detail" "${1}"; > fileinto :create "Tagged/${detail}"; > stop; > } Aha! On further examination I found a similar example here: http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples#Plus_Addressed_mail_filtering I will need to tweak this a bit more, because we want to allow the user to create a mailbox as s/he wants, whether all CAPS, all lowercase, or Title Case (as our default setting would create a new folder if it wasn't found.) But you've surely set me on the right track here! Thank you! > So, if the detail portion of the TO address exists, set a variable > "detail" to be the first-letter-uppercased version of that portion > (test -> Test, TEST -> Test and so on) and file the message into > "Tagged/Test", creating that if necessary. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From francis at thibault.org Thu Jul 25 23:45:25 2013 From: francis at thibault.org (John Stracke) Date: Thu, 25 Jul 2013 16:45:25 -0400 Subject: [Dovecot] Upgrading to dovecot2 broke IDLE on one mailer, but not another Message-ID: <51F18E65.2010203@thibault.org> Last weekend I upgraded my server (complete reinstall, actually), from Debian sarge to wheezy, which brought me from dovecot 1.x (I think) to 2.1.7. It's all working now, *except* that the MUA I use on Android, Kaiten (a fork of K-9), apparently no longer gets IDLE notifications. Before the upgrade, when mail arrived, Kaiten would pop up an Android notification immediately; now, it never does (or it might, hours later, with all the messages it notices at that time--presumably this happens when its background service gets killed off and restarted). The weird thing is that IDLE still works flawlessly with Thunderbird, which suggests this is a protocol interaction between Dovecot 2 and Kaiten. (I plan to check with the Kaiten folks next.) Has anybody here seen this? Is there something I can turn on in Dovecot to help debug it? I did check my old Dovecot settings, and they didn't specify anything non-default about IDLE. Thanks in advance! My configuration from dovecot -n: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.9.3-x86-linode52 i686 Debian 7.0 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_access_groups = mail mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail passdb { driver = pam } protocols = imap pop3 service auth { user = root } service imap-login { inet_listener imap { port = 0 } } service pop3-login { inet_listener pop3 { port = 0 } } ssl_cert = Hi there, I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp (currently using number 1) I'm interessted in the differences and the advantages/disadvantages of each of those solutions. According to http://wiki2.dovecot.org/LDA the recommended way is to use LMTP, since it's supposed to have a better performance. On the other hand, http://wiki2.dovecot.org/LMTP says, that LMTP is a backgound process, while LDA is only called when needed. I've also read, that LDA only uses the users privileges, which both means, that LDA should be better. I've also noticed, that LMTP adds an additional Recieved:-Header to the mail. Are there any other differences? Thank you M. From h.reindl at thelounge.net Sat Jul 27 18:45:24 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 27 Jul 2013 17:45:24 +0200 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: <51F3EB14.6090608@thelounge.net> Am 26.07.2013 17:45, schrieb Martin Burgraf: > I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. > 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" > 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp > > (currently using number 1) > I'm interessted in the differences and the advantages/disadvantages of each of those solutions > According to http://wiki2.dovecot.org/LDA the recommended way is to use LMTP, since it's supposed to have a better performance > On the other hand, http://wiki2.dovecot.org/LMTP says, that LMTP is a backgound process, while LDA is only called when needed and that is why LMTP is preferred instead fire up a new process for each message with all the costs you have *one* process running all the time waiting for a message to deliver you would no run SMTPD via xinetd and start the smtpd service each time someone delivers a message to your server... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From jtam.home at gmail.com Sun Jul 28 02:15:25 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Sat, 27 Jul 2013 16:15:25 -0700 (PDT) Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: "Martin Burgraf" writes: > According to http://wiki2.dovecot.org/LDA the recommended way is to use > LMTP, since it's supposed to have a better performance. The performance gains comes mostly from avoiding the overhead of invoking an executable and spawning a new process for each delivery. If your mail system isn't stressed, I don't think it matters much. > On the other hand, http://wiki2.dovecot.org/LMTP says, that LMTP is a > backgound process, while LDA is only called when needed. I've also > read, that LDA only uses the users privileges, which both means, that > LDA should be better. I don't know why you would consider a background process inferior to a run-on-demand executable. > I've also noticed, that LMTP adds an additional Recieved:-Header to the mail. > Are there any other differences? >From a past discussion on this topic, I think Timo stated that if you use SIS (single-instance storage or de-duping), it's more efficient using LMTP since it knows all message bodies to multiple recipients will be identical. Joseph Tam From bra at fsn.hu Sun Jul 28 14:49:22 2013 From: bra at fsn.hu (Attila Nagy) Date: Sun, 28 Jul 2013 13:49:22 +0200 Subject: [Dovecot] Passing data safely in password_key? Message-ID: <51F50542.9080103@fsn.hu> Hi, I would like to convert my custom POP/IMAP proxy to Dovecot's. In this proxy I do more than giving back user name, password and the host and I need extra information. Luckily all of them are available as variables, but more than one comes as user input (like user name and cleartext password) and I'm not sure how to pass them safely. Obviously I would need a separator, which is guaranteed not to show up either in user name and the cleartext password. Should I use escape (%E) here, or is there a better way? From gedalya at gedalya.net Sun Jul 28 19:37:36 2013 From: gedalya at gedalya.net (Gedalya) Date: Sun, 28 Jul 2013 12:37:36 -0400 Subject: [Dovecot] Error: dict client sent broken reply In-Reply-To: <0b8beb24a830ec79044996616a0e6614.squirrel@www.giz-works.com> References: <0b8beb24a830ec79044996616a0e6614.squirrel@www.giz-works.com> Message-ID: <51F548D0.5070604@gedalya.net> Having the same problem here. Dovecot 2.1.7. But all I get from doveadm -D is: doveadm(user1 at domain.tld): Debug: expire: Stopping iteration on key shared/expire/anotheruser at domain.tld/Trash (1373817132 > 1373816705) and that's it. The log says: dovecot: dict: Error: dict client: COMMIT: Can't commit while iterating From markus.kalb at web.de Sun Jul 28 19:43:27 2013 From: markus.kalb at web.de (Markus Kalb) Date: Sun, 28 Jul 2013 18:43:27 +0200 Subject: [Dovecot] Please help with : undefined symbol: mail_deliver_save_open Message-ID: <51F54A2F.4090602@web.de> Greetings dovecot-mailing list! after upgrading from debian squeeze -> debian wheezy and therefore making the big dovecot jump from 1.x to 2.x we are stuck with one final(?) error that we can't get fixed. During login attempts the following is written to the logfiles. Error: dovecot: imap: Error: dlopen(/usr/lib/dovecot/modules/lib90_sieve_plugin.so) failed: /usr/lib/dovecot/libdovecot-sieve.so.0: undefined symbol: mail_deliver_save_open Searching the mailinglist and google in general the only thing i could find was that this error could be connected to loading the sieve plugin outside of lda. But as you can see in the attached config dump, we only load it inside the lda protocol block. ciao markus Our setup: > dovecot --version 2.1.7 > dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-686-pae i686 Debian 7.1 auth_debug = yes auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes mail_debug = yes mail_plugins = acl fts fts_solr mail_shared_explicit_inbox = no managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify namespace { hidden = no list = children location = maildir:/home/lists/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index prefix = lists/ separator = / subscriptions = no type = shared } namespace { hidden = yes list = no location = maildir:/home/security/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index prefix = security/ separator = / subscriptions = no type = shared } namespace { hidden = yes list = children location = maildir:/home/dsys/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index prefix = duales_system/ separator = / subscriptions = no type = shared } namespace inbox { hidden = no inbox = yes list = yes location = mbox:%h/.mail/private:INBOX=/var/mail/%u mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = scheme=DIGEST-MD5 username_format=%u /etc/dovecot/passwd driver = passwd-file } plugin { acl = vfile:/etc/dovecot/acls:cache_secs=300 sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = +imapflags +notify } protocols = " imap sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 143 } } ssl_cert = Hi, Are log lines like the following: Jul 28 15:30:50 mx1.somewhere dovecot: auth-worker(18980): sql(user at domain,217.67.x.x): unknown user Jul 28 15:32:56 mx1.somewhere dovecot: auth-worker(18980): sql(user at domain,212.182.x.x): Password mismatch written every time any authetntication phase fails, in SASL as well as in POP3/IMAP mailbox access? I have a legacy app that would gain a lot if I could distinguish between failed SASL authentication and failed POP3/IMAP authentication. I know I can use the "auth failed" lines for the latter case, and postfix log lines in the former, but they don't contain user info. Is there a way for log monitoring software to get failed login lines with both user info, and the reason (SASL, POP3, IMAP)? Regards, -- Grzegorz Staniak From markus.kalb at web.de Sun Jul 28 22:42:11 2013 From: markus.kalb at web.de (Markus Kalb) Date: Sun, 28 Jul 2013 21:42:11 +0200 Subject: [Dovecot] solved/answered Re: Please help with : undefined symbol: mail_deliver_save_open In-Reply-To: <51F54A2F.4090602@web.de> References: <51F54A2F.4090602@web.de> Message-ID: <51F57413.5000200@web.de> Hi thanks to the kind help of S[r]us in the #Dovecot channel I can supply the solution myself. So for everyone having the same problem, in my case it was the line: default_fields = mail_plugins=sieve system_groups_user=%u it causes the sieve plugin to be loaded in a global context. It worked in version 1.X but not in 2.X. Am 28.07.2013 18:43, schrieb Markus Kalb: > Greetings dovecot-mailing list! > > > after upgrading from debian squeeze -> debian wheezy and therefore > making the big dovecot jump from 1.x to 2.x we are stuck with one > final(?) error that we can't get fixed. > > > > During login attempts the following is written to the logfiles. > > Error: > dovecot: imap: Error: > dlopen(/usr/lib/dovecot/modules/lib90_sieve_plugin.so) failed: > /usr/lib/dovecot/libdovecot-sieve.so.0: undefined symbol: > mail_deliver_save_open > > > > Searching the mailinglist and google in general the only thing i could > find was that this error could be connected to loading the sieve plugin > outside of lda. But as you can see in the attached config dump, we only > load it inside the lda protocol block. > > > > ciao markus > > > > > > Our setup: > >> dovecot --version > 2.1.7 > > >> dovecot -n > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-686-pae i686 Debian 7.1 > auth_debug = yes > auth_mechanisms = plain login digest-md5 cram-md5 > auth_verbose = yes > mail_debug = yes > mail_plugins = acl fts fts_solr > mail_shared_explicit_inbox = no > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave imapflags notify > namespace { > hidden = no > list = children > location = > maildir:/home/lists/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index > prefix = lists/ > separator = / > subscriptions = no > type = shared > } > namespace { > hidden = yes > list = no > location = > maildir:/home/security/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index > prefix = security/ > separator = / > subscriptions = no > type = shared > } > namespace { > hidden = yes > list = children > location = > maildir:/home/dsys/.mail/:CONTROL=%h/.mail/private/.imap/shared/control:INDEX=%h/.mail/private/.imap/shared/index > prefix = duales_system/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > hidden = no > inbox = yes > list = yes > location = mbox:%h/.mail/private:INBOX=/var/mail/%u > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = scheme=DIGEST-MD5 username_format=%u /etc/dovecot/passwd > driver = passwd-file > } > plugin { > acl = vfile:/etc/dovecot/acls:cache_secs=300 > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_extensions = +imapflags +notify > } > protocols = " imap sieve" > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > } > service imap-login { > inet_listener imap { > port = 143 > } > } > ssl_cert = ssl_key = userdb { > args = username_format=%u /etc/dovecot/passwd > default_fields = mail_plugins=sieve system_groups_user=%u > driver = passwd-file > } > protocol lda { > mail_plugins = acl fts fts_solr sieve > } > protocol imap { > mail_max_userip_connections = 20 > mail_plugins = acl fts fts_solr > } > > > > > > # dpkg -l '*dovecot*' |grep ii | cut -c 0-60 > ii dovecot-antispam 2.0+20120225-3 > ii dovecot-core 1:2.1.7-7 > ii dovecot-imapd 1:2.1.7-7 > ii dovecot-ldap 1:2.1.7-7 > ii dovecot-managesieved 1:2.1.7-7 > ii dovecot-sieve 1:2.1.7-7 > ii dovecot-solr 1:2.1.7-7 > From skdovecot at smail.inf.fh-brs.de Mon Jul 29 09:51:17 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 29 Jul 2013 08:51:17 +0200 (CEST) Subject: [Dovecot] Unable to use dovecot-antispam plugin In-Reply-To: <1458010.NeIMt30kEy@linux-s4x4.site> References: <1458010.NeIMt30kEy@linux-s4x4.site> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 27 Jul 2013, Xavier Claude wrote: > 2.1.7), but it's not working, each time I put a mail in the "Spam" Turn on logging and the mail_log plugin: http://wiki2.dovecot.org/Logging http://wiki2.dovecot.org/Plugins/MailLog > folder, it is send in its original folder. What bother me the most is What was the "original folder"? Maybe Junk? try to turn off Junk filtering by the mail client. With mail_log enabled you'll see many actions of your client. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYQ5V3r2wJMiz2NAQKNEQf/QkjTQK2vRnGZhVhQ9I8L7CSJsQW+Bz/F 8rlkylSt94XC2U6i1JscIx/unvFli8QMC2h+kIeWw52ahsL0gER94ak+Ya55kd3b 4Bp5rknooP6zgXFLJLVvSAp19yVFvZIshiAwFrIivrfs6Eg0OC7Igf59N6NSuQcx 8ne7/YLdVCOtMarnVzT7hPMQgCXazsroSopg5+l63uqulvZXmWOOVsMrUI398+6a u5FJDO0qa9IdTAav2ASpOir3/Nxv258f1ARs/RArC4XslDZqzXiJIgLXgcWezqDT zJdXO13zw8h5ZWGGOtDVnT94HWkB+LvC/AuYV0msAbXLBHM7zI0C+A== =gFGR -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jul 29 09:55:37 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 29 Jul 2013 08:55:37 +0200 (CEST) Subject: [Dovecot] Upgrading to dovecot2 broke IDLE on one mailer, but not another In-Reply-To: <51F18E65.2010203@thibault.org> References: <51F18E65.2010203@thibault.org> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Jul 2013, John Stracke wrote: > Last weekend I upgraded my server (complete reinstall, actually), from Debian > sarge to wheezy, which brought me from dovecot 1.x (I think) to 2.1.7. It's > all working now, *except* that the MUA I use on Android, Kaiten (a fork of > K-9), apparently no longer gets IDLE notifications. Before the upgrade, when > mail arrived, Kaiten would pop up an Android notification immediately; now, > it never does (or it might, hours later, with all the messages it notices at > that time--presumably this happens when its background service gets killed > off and restarted). > > The weird thing is that IDLE still works flawlessly with Thunderbird, which > suggests this is a protocol interaction between Dovecot 2 and Kaiten. (I > plan to check with the Kaiten folks next.) Has anybody here seen this? Is > there something I can turn on in Dovecot to help debug it? To debug: http://wiki2.dovecot.org/Debugging/Rawlog and http://wiki2.dovecot.org/Logging Then you'll see if Kaiten issues an IDLE at all and you could also cross check with other logs. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYR6V3r2wJMiz2NAQLm4gf6A9p/VdJtBhF5D/emlGp/tqVFwvVTfKRb Ja3bnzxbwpgjnjoR8QES90KywdRpc00bYoCosyqsqjHV5R5IwpadNzyAHHmifii+ 7Bq7+ODKPJ6/SnJE+B02aKbjcBWplm9EbWUPooPuP/JT7jFcUqN3GnvgPFczEZR+ Vvx/X3oGb0fnixq63Wh2wl1DGhQygo+0ePErM+Jp1dd+hNZR0l9oc1tb0MniZYkG z7eUp9hjqWkS0952tpWUhqWSfVvpa1dYiAKbzk6pndV3sNEYNonc/e3v4LdyslQc fGxTshzbZ/q/hJmghYuifYZ5W9sixiR3aMJ5cf2Lwwa5Kpyt6eTU8A== =2cIp -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Jul 29 10:11:52 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 29 Jul 2013 09:11:52 +0200 (CEST) Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 26 Jul 2013, Martin Burgraf wrote: > I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. > 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" > 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp > > (currently using number 1) > I'm interessted in the differences and the advantages/disadvantages of each of those solutions. > > According to http://wiki2.dovecot.org/LDA the recommended way is to use LMTP, since it's supposed to have a better performance. > On the other hand, http://wiki2.dovecot.org/LMTP says, that LMTP is a backgound process, while LDA is only called when needed. I've also read, that LDA only uses the users privileges, which both means, that LDA should be better. > I've also noticed, that LMTP adds an additional Recieved:-Header to the mail. > Are there any other differences? LMTP also adds "Delivered-To", unless I'm mistaken. There is one difference, that pops up on failure: The LDA has the exit code only to return success/failure back to the MTA. LMTP uses the same mechanisms as SMTP to return success / failure incl. descriptive information. There is another difference, if you need additional hacking: With the LDA-method you can put a wrapper script between MTA and MDA, in order to alter the message, recipient, just log something, ... . Actually that self-made wrapper script [and I really mean script in the sense of bash, perl, python, C, ruby, ...] can control the delivery fully. That would be more sophisticated to do with LMTP. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfYVuF3r2wJMiz2NAQLWwgf8CNZ+J9UmFco1dftatU95/MKN1T+70PuL w3+PpCbhCfJ3SHlnlTjRydaAYue4tL0Mu6lJ2ajm3n0SJSHukdxaWmPy6/P0dufV EQePTE3W0UD2j+zNYn57LCfF81No9c86A3Uz7DQcPhmsvCSZTo3PyEaPz0PkflTR BNQ14juGmJAQxSJDvudgCgzx7TnnGoqEx8EsKMTjSA0W3gCCng6N7MRCHuoCEZBJ AEfnwNgnw7bpeiPedI4l8gnvYEYK99Xa0ZmzjEYmbitzulTPRu8jPny7dfAHp5Bd xzEN3qWq/QZZ62wQgYSqYPT8mL8aRcwbS7ur9WbsBZHEmr0lLxnhlQ== =5twi -----END PGP SIGNATURE----- From bra at fsn.hu Mon Jul 29 10:22:00 2013 From: bra at fsn.hu (Attila Nagy) Date: Mon, 29 Jul 2013 09:22:00 +0200 Subject: [Dovecot] Passing data safely in password_key? In-Reply-To: <51F50542.9080103@fsn.hu> References: <51F50542.9080103@fsn.hu> Message-ID: <51F61818.8010500@fsn.hu> On 07/28/13 13:49, Attila Nagy wrote: > Hi, > > I would like to convert my custom POP/IMAP proxy to Dovecot's. In this > proxy I do more than giving back user name, password and the host and > I need extra information. > Luckily all of them are available as variables, but more than one > comes as user input (like user name and cleartext password) and I'm > not sure how to pass them safely. > Obviously I would need a separator, which is guaranteed not to show up > either in user name and the cleartext password. > Should I use escape (%E) here, or is there a better way? > Just for the record, this is what I use currently: password_key = dovecot/passdb^MAuth-User: %u^MAuth-Pass: %w^MAuth-Protocol: %s^M Client-IP: %r^M From jbehrend at mpifr-bonn.mpg.de Mon Jul 29 10:30:16 2013 From: jbehrend at mpifr-bonn.mpg.de (Jan Behrend) Date: Mon, 29 Jul 2013 09:30:16 +0200 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: <51F61A08.4050702@mpifr-bonn.mpg.de> On 07/26/2013 05:45 PM, Martin Burgraf wrote: > Hi there, > > I'm using Dovecot together with Postfix; as I understand it, there are two ways to transfer the mail from Postfix to Dovecot. > 1.) by using LDA with mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" > 2.) by using LMTP with mailbox_transport = lmtp:unix:private/dovecot-lmtp > > (currently using number 1) > I'm interessted in the differences and the advantages/disadvantages of each of those solutions. You cannot use the LDA method if SMTP and IMAP services reside on different machines, which would be the case in larger scale mail system setups. My advice is to go with LMTP anyway! Cheers Jan -- MAX-PLANCK-INSTITUT fuer Radioastronomie Jan Behrend - Rechenzentrum ---------------------------------------- Auf dem Huegel 69, D-53121 Bonn Tel: +49 (228) 525 359, Fax: +49 (228) 525 229 jbehrend at mpifr-bonn.mpg.de http://www.mpifr-bonn.mpg.de ------------------------------------------------------------------------ Die digitale Unterschrift dieser Mail kann durch das Zertifikat der DFN Global Hierarchie ?berpr?ft werden: https://ca.mpg.de/certs/root-DGP/deutsche-telekom-ca2-root-cert.der Weitere Informationen zur CA der MPG finden Sie unter: https://ca.mpg.de ------------------------------------------------------------------------ -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4553 bytes Desc: S/MIME Cryptographic Signature URL: From janfrode at tanso.net Mon Jul 29 11:16:22 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Mon, 29 Jul 2013 10:16:22 +0200 Subject: [Dovecot] convert to mdbox In-Reply-To: <51EE2C09.9020701@gmail.com> References: <51EE2C09.9020701@gmail.com> Message-ID: <20130729081622.GA2571@mushkin.tanso.net> On Tue, Jul 23, 2013 at 10:08:57AM +0300, Birta Levente wrote: > > How can I convert all virtual mailboxes from maildir to mdbox? > Manually, one by one, working, but I have a lot ... I've converted around 4-500.000 users from maildir to mdbox by the following on a server configured for using MDBOX as default: 1 - Search for all users with mailMessageStore attribute in LDAP 2 - Convert user to mdbox: dsync -v -u "$username" mirror maildir:"$maildir" + check returncode dsync -v -u "$username" mirror maildir:"$maildir" + check returncode 3 - Delete mailMessageStore attribute from LDAP and add "mailLocation: mdbox:~/mdbox" 4 - pkill -HUP -u dovecot -f dovecot/auth -- to make sure auth cache is updated 5 - doveadm kick "$username" -- on all servers, in case user was logged in.. 6 - Do final sync: dsync -v -u "$username" mirror maildir:"$maildir" 7 - Delete maildir. Only 26554 users left to convert.. -jf From noel.butler at ausics.net Mon Jul 29 12:01:51 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 29 Jul 2013 19:01:51 +1000 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: <51F61A08.4050702@mpifr-bonn.mpg.de> References: <51F61A08.4050702@mpifr-bonn.mpg.de> Message-ID: <1375088511.5139.5.camel@tardis> On Mon, 2013-07-29 at 09:30 +0200, Jan Behrend wrote: > You cannot use the LDA method if SMTP and IMAP services reside on > different machines, which would be the case in larger scale mail system > setups. > Sorry, that is incorrect. Granted, it does mean putting dovecot on the SMTP servers as well, but you certainly do not need to allow pop3/imap access. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From srf at sanger.ac.uk Mon Jul 29 12:05:22 2013 From: srf at sanger.ac.uk (Simon Fraser) Date: Mon, 29 Jul 2013 10:05:22 +0100 Subject: [Dovecot] Expunged message reappeared, giving a new UID In-Reply-To: References: <1374834533.6696.10.camel@ubu101751> Message-ID: <1375088722.26546.2.camel@ubu101751> On Fri, 2013-07-26 at 20:26 +0200, Daniel Parthey wrote: > Hi Simon, > > Version 2.2.2 is not current any more. I would try to update to the > latest stable version 2.2.4 first, since some dsync bugs have been > fixed between 2.2.2 and 2.2.4: I've now upgraded to 2.2.4 (and pigeonhole 0.4.1 from 0.4.0 at the same time). I'm still experiencing the same problem, with both Maildir and mdbox format mailboxes. My test imap connection is to only one of the servers at a time - I can reproduce this using 'telnet server imap' and issuing "store +flags (\Deleted)" and expunge as well as deleting messages with a mail client. Thanks, Simon. -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. From sberthelot at emisfr.com Mon Jul 29 12:48:00 2013 From: sberthelot at emisfr.com (=?ISO-8859-1?Q?St=E9phane_BERTHELOT?=) Date: Mon, 29 Jul 2013 11:48:00 +0200 Subject: [Dovecot] Dovecot never release preallocated space in mdbox Message-ID: <51F63A50.9010002@emisfr.com> Hello everyone, I am currently evaluating dovecot for our new email production servers (20k+ mailboxes) and found out something strange. I'm using those settings on Dovecot 2.2.4 (x86_64 / Slackware / compiled from sources) mdbox_rotate_size = 128M mdbox_rotate_interval = 1d mdbox_preallocate_space = yes with virtual users and location like : mail_location = mdbox:~/mdbox I don't think the remaining config is relevant but ask me if you need some other parts. Using test accounts for 2 weeks now I've figured that the 128M preallocated space is never 'hole punched" (to use a similar term than "man fallocate" on Linux), even when rotating m.* files. From what I understand those files will never be appended again because of the mdbox_rotate_interval. Then doveadm purge creates new files so old ones would never grow again. Here is an example of a mdbox storage using ls -ls (which shows allocated VS used space) total 4065176 1884 -rw------- 1 mail mail 1926656 Jul 29 10:55 dovecot.map.index 4 -rw------- 1 mail mail 460 Jul 29 11:26 dovecot.map.index.log 48 -rw------- 1 mail mail 44304 Jul 29 10:55 dovecot.map.index.log.2 131072 -rw------- 1 mail mail 133165066 Jul 19 15:31 m.10 131072 -rw------- 1 mail mail 133507393 Jul 19 15:32 m.13 131072 -rw------- 1 mail mail 134155182 Jul 19 15:33 m.14 131072 -rw------- 1 mail mail 134213403 Jul 19 15:30 m.2 131072 -rw------- 1 mail mail 46464 Jul 21 04:30 m.21 131072 -rw------- 1 mail mail 134215030 Jul 19 15:30 m.3 131072 -rw------- 1 mail mail 25852 Jul 25 01:54 m.32 131072 -rw------- 1 mail mail 2360 Jul 26 00:05 m.34 131072 -rw------- 1 mail mail 169073 Jul 27 23:18 m.35 131072 -rw------- 1 mail mail 31624 Jul 27 01:55 m.36 131072 -rw------- 1 mail mail 134216982 Jul 28 04:30 m.37 131076 -rw------- 1 mail mail 134217804 Jul 28 04:30 m.38 131072 -rw------- 1 mail mail 134217341 Jul 28 04:30 m.39 131072 -rw------- 1 mail mail 134213719 Jul 19 15:30 m.4 131072 -rw------- 1 mail mail 29740970 Jul 28 04:30 m.40 131072 -rw------- 1 mail mail 129175917 Jul 28 04:30 m.41 131072 -rw------- 1 mail mail 133174937 Jul 28 04:30 m.42 131072 -rw------- 1 mail mail 633436 Jul 28 04:30 m.43 131072 -rw------- 1 mail mail 3154623 Jul 28 04:30 m.44 131072 -rw------- 1 mail mail 3676879 Jul 28 04:30 m.45 131072 -rw------- 1 mail mail 468158 Jul 28 04:30 m.46 131072 -rw------- 1 mail mail 26964 Jul 28 04:30 m.47 131072 -rw------- 1 mail mail 3574599 Jul 28 04:30 m.48 131072 -rw------- 1 mail mail 3789133 Jul 28 04:30 m.49 131072 -rw------- 1 mail mail 134215016 Jul 19 15:30 m.5 131072 -rw------- 1 mail mail 1280074 Jul 28 04:30 m.50 131076 -rw------- 1 mail mail 635459 Jul 28 22:47 m.51 131072 -rw------- 1 mail mail 1459418 Jul 29 10:55 m.52 131072 -rw------- 1 mail mail 132941013 Jul 29 11:26 m.53 131072 -rw------- 1 mail mail 134213475 Jul 19 15:30 m.7 131072 -rw------- 1 mail mail 132240074 Jul 19 15:31 m.9 There's a lot of "lost" space since preallocated space would only be reclaimed when *all* emails in m.X file have refcount=0 and after a doveadm purge call, if I read well the dovecot docs. On mailboxes patterns with low incoming mail (< 100kb / day) this would waste much space. Of course I can decrease rotate size a lot but it would then produce a lot of files and would certainly become similar performance-wise to sdbox/maildir/... There would certainly be smart to use something similar to "FALLOC_FL_PUNCH_HOLE" on rotation (when doing close() ?) so that when we're sure there won't be anymore data appended to file that the allocated space == used space. I will disable space preallocation for our next tests since it wastes much storage for us ; did you have any feedback on how much it may affect performance ? I found in this ML archives some messages about the implementation but didn't see anyone clearly stating how much better preallocation is. Thanks, best regards, Stephane Berthelot. From aoster at novanetwork.de Mon Jul 29 13:05:47 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Mon, 29 Jul 2013 12:05:47 +0200 Subject: [Dovecot] SOLVED for me: how to setup different quota for multiple namespaces In-Reply-To: References: <50EFE501.5060103@novanetwork.de> <50F811A0.6010802@novanetwork.de> <7791E2E2-E95B-4647-B054-920CE3101920@iki.fi> Message-ID: <51F63E7B.5050107@novanetwork.de> Am 04.02.2013 12:08, schrieb Steffen Kaiser: > On Tue, 22 Jan 2013, Timo Sirainen wrote: > > Hey, it works (for me) now: > > namespace { > type = private > separator = . > prefix = archive. > location = mdbox:/home/%u/archive > #subscriptions = no > #list = children > } > > plugin { > quota = dict:User quota::ns=:proxy::quota > quota2 = dict:Archive quota:%u.archive:ns=archive.:proxy::quota > quota2_rule = *:storage=1048576 > } > > Note the %u.archive _and_ ns=archive. ! The "%u.archive" is used as > "username" in the SQL table and you require another name (primary key) > there for both namespaces, see below. Seems to work for any type of > namespace. > > @Timo: I will going to document this setup in the Wiki unless you say > the syntax is wrong and/or works because of a bug only. > > :-) > > ================================== > > Old response with my debugging/findings for information only. > > ==== > > all the name spaces use one entry in the quota dict table, hence, > it does not work. > >> On 17.1.2013, at 16.58, Andreas Oster wrote: > >>>> I just saw on important difference in the doc and this configuration: >>>> >>>> see >>>> http://wiki2.dovecot.org/Quota/Configuration#Quota_for_public_namespaces >>>> >>>> >>>> the ns=name syntax is for _public_ namespaces only. I just tested it >>>> with this setup and every message is counted for both namespaces, if >>>> delivered into INBOX or a mailbox of the Archive namespace. > >> It should work for all namespaces. > >>>>> plugin { >>>>> quota = dict:User quota::proxy::quota >>>>> quota2 = dict:Archive quota:ns=Archive.:proxy::quota > >> quota = dict:User quota::ns=:proxy::quota >> quota2 = dict:Archive quota::ns=Archive.:proxy::quota > >> That should work? Worked at least in latest v2.1 hg. > > I use these settings now: > > # 2.1.14 (ea7e45c1da72+): > /usr/local/dovecot-2.1.14/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 > > [snip] > > dict { > quota = > pgsql:/usr/local/dovecot-2.1.14/etc/dovecot/dovecot-dict-sql.conf.ext > } > namespace { > location = mdbox:/home/%u/archive > prefix = archive. > separator = . > type = private > } > plugin { > quota = dict:User quota::ns=:proxy::quota > quota2 = dict:Archive quota::ns=archive.:proxy::quota > quota2_rule = *:storage=1048576 > quota_rule = *:storage=300MB > quota_rule2 = Trash:storage=+30M > } > > The problem is now, that there is one row in the quota dict SQL table, > that holds the quota of an user, e.g. doveadm quota recalc executes > these SQL statements: > > 2013-02-04 11:52:07 CET LOG: statement: BEGIN > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (bytes,username) VALUES ('2173894','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (messages,username) VALUES ('89','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: COMMIT > 2013-02-04 11:52:07 CET LOG: statement: BEGIN > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (bytes,username) VALUES ('2582','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (messages,username) VALUES ('2','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: COMMIT > > Deliveries to INBOX or a folder of "archive." yields: > > UPDATE quota SET bytes=bytes+1220,messages=messages+1 WHERE username = > 'dvtest1' > > This is true if I change the type of name spaces "archive" from "private" > into "shared" or "public". > > -- Steffen Kaiser > Hello Steffen, hello all I am still struggling to setup quota for multiple namespaces. In addition to the "INBOX" namespace I have created a namespaces called MailArchive which should have its own quota value of 5G per user. At first I configured quota2 like this: quota2 = maildir:MailArchive quota:ns=MailArchive/ quota2_rule = *:storage=5G and this seemd to work quite well. Users, accessing the MailArchive namespace can see the 5G limit in thair mail client, unfortunately in mail.err errors like these repeatedly appear: Jul 29 11:40:24 mailserver dovecot: imap(testuser): Error: quota: Unknown namespace: MailArchive/ Jul 29 11:41:43 dovecot: last message repeated 47 times In the WIKI I have read, that in order to have quota for different namespaces one would have to use different quota backends so I changed the quota config for the MailArchive namespace to SQL. namespace inbox { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe driver = special_use = \Drafts } mailbox Junk { auto = subscribe driver = special_use = \Junk } mailbox Sent { auto = subscribe driver = special_use = \Sent } mailbox "Sent Messages" { auto = no driver = special_use = \Sent } mailbox Trash { auto = subscribe driver = special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace { disabled = no hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:/var/vmail/archive/%Ln/Maildir mailbox "Archived Mails" { auto = subscribe driver = } prefix = MailArchive/ separator = / subscriptions = yes type = private } plugin { quota = maildir:User quota:ns= quota2 = dict:User quota:%u.mailarchive:ns=MailArchive/:proxy::sqlquota quota2_rule = *:storage=5G quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M } dict { sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } Unfortunately this did not change anything. Quota is working like expected but I still get the same errors in mail.err. I am currently using dovecot version 2.2.4. Thank you for your kind help best regards Andreas From aoster at novanetwork.de Mon Jul 29 13:05:47 2013 From: aoster at novanetwork.de (Andreas Oster) Date: Mon, 29 Jul 2013 12:05:47 +0200 Subject: [Dovecot] SOLVED for me: how to setup different quota for multiple namespaces In-Reply-To: References: <50EFE501.5060103@novanetwork.de> <50F811A0.6010802@novanetwork.de> <7791E2E2-E95B-4647-B054-920CE3101920@iki.fi> Message-ID: <51F63E7B.5050107@novanetwork.de> Am 04.02.2013 12:08, schrieb Steffen Kaiser: > On Tue, 22 Jan 2013, Timo Sirainen wrote: > > Hey, it works (for me) now: > > namespace { > type = private > separator = . > prefix = archive. > location = mdbox:/home/%u/archive > #subscriptions = no > #list = children > } > > plugin { > quota = dict:User quota::ns=:proxy::quota > quota2 = dict:Archive quota:%u.archive:ns=archive.:proxy::quota > quota2_rule = *:storage=1048576 > } > > Note the %u.archive _and_ ns=archive. ! The "%u.archive" is used as > "username" in the SQL table and you require another name (primary key) > there for both namespaces, see below. Seems to work for any type of > namespace. > > @Timo: I will going to document this setup in the Wiki unless you say > the syntax is wrong and/or works because of a bug only. > > :-) > > ================================== > > Old response with my debugging/findings for information only. > > ==== > > all the name spaces use one entry in the quota dict table, hence, > it does not work. > >> On 17.1.2013, at 16.58, Andreas Oster wrote: > >>>> I just saw on important difference in the doc and this configuration: >>>> >>>> see >>>> http://wiki2.dovecot.org/Quota/Configuration#Quota_for_public_namespaces >>>> >>>> >>>> the ns=name syntax is for _public_ namespaces only. I just tested it >>>> with this setup and every message is counted for both namespaces, if >>>> delivered into INBOX or a mailbox of the Archive namespace. > >> It should work for all namespaces. > >>>>> plugin { >>>>> quota = dict:User quota::proxy::quota >>>>> quota2 = dict:Archive quota:ns=Archive.:proxy::quota > >> quota = dict:User quota::ns=:proxy::quota >> quota2 = dict:Archive quota::ns=Archive.:proxy::quota > >> That should work? Worked at least in latest v2.1 hg. > > I use these settings now: > > # 2.1.14 (ea7e45c1da72+): > /usr/local/dovecot-2.1.14/etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 > > [snip] > > dict { > quota = > pgsql:/usr/local/dovecot-2.1.14/etc/dovecot/dovecot-dict-sql.conf.ext > } > namespace { > location = mdbox:/home/%u/archive > prefix = archive. > separator = . > type = private > } > plugin { > quota = dict:User quota::ns=:proxy::quota > quota2 = dict:Archive quota::ns=archive.:proxy::quota > quota2_rule = *:storage=1048576 > quota_rule = *:storage=300MB > quota_rule2 = Trash:storage=+30M > } > > The problem is now, that there is one row in the quota dict SQL table, > that holds the quota of an user, e.g. doveadm quota recalc executes > these SQL statements: > > 2013-02-04 11:52:07 CET LOG: statement: BEGIN > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (bytes,username) VALUES ('2173894','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (messages,username) VALUES ('89','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: COMMIT > 2013-02-04 11:52:07 CET LOG: statement: BEGIN > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: DELETE FROM quota WHERE > username = 'dvtest1' > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (bytes,username) VALUES ('2582','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: INSERT INTO quota > (messages,username) VALUES ('2','dvtest1') > 2013-02-04 11:52:07 CET LOG: statement: COMMIT > > Deliveries to INBOX or a folder of "archive." yields: > > UPDATE quota SET bytes=bytes+1220,messages=messages+1 WHERE username = > 'dvtest1' > > This is true if I change the type of name spaces "archive" from "private" > into "shared" or "public". > > -- Steffen Kaiser > Hello Steffen, hello all I am still struggling to setup quota for multiple namespaces. In addition to the "INBOX" namespace I have created a namespaces called MailArchive which should have its own quota value of 5G per user. At first I configured quota2 like this: quota2 = maildir:MailArchive quota:ns=MailArchive/ quota2_rule = *:storage=5G and this seemd to work quite well. Users, accessing the MailArchive namespace can see the 5G limit in thair mail client, unfortunately in mail.err errors like these repeatedly appear: Jul 29 11:40:24 mailserver dovecot: imap(testuser): Error: quota: Unknown namespace: MailArchive/ Jul 29 11:41:43 dovecot: last message repeated 47 times In the WIKI I have read, that in order to have quota for different namespaces one would have to use different quota backends so I changed the quota config for the MailArchive namespace to SQL. namespace inbox { disabled = no hidden = no ignore_on_failure = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe driver = special_use = \Drafts } mailbox Junk { auto = subscribe driver = special_use = \Junk } mailbox Sent { auto = subscribe driver = special_use = \Sent } mailbox "Sent Messages" { auto = no driver = special_use = \Sent } mailbox Trash { auto = subscribe driver = special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace { disabled = no hidden = no ignore_on_failure = no inbox = no list = yes location = maildir:/var/vmail/archive/%Ln/Maildir mailbox "Archived Mails" { auto = subscribe driver = } prefix = MailArchive/ separator = / subscriptions = yes type = private } plugin { quota = maildir:User quota:ns= quota2 = dict:User quota:%u.mailarchive:ns=MailArchive/:proxy::sqlquota quota2_rule = *:storage=5G quota_rule = *:storage=1G quota_rule2 = Trash:storage=+200M } dict { sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } Unfortunately this did not change anything. Quota is working like expected but I still get the same errors in mail.err. I am currently using dovecot version 2.2.4. Thank you for your kind help best regards Andreas From janfrode at tanso.net Mon Jul 29 15:06:05 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Mon, 29 Jul 2013 14:06:05 +0200 Subject: [Dovecot] Dovecot never release preallocated space in mdbox In-Reply-To: <51F63A50.9010002@emisfr.com> References: <51F63A50.9010002@emisfr.com> Message-ID: <20130729120605.GA13271@mushkin.tanso.net> On Mon, Jul 29, 2013 at 11:48:00AM +0200, St?phane BERTHELOT wrote: > > mdbox_rotate_size = 128M > mdbox_rotate_interval = 1d > mdbox_preallocate_space = yes > On mailboxes patterns with low incoming mail (< 100kb / day) this > would waste much space. Of course I can decrease rotate size a lot > but it would then produce a lot of files and would certainly become > similar performance-wise to sdbox/maildir/... 128MB is quite a large rotate size if you care about disk space.. We use the default 2 MB, which still packs quite a lot of messages per file compared to maildir. Single maildir-files seems to be around 5-30KB (compressed), which should amount to 50-400 messages per m-file. I don't think that should be similar to maildir/sdbox performance-wise. -jf From francis at thibault.org Mon Jul 29 15:13:03 2013 From: francis at thibault.org (John Stracke) Date: Mon, 29 Jul 2013 08:13:03 -0400 Subject: [Dovecot] Upgrading to dovecot2 broke IDLE on one mailer, but not another In-Reply-To: References: <51F18E65.2010203@thibault.org> Message-ID: <51F65C4F.3050609@thibault.org> On 07/29/2013 02:55 AM, Steffen Kaiser wrote: > Then you'll see if Kaiten issues an IDLE at all and you could also > cross check with other logs. Thanks! -- /==============================================================\ | John Stracke | http://www.thibault.org | HTML OK | | Fran?ois Thibault |---------------------------------------| | East Kingdom | "Okay, one more time, with *vowels*." | | francis at thibault.org | -- Ozy and Millie | \==============================================================/ From mwd at md5i.com Mon Jul 29 17:10:00 2013 From: mwd at md5i.com (Michael Welsh Duggan) Date: Mon, 29 Jul 2013 10:10:00 -0400 Subject: [Dovecot] Maildir permissions and Solr re-indexing Message-ID: <878v0p78zr.fsf@maru2.md5i.com> I am running a very small dovecot installation with only one user (me). I use the Solr indexer for indexing. Due to complicated reasons, I was forced to remove all the indexes and need to re-index everything. All the files in my Maildir are owned by md5i:mail (I am md5i), and have 660 permissions. All directories have the same user:group permissions, and 770 with the setguid bit set. (That last may not be necessary, but I was trying several things to get my use case to work.) Unfortunately, I can't seem to get re-indexing to work. When I do "doveadm fts rescan -A" as root, I get the following error for each of my subgroups: doveadm(md5i): Error: fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group based on /home/md5i/Maildir/.mail.test - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm) After this, each directory has a dovecot.index.log with md5i:md5i 600 permissions. I've read the mentioned page, and played around with the ideas on it, but haven't gotten things to work. Anyone have any clue to ship my way? -- Michael Welsh Duggan (md5i at md5i.com) From tss at iki.fi Mon Jul 29 18:54:31 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 29 Jul 2013 18:54:31 +0300 Subject: [Dovecot] zlib error when running doveadm In-Reply-To: <51ED4948.9040304@mlong.us> References: <51ED4948.9040304@mlong.us> Message-ID: <9C60F1A9-9E41-42B8-9034-78BB185C5BFC@iki.fi> On 22.7.2013, at 18.01, Michael Long wrote: > Upgraded to dovecot 2.2.4 from 2.1.16 > > Error I see is: > > doveadm(root): Error: Module is for different ABI version 2.1.16 (we have 2.2.ABIv3(2.2.4)): /usr/local/lib/dovecot/doveadm/lib10_doveadm_zlib_plugin.so > > How do I resolve this? Delete that file. v2.2 no longer has doveadm_zlib plugin, because it's built in (to lib-compression). From mwd at md5i.com Mon Jul 29 19:12:16 2013 From: mwd at md5i.com (Michael Welsh Duggan) Date: Mon, 29 Jul 2013 12:12:16 -0400 Subject: [Dovecot] Maildir permissions and Solr re-indexing References: <878v0p78zr.fsf@maru2.md5i.com> Message-ID: <87zjt55orj.fsf@maru2.md5i.com> I should have mentioned: dovecot 2.1.7 from Debian unstable. Michael Welsh Duggan writes: > I am running a very small dovecot installation with only one user (me). > I use the Solr indexer for indexing. Due to complicated reasons, I was > forced to remove all the indexes and need to re-index everything. > > All the files in my Maildir are owned by md5i:mail (I am md5i), and have > 660 permissions. All directories have the same user:group permissions, > and 770 with the setguid bit set. (That last may not be necessary, but > I was trying several things to get my use case to work.) > > Unfortunately, I can't seem to get re-indexing to work. When I do > "doveadm fts rescan -A" as root, I get the following error for each of my > subgroups: > > doveadm(md5i): Error: > fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, > group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group > based on /home/md5i/Maildir/.mail.test - see > http://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > After this, each directory has a dovecot.index.log with md5i:md5i 600 > permissions. > > I've read the mentioned page, and played around with the ideas on it, > but haven't gotten things to work. Anyone have any clue to ship my way? -- Michael Welsh Duggan (md5i at md5i.com) From mlong at mlong.us Mon Jul 29 19:22:39 2013 From: mlong at mlong.us (Michael Long) Date: Mon, 29 Jul 2013 12:22:39 -0400 Subject: [Dovecot] Problem switching from Dovecot LDA to LMTP - on dovecot 2.2.4 Message-ID: <51F696CF.5070508@mlong.us> Dovecot LDA has been working fine for me but when I tried to follow the wiki and switch to LMTP I get: Recipient address rejected: User unknown in local recipient table; In postfix/main.cf I went from: mailbox_transport = dovecot-spam to mailbox_transport = lmtp:unix:private/dovecot-lmtp Added this: service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } protocol lmtp { mail_fsync = optimized postmaster_address = postmaster at domainname mail_plugins = sieve zlib } And some other pertinent parts of the config: passdb { args = /etc/dovecot/passdb driver = passwd-file } passdb { driver = pam } protocol lda { mail_fsync = optimized auth_socket_path = /var/run/dovecot/auth-master deliver_log_format = msgid=%m: %$ mail_plugin_dir = /usr/local/lib/dovecot mail_plugins = sieve zlib postmaster_address = postmaster quota_full_tempfail = yes rejection_reason = Your message to <%t> was automatically rejected:%n%r lda_mailbox_autocreate = yes } From martin.bg at web.de Mon Jul 29 23:38:23 2013 From: martin.bg at web.de (Martin Burgraf) Date: Mon, 29 Jul 2013 22:38:23 +0200 (CEST) Subject: [Dovecot] LDA vs. LMTP Message-ID: Joseph Tam wrote: > I don't know why you would consider a background process inferior to a > run-on-demand executable. Well, the background process is hogging CPU and RAM while it basically does nothing. And when it's running as root there is always the danger of privilege escalation. LDA only runs when it's needed and since it uses only user rights it shoudbe more harmless. bye Martin From stan at hardwarefreak.com Tue Jul 30 00:32:40 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 29 Jul 2013 16:32:40 -0500 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: <51F61A08.4050702@mpifr-bonn.mpg.de> References: <51F61A08.4050702@mpifr-bonn.mpg.de> Message-ID: <51F6DF78.5090209@hardwarefreak.com> On 7/29/2013 2:30 AM, Jan Behrend wrote: > You cannot use the LDA method if SMTP and IMAP services reside on > different machines, which would be the case in larger scale mail system > setups. Which brings up an interesting point. With a single LMTP daemon on the Dovecot server communicating via a single socket with the upstream MTA over the wire, it would stand to reason that message throughput rate may be limited by serialization in the LMTP request/reply chain. There is no parallelism, and thus there is relatively high latency. In the case of LDA with an SMTP MTA on the local box, the potential exists for very high parallelism, and thus elimination of the latency in serial delivery over a single socket with LMTP. So in theory, while LDA in this scenario would consume far more resources with a very high message load, one should be able to attain much higher message throughput. I say in theory because I've not tested this head to head. -- Stan From ben at morrow.me.uk Tue Jul 30 02:05:44 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Tue, 30 Jul 2013 00:05:44 +0100 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: <51F6DF78.5090209@hardwarefreak.com> References: <51F61A08.4050702@mpifr-bonn.mpg.de> <51F6DF78.5090209@hardwarefreak.com> Message-ID: <20130729230542.GC4785@anubis.morrow.me.uk> At 4PM -0500 on 29/07/13 you (Stan Hoeppner) wrote: > On 7/29/2013 2:30 AM, Jan Behrend wrote: > > > You cannot use the LDA method if SMTP and IMAP services reside on > > different machines, which would be the case in larger scale mail system > > setups. > > Which brings up an interesting point. With a single LMTP daemon on the > Dovecot server communicating via a single socket with the upstream MTA > over the wire, it would stand to reason that message throughput rate may > be limited by serialization in the LMTP request/reply chain. There is > no parallelism, and thus there is relatively high latency. What makes you think an SMTP server delivering over LMTP only makes a single connection to the LMTP server? I believe Postfix by default makes a fresh connection for each delivery. Ben From jtam.home at gmail.com Tue Jul 30 03:14:41 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 29 Jul 2013 17:14:41 -0700 (PDT) Subject: [Dovecot] Maildir permissions and Solr re-indexing In-Reply-To: References: Message-ID: Michael Welsh Duggan writes: > All the files in my Maildir are owned by md5i:mail (I am md5i), and have > 660 permissions. All directories have the same user:group permissions, > and 770 with the setguid bit set. (That last may not be necessary, but > ... > > doveadm(md5i): Error: fchown(/home/md5i/Maildir/.mail.test/dovecot.index.log.newlock, group=8(mail)) failed: Operation not permitted (egid=1000(md5i), group based on /home/md5i/Maildir/.mail.test - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > After this, each directory has a dovecot.index.log with md5i:md5i 600 > permissions. I think the cause is clear enough: you (user=md5i/uid=1000) are not part of group mail (gid=8), so the dovecot user process doing things on your behalf cannot create index files that are anlogous to the mailbox it's indexing. You can either 1) add "md5i" to group mail 2) remove g+w permission on your mail files (making group membership irrelevant) 3) fiddle with "mail_privileged_group = mail", but I'm a little hazy on all the ramifications of this. I don't know your particular circumstances, so I don't know which is best. If (big if) nothing on your system (particularly the MTA) requires access to your mail spool files by running as group=mail, probably 2) is your best option. Joseph Tam From stan at hardwarefreak.com Tue Jul 30 05:20:20 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 29 Jul 2013 21:20:20 -0500 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: <20130729230542.GC4785@anubis.morrow.me.uk> References: <51F61A08.4050702@mpifr-bonn.mpg.de> <51F6DF78.5090209@hardwarefreak.com> <20130729230542.GC4785@anubis.morrow.me.uk> Message-ID: <51F722E4.1090901@hardwarefreak.com> On 7/29/2013 6:05 PM, Ben Morrow wrote: > At 4PM -0500 on 29/07/13 you (Stan Hoeppner) wrote: >> On 7/29/2013 2:30 AM, Jan Behrend wrote: >> >>> You cannot use the LDA method if SMTP and IMAP services reside on >>> different machines, which would be the case in larger scale mail system >>> setups. >> >> Which brings up an interesting point. With a single LMTP daemon on the >> Dovecot server communicating via a single socket with the upstream MTA >> over the wire, it would stand to reason that message throughput rate may >> be limited by serialization in the LMTP request/reply chain. There is >> no parallelism, and thus there is relatively high latency. You snipped the text where I stated this is a theoretical discussion, due to the high msg volume required to prove one over the other. That said, I'll gladly continue to postulate on the theoretical. > What makes you think an SMTP server delivering over LMTP only makes a > single connection to the LMTP server? I believe Postfix by default makes > a fresh connection for each delivery. No, Postfix by default uses connection caching w/both SMTP and LMTP: http://www.postfix.org/postconf.5.html#lmtp_cache_connection If the load is sufficiently high it will open additional connections, but it attempts to reuse existing connections as much as possible to eliminate additional connection setup delays, which can be considerable with SMTP servers. For instance some OPs insert 2 minute or longer greet delays as a (very crude) anti spam bot measure. Connection caching is an SMTP optimization, and not nearly as beneficial to LMTP. The Postfix SMTP/LMTP clients are literally the same code. -- Stan From h.reindl at thelounge.net Tue Jul 30 10:31:04 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 30 Jul 2013 09:31:04 +0200 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: <51F76BB8.2060606@thelounge.net> Am 29.07.2013 22:38, schrieb Martin Burgraf: > Well, the background process is hogging CPU why should it do that if it is idle? > and RAM while it basically does nothing. guess what takes more RAM one long-running prcoess or 5 LDA processes because you get 5 messages at the same time and guess what takes more CPU - a idle process waiting on a new connection or fireup a whole new process all day long -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From tss at iki.fi Tue Jul 30 13:01:29 2013 From: tss at iki.fi (Timo Sirainen) Date: Tue, 30 Jul 2013 13:01:29 +0300 Subject: [Dovecot] constant Log synchronization error's In-Reply-To: <51E27B0D.1050706@alleroedderne.adsl.dk> References: <51E27B0D.1050706@alleroedderne.adsl.dk> Message-ID: <893ED8EA-983A-46D8-BA6D-431356221ADD@iki.fi> On 14.7.2013, at 13.18, Kim Bisgaard wrote: > 11:45:57 Y dovecot: imap(X): Error: Log synchronization error at seq=6,offset=156 for /var/mail/X/mdbox/mailboxes/Junk/dbox-Mails/dovecot.index: Extension header update points outside header size .. > # 2.2.4: /etc/dovecot/dovecot.conf This is actually a bug that is fixed already in hg.. I really should have released v2.2.5 already. I guess I'll do that this week after reading this mailing list and fixing any other new issues. From tss at iki.fi Tue Jul 30 13:10:38 2013 From: tss at iki.fi (Timo Sirainen) Date: Tue, 30 Jul 2013 13:10:38 +0300 Subject: [Dovecot] Dovecot v2.2.4 (ebbe00999da8) doveadm crash In-Reply-To: <51E57DDD.6090200@gmx.de> References: <51E57DDD.6090200@gmx.de> Message-ID: <76E43277-6B6B-46E6-A7FC-36F5193D03E2@iki.fi> On 16.7.2013, at 20.07, e-frog wrote: > Current Dovecot v2.2 HG crashes using the following command: > > $ doveadm mailbox status -A -t unseen 'virtual/unread' > > #0 i_stream_next_line (stream=0x0) at istream.c:382 > 382 istream.c: No such file or directory. > (gdb) bt full > #0 i_stream_next_line (stream=0x0) at istream.c:382 > _stream = > pos = > #1 0xb754656b in auth_master_user_list_next (ctx=0xb91bfbd8) at auth-master.c:689 > line = Fixed the crash: http://hg.dovecot.org/dovecot-2.2/rev/0cab916b28c6 Although the real problem I think is that you didn't have permissions to connect to the auth-userdb socket. From Jost.Krieger+dovecot at rub.de Fri Jul 26 14:11:55 2013 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 26 Jul 2013 13:11:55 +0200 Subject: [Dovecot] dovecot-lda not logging if dovecot runs under daemontools In-Reply-To: <3718ec4c6067456bfb47af6c69d712f5@sagredo.eu> References: <3718ec4c6067456bfb47af6c69d712f5@sagredo.eu> Message-ID: <20130726111155.GT18874@ruhr-uni-bochum.de> On Fri Jul 26 12:49:08 2013, Roberto Puzzanghera wrote: > I have dovecot running under daemontools and I can't see dovecot-lda > in action when I read the logs. I've set the logs to /dev/stderr > because daemontools redirects /dev/stderr to > /var/log/dovecot/current. Dovecot-lda runs under qmail, so you'll find the output in qmail's logs. If you run, say, doveadm manually, the output will be on your terminal. Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From tss at iki.fi Tue Jul 30 13:28:36 2013 From: tss at iki.fi (Timo Sirainen) Date: Tue, 30 Jul 2013 13:28:36 +0300 Subject: [Dovecot] 2.2.4 - quota-status changing the user it is running as In-Reply-To: References: Message-ID: On 14.7.2013, at 19.54, Axel Luttgens wrote: > and messages for that user are correctly rejected by lmtp: > > dovecot[4989]: lmtp(5069, john.doe at example.com): QWSWLgrP4lF7FAAA5Q0ykw: msgid=<20130714161643.9085DF176F2 at ALMba.local>: save failed to INBOX: Quota exceeded (mailbox for user is full) > > Going on with our telnet session: > > recipient=john.doe at example.com > size=10000 > > action=OK > > Hmmm... OK, this may be a config problem of mine which may require further investigation. Did you solve this? > and a look at the log indeed reveals that quota-status doesn't have sufficient privileges anymore: > > dovecot[4989]: quota-status(john.doe at example.com): Error: user john.doe at example.com: Error reading configuration: net_connect_unix(/_ROOT/var/run/dovecot/config) failed: Permission denied > > Is this the expected behavior, to have quota-status switch to another user? Either one of these fixes would be sufficient: http://hg.dovecot.org/dovecot-2.2/rev/2470bb9106b0 http://hg.dovecot.org/dovecot-2.2/rev/51b8020b29f6 Yet another possibility would be to use service { service_count=1 } to recreate the process every time. From Jost.Krieger+dovecot at rub.de Tue Jul 30 13:35:24 2013 From: Jost.Krieger+dovecot at rub.de (Jost Krieger) Date: 30 Jul 2013 12:35:24 +0200 Subject: [Dovecot] dovecot-lda not logging if dovecot runs under daemontools In-Reply-To: References: <3718ec4c6067456bfb47af6c69d712f5@sagredo.eu> <20130726111155.GT18874@ruhr-uni-bochum.de> Message-ID: <20130730103524.GB32299@ruhr-uni-bochum.de> On Fri Jul 26 14:51:30 2013, Roberto Puzzanghera wrote: > > Hi Jost, thanks for your reply. > > Il 26.07.2013 13:11 Jost Krieger ha scritto: > >Dovecot-lda runs under qmail, so you'll find the output in qmail's > >logs. If you run, say, doveadm manually, the output will be on your > >terminal. > > I didn't explain myself very well. The qmail's log > /var/log/dovecot/current doesn't show the lda output as expected. I That's dovecot's log, not qmail's. > see onlythe output of imap and pop3. Anyway, running dovecot > manually or as daemon in the normal way (without daemontools) show > the lda output in the log. You are logging to stderr, in the delivery case that means qmail-local's output. This is somewhere in a place like /var/qmal/logs/qmail/current and looks similar to @4000000051f793e218f78c54 delivery 847552: success: lda(xxxxxxxx):_Info:_msgid=<20130730102215.ECB48809E9 at carlos.noc.ruhr-uni-bochum.de>:_saved_mail_to_NOC-Order/did_0+0+1/ Yours Jost Krieger -- | Jost.Krieger+sig at ruhr-uni-bochum.de Please help stamp out spam! | | Postmaster, JAPH, resident answer machine at RUB Comp. Center | | Sincere words are not sweet, sweet words are not sincere. | | Lao Tse, Tao Te King 81 | From e-frog at gmx.de Tue Jul 30 15:08:39 2013 From: e-frog at gmx.de (e-frog) Date: Tue, 30 Jul 2013 14:08:39 +0200 Subject: [Dovecot] Dovecot v2.2.4 (ebbe00999da8) doveadm crash In-Reply-To: <76E43277-6B6B-46E6-A7FC-36F5193D03E2@iki.fi> References: <51E57DDD.6090200@gmx.de> <76E43277-6B6B-46E6-A7FC-36F5193D03E2@iki.fi> Message-ID: <51F7ACC7.8050500@gmx.de> On 30.07.2013 12:10, wrote Timo Sirainen: > On 16.7.2013, at 20.07, e-frog wrote: > >> Current Dovecot v2.2 HG crashes using the following command: >> >> $ doveadm mailbox status -A -t unseen 'virtual/unread' >> >> #0 i_stream_next_line (stream=0x0) at istream.c:382 >> 382 istream.c: No such file or directory. >> (gdb) bt full >> #0 i_stream_next_line (stream=0x0) at istream.c:382 >> _stream = >> pos = >> #1 0xb754656b in auth_master_user_list_next (ctx=0xb91bfbd8) at auth-master.c:689 >> line = > > Fixed the crash: http://hg.dovecot.org/dovecot-2.2/rev/0cab916b28c6 > Thanks, with this change I get an error message instead of the crash: doveadm(test1 at local.lan): Fatal: seteuid(0) failed: Operation not permitted > Although the real problem I think is that you didn't have permissions to connect to the auth-userdb socket. > Hmm, doveadm is running as user 'vmail' and auth-userdb socket has the following permissions: srw------- 1 vmail root 0 Jul 30 13:12 auth-userdb Which I think should work and actually has worked with all v2.2.x versions so far... From admin at sagredo.eu Tue Jul 30 15:40:40 2013 From: admin at sagredo.eu (Roberto Puzzanghera) Date: Tue, 30 Jul 2013 14:40:40 +0200 Subject: [Dovecot] dovecot-lda not logging if dovecot runs under daemontools In-Reply-To: <20130730103524.GB32299@ruhr-uni-bochum.de> References: <3718ec4c6067456bfb47af6c69d712f5@sagredo.eu> <20130726111155.GT18874@ruhr-uni-bochum.de> <20130730103524.GB32299@ruhr-uni-bochum.de> Message-ID: <6ba680b20b99720a6ab321e4c6ed228c@sagredo.eu> Thank you, Jost. The lda output is actually logged on qmail-send's log regards, Roberto Puzzanghera Il 30.07.2013 12:35 Jost Krieger ha scritto: > On Fri Jul 26 14:51:30 2013, Roberto Puzzanghera wrote: >> >> Hi Jost, thanks for your reply. >> >> Il 26.07.2013 13:11 Jost Krieger ha scritto: > >> >Dovecot-lda runs under qmail, so you'll find the output in qmail's >> >logs. If you run, say, doveadm manually, the output will be on your >> >terminal. >> >> I didn't explain myself very well. The qmail's log >> /var/log/dovecot/current doesn't show the lda output as expected. I > > That's dovecot's log, not qmail's. > >> see onlythe output of imap and pop3. Anyway, running dovecot >> manually or as daemon in the normal way (without daemontools) show >> the lda output in the log. > > You are logging to stderr, in the delivery case that means > qmail-local's > output. This is somewhere in a place like /var/qmal/logs/qmail/current > and looks similar to > > @4000000051f793e218f78c54 delivery 847552: success: > lda(xxxxxxxx):_Info:_msgid=<20130730102215.ECB48809E9 at carlos.noc.ruhr-uni-bochum.de>:_saved_mail_to_NOC-Order/did_0+0+1/ > > Yours > Jost Krieger From raabe at froglogic.com Tue Jul 30 15:55:06 2013 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 30 Jul 2013 14:55:06 +0200 Subject: [Dovecot] Calling dovecot-lda correctly from exim for virtual user setup Message-ID: <187f7a76e122c8604515305d36f8d57a@roundcube.froglogic.com> Hi, I'm running Dovecot 2.1.7 on Debian. Exim is the MTA. I was recently made aware of the fact that the way in which Exim invokes dovecot-lda is prone to code injection: dovecot_virtual_delivery: driver = pipe command = HOME=/home/vmail/\$local_part /usr/lib/dovecot/dovecot-lda -f \$sender_address use_shell .. I.e. a command is executed via the shell, and Exim uses non-sanitized user input (mail header fields) to construct the command. Now, the reason I invoked dovecot like that is to pass a plausible value for the HOME environment variable, so that dovecot-lda can determine where the Maildir directory of the recipient is. Is there any way to achieve this without requiring HOME to be set correctly? I looked at the -m switch but as far as I can see that merely defines the destination mailbox, but not the path to the Maildir directory, correct? -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From raabe at froglogic.com Tue Jul 30 16:09:39 2013 From: raabe at froglogic.com (Frerich Raabe) Date: Tue, 30 Jul 2013 15:09:39 +0200 Subject: [Dovecot] Calling dovecot-lda correctly from exim for virtual user setup In-Reply-To: <187f7a76e122c8604515305d36f8d57a@roundcube.froglogic.com> References: <187f7a76e122c8604515305d36f8d57a@roundcube.froglogic.com> Message-ID: <96e9625802471a292fc0ece7b5de3087@roundcube.froglogic.com> On 2013-07-30 14:55, Frerich Raabe wrote: > Now, the reason I invoked dovecot like that is to pass a plausible > value for the HOME environment variable, so that dovecot-lda can > determine where the Maildir directory of the recipient is. ...for the sake of completeness: this stems from the fact that I use mail_location = maildir:~/Maildir in my dovecot.conf -- Frerich Raabe - raabe at froglogic.com www.froglogic.com - Multi-Platform GUI Testing From tlx at leuxner.net Tue Jul 30 16:20:47 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Tue, 30 Jul 2013 15:20:47 +0200 Subject: [Dovecot] Postfix aliases with quota-status service Message-ID: <20130730132047.GA31198@nihlus.leuxner.net> The latest HG commits seem to have fixed some underlying problems with the 'quota-status' service. Now doing some quick tests I wonder if this can be used with aliases on the Postfix side. Appears the 'check_policy_service' used in the example below will query existing users via Dovecot's Auth Backend: http://sys4.de/en/blog/2013/04/05/dovecot-quota-mit-postfix-abfragen/ http://www.postfix.org/SMTPD_POLICY_README.html This works fine for Dovecot user 'philo' where the mail is rejected upfront before it enters the queue: ==> /var/log/mail.log <== Jul 30 13:41:18 spectre postfix/smtpd[31072]: NOQUEUE: reject: RCPT from host.example.com[1.2.3.4]: 554 5.2.2 : Recipient address rejected: Quota exceeded (mailbox for use r is full); from= to= proto=ESMTP helo= Now user 'gunge' is an alias for 'philo' in Postfix, thus the quota check will not recognize the user, will queue the message and reject it at the MDA stage: ==> /var/log/mail.log <== Jul 30 14:41:02 spectre postfix/lmtp[31460]: 3c4HSD5ZkBzBP: to=, orig_to=, relay=spectre.leuxner.net[private/dovecot-lmtp], delay=1.2, delays=1.1/0.01/0/0.13, dsn=4.2.2, status=deferred (host spectre.leuxner.net[private/dovecot-lmtp] said: 452 4.2.2 Quota exceeded (mailbox for user is full) (in reply to end of DATA command)) This is probably intended behaviour, just want to make sure that I'm not missing a point here. For now the only fix that comes to my mind to create "quota aware" aliases - is creating 'dummy' users in Dovecot which point to the same mailbox rather than performing aliasing on the Postfix end. Open to suggestions... Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From AxelLuttgens at swing.be Tue Jul 30 21:36:54 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 30 Jul 2013 20:36:54 +0200 Subject: [Dovecot] 2.2.4 - quota-status changing the user it is running as In-Reply-To: References: Message-ID: <90360D60-DD05-4DB8-A0B7-3372B6083461@swing.be> Le 30 juil. 2013 ? 12:28, Timo Sirainen a ?crit : > On 14.7.2013, at 19.54, Axel Luttgens wrote: > >> [...] >> >> Going on with our telnet session: >> >> recipient=john.doe at example.com >> size=10000 >> >> action=OK >> >> Hmmm... OK, this may be a config problem of mine which may require further investigation. > > Did you solve this? Hello Timo, Nice to read from you. Unfortunately, no; I'm still stuck with that problem, as described in: http://www.dovecot.org/list/dovecot/2013-July/091462.html >> [...] >> >> Is this the expected behavior, to have quota-status switch to another user? > > Either one of these fixes would be sufficient: > > http://hg.dovecot.org/dovecot-2.2/rev/2470bb9106b0 > http://hg.dovecot.org/dovecot-2.2/rev/51b8020b29f6 Thanks! Do you really mean "either", not "both"? I ask, because those patches seem to intervene at quite different levels (but I guess I'll have, one day or another, to get more acquainted with Dovecot's coding, so as not to come with such silly questions...). > Yet another possibility would be to use service { service_count=1 } to recreate the process every time. Yes, but I fear some inefficiencies with such an extreme setting; in fact, I hoped to rely on Postfix for managing the service's life cycle. Best Regards, Axel From claude.xavier at gmail.com Tue Jul 30 23:10:52 2013 From: claude.xavier at gmail.com (Xavier Claude) Date: Tue, 30 Jul 2013 22:10:52 +0200 Subject: [Dovecot] Unable to use dovecot-antispam plugin In-Reply-To: References: <1458010.NeIMt30kEy@linux-s4x4.site> Message-ID: <4481015.sSPuMHpFBG@linux-s4x4.site> Le lundi 29 juillet 2013 08:51:17 Steffen Kaiser a ?crit : > On Sat, 27 Jul 2013, Xavier Claude wrote: > > > 2.1.7), but it's not working, each time I put a mail in the "Spam" > > Turn on logging and the mail_log plugin: > > http://wiki2.dovecot.org/Logging > http://wiki2.dovecot.org/Plugins/MailLog Thank you it shows that there is no action when I try to move the mail to the Spam directory. Here is the results when I move the mail from the Inbox to the Draft directory and back to the Inbox : Jul 30 22:01:46 twoflowers dovecot: imap(xavier): copy from INBOX: box=Drafts, uid=7, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 Jul 30 22:01:46 twoflowers dovecot: imap(xavier): delete: box=INBOX, uid=9, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 Jul 30 22:01:47 twoflowers dovecot: imap(xavier): expunge: box=Drafts, uid=6, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 Jul 30 22:01:51 twoflowers dovecot: imap(xavier): copy from Drafts: box=INBOX, uid=11, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 Jul 30 22:01:51 twoflowers dovecot: imap(xavier): delete: box=Drafts, uid=7, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=75 But when I move the mail to the spam directory, there is nothing in the log. > > > folder, it is send in its original folder. What bother me the most is > > What was the "original folder"? Maybe Junk? try to turn off Junk filtering > by the mail client. With mail_log enabled you'll see many actions of your > client. The original folder was the Inbox. It's a dedicated mail account to test the antispam plugin, so there is no filtering by the client. Here is my config with the logging enabled : # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.14-std-ipv6-64 x86_64 Debian 7.1 mail_debug = yes mail_location = maildir:~/Maildir mail_plugins = " mail_log notify" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { antispam_allow_append_to_spam = yes antispam_backend = dspam antispam_debug_target = syslog antispam_dspam_args = --user;%Lu;--deliver=spam,innocent;--source=error;--signature=%%s antispam_dspam_binary = /usr/bin/dspam antispam_dspam_notspam = --class=innocent antispam_dspam_result_header = X-DSPAM-Result antispam_dspam_spam = --class=spam antispam_signature = X-DSPAM-Signature antispam_signature_missing = error antispam_spam = SPAM;Spam antispam_trash = trash;Trash;Deleted Items; Deleted Messages mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap sieve" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } ssl_cert = References: Message-ID: Martin Burgraf writes: > > I don't know why you would consider a background process inferior to a > > run-on-demand executable. > > Well, the background process is hogging CPU and RAM while it basically > does nothing. "Hogging" CPU and memory is putting it strongly, as it is basically suspended while blocked on waiting for a connection, and if left for a long time in an idle state, might be swapped out to disk and not consuming (real) memory, or consuming real memory that isn't in use otherwise. As I stated before, the resource usage is small compared with all the other stuff going on, so if you don't have a busy mail server, I don't think you should sweat the difference. The benefits of LMTP should increase with load, as having LMTP resident will save you the overhead of repeatedly loading/unloading LDA, and I'm sure the CPU and memory usage of servicing that overhead will be non-trivial. If you have oodles of memory, then it's no problem keeping a LMTP resident. If you don't have enough memory and are VM disk thrashing, you'll have other problems and LDA/LMTP is the least of your worries. > And when it's running as root there is always the danger > of privilege escalation. LDA only runs when it's needed and since it > uses only user rights it shoudbe more harmless. I didn't contest the privilege separation aspect, as it a necessary design trade-off that one daemon doing things for all user will need overriding access. However, if this is a concern, you can virtualize all your users. LMTP can theoretically be subverted, but at least won't be as root. (I'm assuming LMTP stays as root, and not spawning off user processes to do the real work.) Joseph Tam From ben at morrow.me.uk Wed Jul 31 04:37:57 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 31 Jul 2013 02:37:57 +0100 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: References: Message-ID: <20130731013757.GD4785@anubis.morrow.me.uk> At 3PM -0700 on 30/07/13 you (Joseph Tam) wrote: > Martin Burgraf writes: > > > And when it's running as root there is always the danger > > of privilege escalation. LDA only runs when it's needed and since it > > uses only user rights it shoudbe more harmless. > > I didn't contest the privilege separation aspect, as it a necessary > design trade-off that one daemon doing things for all user will need > overriding access. However, if this is a concern, you can virtualize > all your users. LMTP can theoretically be subverted, but at least won't > be as root. (I'm assuming LMTP stays as root, and not spawning off user > processes to do the real work.) It doesn't stay as root; Dovecot's LMTP switches down to the user's uid to perform delivery, including sieve scripts. The security concerns are in fact very similar to LDA: for LDA delivery with (say) Postfix, you have local(8) running as root and switching down to the user to invoke the LDA, while for LMTP the Postfix lmtp(8) process runs as an unprivileged Postfix user and the LMTP server runs as root and switches down. AFAICS the LMTP conversation itself happens as root, though, which is a shame; I might think twice about exposing it directly over the network. Ben From skdovecot at smail.inf.fh-brs.de Wed Jul 31 09:51:11 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 31 Jul 2013 08:51:11 +0200 (CEST) Subject: [Dovecot] Unable to use dovecot-antispam plugin In-Reply-To: <4481015.sSPuMHpFBG@linux-s4x4.site> References: <1458010.NeIMt30kEy@linux-s4x4.site> <4481015.sSPuMHpFBG@linux-s4x4.site> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 30 Jul 2013, Xavier Claude wrote: > Le lundi 29 juillet 2013 08:51:17 Steffen Kaiser a ?crit : >> On Sat, 27 Jul 2013, Xavier Claude wrote: >> >>> 2.1.7), but it's not working, each time I put a mail in the "Spam" >> >> Turn on logging and the mail_log plugin: >> >> http://wiki2.dovecot.org/Logging >> http://wiki2.dovecot.org/Plugins/MailLog > > Thank you it shows that there is no action when I try to move the mail to the Spam directory. Here is the results when I move the mail from the Inbox to the Draft directory and back to the Inbox : > > Jul 30 22:01:46 twoflowers dovecot: imap(xavier): copy from INBOX: box=Drafts, uid=7, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 > Jul 30 22:01:46 twoflowers dovecot: imap(xavier): delete: box=INBOX, uid=9, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 > Jul 30 22:01:47 twoflowers dovecot: imap(xavier): expunge: box=Drafts, uid=6, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 > Jul 30 22:01:51 twoflowers dovecot: imap(xavier): copy from Drafts: box=INBOX, uid=11, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=753 > Jul 30 22:01:51 twoflowers dovecot: imap(xavier): delete: box=Drafts, uid=7, msgid=<20130717220057.586ddd0c at linux-s4x4.site>, size=75 > > But when I move the mail to the spam directory, there is nothing in the log. To narrow down the problem, could you: a) add "Drafts" to antispam_spam and try again with Drafts,& a) disable antispam and try to move a message to Spam again. The config looks fine. Do you have no error in the logs or in syslog? I wonder if your client moves the message to Spam at all ... . - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUfiz313r2wJMiz2NAQIWlAgAoPR1TAKWdxzKw5U8L8EQQMBM/qVSdInO DWepGhti47+omsw0GJa8fswMIWsOw5cFWlYcBkdSiKezg8wk4+HIEuCajtgo3bWK r2V5NuW9qgty7nZ2Zt5cKOb4FR/I3bygHYwYGy6hry5M/Eiqy4UJyjS1Z1ct2Vsm qRKRpKvi2eirzN4p14BO3fpYEKpEclbc3fNxJCQkFrMbZ4CeovzLWsCw9QLCtRMM B/O/jVFEGkrbvPeOUd8/219fNU0pM1fUkOV5b4sdrw0VmIh7pDeQKOCrZvJnhcl+ doTTRohqLbKudZI9T9Jl7TVhwAxC/CoH3L7Fcim7u3NBk0EHhXaFfg== =Vfhc -----END PGP SIGNATURE----- From stan at hardwarefreak.com Wed Jul 31 11:25:43 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 31 Jul 2013 03:25:43 -0500 Subject: [Dovecot] LDA vs. LMTP In-Reply-To: <20130731013757.GD4785@anubis.morrow.me.uk> References: <20130731013757.GD4785@anubis.morrow.me.uk> Message-ID: <51F8CA07.3000003@hardwarefreak.com> On 7/30/2013 8:37 PM, Ben Morrow wrote: > At 3PM -0700 on 30/07/13 you (Joseph Tam) wrote: >> Martin Burgraf writes: >> >>> And when it's running as root there is always the danger >>> of privilege escalation. LDA only runs when it's needed and since it >>> uses only user rights it shoudbe more harmless. >> >> I didn't contest the privilege separation aspect, as it a necessary >> design trade-off that one daemon doing things for all user will need >> overriding access. However, if this is a concern, you can virtualize >> all your users. LMTP can theoretically be subverted, but at least won't >> be as root. (I'm assuming LMTP stays as root, and not spawning off user >> processes to do the real work.) > > It doesn't stay as root; Dovecot's LMTP switches down to the user's uid > to perform delivery, including sieve scripts. The security concerns are > in fact very similar to LDA: for LDA delivery with (say) Postfix, you > have local(8) running as root and switching down to the user to invoke > the LDA, while for LMTP the Postfix lmtp(8) process runs as an > unprivileged Postfix user and the LMTP server runs as root and switches > down. > > AFAICS the LMTP conversation itself happens as root, though, which is a > shame; I might think twice about exposing it directly over the network. Shouldn't a few iptables/pf rules be able to substantially mitigate this potential problem? I.e. restrict which hosts a given host is allowed to speak LMTP with. -- Stan From bschmidt at cms.hu-berlin.de Wed Jul 31 15:05:13 2013 From: bschmidt at cms.hu-berlin.de (Burckhard Schmidt) Date: Wed, 31 Jul 2013 14:05:13 +0200 Subject: [Dovecot] LMTP: userdb lookup - user-filter with variables Message-ID: <51F8FD79.8040408@cms.hu-berlin.de> I tried to use dovcots lmtp instead of dovecot-lda. postfix has in master.cf ... dovecot-lda -f ... -d ${user} to separate the user part from user at hostname.domain. So lookup of "user" succeeds in userdb (LDAP) done by dovecot-lda. I have always local addresses like to= postfix/lmtp[6579]: [ID 197553 mail.info] B3CDA66A16: to= With lmtp the userpart must be separated also. I tried user_filter (LDAP) with %n, %Ln, %8n without success: userdb lookup: user at hostname.domain doesn't exist) dovecot-2.1.17 I used "doveadm user h0094slk" and "doveadm user h0094slk at mailstore4.hu-berlin.de" for my tests. userdb { driver = ldap args = /usr/dovecot/etc/ldapuser.conf } and ldapuser.conf with ... user_filter = (&(uid=%n) (objectClass=cmsAccount)) user_attrs = homeDirectory=home I modified user_filter like uid=%Ln or uid=%8u success for doveadm user h0094slk (because nothing to split) userdb: h0094slk home : /home/p0094/h0094slk but no success for doveadm user h0094slk at mailstore4.hu-berlin.de userdb lookup: user h0094slk at mailstore4.hu-berlin.de doesn't exist It looks for me like user_filter do not use variables at this point? What I'm missing? -- Mit freundlichen Gr??en --- Burckhard Schmidt Abteilung Systemsoftware und Kommunikation ZE Computer- und Medienservice der Humboldt-Universit?t zu Berlin Postanschrift: Unter den Linden 6, 10099 Berlin Standort: Rudower Chaussee 26; 12489 Berlin Tel.: +49-30-2093-70058 Fax: +49-30-2093-2959 Mail: bschmidt at cms.hu-berlin.de From bschmidt at cms.hu-berlin.de Wed Jul 31 17:42:57 2013 From: bschmidt at cms.hu-berlin.de (Burckhard Schmidt) Date: Wed, 31 Jul 2013 16:42:57 +0200 Subject: [Dovecot] LMTP: userdb lookup - user-filter with variables In-Reply-To: <51F8FD79.8040408@cms.hu-berlin.de> References: <51F8FD79.8040408@cms.hu-berlin.de> Message-ID: <51F92271.8070203@cms.hu-berlin.de> Am 31.07.2013 14:05, schrieb Burckhard Schmidt: > I tried to use dovcots lmtp instead of dovecot-lda. > postfix has in master.cf ... dovecot-lda -f ... -d ${user} to separate > the user part from user at hostname.domain. > So lookup of "user" succeeds in userdb (LDAP) done by dovecot-lda. > > I have always local addresses like to= > postfix/lmtp[6579]: [ID 197553 mail.info] B3CDA66A16: > to= > > With lmtp the userpart must be separated also. I tried user_filter > (LDAP) with %n, %Ln, %8n without success: userdb lookup: > user at hostname.domain doesn't exist) Missing charachters "@.-" in auth_username_chars prevents user at host.domain to be a valid address at all. > > dovecot-2.1.17 > I used "doveadm user h0094slk" and > "doveadm user h0094slk at mailstore4.hu-berlin.de" > for my tests. > > userdb { > driver = ldap > args = /usr/dovecot/etc/ldapuser.conf > } > and ldapuser.conf with > ... > user_filter = (&(uid=%n) (objectClass=cmsAccount)) > user_attrs = homeDirectory=home > > I modified user_filter like uid=%Ln or uid=%8u > > success for doveadm user h0094slk (because nothing to split) > userdb: h0094slk > home : /home/p0094/h0094slk > > but no success for > doveadm user h0094slk at mailstore4.hu-berlin.de > userdb lookup: user h0094slk at mailstore4.hu-berlin.de doesn't exist > > It looks for me like user_filter do not use variables at this point? > What I'm missing? > -- Mit freundlichen Gr??en --- Burckhard Schmidt Abteilung Systemsoftware und Kommunikation ZE Computer- und Medienservice der Humboldt-Universit?t zu Berlin Postanschrift: Unter den Linden 6, 10099 Berlin Standort: Rudower Chaussee 26; 12489 Berlin Tel.: +49-30-2093-70058 Fax: +49-30-2093-2959 Mail: bschmidt at cms.hu-berlin.de From asai at globalchangemusic.org Wed Jul 31 18:21:06 2013 From: asai at globalchangemusic.org (Asai) Date: Wed, 31 Jul 2013 08:21:06 -0700 Subject: [Dovecot] Lowering Log Levels Back to Defaults Message-ID: <51F92B62.8050703@globalchangemusic.org> Greetings, I'm sorry for asking what may be a really obvious question, but I'm having a hard time turning off logging, or at least getting less verbose logging. My dsync logs are about 7 MB daily, and I'm trying to get that switched off. At one point I had it on a lower level of verbosity, and I turned it up for debugging purposes, but now I cannot seem to turn it back down, which is something I did many times before. For example the logs are getting tons of Info level messages. dsync(asai at globalchangemusic.org): Info: expunge: box=Trash, uid=61625, msgid=, size=9586 In dovecot.conf I have commented out the following include, which used to lower the log levels back to the defaults, but I've upgraded Dovecot recently to 2.2.4 from 2.1 something: #!include conf.d/10-logging.conf I had the default levels raised in that config file. I'm not sure this helps but: [vmail at triata ~]# doveconf -n # 2.2.4: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5xen x86_64 CentOS release 5.5 (Final) ext3 auth_mechanisms = plain login mail_home = /vmail/%d/%n/home mail_location = maildir:/vmail/%d/%n mail_plugins = " mail_log notify" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-mysql.conf driver = sql } plugin { sieve = /vmail/%d/%n/sievescript } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } unix_listener auth-userdb { mode = 0660 user = vmail } user = root } service imap-login { process_min_avail = 3 service_count = 0 vsz_limit = 0 } ssl_cert =