From professa at dementianati.com Fri Mar 1 00:03:22 2013 From: professa at dementianati.com (Professa Dementia) Date: Thu, 28 Feb 2013 14:03:22 -0800 Subject: [Dovecot] Disallow Deletion from Trash Folder In-Reply-To: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> References: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> Message-ID: <512FD42A.5000807@dementianati.com> On 2/28/2013 12:40 PM, Bradley Rintoul wrote: > Hello: > > I've been tasked with trying to find a way to keep users from ever "permanently" > deleting emails. The users are running Thunderbird and are using the "Archive" > option for when emails are deleted. However, they are still able to delete > emails from the Archive folders... I'm wondering if there's any way that I can > configure Dovecot to make sure that emails *never* get removed from the > filesystem. I know it's probably kind of a bizarre request, but is there any > way that Dovecot can help me out in this regard? In addition to the answer of locking the Archive folder, provided by Michael, consider that requests of this kind often are the result of a client or customer having a problem for which they came up with the proposed solution. I hope the machine has a lot of disk space. Depending on where the machine is, laws may require keeping emails for a certain period of time, keeping them then purging them after a period of time, etc. By asking the requester what problem they have that this solution is trying to solve, you can often get to the root of the problem and offer a solution that may work better. Forbidding archive deletion is going to require more work from the admin, because unless the admin is willing to regularly go through and manually delete old emails, eventually, the disk will fill up with all sorts of resulting problems. Also, consider how this may impact mail server behavior if any quotas are in effect. Could be a clash. Depending on what the original problem is, several solutions might be adding a dummy account and have all emails copied to it, on a separate drive (NFS, sshfs or dsync, maybe?) or using shared mailboxes. Cheers. Dem From stephan at rename-it.nl Fri Mar 1 00:38:42 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 28 Feb 2013 23:38:42 +0100 Subject: [Dovecot] sieve /editheader / addheader :last crash In-Reply-To: <5116A18A.2040103@wzb.eu> References: <5114C435.4040105@wzb.eu> <5116087B.2070203@rename-it.nl> <5116A18A.2040103@wzb.eu> Message-ID: <512FDC72.8060306@rename-it.nl> On 2/9/2013 8:20 PM, Peter Rindfuss wrote: > Am 2013-02-09 09:27, schrieb Stephan Bosch: >> >> I'm unable to reproduce this so far. Could you show me more details of >> your setup? >> >> * Output from: dovecot -n >> * Your exact test message >> * Your exact test Sieve script >> * The sieve-test command line >> > > Hi Stephan, > > attached are "dovecot -n", a test message, and three very similar > scripts one of which causes the crash and two not. > > I'm inclined to say that the message itself does not matter. > > This ist the sieve-test cmd line: > sieve-test -t - -a 'brot at wzb.eu' -l /wzb/mail/brot/Maildir -e -x > +editheader /wzb/mail/brot/sieve/{bad|good1|good2}.sieve mail > > Initially I encountered the problem in real deliveries, not in > sieve-test. It is always reproducible. This should fix it: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/13d41cc284fc Regards, Stephan. From peterdsparkes at gmail.com Fri Mar 1 00:54:44 2013 From: peterdsparkes at gmail.com (Peter Sparkes) Date: Thu, 28 Feb 2013 22:54:44 +0000 Subject: [Dovecot] sending of password did not succeed In-Reply-To: References: <512F939C.9060102@thelounge.net> Message-ID: Hi Harald > > Thanks for replying > > stat /home/didm.co.uk/peter/Maildir/tmp gives > > File: `/home/didm.co.uk/peter/Maildir/tmp' > Size: 4096 Blocks: 8 IO Block: 4096 directory > Device: 901h/2305d Inode: 13836957 Links: 2 > Access: (0755/drwxr-xr-x) Uid: ( 1223/ peter) Gid: ( 1108/didm.co.uk) > Access: 2013-02-28 04:36:36.000000000 +0000 > Modify: 2013-02-28 17:08:22.000000000 +0000 > Change: 2013-02-28 17:08:22.000000000 +0000 > > ls -lha -R /home/didm.co.uk/peter/ ouputs a long list part of which is > > /home/didm.co.uk/peter/Maildir/new: > total 844K > drwxr-xr-x 2 peter didm.co.uk 4.0K Feb 28 17:08 . > drwxr-xr-x 8 peter didm.co.uk 4.0K Feb 28 08:01 .. > -rw------- 1 peter peter 12K Feb 28 08:41 > 1362040901.H489863P3132.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 3.2K Feb 28 08:46 > 1362041185.H453645P3137.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 2.8K Feb 28 08:59 > 1362041976.H290857P3254.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 2.1K Feb 28 09:01 > 1362042100.H237350P3263.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 303K Feb 28 09:05 > 1362042315.H1078P3266.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 29K Feb 28 09:16 > 1362042969.H141065P4039.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 15K Feb 28 09:29 > 1362043772.H424096P4070.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 485 Feb 28 09:34 > 1362044091.H313425P4077.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 11K Feb 28 09:44 > 1362044642.H822470P4880.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 2.4K Feb 28 11:38 > 1362051505.H650923P7747.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 3.6K Feb 28 12:03 > 1362053012.H602533P8671.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 27K Feb 28 12:44 > 1362055442.H625207P10611.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 40K Feb 28 13:14 > 1362057256.H571100P11598.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 83K Feb 28 13:15 > 1362057339.H568650P11605.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 9.3K Feb 28 14:05 > 1362060354.H307724P12580.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 16K Feb 28 14:25 > 1362061514.H650991P13554.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 9.0K Feb 28 15:47 > 1362066474.H389245P16304.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 46K Feb 28 15:53 > 1362066827.H631037P16382.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 3.9K Feb 28 15:56 > 1362067018.H98463P16401.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 20K Feb 28 16:15 > 1362068100.H694502P17251.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 44K Feb 28 16:27 > 1362068836.H298454P17321.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 53K Feb 28 17:06 > 1362071183.H205812P18284.didm-a.dh.bytemark.co.uk > -rw------- 1 peter peter 53K Feb 28 17:08 > 1362071302.H916902P18293.didm-a.dh.bytemark.co.uk > > > Regards > > Peter > > > On Thu, Feb 28, 2013 at 5:27 PM, Reindl Harald wrote: > >> >> >> Am 28.02.2013 18:20, schrieb Peter Sparkes: >> > Hi >> > >> > Today I have upgraded my Debian server from lenny to squeeze and my >> email >> > stopped working. >> > >> > I am using Dovecot 1.2.15 with exim4. >> > >> > Exim4 is working and mail is being delivered to the mailboxes - /home/ >> > didm.co.uk/peter/Maildir/new etc >> > >> > When I try to download emails to my I get >> > >> > "sending of password did not succeed, Mail server >> > mail.didm.co.ukresponded:Authentication failed" >> > >> > and the server Dovecot error log "utime(/home/ >> didm.co.uk/peter/Maildir/tmp) >> > failed: Permission denied" etc >> >> and what says "stat /home/didm.co.uk/peter/Maildir/tmp" >> or "ls -lha -R /home/didm.co.uk/peter/"? >> >> > From lists at wildgooses.com Fri Mar 1 01:23:27 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Feb 2013 23:23:27 +0000 Subject: [Dovecot] Best practice for sieve script synchronization In-Reply-To: <62bb67942f6f0d25081ad37e5c45dd84@mx1.enfer-du-nord.net> References: <20130228095815.16e2e348@lists.wgwh.ch> <62bb67942f6f0d25081ad37e5c45dd84@mx1.enfer-du-nord.net> Message-ID: <512FE6EF.7090605@wildgooses.com> On 28/02/2013 09:54, Michael Grimm wrote: > On 2013-02-28 9:58, Oli Schacher wrote: > >> I was wondering how people handle sieve script synchronization in such >> setups. >> >> We came up with a few options for syncing: >> >> 1) rsync/unison ~/sieve every x seconds > [...] >> We are tending towards 1) as this seems simplest and most robust >> solution but before we re-invent the wheel we'd like to "hear" your >> thoughts... > > I am using unison for synchronizing sieve scripts for some years, now. > It does what it is supposed to do very well. There are systems like lsyncd which can watch files for changes and call rsync/unison when they change. This gives you near instant sync, but low overhead. WOuld that help? Ed W From lists at wildgooses.com Fri Mar 1 01:26:43 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Feb 2013 23:26:43 +0000 Subject: [Dovecot] Support for PolarSSL? In-Reply-To: <92113178-8911-46D2-8E4E-49DA8FFB6369@iki.fi> References: <512E8571.5060709@Media-Brokers.com> <92113178-8911-46D2-8E4E-49DA8FFB6369@iki.fi> Message-ID: <512FE7B3.5010106@wildgooses.com> On 28/02/2013 14:17, Timo Sirainen wrote: > On 27.2.2013, at 23.15, Charles Marcus wrote: > >> Just curious if you ever thought about supporting other than just OpenSSL? >> >> PolarSSL looks really interesting, has no major dependencies and is very lightweight compared to OpenSSL, GNUTLS or others... >> >> https://polarssl.org/ >> >> I guess it could be a lot of work, or not, anyway, I'm just curious? > I initially tried to support both OpenSSL and GNUTLS, and it was a lot of work. I'm not really looking forward to that again :) But I guess after v2.3 the Dovecot's lib-ssl-iostream API might become stable enough that other backends could be implemented just once without having to keep changing them.. > I believe the high profile user of polarssl is the Dutch government who have approved OpenVPN + PolarSSL for use. (The point being that openssl is just too huge to audit for security) Ed W From lists at wildgooses.com Fri Mar 1 01:38:33 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Feb 2013 23:38:33 +0000 Subject: [Dovecot] Migration from v1 to v2 with hashed directory structure In-Reply-To: References: Message-ID: <512FEA79.6070201@wildgooses.com> On 28/02/2013 13:59, Pavel Dimow wrote: > Hi, > > I want to upgrade to version 2 but I would like to solve a long > standing problem with 'flat' directory structure ie > we have /var/spool/vmail/mydomain.com/user at mydomain.com and I want a > new server with version 2 to have > hashed directory structure like /var/spool/vmail/mydomain.com/u/s/user > I was wondering it f there is some better solution then dir hashing or > a way to hash a dir other then first two letters. > Also any suggestion how to perform this migration from old to new > server with hashing on the fly? > My thought would be that unless you have millions of users, such a rename process will take only seconds to minutes? Why not just take the server down for a couple of minutes to do the rename process? If you wanted to be really clever, you could do it live using symlinks to move the dirs, then update the dovecot config? Ed W From jerry at seibercom.net Fri Mar 1 02:02:45 2013 From: jerry at seibercom.net (Jerry) Date: Thu, 28 Feb 2013 19:02:45 -0500 Subject: [Dovecot] Support for PolarSSL? In-Reply-To: <512FE7B3.5010106@wildgooses.com> References: <512E8571.5060709@Media-Brokers.com> <92113178-8911-46D2-8E4E-49DA8FFB6369@iki.fi> <512FE7B3.5010106@wildgooses.com> Message-ID: <20130228190245.3467ae9c@scorpio> On Thu, 28 Feb 2013 23:26:43 +0000 Ed W articulated: > I believe the high profile user of polarssl is the Dutch government > who have approved OpenVPN + PolarSSL for use. (The point being that > openssl is just too huge to audit for security) Just because a program has a large footprint does not equate to it being a security risk. In fact, that might be one of the dumber statements I have heard in awhile. Unless you have proof of a specific and reproducible security exploit, your statement is pointless. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From h.reindl at thelounge.net Fri Mar 1 02:09:45 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Fri, 01 Mar 2013 01:09:45 +0100 Subject: [Dovecot] Support for PolarSSL? In-Reply-To: <20130228190245.3467ae9c@scorpio> References: <512E8571.5060709@Media-Brokers.com> <92113178-8911-46D2-8E4E-49DA8FFB6369@iki.fi> <512FE7B3.5010106@wildgooses.com> <20130228190245.3467ae9c@scorpio> Message-ID: <512FF1C9.9000709@thelounge.net> Am 01.03.2013 01:02, schrieb Jerry: > On Thu, 28 Feb 2013 23:26:43 +0000 > Ed W articulated: > >> I believe the high profile user of polarssl is the Dutch government >> who have approved OpenVPN + PolarSSL for use. (The point being that >> openssl is just too huge to audit for security) > > Just because a program has a large footprint does not equate to it > being a security risk. In fact, that might be one of the dumber > statements I have heard in awhile. Unless you have proof of a specific > and reproducible security exploit, your statement is pointless you did not understand the statement or refuse to understand what auditing means - a code audit is the seek for UNKNOWN implementation weakness and bugs - you can guess which is easier to audit: 1000 LOC, 10000 LOC or 1000000 LOC..... there are common known statistics of hidden errors in a defined count of codelines - the statistic remains always the same: having 3 times more code means mostly 3 times more of unknown bugs and NO this DOES NOT say anyhting about the quality of OpenSSL, these are only statistics and facts for audits not more and not less -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From professa at dementianati.com Fri Mar 1 03:34:53 2013 From: professa at dementianati.com (Professa Dementia) Date: Thu, 28 Feb 2013 17:34:53 -0800 Subject: [Dovecot] Support for PolarSSL? In-Reply-To: <512FF1C9.9000709@thelounge.net> References: <512E8571.5060709@Media-Brokers.com> <92113178-8911-46D2-8E4E-49DA8FFB6369@iki.fi> <512FE7B3.5010106@wildgooses.com> <20130228190245.3467ae9c@scorpio> <512FF1C9.9000709@thelounge.net> Message-ID: <513005BD.8050707@dementianati.com> On 2/28/2013 4:09 PM, Reindl Harald wrote: > > > Am 01.03.2013 01:02, schrieb Jerry: >> On Thu, 28 Feb 2013 23:26:43 +0000 >> Ed W articulated: >> >>> I believe the high profile user of polarssl is the Dutch government >>> who have approved OpenVPN + PolarSSL for use. (The point being that >>> openssl is just too huge to audit for security) >> >> Just because a program has a large footprint does not equate to it >> being a security risk. In fact, that might be one of the dumber >> statements I have heard in awhile. Unless you have proof of a specific >> and reproducible security exploit, your statement is pointless > > you did not understand the statement or refuse to understand > what auditing means - a code audit is the seek for UNKNOWN > implementation weakness and bugs - you can guess which is > easier to audit: 1000 LOC, 10000 LOC or 1000000 LOC..... > > there are common known statistics of hidden errors in a > defined count of codelines - the statistic remains always > the same: having 3 times more code means mostly 3 times > more of unknown bugs > > and NO this DOES NOT say anyhting about the quality of > OpenSSL, these are only statistics and facts for audits > > not more and not less > There are two statements, which apply here. They appear to be contradictory, but they are not. 1) You can never prove something is secure, only that it is insecure. Proving something is insecure is easy; find an insecure case. Q.E.D. Proving something is secure involves finding no cases that are insecure, but that could mean it is secure, or that it is not secure and you have not looked hard enough for the insecure case. This cannot be done in finite time and thus cannot be done in the real world. 2) Programs *can*, in fact be proven correct. There is a whole area of computer science dedicated to it, and has been for several decades now. The reason that these two statements are not contradictory is that the second one states you can prove a program correct; that given a set of parameters and criteria that it must meet, that the program meets these. However, "secure" can never be one of the criteria, since it is unprovable. Enough theoretical discussion. In the real world, most coders do not have the background to prove programs, thus it is generally not done. What is done, rather, is use good programming techniques and extensive testing. After that, it is subjected to attacks. The longer it resists the attacks, the more confidence is placed in its security. Both OpenSSL and PolarSSL can be proven correct (or not). This is not dependent on the size of the code. It is merely a function of mathematics and logic. However, OpenSSL has been in use much longer and has withstood more attacks. Confidence in it, then, is higher than for PolarSSL. If both were the same age and had the same number of attacks, then it would appear that the smaller code base would have less hiding places for bugs, but if both were "proven" correct by the same set of standards, then neither could be considered more secure than the other. In regards to the Dutch government, unless they have gone through the process of proving PolarSSL, which I suspect they have not, they are merely saying that due to sheer size, they suspect less bugs could be hiding in the smaller code base. I cannot say that I disagree with this method, but I do fault it. It is the wrong approach. Both code bases need to be proven before you can really do a comparison of which might have more security flaws. If both can be proven to the same set of criteria, then any flaws would be due to the underlying algorithms involved (MD5, SHA, Diffie-Hellman, etc) and would exist in both equally. Dem From fromberg100 at hotmail.com Fri Mar 1 04:17:44 2013 From: fromberg100 at hotmail.com (Fabian von Romberg) Date: Thu, 28 Feb 2013 21:17:44 -0500 Subject: [Dovecot] Error delivery Message-ID: Hi all, Im getting the following error when an email is to be delivered. Below error message: relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") Can anyone please address me where the problem might be? Thanks in advance and regards, Fabian From fromberg100 at hotmail.com Fri Mar 1 06:30:21 2013 From: fromberg100 at hotmail.com (Fabian von Romberg) Date: Thu, 28 Feb 2013 23:30:21 -0500 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: By checking the syslog, I can see there is a access memory issue, please check below: kernel: [ 7106.312710] deliver[21287]: segfault at 20 ip 00007f1696b64d09 sp 00007fff470cc0e0 error 4 in libdovecot.so.0.0.0[7f1696b36000+b3000] Is this a bug? anyone has any idea on how to solve this? Regards, Fabian On 02/28/2013 09:17 PM, Fabian von Romberg wrote: > Hi all, > > Im getting the following error when an email is to be delivered. Below error message: > > relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") > > Can anyone please address me where the problem might be? > > Thanks in advance and regards, > Fabian > > From mysqlstudent at gmail.com Fri Mar 1 07:22:23 2013 From: mysqlstudent at gmail.com (Alex) Date: Fri, 1 Mar 2013 00:22:23 -0500 Subject: [Dovecot] Looking for HOWTO for fc18 with postfix/TLS/imaps Message-ID: Hi all, Does there already exist a document that outlines the best approach to implement postfix with dovecot? I'd like to set up a Maildir system with TLS clients and SMTP Auth. I don't think I need to require client certs, but want to avoid cleartext passwords. It's unclear to me whether to use 143 with TLS or 993. I've currently set it up using 143 with STARTTLS using normal passwords. Is this correct? Can I use a regular apache web cert to provide an authorized cert and key to use for authentication by the clients? Thanks, Alex From mysqlstudent at gmail.com Fri Mar 1 07:46:05 2013 From: mysqlstudent at gmail.com (Alex) Date: Fri, 1 Mar 2013 00:46:05 -0500 Subject: [Dovecot] help needed with dovecot authentication In-Reply-To: <512FD307.7060201@thelounge.net> References: <512FCF5E.3060507@thelounge.net> <512FD307.7060201@thelounge.net> Message-ID: Hi, > sorry - i do not use horde since more than a year after their braindead > split to thousands of subpackages and PEAR making build own RPM-packages > a pain, but i know for sure horde supports auth against IMAP as also > roundcube does, normally this would be the default if you not specify > anything else becaus eit makes zero sense authenticate against a own > usertable because finally it has to login alwas at the IMAp server Now I'm curious. Do people no longer use squirrelmail for webmail and are instead choosing roundcube and/or horde? Any suggestions greatly appreciated. Thanks, Alex From rs at sys4.de Fri Mar 1 08:44:34 2013 From: rs at sys4.de (Robert Schetterer) Date: Fri, 01 Mar 2013 07:44:34 +0100 Subject: [Dovecot] Disallow Deletion from Trash Folder In-Reply-To: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> References: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> Message-ID: <51304E52.70406@sys4.de> Am 28.02.2013 21:40, schrieb Bradley Rintoul: > Hello: > > I've been tasked with trying to find a way to keep users from ever "permanently" > deleting emails. The users are running Thunderbird and are using the "Archive" > option for when emails are deleted. However, they are still able to delete > emails from the Archive folders... I'm wondering if there's any way that I can > configure Dovecot to make sure that emails *never* get removed from the > filesystem. I know it's probably kind of a bizarre request, but is there any > way that Dovecot can help me out in this regard? > > Thanks! > > B. Rintoul > in deed bizzare, you can set acl on folders, but i wouldnt do it for tb standard folders, a better solution would be a mail archive perhaps steel some ideas from http://sys4.de/de/blog/2013/02/07/mailarchiv-mit-dovecot-und-postfix-sortiert-nach-datum-mailadressen-und-ein-ausgehend-unterordnern/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From slitt at troubleshooters.com Fri Mar 1 09:57:10 2013 From: slitt at troubleshooters.com (Steve Litt) Date: Fri, 1 Mar 2013 02:57:10 -0500 Subject: [Dovecot] I need help with my mail client: was [OCLUG] running cron on UTC In-Reply-To: References: <20130228220149.GA3078@ldev.tvplus.com> <512FFBE2.50400@NorthTech.US> <20130301014610.GA3687@ldev.tvplus.com> <51300A3A.7000606@ubuntu.com> Message-ID: <20130301025710.7fcc60dd@mydesk> On Thu, 28 Feb 2013 19:29:20 -0800 Kevin Cernekee wrote: > On Thu, Feb 28, 2013 at 5:54 PM, Nathan Haines I'm sorry to hijack a thread to do this, but I actually had to reply to someone in order to show you the symptom. Before describing the symptom, let me give you the situation... I'm running Claws-Mail 3.8.1 on Xubuntu 12.10. On the way out I just do normal port 465 SSL to my web host's SMTP server. On the way back, fetchmail grabs my messages from my ISP using IMAP (and erasing them on on the ISP's server after retrieval), then delivers them to procmail, which, based on filters, drops them into the correct directories of the Dovecot server running on my desktop. Claws-mail then views all my email on the IMAP server. slitt at mydesk:~$ dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-25-generic x86_64 Ubuntu 12.10 ext4 At the bottom of this email I'll put a copy of a typical full header on a post from me. Here's the symptom: Every time I reply to an OCLUG post, Claws-Mail loads the *To* with oclug at mailman.oclug.org and the *CC* with oclug at penguin.oclug.org. Unless I remember to delete the CC, this makes me double post every time, and must be quite annoying to you all. This happens *only* on OCLUG posts: None of my other mailing lists display this symptom. It's actually weirder than that, because although when I compose the message the preceding is true, by the time I get the two messages back they both say oclug at penguin.oclug.org. This happens only with the OCLUG list, no others. I studied the full headers of the two messages when they came back to me, and could discern no difference in the two. What I did find, however, is that all OCLUG messages have: List-Post: Reply-To: Orange County Linux Users Group List-Id: Orange County Linux Users Group Can anyone tell me how to start narrowing down the cause of this behavior? I've CC'ed the Claws-Mail list and the Dovecot list in hopes that maybe they have some ideas. The fact that the rest of you don't post doubles makes me wonder if it's a mail client thing (but of course, only for OCLUG). Thanks, SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance ====================================================== Return-path: Envelope-to: slitt at troubleshooters.com Delivery-date: Thu, 28 Feb 2013 23:57:27 -0700 Received: from box20.bluehost.com [69.89.18.20] by mydesk with IMAP (fetchmail-6.3.21) for (single-drop); Fri, 01 Mar 2013 02:00:09 -0500 (EST) Received: from athrbthr by box500.bluehost.com with local-bsmtp (Exim 4.80) (envelope-from ) id 1UBJuI-0004wp-KM for slitt at troubleshooters.com; Thu, 28 Feb 2013 23:57:27 -0700 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on box500.bluehost.com X-Spam-Level: X-Spam-Status: No, score=0.9 required=6.0 tests=BAYES_20,DKIM_SIGNED,RDNS_NONE, T_DKIM_INVALID shortcircuit=no autolearn=no version=3.3.1 Received: from [66.51.217.34] (port=57600 helo=mailman.oclug.org) by box500.bluehost.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.80) (envelope-from ) id 1UBJuH-0004vU-Sl for slitt at troubleshooters.com; Thu, 28 Feb 2013 23:57:26 -0700 Received: from penguin.oclug.org (localhost.localdomain [127.0.0.1]) by mailman.oclug.org (8.13.8/8.13.8) with ESMTP id r216sAxl005168; Thu, 28 Feb 2013 22:54:25 -0800 X-DKIM: OpenDKIM Filter v2.2.0 mailman.oclug.org r216sAxl005168 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=oclug.org; s=key1; t=1362120877; i=@oclug.org; bh=pGJLvLZRLVQZMvAPrmj0xY5yD15S7XKt7ZIXrtLn+n8=; h=Date:From:To:Message-ID:In-Reply-To:References:Mime-Version:Cc: Subject:Reply-To:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:Content-Type:Content-Transfer-Encoding; b=Ikxul7U6431nG0j1/UvXZoPbuId9Olh01KBQFgHtvW4XY4vRSdO0c/3K04k8S52Gz XbPB09lBM+MgYdwfz96Euo5fIKe63jqud0IMfa51HdMC8soz9AwTFLiY/Bf45dQbc/ L7GWPtjXX/RIjqgZmxV19GqgvALnmaDZ+p9aYlSs= Received: from oproxy5-pub.bluehost.com (oproxy5-pub.bluehost.com [67.222.38.55]) by mailman.oclug.org (8.13.8/8.13.8) with SMTP id r216rFYG005142 for ; Thu, 28 Feb 2013 22:53:26 -0800 X-DKIM: OpenDKIM Filter v2.2.0 mailman.oclug.org r216rFYG005142 Authentication-Results: mailman.oclug.org; dkim=pass (768-bit key) header.i=@troubleshooters.com header.b=pN/Ec/8K; dkim-adsp=pass Received: (qmail 24695 invoked by uid 0); 1 Mar 2013 06:53:12 -0000 Received: from unknown (HELO box500.bluehost.com) (74.220.219.100) by cpoproxy2.bluehost.com with SMTP; 1 Mar 2013 06:53:12 -0000 Received: from [184.90.206.64] (port=58237 helo=mydesk) by box500.bluehost.com with esmtpsa (SSLv3:RC4-SHA:128) (Exim 4.80) (envelope-from ) id 1UBJqB-0007gc-KK; Thu, 28 Feb 2013 23:53:11 -0700 Date: Fri, 1 Mar 2013 01:53:07 -0500 From: Steve Litt To: oclug at penguin.oclug.org Message-ID: <20130301015307.69d0330f at mydesk> In-Reply-To: References: <512FB61F.6070607 at truesdail.com> Organization: Troubleshooters.Com X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.13; x86_64-pc-linux-gnu) Mime-Version: 1.0 X-Identified-User: {36493:box500.bluehost.com:athrbthr:a3b3.com} {sentby:smtp auth 184.90.206.64 authed with junk at a3b3.com} Cc: Orange County Linux Users Group Subject: Re: [OCLUG] Clonezilla vs Ubuntu backup? X-BeenThere: oclug at mailman.oclug.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: Orange County Linux Users Group List-Id: Orange County Linux Users Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: oclug-bounces at penguin.oclug.org X-Identified-User: {36493:box500.bluehost.com:athrbthr:a3b3.com} {sentby:spamassassin for local delivery to identified user} ====================================================== From skdovecot at smail.inf.fh-brs.de Fri Mar 1 10:49:08 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 09:49:08 +0100 (CET) Subject: [Dovecot] I need help with my mail client: was [OCLUG] running cron on UTC In-Reply-To: <20130301025710.7fcc60dd@mydesk> References: <20130228220149.GA3078@ldev.tvplus.com> <512FFBE2.50400@NorthTech.US> <20130301014610.GA3687@ldev.tvplus.com> <51300A3A.7000606@ubuntu.com> <20130301025710.7fcc60dd@mydesk> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 1 Mar 2013, Steve Litt wrote: > Date: Fri, 1 Mar 2013 02:57:10 -0500 > From: Steve Litt > Reply-To: Dovecot Mailing List > To: oclug at penguin.oclug.org > Cc: Orange County Linux Users Group , > dovecot at dovecot.org, users at lists.claws-mail.org > I'm sorry to hijack a thread to do this, but I actually had to reply to > someone in order to show you the symptom. It's no Dovecot problem, unless the LDA/LMTP process mangles the headers, which probably is no Dovecot problem as well :-) > List-Post: > Reply-To: Orange County Linux Users Group > List-Id: Orange County Linux Users Group > > Can anyone tell me how to start narrowing down the cause of this > behavior? > > I've CC'ed the Claws-Mail list and the Dovecot list in hopes that maybe > ====================================================== > Return-path: > From: Steve Litt > To: oclug at penguin.oclug.org > Cc: Orange County Linux Users Group > Reply-To: Orange County Linux Users Group > List-Id: Orange County Linux Users Group > List-Post: Please check your ClawsMail setup if: a) it adds List-Post to the recipient list, b) you have configured any reply action, that adds another recipient to the message, e.g. overriding "To" with "oclug at mailman.oclug.org". - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTBrhF3r2wJMiz2NAQJEcAf9GmUAB+gNIQZcHQKnYwoWfnfzFTNHKNUV isess11QtZ2PQ5duZcBPlBhEdEoMRVl1fk1omw/zHVV1hp1kZz36/MrLIADqrS8i i2hZpXy3rhiPHh24HqWvTfdxthknbwhtAtcEuUc/fpJavRZh07wuIA8bhPon2EKu myKeacNhSwr5Pr+nEMGXsz7CoKG0FyvzrQ6D2z+4LFZXr7EADjdL05Bh0DWk6jN6 Ki+n2LEjW3cPfqnylyYOvF7CyvX/iqrxAVpL43sO0CAYMz7MW/t4qkDntqynkIND qUDMNlW3KCYRYRlniAeBJ9L0FH+IgY8hXoX0hZu/BHMv20YS/BAinw== =ZTlj -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Mar 1 10:57:13 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 09:57:13 +0100 (CET) Subject: [Dovecot] sending of password did not succeed In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 28 Feb 2013, Peter Sparkes wrote: > Exim4 is working and mail is being delivered to the mailboxes - /home/ > didm.co.uk/peter/Maildir/new etc > > When I try to download emails to my I get > > "sending of password did not succeed, Mail server > mail.didm.co.ukresponded:Authentication failed" > > and the server Dovecot error log "utime(/home/didm.co.uk/peter/Maildir/tmp) > failed: Permission denied" etc Hmm, are you sure, that the Dovecot log message is related to the login attempt? Can you check how many login/imap/pop3 connections there are for user "peter"? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTBtaV3r2wJMiz2NAQJlXQf+I7kMX4rfA26pDRxXH+1zXB9FVilUjfI9 LpIROgtB5wgyBJ0lMSF7LDawZUvq7qC6H5ro/jZYLhwGxZfAgNEMxssMBxpy9Kme F3rlEwHlTDhlcZjWrZTWiUYqPvls6HdFVNcEZOWh4HCUY0AJhpvT+GWN+xILrc6+ 5x/VIE/27DwVF42ggB74XU2/lOty9ZuNv1bZcxpFQ9+Ohcmvkk3dqwmYJxNAdVxW p6dJCqRtRS0P6FBn8kZNTCPFIWJgHLTfHjlN9MFNE/jyQLNyOoKdMpNiEkEICIg/ ouC7UrJw9HDV0eMKsGFN5lKZIBpJwrL3fJwpF+/ZibbRsrYpTDYyTA== =zJoM -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Mar 1 11:13:06 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 10:13:06 +0100 (CET) Subject: [Dovecot] Disallow Deletion from Trash Folder In-Reply-To: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> References: <1362084019.37470.YahooMailRC@web184704.mail.ne1.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 28 Feb 2013, Bradley Rintoul wrote: > > I've been tasked with trying to find a way to keep users from ever "permanently" > deleting emails. The users are running Thunderbird and are using the "Archive" > option for when emails are deleted. However, they are still able to delete > emails from the Archive folders... I'm wondering if there's any way that I can > configure Dovecot to make sure that emails *never* get removed from the > filesystem. I know it's probably kind of a bizarre request, but is there any > way that Dovecot can help me out in this regard? hmm, I understand your request so that a) you want to prevent to delete any message, b) you want to prevent to delete from Archive. For a) go with Robert's idea, e.g. add a global "before" Sieve script, that files a copy of the message into yet another mailbox hierarchie, the user has been restricted by ACLs. Or redirect a copy of these mails to yet another "backup" account the users may access via a shared namespace. For b) ACLs may work. However, users cannot move messages around in the Archive anymore, I think. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTBxIl3r2wJMiz2NAQLfvggAoPkEtp7VEpwbAC5zyo/ONt6S3h7CWDuS GxRyDLtqVEVbKd3RabUWGqDO167SzCEL/Tgq1QKHO8M2nqepanJ3ZCgguvajTnhg ITI/Lq1mbJtwzAJbK0WNx+qbKLCf84XWh7EiHHGzr9EFAKVnnWSNAHI3GrOPJak2 EoSKPAKDtNGFwjLc56vc+U3BG8DYhCsFHGuBLocIWQMo0qNj/aaw+kxeUWXD+dbi 1tayk8U7uL6b2k0rdlDv6Jxl8pSlQpnwnV2JABjQBtkPqjMGp2KeiqoKBjg5n7pn 5aniYnKsY6Abx0zpQYIZnUAMW1fAz1T39REBRR4vIDVJ62qAb3zjsQ== =B9Fv -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Mar 1 11:33:49 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 10:33:49 +0100 (CET) Subject: [Dovecot] help needed with dovecot authentication In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 28 Feb 2013, peter lawrie wrote: > My problem is that I can telnet to postfix to send and receive emails and > can see these within postfix in webmin > I have been having many problems getting dovecot to connect successfully to > postfix. Er, #1: Dovecot connects to postfix? > I have also installed horde 5 which requires to authenticate to an imap > server - that is dovecot. #2: You use imp-authentification then? > This one server is intended to provide all services, so plain > authentication is fine. > But I can't use /etc/passwd as the users are in virtualmin #3: Where are the users in virtualmin? > I would greatly appreciate some assistance with this as every 'howto' I > have found by googling describes different setups and just gets me deeper > in the mire! > > I want an authentication mechanism on this one server that virtualmin users > and horde users (same people!) can use for imap mail. Dovecot to use passwords from SQL, e.g. mysql: http://wiki2.dovecot.org/AuthDatabase/SQL Dovecot to fetch user information from SQL, e.g. mysql: http://wiki2.dovecot.org/UserDatabase Postfix is using Dovecot for AUTH: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL Postfix delivers message to Dovecot via LMTP: http://wiki2.dovecot.org/HowTo/Virtual%2BPostfix%2BDspam%2BDovecot (just skip the Dspam part) Use imp-Auth in Horde. Left: virtualmin You will find information about password_query, user_query,& iterate_query in the first two links. Give Dovecot the correct SQL SELECT statements, be sure the password scheme vurtualmin uses is supported by Dovecot, have ensured that the configuration (either from SQL or conf files) tells Dovecot, where the home and the mail base directories are, then it should work. You will find plenty of HOWTOs about Postfix and Dovecot setup in the net. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTB1/V3r2wJMiz2NAQIuLAf8CM6NZpa6I8aUjQmpr0X/aa89a3C4q6Fy 3Ajoalzvf0vPU3fhT6yuqPbSPNfOssDhv9p2LWhp+xhY9VYPgnMj58guTdwu8qiq f/BOKXRoty378H6mf+UYc+uX+/hpOuSNM7IRiaFdlvr0gcpLz3a3x2NWtxvCrm5S JXgGRg/0DmPIAv6o/Wkn8dO/re6WmuSBdQ/wy2LmKYv/o5oMNb/WWBCJhABzy/E2 WQVOB3pgAVIRY6ecM+n6r3Ug4FizuNEAVDRmdrFsBX5vMnEqml3aAFC1NMDJkBkT 3sp6i3vHB2Bp8cB6R/TeMKr4o0eBFCxkaZ/bGgWdjQFgca3prNHU9Q== =6Eph -----END PGP SIGNATURE----- From paveldimow at gmail.com Fri Mar 1 11:38:04 2013 From: paveldimow at gmail.com (Pavel Dimow) Date: Fri, 1 Mar 2013 10:38:04 +0100 Subject: [Dovecot] Migration from v1 to v2 with hashed directory structure In-Reply-To: <512FEA79.6070201@wildgooses.com> References: <512FEA79.6070201@wildgooses.com> Message-ID: Thank you Ed, I was referring also to other people experiences regarding migration. Do's and Don'ts, and specially directory hashing strategies others are utilizing. On Fri, Mar 1, 2013 at 12:38 AM, Ed W wrote: > On 28/02/2013 13:59, Pavel Dimow wrote: >> >> Hi, >> >> I want to upgrade to version 2 but I would like to solve a long >> standing problem with 'flat' directory structure ie >> we have /var/spool/vmail/mydomain.com/user at mydomain.com and I want a >> new server with version 2 to have >> hashed directory structure like /var/spool/vmail/mydomain.com/u/s/user >> I was wondering it f there is some better solution then dir hashing or >> a way to hash a dir other then first two letters. >> Also any suggestion how to perform this migration from old to new >> server with hashing on the fly? >> > > My thought would be that unless you have millions of users, such a rename > process will take only seconds to minutes? Why not just take the server > down for a couple of minutes to do the rename process? > > If you wanted to be really clever, you could do it live using symlinks to > move the dirs, then update the dovecot config? > > Ed W From skdovecot at smail.inf.fh-brs.de Fri Mar 1 11:41:44 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 10:41:44 +0100 (CET) Subject: [Dovecot] Migration from v1 to v2 with hashed directory structure In-Reply-To: <512FEA79.6070201@wildgooses.com> References: <512FEA79.6070201@wildgooses.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 28 Feb 2013, Ed W wrote: > On 28/02/2013 13:59, Pavel Dimow wrote: >> Hi, >> >> I want to upgrade to version 2 but I would like to solve a long >> standing problem with 'flat' directory structure ie >> we have /var/spool/vmail/mydomain.com/user at mydomain.com and I want a >> new server with version 2 to have >> hashed directory structure like /var/spool/vmail/mydomain.com/u/s/user >> I was wondering it f there is some better solution then dir hashing or >> a way to hash a dir other then first two letters. >> Also any suggestion how to perform this migration from old to new >> server with hashing on the fly? >> > > My thought would be that unless you have millions of users, such a rename > process will take only seconds to minutes? Why not just take the server down > for a couple of minutes to do the rename process? > > If you wanted to be really clever, you could do it live using symlinks to > move the dirs, then update the dovecot config? Yeah: for dir in /var/spool/vmail/mydomain.com/*; do to="$(script_to_map_name "$dir")" if ! test -d "$(dirname "$to")"; then # add -m 0555 if needed mkdir -p "$(dirname "$to")" fi # If a new mails arrives or the user access the box # there will be an error for a (very) short time mv "$dir" "$to" ln -s "$to" "$dir" # no more errors done Then update the config, reload Dovecot, wait a bit, remove the symlinks. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTB32F3r2wJMiz2NAQK2vgf/V5OCGWdToQJOxCtUlZp+aMslznBpr2Rq XrjANVYblMUzipd8HFR7YzbHkgJizm/t5k5+OHg9xX1D9YrsxB9/9k1pMRomAuCv nIBWmb4JTIvq2MJihstXZj8q/z3i5OXbb7Mp5o/YgkZqx9OBfD4IJvSRT6d7vuld 7xCSc56zF7MlpFfXXN9nBYBFNGXvOEmvgrZNd2BtL6iSWxC7tVZbfkdLfuUS0RKv FKIcuESPZNkKmr86NxEegpOz8fs7ZdSrvs5ibqNdDN4+oOnKC55EwOPgY1OOhWmB ZdzmDAdy8ztXauWmuznkAP+FzhZV5jIBXlNJLnkj2xGsT5x20/FTvg== =nW5U -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Mar 1 11:47:57 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 10:47:57 +0100 (CET) Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 28 Feb 2013, Fabian von Romberg wrote: > By checking the syslog, I can see there is a access memory issue, please check below: > > kernel: [ 7106.312710] deliver[21287]: segfault at 20 ip 00007f1696b64d09 sp 00007fff470cc0e0 error 4 in libdovecot.so.0.0.0[7f1696b36000+b3000] > > Is this a bug? anyone has any idea on how to solve this? What version and config of Dovecot? dovecot -n or doveconf -n > On 02/28/2013 09:17 PM, Fabian von Romberg wrote: >> Hi all, >> >> Im getting the following error when an email is to be delivered. Below error message: one particular message or any message? or to one user only? Is this particular message different from others that work? Eg. very large, no headers, ... >> relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") >> >> Can anyone please address me where the problem might be? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTB5TV3r2wJMiz2NAQJEZQf/SPPbRhg6OgbtX8Q6DnYiIY7bHc3O24mW QHr2SBC79O1Atyx2YYNfqjX7ym4l5O7IW5FXkl4Uf2xyJzq4Dkben3T3dTF8W0nK dv1sGG0OficL5blOqkvr8loUf1V+hZG+BsqdbEZ1qTkQ2v0Nk2W6SPUgsY5NDx9Z /buWj4v7aEoMC4lKk3johcrnzuAt6KkdmhTIOxCMN6Qmmsz/XwT06zSNlUwgFW9S zsf06ehbACCFvzLzRyixE7/sGqRdDFQBAZlWk16/k1NE0qxJR4JcIWfys9FBzgUC nYC94EtcIOBXXyvnQQMwDbN7u8byMFtZ2vhQ0D9p+Tdf53oIMuv5nw== =TpuR -----END PGP SIGNATURE----- From goetz.reinicke at filmakademie.de Fri Mar 1 11:57:56 2013 From: goetz.reinicke at filmakademie.de (=?ISO-8859-15?Q?G=F6tz_Reinicke_-_IT_Koordinator?=) Date: Fri, 01 Mar 2013 10:57:56 +0100 Subject: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x In-Reply-To: References: <512C97A4.9050801@filmakademie.de> <512DB7E5.7030903@filmakademie.de> Message-ID: <51307BA4.6060806@filmakademie.de> Am 27.02.13 16:57, schrieb Steffen Kaiser: > On Wed, 27 Feb 2013, G?tz Reinicke - IT Koordinator wrote: > >>> I don't know Redhat, but it seems to be wise to upgrade. What's the >>> "Known Bug List" or "Known Security Holes" in Redhat EL 5.x? > >> What do you mean by that? BTW it's strange to me that Redhat never >> updated the main imap server part in there lon tearm supported >> enterprice distribution ... (RH EL 6 comes with dovecot 2.0 ok ... ) > > Are there security considerations to upgrade the base system, kernel > remote exploits a.s.o. I got your point. Hmm RHEL 5.9 is still well supported till Q1 2014 and further with minor or critical updates till 2017. (O.K. no dovecot update :D ) For now no really need for us to rush to an other major release. > You could look into building Dovecot from source to get v2.1 or v2.2. May be I'll give that a try. Thanks for your suggestions and feedback . Regards . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5174 bytes Desc: S/MIME Kryptografische Unterschrift URL: From alessio at skye.it Fri Mar 1 12:18:40 2013 From: alessio at skye.it (Alessio Cecchi) Date: Fri, 01 Mar 2013 11:18:40 +0100 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: <51308080.1020905@skye.it> Il 01/03/2013 03:17, Fabian von Romberg ha scritto: > Hi all, > > Im getting the following error when an email is to be delivered. Below error message: > > relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") > > Can anyone please address me where the problem might be? > > Thanks in advance and regards, > Fabian > I had a similar problem when an email was delivered to a new account for the first time. Try to upgrade to the latest dovecot release. -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From denis.witt at concepts-and-training.de Fri Mar 1 12:25:52 2013 From: denis.witt at concepts-and-training.de (Denis Witt) Date: Fri, 1 Mar 2013 11:25:52 +0100 Subject: [Dovecot] postfix, dovecot, samba, winbind In-Reply-To: <1362074406.2028.519.camel@worklian> References: <3312FABD-56F5-48A0-91D9-D0D44B5EC003@concepts-and-training.de> <1362074406.2028.519.camel@worklian> Message-ID: Am 28.02.2013 um 19:00 schrieb Bob Miller : > It has been a few months since I worked out all the settings to > authenticate against samba's AD, but I think you can solve your problem > by putting a home argument in your userdb{} stanza. If that doesn't > work, and assuming you are authenticating using ldap lookups, let me > know and I can share more of how I set things up? Hi Bob, thanks for your reply. How do I set up the home argument? When I put it into the args= line dovecot doesn't find my config file. If I put a home= line it doesn't work either. In the dovecot wiki I could only find an example with home= for a static userdb config. Thanks! From paveldimow at gmail.com Fri Mar 1 13:57:57 2013 From: paveldimow at gmail.com (Pavel Dimow) Date: Fri, 1 Mar 2013 12:57:57 +0100 Subject: [Dovecot] Migration from v1 to v2 with hashed directory structure In-Reply-To: References: <512FEA79.6070201@wildgooses.com> Message-ID: Tnx will try ;) On Fri, Mar 1, 2013 at 10:41 AM, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > On Thu, 28 Feb 2013, Ed W wrote: >> >> On 28/02/2013 13:59, Pavel Dimow wrote: >>> >>> Hi, >>> >>> I want to upgrade to version 2 but I would like to solve a long >>> standing problem with 'flat' directory structure ie >>> we have /var/spool/vmail/mydomain.com/user at mydomain.com and I want a >>> new server with version 2 to have >>> hashed directory structure like /var/spool/vmail/mydomain.com/u/s/user >>> I was wondering it f there is some better solution then dir hashing or >>> a way to hash a dir other then first two letters. >>> Also any suggestion how to perform this migration from old to new >>> server with hashing on the fly? >>> >> >> My thought would be that unless you have millions of users, such a rename >> process will take only seconds to minutes? Why not just take the server >> down for a couple of minutes to do the rename process? >> >> If you wanted to be really clever, you could do it live using symlinks to >> move the dirs, then update the dovecot config? > > > Yeah: > > for dir in /var/spool/vmail/mydomain.com/*; do > to="$(script_to_map_name "$dir")" > if ! test -d "$(dirname "$to")"; then > # add -m 0555 if needed > mkdir -p "$(dirname "$to")" > fi > # If a new mails arrives or the user access the box > # there will be an error for a (very) short time > mv "$dir" "$to" > ln -s "$to" "$dir" > # no more errors done > > Then update the config, reload Dovecot, wait a bit, remove the symlinks. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUTB32F3r2wJMiz2NAQK2vgf/V5OCGWdToQJOxCtUlZp+aMslznBpr2Rq > XrjANVYblMUzipd8HFR7YzbHkgJizm/t5k5+OHg9xX1D9YrsxB9/9k1pMRomAuCv > nIBWmb4JTIvq2MJihstXZj8q/z3i5OXbb7Mp5o/YgkZqx9OBfD4IJvSRT6d7vuld > 7xCSc56zF7MlpFfXXN9nBYBFNGXvOEmvgrZNd2BtL6iSWxC7tVZbfkdLfuUS0RKv > FKIcuESPZNkKmr86NxEegpOz8fs7ZdSrvs5ibqNdDN4+oOnKC55EwOPgY1OOhWmB > ZdzmDAdy8ztXauWmuznkAP+FzhZV5jIBXlNJLnkj2xGsT5x20/FTvg== > =nW5U > -----END PGP SIGNATURE----- From fromberg100 at hotmail.com Fri Mar 1 14:43:38 2013 From: fromberg100 at hotmail.com (Fabian von Romberg) Date: Fri, 01 Mar 2013 07:43:38 -0500 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: Hi Steffen, actually this is the first user I created. Im running postfix 2.10 and dovecot 2.2 rc2. Im using telnet to send and email for testing purposes. Sending from an email client like Thunderbird happens the same. please see below the output of dovecot -n: # 2.2.rc2: /usr/local/dovecot2.2/etc/dovecot/dovecot.conf # OS: Linux 3.5.0-21-generic x86_64 Ubuntu 12.10 ext4 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = plain base_dir = /usr/local/dovecot2.2/var/run debug_log_path = /usr/local/dovecot2.2/var/log/dovecot-debug.log default_internal_user = administrator default_login_user = administrator disable_plaintext_auth = no info_log_path = /usr/local/dovecot2.2/var/log/dovecot-info.log log_path = /usr/local/dovecot2.2/var/log/dovecot.log mail_debug = yes mail_location = maildir:/var/vmail/%d/%n/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = separator = . type = private } passdb { args = /usr/local/dovecot2.2/etc/dovecot/dovecot-mysql.conf driver = sql } protocols = imap pop3 service auth-worker { user = administrator } service auth { unix_listener /usr/local/postfix/spool/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { mode = 0600 user = vmail } user = administrator } ssl = no userdb { args = uid=5000 gid=5000 home=/var/vmail/%d/%n allow_all_users=yes driver = static } verbose_ssl = yes protocol lda { auth_socket_path = /usr/local/dovecot2.2/var/run/auth-master log_path = /var/vmail/dovecot-deliver.log mail_plugins = sieve postmaster_address = postmaster at mydomain.com } On 03/01/2013 04:47 AM, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 28 Feb 2013, Fabian von Romberg wrote: > >> By checking the syslog, I can see there is a access memory issue, please check below: >> >> kernel: [ 7106.312710] deliver[21287]: segfault at 20 ip 00007f1696b64d09 sp 00007fff470cc0e0 error 4 in libdovecot.so.0.0.0[7f1696b36000+b3000] >> >> Is this a bug? anyone has any idea on how to solve this? > > What version and config of Dovecot? > > dovecot -n > or > doveconf -n > >> On 02/28/2013 09:17 PM, Fabian von Romberg wrote: >>> Hi all, >>> >>> Im getting the following error when an email is to be delivered. Below error message: > > one particular message or any message? or to one user only? Is this > particular message different from others that work? Eg. very large, no > headers, ... > >>> relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") >>> >>> Can anyone please address me where the problem might be? > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUTB5TV3r2wJMiz2NAQJEZQf/SPPbRhg6OgbtX8Q6DnYiIY7bHc3O24mW > QHr2SBC79O1Atyx2YYNfqjX7ym4l5O7IW5FXkl4Uf2xyJzq4Dkben3T3dTF8W0nK > dv1sGG0OficL5blOqkvr8loUf1V+hZG+BsqdbEZ1qTkQ2v0Nk2W6SPUgsY5NDx9Z > /buWj4v7aEoMC4lKk3johcrnzuAt6KkdmhTIOxCMN6Qmmsz/XwT06zSNlUwgFW9S > zsf06ehbACCFvzLzRyixE7/sGqRdDFQBAZlWk16/k1NE0qxJR4JcIWfys9FBzgUC > nYC94EtcIOBXXyvnQQMwDbN7u8byMFtZ2vhQ0D9p+Tdf53oIMuv5nw== > =TpuR > -----END PGP SIGNATURE----- > From valerius at afterlogic.com Fri Mar 1 15:01:48 2013 From: valerius at afterlogic.com (Valery V. Sedletski) Date: Fri, 1 Mar 2013 13:01:48 +0000 Subject: [Dovecot] IMAP folders sort order Message-ID: >> >> But I tried to create a fresh account in Dovecot (not migrated from >> Courier), and it >> still shows a intermixed folder order: >> >> a list "" * >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Sent" >> * LIST (\HasNoChildren) "/" "Drafts" >> * LIST (\HasNoChildren) "/" "Trash" >> * LIST (\HasNoChildren) "/" "INBOX" >> * LIST (\HasNoChildren) "/" "Pub" >> a OK List completed. > >Why does this matter? IMAP does NOT enforce any sort of required >sorting order, and no IMAP client can assume a sort order. So >enforcing a sort order on the server is just a waste of resources. > Just a cosmetic problem, of course. Some IMAP clients do sort folders, others do not, so they show different folder sort order in Dovecot, if migrated from Courier (Courier seems to sort folders, so that the system ones appear first). We just needed a seamless migration. >FWIW, this is completely legal IMAP output also (albeit inefficient): > >a list "" * >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Sent" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Drafts" >* LIST (\HasNoChildren) "/" "Trash" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "Spam" >* LIST (\HasNoChildren) "/" "INBOX" >* LIST (\HasNoChildren) "/" "Pub" >a OK List completed. > So, it is legal to even list each folder several times? >michael WBR, valerius From japc at co.sapo.pt Fri Mar 1 15:09:40 2013 From: japc at co.sapo.pt (=?ISO-8859-1?Q?Jos=E9?= Celestino) Date: Fri, 01 Mar 2013 13:09:40 +0000 Subject: [Dovecot] IMAP folders sort order In-Reply-To: References: Message-ID: <1362143380.19169.23.camel@morgoth> On Sex, 2013-03-01 at 13:01 +0000, Valery V. Sedletski wrote: > > So, it is legal to even list each folder several times? > http://www.dovecot.org/imap-client-coding-howto.html "LIST reply is very loosely defined. It may be very much out of order. It may even contain duplicates." From skdovecot at smail.inf.fh-brs.de Fri Mar 1 15:46:50 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 1 Mar 2013 14:46:50 +0100 (CET) Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 1 Mar 2013, Fabian von Romberg wrote: > actually this is the first user I created. Im running postfix 2.10 and > dovecot 2.2 rc2. Im using telnet to send and email for testing > purposes. Sending from an email client like Thunderbird happens the > same. Does the path /var/vmail/%d/%n/Maildir already exists and is owned by user:group 5000:5000? What's your conf in postfix to call deliver? BTW: I personally like LMTP much easier: http://wiki2.dovecot.org/LMTP http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > please see below the output of dovecot -n: > > # 2.2.rc2: /usr/local/dovecot2.2/etc/dovecot/dovecot.conf > # OS: Linux 3.5.0-21-generic x86_64 Ubuntu 12.10 ext4 > auth_debug = yes > auth_debug_passwords = yes > auth_mechanisms = plain login > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /usr/local/dovecot2.2/var/run > debug_log_path = /usr/local/dovecot2.2/var/log/dovecot-debug.log > default_internal_user = administrator > default_login_user = administrator > disable_plaintext_auth = no > info_log_path = /usr/local/dovecot2.2/var/log/dovecot-info.log > log_path = /usr/local/dovecot2.2/var/log/dovecot.log > mail_debug = yes > mail_location = maildir:/var/vmail/%d/%n/Maildir > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave > namespace { > inbox = yes > location = > prefix = > separator = . > type = private > } > passdb { > args = /usr/local/dovecot2.2/etc/dovecot/dovecot-mysql.conf > driver = sql > } > protocols = imap pop3 > service auth-worker { > user = administrator > } > service auth { > unix_listener /usr/local/postfix/spool/private/auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-master { > mode = 0600 > user = vmail > } > user = administrator > } > ssl = no > userdb { > args = uid=5000 gid=5000 home=/var/vmail/%d/%n allow_all_users=yes > driver = static > } > verbose_ssl = yes > protocol lda { > auth_socket_path = /usr/local/dovecot2.2/var/run/auth-master > log_path = /var/vmail/dovecot-deliver.log > mail_plugins = sieve > postmaster_address = postmaster at mydomain.com > } > > > On 03/01/2013 04:47 AM, Steffen Kaiser wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Thu, 28 Feb 2013, Fabian von Romberg wrote: >> >>> By checking the syslog, I can see there is a access memory issue, please check below: >>> >>> kernel: [ 7106.312710] deliver[21287]: segfault at 20 ip 00007f1696b64d09 sp 00007fff470cc0e0 error 4 in libdovecot.so.0.0.0[7f1696b36000+b3000] >>> >>> Is this a bug? anyone has any idea on how to solve this? >> >> What version and config of Dovecot? >> >> dovecot -n >> or >> doveconf -n >> >>> On 02/28/2013 09:17 PM, Fabian von Romberg wrote: >>>> Hi all, >>>> >>>> Im getting the following error when an email is to be delivered. Below error message: >> >> one particular message or any message? or to one user only? Is this >> particular message different from others that work? Eg. very large, no >> headers, ... >> >>>> relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") >>>> >>>> Can anyone please address me where the problem might be? >> >> - -- >> Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.11 (GNU/Linux) >> >> iQEVAwUBUTB5TV3r2wJMiz2NAQJEZQf/SPPbRhg6OgbtX8Q6DnYiIY7bHc3O24mW >> QHr2SBC79O1Atyx2YYNfqjX7ym4l5O7IW5FXkl4Uf2xyJzq4Dkben3T3dTF8W0nK >> dv1sGG0OficL5blOqkvr8loUf1V+hZG+BsqdbEZ1qTkQ2v0Nk2W6SPUgsY5NDx9Z >> /buWj4v7aEoMC4lKk3johcrnzuAt6KkdmhTIOxCMN6Qmmsz/XwT06zSNlUwgFW9S >> zsf06ehbACCFvzLzRyixE7/sGqRdDFQBAZlWk16/k1NE0qxJR4JcIWfys9FBzgUC >> nYC94EtcIOBXXyvnQQMwDbN7u8byMFtZ2vhQ0D9p+Tdf53oIMuv5nw== >> =TpuR >> -----END PGP SIGNATURE----- >> > > > - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTCxSl3r2wJMiz2NAQLDCgf+JRldEvyJKxhsBrwgAUvEOOpyIgmLcC7C UxdfGPBBjMiqeoHwxGmpmX3sZ+8xX+6sO47fe0iEsJyJcST5NvvL0wFtQ8XnGLm6 /DxuILnU4S2rWVkrdU+bLjFazgoSMtjVcBJ8lvLinUE1aFL31EsnrY03FiEoFbqN nWvNHQ85HYqAAjtQPIL4EaFk9HCPIEuGD4vpQApQ/BIVRr9yWn6j8BWOnhwJVZbl r1HKMmHuZ48ybgLhMBmllnz30M60/nobHj1yPiSB3Xy4vv/V6SNhUwMn3uQ/MHJH 2VL50yPxMXK+V7tao27dOaRt4aWgXt7UcAhqB3R/YSOtf6NTgOV5jg== =r/gR -----END PGP SIGNATURE----- From stsiol at yahoo.co.uk Fri Mar 1 15:56:33 2013 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Fri, 1 Mar 2013 13:56:33 +0000 (GMT) Subject: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x In-Reply-To: <51307BA4.6060806@filmakademie.de> References: <512C97A4.9050801@filmakademie.de> <512DB7E5.7030903@filmakademie.de> <51307BA4.6060806@filmakademie.de> Message-ID: <1362146193.30450.YahooMailNeo@web28805.mail.ir2.yahoo.com> ----- Original Message ----- > From: G?tz Reinicke - IT Koordinator > To: dovecot at dovecot.org > Cc: > Sent: Friday, 1 March 2013, 11:57 > Subject: Re: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x > > -->%------>%------>%------>%------>%------? >> You could look into building Dovecot from source to get v2.1 or v2.2. > > May be I'll give that a try. > > ??? Thanks for your suggestions and feedback . Regards . G?tz > > -- > G?tz Reinicke > IT-Koordinator ? Yeah, ?I think it's the only way to get a newer version of dovecot on redhat related OSs. s. ? ---- "I merely function as a channel that filters? music through the chaos of noise" - Vangelis From tss at iki.fi Fri Mar 1 16:14:44 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 1 Mar 2013 15:14:44 +0100 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: <6ED11E8B-4816-4C0B-B993-A9FB3BAC2C19@iki.fi> On 1.3.2013, at 13.43, Fabian von Romberg wrote: > actually this is the first user I created. Im running postfix 2.10 and dovecot 2.2 rc2. Im using telnet to send and email for testing purposes. Sending from an email client like Thunderbird happens the same. .. >>>> relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") That's a bug. gdb backtrace for this would be helpful in fixing it. With LDA it may be a bit more difficult to get a core than normally. See if you can reproduce this with: ulimit -c unlimited echo hello | /usr/local/dovecot/libexec/dovecot/dovecot-lda -d user at domain Hopefully there's now a core file and you can do: gdb /usr/local/dovecot/libexec/dovecot/dovecot-lda core bt full From fromberg100 at hotmail.com Fri Mar 1 16:57:17 2013 From: fromberg100 at hotmail.com (Fabian von Romberg) Date: Fri, 01 Mar 2013 09:57:17 -0500 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: Hi Steffen, yes, /var/vmail/%d/%n/Maildir is owned by vmail:vmail (5000:5000). I dont think there is a problem here as when the first mail was to be delivered, subfolders and files were created automatically under /var/vmail, for example: /var/vmail/mydomain.com/user below is my conf in postfix to call deliver: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/dovecot/libexec/dovecot/deliver -d ${recipient} Regards, Fabian On 01/03/2013 8:46, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 1 Mar 2013, Fabian von Romberg wrote: > >> actually this is the first user I created. Im running postfix 2.10 >> and dovecot 2.2 rc2. Im using telnet to send and email for testing >> purposes. Sending from an email client like Thunderbird happens the >> same. > > Does the path /var/vmail/%d/%n/Maildir already exists and is owned by > user:group 5000:5000? > > What's your conf in postfix to call deliver? BTW: I personally like LMTP > much easier: > > http://wiki2.dovecot.org/LMTP > http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP > >> please see below the output of dovecot -n: >> >> # 2.2.rc2: /usr/local/dovecot2.2/etc/dovecot/dovecot.conf >> # OS: Linux 3.5.0-21-generic x86_64 Ubuntu 12.10 ext4 >> auth_debug = yes >> auth_debug_passwords = yes >> auth_mechanisms = plain login >> auth_verbose = yes >> auth_verbose_passwords = plain >> base_dir = /usr/local/dovecot2.2/var/run >> debug_log_path = /usr/local/dovecot2.2/var/log/dovecot-debug.log >> default_internal_user = administrator >> default_login_user = administrator >> disable_plaintext_auth = no >> info_log_path = /usr/local/dovecot2.2/var/log/dovecot-info.log >> log_path = /usr/local/dovecot2.2/var/log/dovecot.log >> mail_debug = yes >> mail_location = maildir:/var/vmail/%d/%n/Maildir >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave >> namespace { >> inbox = yes >> location = >> prefix = >> separator = . >> type = private >> } >> passdb { >> args = /usr/local/dovecot2.2/etc/dovecot/dovecot-mysql.conf >> driver = sql >> } >> protocols = imap pop3 >> service auth-worker { >> user = administrator >> } >> service auth { >> unix_listener /usr/local/postfix/spool/private/auth { >> group = postfix >> mode = 0660 >> user = postfix >> } >> unix_listener auth-master { >> mode = 0600 >> user = vmail >> } >> user = administrator >> } >> ssl = no >> userdb { >> args = uid=5000 gid=5000 home=/var/vmail/%d/%n allow_all_users=yes >> driver = static >> } >> verbose_ssl = yes >> protocol lda { >> auth_socket_path = /usr/local/dovecot2.2/var/run/auth-master >> log_path = /var/vmail/dovecot-deliver.log >> mail_plugins = sieve >> postmaster_address = postmaster at mydomain.com >> } >> >> >> On 03/01/2013 04:47 AM, Steffen Kaiser wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Thu, 28 Feb 2013, Fabian von Romberg wrote: >>> >>>> By checking the syslog, I can see there is a access memory issue, >>>> please check below: >>>> >>>> kernel: [ 7106.312710] deliver[21287]: segfault at 20 ip >>>> 00007f1696b64d09 sp 00007fff470cc0e0 error 4 in >>>> libdovecot.so.0.0.0[7f1696b36000+b3000] >>>> >>>> Is this a bug? anyone has any idea on how to solve this? >>> >>> What version and config of Dovecot? >>> >>> dovecot -n >>> or >>> doveconf -n >>> >>>> On 02/28/2013 09:17 PM, Fabian von Romberg wrote: >>>>> Hi all, >>>>> >>>>> Im getting the following error when an email is to be delivered. >>>>> Below error message: >>> >>> one particular message or any message? or to one user only? Is this >>> particular message different from others that work? Eg. very large, no >>> headers, ... >>> >>>>> relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, >>>>> status=deferred (Command died with signal 11: >>>>> "/usr/local/dovecot/libexec/dovecot/deliver") >>>>> >>>>> Can anyone please address me where the problem might be? >>> >>> - -- >>> Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.4.11 (GNU/Linux) >>> >>> iQEVAwUBUTB5TV3r2wJMiz2NAQJEZQf/SPPbRhg6OgbtX8Q6DnYiIY7bHc3O24mW >>> QHr2SBC79O1Atyx2YYNfqjX7ym4l5O7IW5FXkl4Uf2xyJzq4Dkben3T3dTF8W0nK >>> dv1sGG0OficL5blOqkvr8loUf1V+hZG+BsqdbEZ1qTkQ2v0Nk2W6SPUgsY5NDx9Z >>> /buWj4v7aEoMC4lKk3johcrnzuAt6KkdmhTIOxCMN6Qmmsz/XwT06zSNlUwgFW9S >>> zsf06ehbACCFvzLzRyixE7/sGqRdDFQBAZlWk16/k1NE0qxJR4JcIWfys9FBzgUC >>> nYC94EtcIOBXXyvnQQMwDbN7u8byMFtZ2vhQ0D9p+Tdf53oIMuv5nw== >>> =TpuR >>> -----END PGP SIGNATURE----- >>> >> >> >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUTCxSl3r2wJMiz2NAQLDCgf+JRldEvyJKxhsBrwgAUvEOOpyIgmLcC7C > UxdfGPBBjMiqeoHwxGmpmX3sZ+8xX+6sO47fe0iEsJyJcST5NvvL0wFtQ8XnGLm6 > /DxuILnU4S2rWVkrdU+bLjFazgoSMtjVcBJ8lvLinUE1aFL31EsnrY03FiEoFbqN > nWvNHQ85HYqAAjtQPIL4EaFk9HCPIEuGD4vpQApQ/BIVRr9yWn6j8BWOnhwJVZbl > r1HKMmHuZ48ybgLhMBmllnz30M60/nobHj1yPiSB3Xy4vv/V6SNhUwMn3uQ/MHJH > 2VL50yPxMXK+V7tao27dOaRt4aWgXt7UcAhqB3R/YSOtf6NTgOV5jg== > =r/gR > -----END PGP SIGNATURE----- > From tabbingout at gmail.com Fri Mar 1 18:40:06 2013 From: tabbingout at gmail.com (Tabbed Out) Date: Fri, 1 Mar 2013 11:40:06 -0500 Subject: [Dovecot] Maildir Control files and quota Message-ID: Hello all, the dovecot wiki recommended that the index and control files for maildir be placed on a partition which does not have a quota. I have a VPS which gives me 20 gigs of space. Since space is tight, is there some way to calculate how much space the partition needs for the control and index files? Would 1 gig be sufficient in the long run? From rs at sys4.de Fri Mar 1 19:03:50 2013 From: rs at sys4.de (Robert Schetterer) Date: Fri, 01 Mar 2013 18:03:50 +0100 Subject: [Dovecot] Maildir Control files and quota In-Reply-To: References: Message-ID: <5130DF76.9090702@sys4.de> Am 01.03.2013 17:40, schrieb Tabbed Out: > Hello all, the dovecot wiki recommended that the index and control files > for maildir be placed on a partition which does not have a quota. > > I have a VPS which gives me 20 gigs of space. Since space is tight, is > there some way to calculate how much space the partition needs for the > control and index files? Would 1 gig be sufficient in the long run? > looking to my maildir , i have 1,3G of physical on storage while imap reports 1,43 GB so 1 would say 20GB physical Storage is always good for 10 maildirs a 1 GB imap quota, this should leave enough reserve anyway in any case Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From philq at qsystemsengineering.com Fri Mar 1 22:30:37 2013 From: philq at qsystemsengineering.com (Phil Quesinberry) Date: Fri, 01 Mar 2013 15:30:37 -0500 Subject: [Dovecot] No NTLM with PAM after upgrade Message-ID: <036a01ce16bb$a4d9ddc0$ee8d9940$@com> After updating From Dovecot 1.07 (included with CentOS 5) to 2.11, NTLM authentication will not work. Attempts to authenticate against Samba version 4.0.4-GIT-20cb7de also fail with 'auth: Info: winbind(?,192.168.2.100): user not authenticated: NT_STATUS_UNSUCCESSFUL', despite the fact that the same user can sign on to the Samba domain and access files. What I'm really trying to understand here though is why version 1.07 would do NTLM with PAM just fine, but later versions I've tried will not. After failing to get later versions to work, I decided to see if I could at least get them to do NTLM by authenticating against a Samba domain but that won't work either. 1.07 did NTLM just fine authenticating against a system user account with PAM, as demonstrated by the following excerpt from the log: dovecot: Feb 06 12:46:59 Info: imap-login: Login: user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 dovecot: Feb 06 12:46:59 Info: imap-login: Login: user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 dovecot: Feb 06 12:47:42 Info: IMAP(pquesinb): Disconnected: Logged out dovecot: Feb 06 12:47:42 Info: IMAP(pquesinb): Disconnected: Logged out dovecot: Feb 06 12:48:03 Info: imap-login: Login: user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 dovecot: Feb 06 12:48:03 Info: imap-login: Login: user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 dovecot: Feb 06 12:48:44 Info: IMAP(pquesinb): Disconnected: Logged out dovecot: Feb 06 12:48:44 Info: IMAP(pquesinb): Disconnected: Logged out Authentication settings for 1.07 were as follows (excerpt from -n output, see below for full output): auth default: mechanisms: ntlm plain passdb: driver: passwd-file args: /etc/dovecot.users passdb: driver: pam args: cache_key=%u dovecot userdb: driver: passwd Since 1.07 was such an old version, I first tried updating to 1.2.17 and lost the ability to do NTLM authentication with the same settings: Feb 06 16:09:32 dovecot: Info: Dovecot v1.2.17 starting up (core dumps disabled) Feb 06 16:09:46 auth(default): Info: password(pquesinb,192.168.2.100): Requested NTLM scheme, but we have a NULL password Feb 06 16:09:53 auth(default): Info: password(pquesinb,192.168.2.100): Requested NTLM scheme, but we have a NULL password Feb 06 16:10:05 imap-login: Info: Disconnected (auth failed, 2 attempts): user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 Feb 06 16:11:54 auth(default): Info: password(pquesinb,192.168.2.100): Requested NTLM scheme, but we have a NULL password Feb 06 16:12:04 auth(default): Info: password(pquesinb,192.168.2.100): Requested NTLM scheme, but we have a NULL password Feb 06 16:12:16 imap-login: Info: Disconnected (auth failed, 2 attempts): user=, method=NTLM, rip=192.168.2.100, lip=192.168.2.102 Next I decided to try 2.x and since I had installed 1.2.17 from source, I thought it would be wise to install from an RPM which had been "blessed" for CentOS 5, so 2.1.1 was installed from the RPMs linked to on the Dovecot download site: http://dl.atrpms.net/all/dovecot-2.1.1-2_132.el5.x86_64.rpm Still no NTLM authentication with 2.x using PAM, so I decided to try authenticating against the Samba 4 domain using Samba's winbind daemon and ntlm_auth helper. That still doesn't work however, as seen by the following log excerpt but plaintext login which is also enabled, works: Feb 28 23:29:13 auth: Debug: auth client connected (pid=18518) Feb 28 23:29:13 auth: Debug: client in: AUTH 1 NTLM service=imap lip=192.168.2.102 rip=192.168.2.100 lport=143 rport=4531 Feb 28 23:29:15 auth: Debug: client out: FAIL 1 Feb 28 23:29:15 auth: Debug: client in: AUTH 2 PLAIN service=imap lip=192.168.2.102 rip=192.168.2.100 lport=143 rport=4530 resp=AHBxdWVzaW5iAFN0ZXdCMHkv Feb 28 23:29:17 auth: Debug: client out: CONT 1 Feb 28 23:29:17 auth: Debug: client in: CONT 1 TlRMTVxxxxxxxAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw== Feb 28 23:29:17 auth: Error: could not obtain winbind netbios name! Feb 28 23:29:17 auth: Error: could not obtain winbind domain name! Feb 28 23:29:17 auth: Debug: client out: CONT 1 TlRMTVNTUAACAAAAGAAYADgAAAAFxxxxxxxxxSsAAAAAAAAAAIoAigBQAAAABgEAAAAAAA9IAEUA UgBTAEMASABMxxxxxxxxxxUATgACABgASABFAFIAUwBDAEgATABBAFUAUgBFAE4AAQAOAFMARQBS AFYARQBSADEABAAgAGgAZQByAHMAYwBoAGwAYQB1AHIAZQBuAC4AYwBvAG0AAwAwAFMAZQByAHYA ZQByADEALgBoAGUAcgBzAGMAaABsAGEAdQByAGUAbgAuAGMAbwBtAAAAAAA= Feb 28 23:29:17 auth: Debug: client in: CONT 1 TlRMTVNTUAADAAAAGAAYAGoAAAC6ALoAggAAAAAAAABIAAAAEAAQAEgAAAASABIAWAAAAAAAAAAx xxxxxxxKIogUBKAoAAAAPcABxAHUAZQBzAGkAbgBiAFEAUwBFAC0AVwxxxxxxxx+cYeYzU98pxsa 17QyN6VD8kE2RibAjNedd/ooN2y4/uSr/ZQYxxxxxxxxxU1Fs4BjelQ/JBNkYkAAAAAAgAYAEgAR QBSAFMAQwBIAEwAQQBVAFIARQBOAAEADgBTAEUAUgBWAEUAUgAxAAQAIABoAGUAcgBzAGMAaABsA GEAdQBxxxxxxxxxxbwBtAAMAMABTAGUAcgB2AGUAcgAxAC4AaABlAHIAcwBjAGxxxxxxxxxxxxlA G4ALgBjAG8AbQAAAAAAAAAAAA== Feb 28 23:29:17 auth: Info: winbind(?,192.168.2.100): user not authenticated: NT_STATUS_UNSUCCESSFUL Feb 28 23:29:19 auth: Debug: cache(pquesinb,192.168.2.100): miss Feb 28 23:29:19 auth-worker(18524): Debug: Loading modules from directory: /usr/lib64/dovecot/auth Feb 28 23:29:19 auth: Debug: client out: FAIL 1 Feb 28 23:29:19 auth: Debug: client in: AUTH 2 PLAIN service=imap lip=192.168.2.102 rip=192.168.2.100 lport=143 rport=4531 resp=AHBxdWVzaW5iAFN0ZXdCMHkv Feb 28 23:29:19 auth-worker(18524): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so Feb 28 23:29:19 auth-worker(18524): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so Feb 28 23:29:19 auth-worker(18524): Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Feb 28 23:29:19 auth-worker(18524): Debug: pam(pquesinb,192.168.2.100): lookup service=dovecot Feb 28 23:29:19 auth-worker(18524): Debug: pam(pquesinb,192.168.2.100): #1/1 style=1 msg=Password: Feb 28 23:29:19 auth: Debug: client out: OK 2 user=pquesinb Feb 28 23:29:19 auth: Debug: master in: REQUEST 751435777 18513 2 db445872b80e33772b5f0d35d50af3d1 Feb 28 23:29:19 auth: Debug: userdb-cache(pquesinb,192.168.2.100): miss Feb 28 23:29:19 auth: Debug: passwd(pquesinb,192.168.2.100): lookup Feb 28 23:29:19 auth: Debug: master out: USER 751435777 pquesinb system_groups_user=pquesinb uid=507 gid=508 home=/home/pquesinb Feb 28 23:29:19 imap-login: Info: Login: user=, method=PLAIN, rip=192.168.2.100, lip=192.168.2.102, mpid=18526 Feb 28 23:29:27 auth: Debug: cache(pquesinb,192.168.2.100): hit: {SHA1}+2ZUmdHOxxxxxxxxxxxxOLinOC0= user=pquesinb user=pquesinb Feb 28 23:29:27 auth: Debug: client out: OK 2 user=pquesinb Feb 28 23:29:27 auth: Debug: master in: REQUEST 3169320961 18518 2 6bd7b4fd283994029394360a2f5b4048 Feb 28 23:29:27 auth: Debug: userdb-cache(pquesinb,192.168.2.100): hit: pquesinb system_groups_user=pquesinb uid=507 gid=508 home=/home/pquesinb Feb 28 23:29:27 auth: Debug: master out: USER 3169320961 pquesinb system_groups_user=pquesinb uid=507 gid=508 home=/home/pquesinb Feb 28 23:29:27 imap-login: Info: Login: user=, method=PLAIN, rip=192.168.2.100, lip=192.168.2.102, mpid=18531 Feb 28 23:30:00 imap(pquesinb): Info: Disconnected: Logged out in=861 out=31433 Feb 28 23:30:00 imap(pquesinb): Info: Disconnected: Logged out in=120 out=739 Here is the -n output for both 2.11 and 1.07, login/mail executables and plugins are present within the configured paths for both versions: Config output for 2.11: [root at Server1 log]# dovecot -n # 2.1.1: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-348.1.1.el5.centos.plusxen x86_64 CentOS release 5.9 (Final) auth_cache_size = 16 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = ntlm plain auth_use_winbind = yes auth_verbose = yes disable_plaintext_auth = no info_log_path = /var/log/dovecot.log listen = * log_path = /var/log/dovecot.log mail_location = maildir:~/Maildir maildir_very_dirty_syncs = yes passdb { args = cache_key=%u dovecot driver = pam } passdb { driver = shadow } protocols = imap pop3 service auth { executable = /usr/libexec/dovecot/auth user = root } service imap-login { client_limit = 256 executable = /usr/libexec/dovecot/imap-login process_limit = 128 user = dovecot vsz_limit = 64 M } service imap { executable = /usr/libexec/dovecot/imap process_limit = 64 } service pop3-login { client_limit = 256 process_limit = 128 user = dovecot vsz_limit = 64 M } service pop3 { process_limit = 64 } ssl_cert = References: Message-ID: <20130301140543.Horde.1ebp5ecuRAZh7tx8x1LHOw1@bigworm.curecanti.org> Quoting "Valery V. Sedletski" : >>> >>> But I tried to create a fresh account in Dovecot (not migrated from >>> Courier), and it >>> still shows a intermixed folder order: >>> >>> a list "" * >>> * LIST (\HasNoChildren) "/" "Spam" >>> * LIST (\HasNoChildren) "/" "Sent" >>> * LIST (\HasNoChildren) "/" "Drafts" >>> * LIST (\HasNoChildren) "/" "Trash" >>> * LIST (\HasNoChildren) "/" "INBOX" >>> * LIST (\HasNoChildren) "/" "Pub" >>> a OK List completed. >> >> Why does this matter? IMAP does NOT enforce any sort of required >> sorting order, and no IMAP client can assume a sort order. So >> enforcing a sort order on the server is just a waste of resources. >> > > Just a cosmetic problem, of course. Some IMAP clients do sort folders, > others do not, so they show different folder sort order in Dovecot, if > migrated from Courier (Courier seems to sort folders, so that the system > ones appear first). We just needed a seamless migration. Still don't see the relevance to a migration though. If you have software that assumes that mailboxes are listed in some sort of order, that is just broken software. >> FWIW, this is completely legal IMAP output also (albeit inefficient): >> >> a list "" * >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Sent" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Drafts" >> * LIST (\HasNoChildren) "/" "Trash" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "Spam" >> * LIST (\HasNoChildren) "/" "INBOX" >> * LIST (\HasNoChildren) "/" "Pub" >> a OK List completed. >> > > So, it is legal to even list each folder several times? Sure. Just like this is legal IMAP: a FETCH 1 (UID) * 2 FETCH (UID 100) * 3 FETCH (FLAGS (\Seen)) * 1 FETCH (UID 50) * 1 FETCH (UID 50) * 1 FETCH (UID 50) * 2 FETCH (UID 100) a OK FETCH complete Once again: not efficient, but perfectly acceptable. michael From piotr.rotter at active24.pl Sat Mar 2 00:14:23 2013 From: piotr.rotter at active24.pl (Piotr Rotter) Date: Fri, 01 Mar 2013 23:14:23 +0100 Subject: [Dovecot] how to talk with doveadmin unix socket In-Reply-To: References: <512E9C7A.4040509@active24.pl> Message-ID: <5131283F.9020901@active24.pl> W dniu 28.02.2013 08:03, Nikita Koshikov pisze: > On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter wrote: > >> Hello, >> >> I would like to get mailbox quota by doveadm unix socket >> (/var/run/dovecor/doveadm-**server). I get from strace syntax of >> comunication: >> >> write(9, "VERSION\t1\t0\nUSER\t1\tpiotr**.rotter at active24.pl >> \tservice=**doveadm\n", 60) = 60 >> read(9, "VERSION\t1\t1\nSPID\t20805\n"**, 8192) = 23 >> read(9, "USER\t1\tpiotr.rotter@**active24.pl >> \temail=piotr.**rotter at active24.pl \tclear=** >> 7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\** >> tgid=502\tquota_rule=*:**storage=2097152000B\tquota_** >> rule2=*:messages=50000\n", >> 8169) = 196 >> >> and I wrote super simple client in php: >> >> > $sock = stream_socket_client('unix:///**var/run/dovecot/doveadm-**server', >> $errno, $errstr); >> fwrite($sock, "VERSION\t1\t0\nUSER\t1\tpiotr**.rotter at active24.pl >> \tservice=**doveadm\n"); >> echo fread($sock, 4096)."\n"; >> echo fread($sock, 4096)."\n"; >> fclose($sock); >> ?> >> >> But i get only "+" sign and line in errorlog as below: >> >> 2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error: >> doveadm client not compatible with this server (mixed old and new binaries?) >> >> I would be very grateful for your help with this problem, what I doing >> wrong. >> >> My current dovecot version is 2.1.13 >> >> > Here is my example on perl > > socket(TSOCK, PF_UNIX, SOCK_STREAM,0); > connect(TSOCK, sockaddr_un("$conf{quota_socket}")); > > if ($? != 0) { > #error here > } > > #After connect on socket, dovecot returns "+" or "-". Just a simple > check for data. > if (defined(my $answer = )) { > > print TSOCK "VERSION\tdoveadm-server\t1\t0\n"; > print TSOCK "PLAIN\t$conf{'doveadm_password'}\n"; > TSOCK->flush; > #'+' here > $answer=; > print TSOCK "\t$local_part\@$domain\tquota get\n"; > TSOCK->flush; > > my $quota_data = ; > > > #"+" if everything is OK > $answer = ; > > close TSOCK; > } > > Don't forget to set doveadm_password= in dovecot config(clearttext) and you > must encode password in base64 for using in a script (after PLAIN command). > > PS > dovecot version 2.1.15 here. > Hi, Thank You for example but I still don't know what I doing wrong. I set that in master.cf service doveadm { unix_listener doveadm-server { mode = 0666 } } doveadm_password=foobar My script now look like that: $DOVEADM_PASS = base64_encode('foobar'); $sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server', $errno, $errstr); echo fread($sock, 4096)."\n"; fwrite($sock, "VERSION\tdoveadm-server\t1\t0\n"); fwrite($sock, "PLAIN\t$DOVEADM_PASS\n"); fflush($sock); echo fread($sock, 4096)."\n"; fwrite($sock, "\tpiotr.rotter at active24.pl\tquota get\n"); fflush($sock); echo fread($sock, 4096)."\n"; fclose($sock); I get two times "-" and that in logs dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm' Please give me any tip. From piotr.rotter at active24.pl Sat Mar 2 00:49:02 2013 From: piotr.rotter at active24.pl (Piotr Rotter) Date: Fri, 01 Mar 2013 23:49:02 +0100 Subject: [Dovecot] how to talk with doveadmin unix socket In-Reply-To: <5131283F.9020901@active24.pl> References: <512E9C7A.4040509@active24.pl> <5131283F.9020901@active24.pl> Message-ID: <5131305E.5010106@active24.pl> W dniu 01.03.2013 23:14, Piotr Rotter pisze: > W dniu 28.02.2013 08:03, Nikita Koshikov pisze: >> On Thu, Feb 28, 2013 at 1:53 AM, Piotr Rotter >> wrote: >> >>> Hello, >>> >>> I would like to get mailbox quota by doveadm unix socket >>> (/var/run/dovecor/doveadm-**server). I get from strace syntax of >>> comunication: >>> >>> write(9, >>> "VERSION\t1\t0\nUSER\t1\tpiotr**.rotter at active24.pl >>> >>> \tservice=**doveadm\n", 60) = 60 >>> read(9, "VERSION\t1\t1\nSPID\t20805\n"**, 8192) = 23 >>> read(9, "USER\t1\tpiotr.rotter@**active24.pl >>> \temail=piotr.**rotter at active24.pl \tclear=** >>> 7T33z456\thome=/vm/08/A/active**24.pl/piotr.rotter/\tuid=502\** >>> tgid=502\tquota_rule=*:**storage=2097152000B\tquota_** >>> rule2=*:messages=50000\n", >>> >>> 8169) = 196 >>> >>> and I wrote super simple client in php: >>> >>> >> $sock = >>> stream_socket_client('unix:///**var/run/dovecot/doveadm-**server', >>> $errno, $errstr); >>> fwrite($sock, >>> "VERSION\t1\t0\nUSER\t1\tpiotr**.rotter at active24.pl >>> >>> \tservice=**doveadm\n"); >>> echo fread($sock, 4096)."\n"; >>> echo fread($sock, 4096)."\n"; >>> fclose($sock); >>> ?> >>> >>> But i get only "+" sign and line in errorlog as below: >>> >>> 2013-02-28T00:39:56.377437+01:**00 kurier9 dovecot: doveadm: Error: >>> doveadm client not compatible with this server (mixed old and new >>> binaries?) >>> >>> I would be very grateful for your help with this problem, what I doing >>> wrong. >>> >>> My current dovecot version is 2.1.13 >>> >>> >> Here is my example on perl >> >> socket(TSOCK, PF_UNIX, SOCK_STREAM,0); >> connect(TSOCK, sockaddr_un("$conf{quota_socket}")); >> >> if ($? != 0) { >> #error here >> } >> >> #After connect on socket, dovecot returns "+" or "-". Just a >> simple >> check for data. >> if (defined(my $answer = )) { >> >> print TSOCK "VERSION\tdoveadm-server\t1\t0\n"; >> print TSOCK "PLAIN\t$conf{'doveadm_password'}\n"; >> TSOCK->flush; >> #'+' here >> $answer=; >> print TSOCK "\t$local_part\@$domain\tquota get\n"; >> TSOCK->flush; >> >> my $quota_data = ; >> >> >> #"+" if everything is OK >> $answer = ; >> >> close TSOCK; >> } >> >> Don't forget to set doveadm_password= in dovecot config(clearttext) >> and you >> must encode password in base64 for using in a script (after PLAIN >> command). >> >> PS >> dovecot version 2.1.15 here. >> > > Hi, > > Thank You for example but I still don't know what I doing wrong. > > I set that in master.cf > > service doveadm { > unix_listener doveadm-server { > mode = 0666 > } > } > doveadm_password=foobar > > My script now look like that: > > $DOVEADM_PASS = base64_encode('foobar'); > $sock = stream_socket_client('unix:///var/run/dovecot/doveadm-server', > $errno, $errstr); > echo fread($sock, 4096)."\n"; > fwrite($sock, "VERSION\tdoveadm-server\t1\t0\n"); > fwrite($sock, "PLAIN\t$DOVEADM_PASS\n"); > fflush($sock); > echo fread($sock, 4096)."\n"; > fwrite($sock, "\tpiotr.rotter at active24.pl\tquota get\n"); > fflush($sock); > echo fread($sock, 4096)."\n"; > fclose($sock); > > I get two times "-" and that in logs > > dovecot: doveadm: Error: doveadm client didn't authenticate as 'doveadm' > > Please give me any tip. > Hi, I solve this, I found this code 266 if (size < 10 || data[0] != '\0' || 267 memcmp(data+1, "doveadm", 7) != 0 || data[8] != '\0') { 268 i_error("doveadm client didn't authenticate as 'doveadm'"); 269 return -1; 270 } This mean that I don't understood that PLAIN is PLAIN and nothing else. That is solution: $DOVEADM_PASS = base64_encode("\0doveadm\0foobar"); Thank You for help again. From delrio at mie.utoronto.ca Sat Mar 2 01:07:43 2013 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Fri, 01 Mar 2013 18:07:43 -0500 Subject: [Dovecot] v2.2.rc2 released In-Reply-To: <1361817801.27458.18.camel@hurina> References: <1361817801.27458.18.camel@hurina> Message-ID: <513134BF.60803@mie.utoronto.ca> Error compiling on Solaris 11.1 gmake[4]: Entering directory `/opt/local/src/dovecot/dovecot-2.2.rc2/src/plugins/quota' gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib-master -I../../../src/lib-dict -I../../../src/lib-index -I../../../src/lib-mail -I../../../src/lib-storage -I../../../src/lib-storage/index -I../../../src/lib-storage/index/maildir -I../../../src/doveadm -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT quota-status.o -MD -MP -MF .deps/quota-status.Tpo -c -o quota-status.o quota-status.c quota-status.c: In function 'main': quota-status.c:184:15: error: 'optarg' undeclared (first use in this function) quota-status.c:184:15: note: each undeclared identifier is reported only once for each function it appears in It worked after adding #include #include to quota-status.c - or perhaps those should be added to src/lib-master/master-service.h? From noel.butler at ausics.net Sat Mar 2 04:02:06 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 02 Mar 2013 12:02:06 +1000 Subject: [Dovecot] [OT] NJABL Message-ID: <1362189726.3874.25.camel@tardis> If you are using this DNSBL in your MTA, best remove it, it's no more. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From slitt at troubleshooters.com Sat Mar 2 05:25:55 2013 From: slitt at troubleshooters.com (Steve Litt) Date: Fri, 1 Mar 2013 22:25:55 -0500 Subject: [Dovecot] [Users] I need help with my mail client [Was: running cron on UTC] In-Reply-To: <20130301070254.7eb99e25@scorpio> References: <20130228220149.GA3078@ldev.tvplus.com> <512FFBE2.50400@NorthTech.US> <20130301014610.GA3687@ldev.tvplus.com> <51300A3A.7000606@ubuntu.com> <20130301025710.7fcc60dd@mydesk> <20130301003433.60dda881.itz@buug.org> <20130301070254.7eb99e25@scorpio> Message-ID: <20130301222555.459526e6@mydesk> On Fri, 1 Mar 2013 07:02:54 -0500 Jerry wrote: > On Fri, 1 Mar 2013 00:34:33 -0800 > Ian Zimmerman articulated: > > > On Fri, 1 Mar 2013 02:57:10 -0500 > > Steve Litt wrote: > > > > Steve> Can anyone tell me how to start narrowing down the cause of > > Steve> this behavior? > > > > You could begin by telling the (ocluc) list admins to _stop munging_ > > the damn Reply-To headers. That is broken behavior, as nicely > > explained here (among many other places): > > > > http://www.unicom.com/pw/reply-to-harmful.html > > Interestingly enough, there is also an opposite opinion on the matter: > > > Personally, I believe ALL list replies should go directly to the list > and not to an individual unless the individual has specifically > requested such action. However, I am aware that there are those who > disagree with that philosophy. Thanks Ian and Jerry, It's doubtful that the OCLUG's defaulting replies to "list" (characterized by some as "munging") is the root cause here, because probably 90% of the mailing lists I'm on default replies to the list, and this symptom happens only with OCLUG's list. Whatever it is, it doesn't happen when I use Thunderbird instead of Claws. Of course it also doesn't happen on Claws on all the rest of the mailing lists I participate in. The fact that replying from Thunderbird eliminates the symptom, even if I later look at my IMAP using Claws, says to me that the root cause isn't in my Dovecot IMAP server. Paul from the Claws list pointed out that OCLUG emails' List-Post (oclug at mailman.oclug.org) and Reply-To (oclug at penguin.oclug.org) don't match. So far, that's the only thing about OCLUG I've found that's remotely different from everyone else. I have no idea whether this mismatch was intended, or whether it came about through an accident of history. I also don't know how hard it would be to get them to match. Steffen from the Claws list asked whether I configured Claws-Mail to add List-Post to the recipient list, and whether I've configured any reply action, that adds another recipient to the message. The answer to the second question is "no", my OCLUG folder has no properties or processing, my .procmailrc has no filters that change mail from OCLUG. As far as Steffen's second question, I don't know where in Claws' config options this would be configured, but the following command indicates to me that it's unlikely: slitt at mydesk:~/.claws-mail$ grep -irl "list-post" * | grep -v imapcache tmp/tmpfile.00000055 slitt at mydesk:~/.claws-mail$ Another point of information is that this symptom occurs whether I "reply to list" or just "reply". Since I'm happy with both Claws-Mail and OCLUG, I'll "solve" the problem by trying to remember to delete the CC automatically inserted by each Claws reply to OCLUG mail. I might also look into installing OCLUG folder specific processing or properties, or maybe even setting a procmail filter to change the headers on mail from OCLUG. It would basically be a short filter invoking an awk command. However it gets solved, I'll let you all know about it. Thanks, SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance From fromberg100 at hotmail.com Sat Mar 2 06:20:43 2013 From: fromberg100 at hotmail.com (Fabian von Romberg) Date: Fri, 01 Mar 2013 23:20:43 -0500 Subject: [Dovecot] Error delivery In-Reply-To: References: Message-ID: Hi everyone, I just decided to re-compile dovecot and now everything is working as expected. Thank you everyone for the help. Regards, Fabian On 02/28/2013 09:17 PM, Fabian von Romberg wrote: > Hi all, > > Im getting the following error when an email is to be delivered. Below error message: > > relay=dovecot, delay=4912, delays=4911/0.03/0/0.69, dsn=4.3.0, status=deferred (Command died with signal 11: "/usr/local/dovecot/libexec/dovecot/deliver") > > Can anyone please address me where the problem might be? > > Thanks in advance and regards, > Fabian > > From gizmo at giz-works.com Sat Mar 2 19:01:51 2013 From: gizmo at giz-works.com (Chris Richards) Date: Sat, 2 Mar 2013 11:01:51 -0600 Subject: [Dovecot] Random LDA failure to access auth socket Message-ID: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> Greetings all. Please forgive me if I'm posting something that has already been addressed, but my google-foo is not strong enough to find the solution. I've got a dovecot server running version 2.0.19 on Gentoo Hardened. I have Postfix as my MTA, and it is calling the Dovecot LDA to deliver the mail. Everything is working great, mail is being delivered, and the users are happy. However, I am noticing that I have random entries like this: Mar 1 20:19:23 hermes dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=97(dovecot) egid=97(dovecot) missing +r perm: /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755) Mar 1 20:19:23 hermes dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information. Since these messages came from the server log, looking in the server log for more information is rather pointless. I have 10-master.conf configured as follows: service auth { unix_listener auth-userdb { mode = 0600 user = vmail group = vmail } In 15-lda.conf I have: protocol lda { mail_plugins = $mail_plugins sieve quota } In Postfix master.cf, I have the following: dovecot unix - n n - - pipe flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} Permissions on the socket are: srw------- 1 vmail vmail 0 Feb 24 23:43 auth-userdb Judging from the log, my problem is that the LDA appears to be trying to access the socket as the dovecot user (rather than the vmail user), but my question is why? What logging can I use to tell me if postfix is calling with the wrong permissions or if the lda is somehow getting confused? Any help or suggestions greatly appreciated. Thanks, Gizmo From daniel.parthey at informatik.tu-chemnitz.de Sat Mar 2 19:15:59 2013 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sat, 2 Mar 2013 18:15:59 +0100 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> Message-ID: <20130302171558.GA5031@daniel.localdomain> Chris Richards wrote: > I've got a dovecot server running version 2.0.19 on Gentoo Hardened. I > have Postfix as my MTA, and it is calling the Dovecot LDA to deliver the > mail. Everything is working great, mail is being delivered, and the users > are happy. > > However, I am noticing that I have random entries like this: > > Mar 1 20:19:23 hermes dovecot: lda: Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=97(dovecot) egid=97(dovecot) missing +r perm: > /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755) > Mar 1 20:19:23 hermes dovecot: lda: Fatal: Internal error occurred. Refer > to server log for more information. > > In Postfix master.cf, I have the following: > dovecot unix - n n - - pipe > flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f > ${sender} -d ${user}@${nexthop} > > Permissions on the socket are: > srw------- 1 vmail vmail 0 Feb 24 23:43 auth-userdb > > Judging from the log, my problem is that the LDA appears to be trying to > access the socket as the dovecot user (rather than the vmail user), but my > question is why? What logging can I use to tell me if postfix is calling > with the wrong permissions or if the lda is somehow getting confused? Have a look at http://wiki2.dovecot.org/LDA http://wiki2.dovecot.org/LDA/Postfix Maybe there you will find some helpful hints. Is /usr/libexec/dovecot/deliver or /usr/libexec/dovecot/dovecot-lda somehow setuid or setgid and owner/group dovecot? Where does the effective user euid=97(dovecot) and effective group egid=97(dovecot) come from, is it somewhere your dovecot config? Please show full output of # doveconf -n # stat /usr/libexec/dovecot/deliver # stat /usr/libexec/dovecot/dovecot-lda Regards Daniel -- https://plus.google.com/103021802792276734820 From philq at qsystemsengineering.com Sat Mar 2 19:18:44 2013 From: philq at qsystemsengineering.com (PhilQ) Date: Sat, 2 Mar 2013 09:18:44 -0800 (PST) Subject: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x In-Reply-To: <1362146193.30450.YahooMailNeo@web28805.mail.ir2.yahoo.com> References: <512C97A4.9050801@filmakademie.de> <512DB7E5.7030903@filmakademie.de> <51307BA4.6060806@filmakademie.de> <1362146193.30450.YahooMailNeo@web28805.mail.ir2.yahoo.com> Message-ID: <1362244724201-40591.post@n4.nabble.com> RPMs for 2.1.1 on RHEL 5 .x are available here: http://packages.atrpms.net/dist/el5/dovecot/ It broke the ability to do NTLM authentication in our case however, while 1.0.7 worked fine. Not sure if this is a problem with the RPMs, the new version of Dovecot, or a problem with our setup but the research we've done so far makes it look like an issue with the new version and 5.x. - Phil -- View this message in context: http://dovecot.2317879.n4.nabble.com/Suggestions-for-upgrading-dovecot-1-0-7-Redhat-EL-5-x-tp40402p40591.html Sent from the Dovecot mailing list archive at Nabble.com. From gizmo at giz-works.com Sat Mar 2 19:52:01 2013 From: gizmo at giz-works.com (Chris Richards) Date: Sat, 2 Mar 2013 11:52:01 -0600 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: <20130302171558.GA5031@daniel.localdomain> References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> <20130302171558.GA5031@daniel.localdomain> Message-ID: Thanks for the links: those were what I followed when I set things up. The dovecot user is the $default_internal_user. hermes conf.d # dovecot -n # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.4.2-hardened-r1-bordernet x86_64 Gentoo Base System release 2.1 ext4 auth_master_user_separator = * auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@& auth_verbose_passwords = plain disable_plaintext_auth = no login_greeting = Awaiting command... mail_location = maildir:/home/vmail/%d/%n/Maildir mail_plugins = " quota" mail_privileged_group = 100 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { expire = Trash 7 expire2 = Trash/* 7 expire3 = Spam 7 quota = maildir:User quota quota_rule = *:storage=200M quota_warning = storage=95%% quota-warning 95 %n %d quota_warning2 = storage=80%% quota-warning 80 %n %d sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /home/vmail/dovecot/sieve sieve_global_path = /home/vmail/dovecot/sieve/default.sieve } protocols = imap pop3 sieve service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } user = $default_internal_user } service quota-warning { executable = script /etc/dovecot/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = 'dovecot-lda' Size: 11 Blocks: 0 IO Block: 4096 symbolic link Device: 805h/2053d Inode: 267375 Links: 1 Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2012-11-24 17:44:04.440976879 +0000 Modify: 2012-11-24 17:44:04.440976879 +0000 Change: 2012-11-24 17:44:04.440976879 +0000 Birth: - hermes conf.d # stat /usr/libexec/dovecot/dovecot-lda File: '/usr/libexec/dovecot/dovecot-lda' Size: 22432 Blocks: 48 IO Block: 4096 regular file Device: 805h/2053d Inode: 849010 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2012-11-24 17:43:57.124794021 +0000 Modify: 2012-11-24 17:44:02.204920992 +0000 Change: 2012-11-24 17:44:04.444976978 +0000 Birth: - Thanks in advance for your help. Chris On Sat, March 2, 2013 11:15 am, Daniel Parthey wrote: > Chris Richards wrote: >> I've got a dovecot server running version 2.0.19 on Gentoo Hardened. I >> have Postfix as my MTA, and it is calling the Dovecot LDA to deliver the >> mail. Everything is working great, mail is being delivered, and the >> users >> are happy. >> >> However, I am noticing that I have random entries like this: >> >> Mar 1 20:19:23 hermes dovecot: lda: Error: userdb lookup: >> connect(/var/run/dovecot/auth-userdb) failed: Permission denied >> (euid=97(dovecot) egid=97(dovecot) missing +r perm: >> /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755) >> Mar 1 20:19:23 hermes dovecot: lda: Fatal: Internal error occurred. >> Refer >> to server log for more information. >> >> In Postfix master.cf, I have the following: >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f >> ${sender} -d ${user}@${nexthop} >> >> Permissions on the socket are: >> srw------- 1 vmail vmail 0 Feb 24 23:43 auth-userdb >> >> Judging from the log, my problem is that the LDA appears to be trying to >> access the socket as the dovecot user (rather than the vmail user), but >> my >> question is why? What logging can I use to tell me if postfix is >> calling >> with the wrong permissions or if the lda is somehow getting confused? > > Have a look at > http://wiki2.dovecot.org/LDA > http://wiki2.dovecot.org/LDA/Postfix > Maybe there you will find some helpful hints. > > Is /usr/libexec/dovecot/deliver or /usr/libexec/dovecot/dovecot-lda > somehow setuid or setgid and owner/group dovecot? Where does the > effective user euid=97(dovecot) and effective group egid=97(dovecot) > come from, is it somewhere your dovecot config? > > Please show full output of > # doveconf -n > # stat /usr/libexec/dovecot/deliver > # stat /usr/libexec/dovecot/dovecot-lda > > Regards > Daniel From andre.rodier at gmail.com Sun Mar 3 00:55:54 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Sat, 02 Mar 2013 22:55:54 +0000 Subject: [Dovecot] panic in dovecot when using fts with solr Message-ID: <5132837A.4060005@gmail.com> Hello All, I have a panic error in dovecot when I try to use the fts search with Solr. The version of dovecot I use is version 2.1 I have used a telnet session to search, but I don't know if this make a difference: telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. 1 login andre-rodier XXXXXXXXXX 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE SEARCH=FUZZY QUOTA ACL RIGHTS=texk] Logged in 2 select Inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 $label2 $label1 $label4 $label3 announce announces $ulabels_50f548e03429e feedback) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 $label2 $label1 $label4 $label3 announce announces $ulabels_50f548e03429e feedback \*)] Flags permitted. * 2158 EXISTS * 0 RECENT * OK [UIDVALIDITY 1354776694] UIDs valid * OK [UIDNEXT 2568] Predicted next UID * OK [HIGHESTMODSEQ 9739] Highest 2 OK [READ-WRITE] Select completed. 3 search text Valentine * OK Searched 47% of the mailbox, ETA 0:10 * OK Searched 79% of the mailbox, ETA 0:05 * SEARCH 1120 1238 1279 1975 1990 1991 1992 1998 1999 2000 2001 2002 2058 2106 2107 2110 2151 3 OK Search completed (32.210 secs). ---------------------------------------------------------------------- Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Panic: file solr-connection.c: line 545 (solr_connection_post_more): assertion failed: (maxfd >= 0) Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4414a) [0x7f5f4237214a] -> /usr/lib/dovecot/libdovecot.so.0(+0x4418e) [0x7f5f4237218e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f5f4234982a] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) [0x7f5f402d48d9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4ac7) [0x7f5f402d1ac7] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0x339) [0x7f5f408f1f19] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xc6e0) [0x7f5f408f66e0] -> dovecot/indexer-worker(+0x28d4) [0x7f5f42ae88d4] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f5f4237f016] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f5f4237fcc7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f5f4237ea28] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f5f4236b483] -> dovecot/indexer-worker(main+0xfe) [0x7f5f42ae834e] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f5f41fc2ead] -> dovecot/indexer-worker(+0x23f5) [0x7f5f42ae83f5] Mar 2 22:48:02 lapetus dovecot: indexer: Error: Indexer worker disconnected, discarding 1 requests for andre rodier at indiefield.co.uk Mar 2 22:48:02 lapetus dovecot: imap(andre rodier at indiefield.co.uk): Error: indexer failed to index mailbox INBOX Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Fatal: master: service(indexer-worker): child 19644 killed with signal 6 (core dumps disabled) ---------------------------------------------------------------------- Regards, Andre From andre.rodier at gmail.com Sun Mar 3 00:57:14 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Sat, 02 Mar 2013 22:57:14 +0000 Subject: [Dovecot] panic in dovecot when using fts with solr Message-ID: <513283CA.7080004@gmail.com> Hello All, I have a panic error in dovecot when I try to use the fts search with Solr. The version of dovecot I use is version 2.1 I have used a telnet session to search, but I don't know if this make a difference: telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. 1 login andre-rodier XXXXXXXXXX 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE SEARCH=FUZZY QUOTA ACL RIGHTS=texk] Logged in 2 select Inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 $label2 $label1 $label4 $label3 announce announces $ulabels_50f548e03429e feedback) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 $label2 $label1 $label4 $label3 announce announces $ulabels_50f548e03429e feedback \*)] Flags permitted. * 2158 EXISTS * 0 RECENT * OK [UIDVALIDITY 1354776694] UIDs valid * OK [UIDNEXT 2568] Predicted next UID * OK [HIGHESTMODSEQ 9739] Highest 2 OK [READ-WRITE] Select completed. 3 search text Valentine * OK Searched 47% of the mailbox, ETA 0:10 * OK Searched 79% of the mailbox, ETA 0:05 * SEARCH 1120 1238 1279 1975 1990 1991 1992 1998 1999 2000 2001 2002 2058 2106 2107 2110 2151 3 OK Search completed (32.210 secs). ---------------------------------------------------------------------- Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Panic: file solr-connection.c: line 545 (solr_connection_post_more): assertion failed: (maxfd >= 0) Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4414a) [0x7f5f4237214a] -> /usr/lib/dovecot/libdovecot.so.0(+0x4418e) [0x7f5f4237218e] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f5f4234982a] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) [0x7f5f402d48d9] -> /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4ac7) [0x7f5f402d1ac7] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0x339) [0x7f5f408f1f19] -> /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xc6e0) [0x7f5f408f66e0] -> dovecot/indexer-worker(+0x28d4) [0x7f5f42ae88d4] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f5f4237f016] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f5f4237fcc7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f5f4237ea28] -> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f5f4236b483] -> dovecot/indexer-worker(main+0xfe) [0x7f5f42ae834e] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f5f41fc2ead] -> dovecot/indexer-worker(+0x23f5) [0x7f5f42ae83f5] Mar 2 22:48:02 lapetus dovecot: indexer: Error: Indexer worker disconnected, discarding 1 requests for andre rodier at indiefield.co.uk Mar 2 22:48:02 lapetus dovecot: imap(andre rodier at indiefield.co.uk): Error: indexer failed to index mailbox INBOX Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre rodier at indiefield.co.uk): Fatal: master: service(indexer-worker): child 19644 killed with signal 6 (core dumps disabled) ---------------------------------------------------------------------- Regards, Andre From andre.rodier at gmail.com Sun Mar 3 10:39:51 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Sun, 03 Mar 2013 08:39:51 +0000 Subject: [Dovecot] panic in dovecot when using fts with solr In-Reply-To: <513283CA.7080004@gmail.com> References: <513283CA.7080004@gmail.com> Message-ID: <51330C57.90400@gmail.com> Hello again, Sorry for the duplicate post earlier. My dovecot version is 2.1.7-7 (included in Debian Wheezy) I don't think that addinf doveconf output would be useful, but I can add it if you are interested. Kind regards, Andr? Rodier On 02/03/13 22:57, Andre Rodier wrote: > Hello All, > > I have a panic error in dovecot when I try to use the fts search with Solr. > > The version of dovecot I use is version 2.1 > > I have used a telnet session to search, but I don't know if this make a > difference: > > telnet localhost imap > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. > 1 login andre-rodier XXXXXXXXXX > 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND > UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE > QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS > SPECIAL-USE SEARCH=FUZZY QUOTA ACL RIGHTS=texk] Logged in > 2 select Inbox > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk > $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 > $label2 $label1 $label4 $label3 announce announces > $ulabels_50f548e03429e feedback) > * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk > $labels_4f9cce7caf4df $Forwarded $MDNSent Junk $labels_50f53a5862fb9 > $label2 $label1 $label4 $label3 announce announces > $ulabels_50f548e03429e feedback \*)] Flags permitted. > * 2158 EXISTS > * 0 RECENT > * OK [UIDVALIDITY 1354776694] UIDs valid > * OK [UIDNEXT 2568] Predicted next UID > * OK [HIGHESTMODSEQ 9739] Highest > 2 OK [READ-WRITE] Select completed. > 3 search text Valentine > * OK Searched 47% of the mailbox, ETA 0:10 > * OK Searched 79% of the mailbox, ETA 0:05 > * SEARCH 1120 1238 1279 1975 1990 1991 1992 1998 1999 2000 2001 2002 > 2058 2106 2107 2110 2151 > 3 OK Search completed (32.210 secs). > > > ---------------------------------------------------------------------- > Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre > rodier at indiefield.co.uk): Panic: file solr-connection.c: line 545 > (solr_connection_post_more): assertion failed: (maxfd >= 0) > Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre > rodier at indiefield.co.uk): Error: Raw backtrace: > /usr/lib/dovecot/libdovecot.so.0(+0x4414a) [0x7f5f4237214a] -> > /usr/lib/dovecot/libdovecot.so.0(+0x4418e) [0x7f5f4237218e] -> > /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f5f4234982a] -> > /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(solr_connection_post_more+0x249) > [0x7f5f402d48d9] -> > /usr/lib/dovecot/modules/lib21_fts_solr_plugin.so(+0x4ac7) > [0x7f5f402d1ac7] -> > /usr/lib/dovecot/modules/lib20_fts_plugin.so(fts_build_mail+0x339) > [0x7f5f408f1f19] -> > /usr/lib/dovecot/modules/lib20_fts_plugin.so(+0xc6e0) [0x7f5f408f66e0] > -> dovecot/indexer-worker(+0x28d4) [0x7f5f42ae88d4] -> > /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f5f4237f016] > -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) > [0x7f5f4237fcc7] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) > [0x7f5f4237ea28] -> > /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) > [0x7f5f4236b483] -> dovecot/indexer-worker(main+0xfe) [0x7f5f42ae834e] > -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) > [0x7f5f41fc2ead] -> dovecot/indexer-worker(+0x23f5) [0x7f5f42ae83f5] > Mar 2 22:48:02 lapetus dovecot: indexer: Error: Indexer worker > disconnected, discarding 1 requests for andre rodier at indiefield.co.uk > Mar 2 22:48:02 lapetus dovecot: imap(andre rodier at indiefield.co.uk): > Error: indexer failed to index mailbox INBOX > Mar 2 22:48:02 lapetus dovecot: indexer-worker(andre > rodier at indiefield.co.uk): Fatal: master: service(indexer-worker): child > 19644 killed with signal 6 (core dumps disabled) > ---------------------------------------------------------------------- > > Regards, > Andre From user+dovecot at localhost.localdomain.org Sun Mar 3 16:04:39 2013 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Sun, 03 Mar 2013 15:04:39 +0100 Subject: [Dovecot] tcpwrap: Fatal: master: service(tcpwrap): child $PID killed with signal 11 Message-ID: <51335877.2070207@localhost.localdomain.org> Hi Timo, today I've started Dovecot v2.2.rc2 (976bf9e69367) for the first time. /var/log/mail.log: Mar 3 14:28:33 mail dovecot: master: Dovecot v2.2.rc2 (976bf9e69367) starting up Mar 3 14:28:38 mail dovecot: master: Error: service(tcpwrap): command startup failed, throttling for 2 secs Mar 3 14:28:38 mail dovecot: tcpwrap: Fatal: master: service(tcpwrap): child $PID killed with signal 11 (core dumped) Mar 3 14:28:38 mail dovecot: imap-login: Error: read(tcpwrap) failed: Connection reset by peer Mar 3 14:28:38 mail dovecot: imap-login: access(tcpwrap): Client refused (rip=$RIP) Mar 3 14:28:38 mail dovecot: auth: pgsql(/var/run/postgresql): Connected to database mailsys Regards, Pascal -- The trapper recommends today: f007ba11.1306214 at localdomain.org -------------- next part -------------- el-tio ~ # gdb /usr/local/libexec/dovecot/tcpwrap /var/run/dovecot2/core GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/local/libexec/dovecot/tcpwrap...done. [New LWP 29930] warning: Can't read pathname for load map: Input/output error. [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `dovecot/tcpwrap'. Program terminated with signal 11, Segmentation fault. #0 0x00007fd7c345caf4 in master_service_init (name=0x4016b7 "tcpwrap", flags=0, argc=0x7fffc2c0920c, argv=0x7fffc2c09200, getopt_str=0x0) at master-service.c:153 153 service->getopt_str = *getopt_str == '\0' ? (gdb) bt full #0 0x00007fd7c345caf4 in master_service_init (name=0x4016b7 "tcpwrap", flags=0, argc=0x7fffc2c0920c, argv=0x7fffc2c09200, getopt_str=0x0) at master-service.c:153 service = 0x9875b0 value = 0x7fd7c372e310 "UH\211\345AWAVAUATE1\344S1\333H\203\354HH\307E\260" count = 0 __FUNCTION__ = "master_service_init" #1 0x00000000004014d0 in main (argc=1, argv=0x987390) at tcpwrap.c:115 No locals. (gdb) -------------- next part -------------- # 2.2.rc2 (976bf9e69367): /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 auth_mechanisms = plain login cram-md5 base_dir = /var/run/dovecot2 debug_log_path = /var/log/dovecot_dbg.log dict { quota = pgsql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_gid = 70000 first_valid_uid = 70000 hostname = mail.example.com listen = 192.0.2.1, 127.0.0.1, ::1, 2001:db8:4:f1::4 lmtp_save_to_detail_mailbox = yes login_access_sockets = tcpwrap mail_access_groups = dovemail mail_location = mdbox:~/mdbox mail_plugins = quota stats zlib managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / } passdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:user:%{uid}:noenforcing:proxy::quota quota_rule = *:storage=2G:messages=0 quota_rule2 = Trash:storage=+100M recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve stats_refresh = 1min zlib_save = bz2 zlib_save_level = 6 } postmaster_address = postmaster at example.com protocols = lmtp pop3 imap sieve service auth-worker { unix_listener auth-worker { group = $default_internal_user mode = 0660 user = doveauth } user = doveauth } service auth { client_limit = 1425 unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0600 user = postfix } user = doveauth } service dict { idle_kill = 150 secs unix_listener dict { group = dovemail mode = 0660 } } service imap-login { process_limit = 256 } service imap { process_limit = 256 } service lmtp { executable = lmtp -D inet_listener lmtp { address = ::1 127.0.0.1 port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service stats { fifo_listener stats-mail { mode = 0666 } } service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } ssl = required ssl_cert = mail_plugins = quota stats zlib imap_quota imap_stats imap_zlib } protocol lmtp { mail_plugins = quota stats zlib sieve } From daniel.parthey at informatik.tu-chemnitz.de Mon Mar 4 00:13:33 2013 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Sun, 3 Mar 2013 23:13:33 +0100 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> <20130302171558.GA5031@daniel.localdomain> Message-ID: <20130303221332.GA11783@daniel.localdomain> Hi Chris, Chris Richards wrote: > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0600 > user = vmail > } > user = $default_internal_user > } In order for dovecot-lda to work, default internal user "dovecot" seems to need permission for the user listing. This should work, but you should try to narrow the permissions down: service auth { unix_listener auth-userdb { group = dovecot mode = 0666 user = dovecot } } Documentation http://wiki2.dovecot.org/LDA says: The auth-userdb socket can be used to do userdb lookups for given usernames or get a list of all users. Typically the result will contain the user's UID, GID and home directory, but depending on your configuration it may return other information as well. So the information is similar to what can be found from eg. /etc/passwd for system users. This means that it's probably not a problem to use mode=0666 for the socket, but you should try to restrict it more just to be safe. > hermes conf.d # stat /usr/libexec/dovecot/deliver > File: '/usr/libexec/dovecot/deliver' -> 'dovecot-lda' > Size: 11 Blocks: 0 IO Block: 4096 symbolic link > Device: 805h/2053d Inode: 267375 Links: 1 > Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) > Access: 2012-11-24 17:44:04.440976879 +0000 > Modify: 2012-11-24 17:44:04.440976879 +0000 > Change: 2012-11-24 17:44:04.440976879 +0000 > Birth: - deliver is a symbolic link to dovecot-lda, so its basically the same. > hermes conf.d # stat /usr/libexec/dovecot/dovecot-lda > File: '/usr/libexec/dovecot/dovecot-lda' > Size: 22432 Blocks: 48 IO Block: 4096 regular file > Device: 805h/2053d Inode: 849010 Links: 1 > Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) > Access: 2012-11-24 17:43:57.124794021 +0000 > Modify: 2012-11-24 17:44:02.204920992 +0000 > Change: 2012-11-24 17:44:04.444976978 +0000 > Birth: - No setuid/setgid flags set. > >> In Postfix master.cf, I have the following: > >> dovecot unix - n n - - pipe > >> flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f > >> ${sender} -d ${user}@${nexthop} I'm wondering why user=vmail:users does not have the desired effect and dovecot-lda uses the effective uid "dovecot" and effective gid "dovecot" to do the user lookups. Regards Daniel -- https://plus.google.com/103021802792276734820 From alexandr.sabitov at netregistry.com.au Mon Mar 4 00:54:53 2013 From: alexandr.sabitov at netregistry.com.au (Alexandr Sabitov) Date: Sun, 3 Mar 2013 22:54:53 +0000 Subject: [Dovecot] Exposing masteruser info to cllients via lmtp-proxy connections Message-ID: <55D76B5A78B24C42B3AEC8148D487AA7426A0B55@EX-5.nro.netregistry.net> Hello, Please somebody suggest me how to remove the "*masteruser" appendix from the dovecot director database while using masteruser authentication. My situation is: - all users get authenticated in LDAP on the dovecot-director frontend - then they are forwarded to dovecot backend as username*masteruser ( this is a way how to proxy users with encrypted passwords). To enable it a added an extra field in LDAP-dovecot configuration: destuser=%u*masteruser This works OK, but problems are: - I have lmtp-proxy on the dovecot frontend and I have to use the same "%u*masteruser" field in lmtp passdb because the director thinks that me at mail.com and me at mail.com*masteruser are different users and would send lmtp-proxy connections to other dovecot backend. Here is a problem: "Delivery-To" and "Received" fields in any email contains "*masteruser" ! I need to remove any mentions about "masteruser" authentication from client emails. Also another little problem: - If I run "doveadm status" tool then to get user's data I need to specify user as "username*masteruser" Thank you in advance. Alexandr Sabitov Netregistry From gizmo at giz-works.com Mon Mar 4 01:31:18 2013 From: gizmo at giz-works.com (Chris Richards) Date: Sun, 3 Mar 2013 17:31:18 -0600 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: <20130303221332.GA11783@daniel.localdomain> References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> <20130302171558.GA5031@daniel.localdomain> <20130303221332.GA11783@daniel.localdomain> Message-ID: > In order for dovecot-lda to work, default internal user "dovecot" > seems to need permission for the user listing. This should work, > but you should try to narrow the permissions down: > > service auth { > unix_listener auth-userdb { > group = dovecot > mode = 0666 > user = dovecot > } > } I'll give this a whirl tomorrow during off-mail time. I'm thinking there was a reason I did vmail:users, but it's not coming to me at the moment. I'm also puzzled by why lda is using dovecot:dovecot rather than vmail:users. Does it drop back to dovecot:dovecot and retry if the requested uid:gid fails to work? I can't imagine where postfix would get uid:gid of dovecot:dovecot to call with, so I don't think it's a postfix problem. Thanks for your help! Chris From larryrtx at gmail.com Mon Mar 4 08:50:32 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Mon, 4 Mar 2013 00:50:32 -0600 Subject: [Dovecot] lda: duplicate prefix? Message-ID: I've just started using Dovecot, and can't seem to get the LDA to work. I get the following error: Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: Initialization failed: namespace configuration error: Duplicate namespace prefix: "" Mar 4 00:47:19 thebighonker dovecot: lda(ler): Fatal: Invalid user settings. Refer to server log for more information. Mar 4 00:47:19 thebighonker exim[76281]: 1UCPB8-000JqI-L7 == /home/ler/clamav-rules R=userforward T=address_file_dovecot defer (0): Child process of address_file_dovecot transport returned 75 (could mean temporary error) from command: /usr/local/libexec/dovecot/dovecot-lda dovecot -n attached. the invocation from my exim config for other than inbox: address_file_dovecot: driver = pipe # Use /usr/lib/dovecot/dovecot-lda if using Debian's package. # You may or may not want to add -d $local_part@$domain depending on if you ne ed a userdb lookup done. command = /usr/local/libexec/dovecot/dovecot-lda -f $sender_address -m ~/mail/ ${sg{$address_file}{$home}{}} message_prefix = message_suffix = log_output delivery_date_add envelope_to_add return_path_add #group = mail #mode = 0660 temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78 What am I doing wrong? -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot.n.conf Type: application/octet-stream Size: 1329 bytes Desc: not available URL: From suja at leos.gov.in Mon Mar 4 10:56:08 2013 From: suja at leos.gov.in (suja) Date: Mon, 04 Mar 2013 14:26:08 +0530 Subject: [Dovecot] dovecot proxying with imapc Message-ID: Dear sir, I have to set up a mail gateway which will be explored to Internet and a secure mail server in the Intranet. I need a smart imap proxy in the mail gateway which will fetch the mail from server and present to user through either a stand alone mail client or a web mail client. All authentication is through ldap server. I followed the instructions given in http://wiki2.dovecot.org/HowTo/ImapcProxy But while logging in I am getting a error: dovecot: imap(user1): Error: user user1:Initialization failed: Initializing mail storage from mail_location setting failed: Unknown mail storage driver imapc dovecot: imap(user1): Error: Invalid user settings. Refer to server log for more information. I couldn't figure out what is wrong. Please help me to sort it out. Thanks & Regards, Suja PV LEOS ---------------------------------------------------------------- This mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. LEOS has taken every reasonable precaution to remove any viruses however you should also carry out your own virus checks before opening the e-mail or attachment. From andre.rodier at gmail.com Mon Mar 4 12:01:40 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Mon, 4 Mar 2013 10:01:40 +0000 Subject: [Dovecot] panic in dovecot when using fts with solr In-Reply-To: <51330C57.90400@gmail.com> References: <513283CA.7080004@gmail.com> <51330C57.90400@gmail.com> Message-ID: This is my doveconf output. Please, note that since the panic, I have switched to fts with squat, but it is very limited for large mailboxes. Any idea how to fix this? # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 auth_default_realm = indiefield.co.uk auth_master_user_separator = : auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890 .-_@ auth_username_translation = "- _ " auth_verbose = yes disable_plaintext_auth = no dotlock_use_excl = no hostname = smtp.indiefield.org.uk lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes lock_method = dotlock mail_access_groups = vmail mail_fsync = always mail_gid = vmail mail_location = maildir:~/Mails/Maildir/:INDEX=~/Mails/Indexes/ mail_plugins = autocreate quota acl virtual listescape fts fts_squat mail_privileged_group = vmail mail_uid = vmail maildir_copy_with_hardlinks = no managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mmap_disable = yes namespace { hidden = no inbox = no list = yes location = maildir:/var/vmail/%d/Public/Mails/Maildir/:INDEX=~/Mails/PublicIndexes/ prefix = Public/ separator = / subscriptions = yes type = public } namespace { list = children location = maildir:%%h/Mails/Maildir/:INDEX=~/Mails/SharedIndexes/%%u prefix = Shared/%%d/%%n/ separator = / subscriptions = no type = shared } namespace inbox { hidden = no inbox = yes list = yes location = maildir:~/Mails/Maildir/:INDEX=~/Mails/Indexes/ mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_shared_dict = file:/var/vmail/indiefield.co.uk/shared-mailboxes autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autocreate4 = Junk autocreate5 = Archives autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent autosubscribe4 = Junk autosubscribe5 = Archives fts = squat fts_squat = partial=4 full=10 listescape_char = %% quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u sieve = ~/Mails/.dovecot.sieve sieve_after = %h/Mails/Sieve/After/ sieve_before = /etc/dovecot/sieve-default/before/ sieve_dir = ~/Mails/Sieve sieve_max_script_size = 4M } protocols = " imap lmtp sieve pop3" service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = vmail mode = 0666 user = postfix } unix_listener auth-userdb { group = vmail mode = 0666 user = postfix } user = vmail } service dict { unix_listener dict { group = vmail mode = 0600 user = vmail } } service director { fifo_listener login/proxy-notify { group = postfix mode = 0666 user = postfix } unix_listener director-userdb { group = postfix mode = 0600 user = postfix } unix_listener login/director { group = postfix mode = 0666 user = postfix } } service lmtp { group = vmail inet_listener lmtp { port = 24 } user = vmail } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /etc/dovecot/scripts/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert = Hello, We are migrating our dovecot servers from 2.1.9 to 2.1.15 (or 2.2 if there is a stable version soon) and maildir format to mdbox. Looking for mdbox options I have found options: * mail_attachment_dir * mail_attachement_min_size * mail_attachment_fs * mail_attachment_hash but this options are described with the message: # WARNING: This feature hasn't been tested much yet. Use at your own risk. What is the state of these options? Could I use it in a production environment? In case of yes, what is the best deduplicating option? Let it to the FS? Or configuring with "sis posix" or "sis-queue posix"? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From tsvetkov_av at grandvision.ru Mon Mar 4 15:03:47 2013 From: tsvetkov_av at grandvision.ru (Aleksey Tsvetkov) Date: Mon, 4 Mar 2013 17:03:47 +0400 Subject: [Dovecot] dsync-remote(): Error: doveadm client: No command given Message-ID: <20130304170347.7bc45646@work> Hi! I test dsync through tcp. In a log error: dsync-remote (): Error: doveadm client: No command given All are synchronized. The error is shown by rand for the user and on that server where it is synchronized # 2.2.rc2 (976bf9e69367): /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686 i686 Debian 6.0.6 ext3 auth_mechanisms = plain login digest-md5 auth_username_format = %Ln@%Ld disable_plaintext_auth = no doveadm_port = 24000 hostname = optnet.local listen = * mail_gid = vmail mail_home = /var/mail/virtual/%d/%n mail_location = maildir:/var/mail/virtual/%d/%n mail_plugins = notify replication mail_privileged_group = mail mail_uid = vmail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /usr/local/etc/dovecot/auth/users driver = passwd-file } plugin { mail_replica = tcp:192.168.0.190 } service aggregator { fifo_listener replication-notify-fifo { user = vmail } unix_listener replication-notify { user = vmail } } service auth-worker { unix_listener auth-worker { group = vmail mode = 0666 user = vmail } } service auth { unix_listener auth-client { mode = 0660 user = Debian-exim } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = vmail } service doveadm { inet_listener { port = 24000 } } service imap-login { inet_listener imap { port = 143 } } service lmtp { inet_listener lmtp { port = 24 } user = vmail } service pop3-login { inet_listener pop3 { port = 110 } } service replicator { process_min_avail = 1 } ssl = no ssl_cert = : saved mail to INBOX Mar 4 16:53:35 dov1 dovecot: lmtp(29382): Disconnect from 192.168.0.192: Connection closed (in reset) Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: auth input: user=anna at optnet.local Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: auth input: anna at optnet.local uid=1005 gid=1005 Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: Effective uid=1005, gid=1005, home=/var/mail/virtual/optnet.local/anna Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/virtual/optnet.local/anna Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: maildir++: root=/var/mail/virtual/optnet.local/anna, index=, indexpvt=, control=, inbox=/var/mail/virtual/optnet.local/anna, alt= Mar 4 16:53:35 dov1 dovecot: doveadm(anna at optnet.local): Debug: Namespace : Using permissions from /var/mail/virtual/optnet.local/anna: mode=0700 gid=default Mar 4 16:53:35 dov1 dovecot: doveadm(alex at optnet.local): Debug: auth input: user=alex at optnet.local Mar 4 16:53:35 dov1 dovecot: doveadm(alex at optnet.local): Debug: auth input: alex at optnet.local uid=1005 gid=1005 Mar 4 16:53:35 dov1 dovecot: doveadm(alex at optnet.local): Debug: Effective uid=1005, gid=1005, home=/var/mail/virtual/optnet.local/alex Mar 4 16:53:35 dov1 dovecot: doveadm(alex at optnet.local): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/virtual/optnet.local/alex Mar 4 16:53:35 dov1 dovecot: doveadm(alex at optnet.local): Debug: maildir++: root=/var/mail/virtual/optnet.local/alex, index=, indexpvt=, control=, inbox=/var/mail/virtual/optnet.local/alex, alt= Mar 4 16:53:35 dov1 dovecot: dsync-remote(alex at optnet.local): Debug: Namespace : Using permissions from /var/mail/virtual/optnet.local/alex: mode=0700 gid=default Mar 4 16:53:35 dov1 dovecot: doveadm(mike at optnet.local): Debug: auth input: user=mike at optnet.local Mar 4 16:53:35 dov1 dovecot: doveadm(mike at optnet.local): Debug: auth input: mike at optnet.local uid=1005 gid=1005 Mar 4 16:53:35 dov1 dovecot: doveadm(mike at optnet.local): Debug: Effective uid=1005, gid=1005, home=/var/mail/virtual/optnet.local/mike Mar 4 16:53:35 dov1 dovecot: doveadm(mike at optnet.local): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/virtual/optnet.local/mike Mar 4 16:53:35 dov1 dovecot: doveadm(mike at optnet.local): Debug: maildir++: root=/var/mail/virtual/optnet.local/mike, index=, indexpvt=, control=, inbox=/var/mail/virtual/optnet.local/mike, alt= Mar 4 16:53:35 dov1 dovecot: dsync-remote(mike at optnet.local): Debug: Namespace : Using permissions from /var/mail/virtual/optnet.local/mike: mode=0700 gid=default Mar 4 16:53:35 dov1 dovecot: lmtp(29382): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Mar 4 16:53:35 dov1 dovecot: lmtp(29382): Connect from 192.168.0.192 Mar 4 16:53:35 dov1 dovecot: lmtp(29382): Debug: auth input: anna at optnet.local uid=1005 gid=1005 Mar 4 16:53:35 dov1 dovecot: lmtp(29382, anna at optnet.local): Debug: Effective uid=1005, gid=1005, home=/var/mail/virtual/optnet.local/anna Mar 4 16:53:35 dov1 dovecot: lmtp(29382, anna at optnet.local): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/virtual/optnet.local/anna Mar 4 16:53:35 dov1 dovecot: lmtp(29382, anna at optnet.local): Debug: maildir++: root=/var/mail/virtual/optnet.local/anna, index=, indexpvt=, control=, inbox=/var/mail/virtual/optnet.local/anna, alt= Mar 4 16:53:35 dov1 dovecot: dsync-remote(alex at optnet.local): Error: doveadm client: No command given Mar 4 16:53:35 dov1 dovecot: lmtp(29382, anna at optnet.local): TAKxFU+ZNFHGcgAAaoqQ0w: msgid=: saved mail to INBOX Mar 4 16:53:35 dov1 dovecot: lmtp(29382): Disconnect from 192.168.0.192: Connection closed (in reset) -- Best regards, Aleksey Tsvetkov System Administrator Company Grand Vision tel. +7(495)933-39-79, ext. 184 From amateo at um.es Mon Mar 4 15:34:07 2013 From: amateo at um.es (Angel L. Mateo) Date: Mon, 04 Mar 2013 14:34:07 +0100 Subject: [Dovecot] dovecot proxying with imapc In-Reply-To: References: Message-ID: <5134A2CF.4060209@um.es> El 04/03/13 09:56, suja escribi?: > Dear sir, > > I have to set up a mail gateway which will be explored to Internet and a > secure mail server in the Intranet. > I need a smart imap proxy in the mail gateway which will fetch the mail from > server and present to user through either a stand alone mail client or a web > mail client. > All authentication is through ldap server. > > I followed the instructions given in > http://wiki2.dovecot.org/HowTo/ImapcProxy > But while logging in I am getting a error: > > dovecot: imap(user1): Error: user user1:Initialization failed: Initializing > mail storage from mail_location setting failed: Unknown mail storage driver > imapc > dovecot: imap(user1): Error: Invalid user settings. Refer to server log for > more information. > > I couldn't figure out what is wrong. Please help me to sort it out. > I think you could do the same with director, without needing to configure it with imapc. Is there any other reason to use imapc? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From rs at sys4.de Mon Mar 4 15:39:45 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 04 Mar 2013 14:39:45 +0100 Subject: [Dovecot] thunderbird Problem on win 7 fixed Message-ID: <5134A421.5090604@sys4.de> Hi just for Info, today i got a support call for 2 imap accounts with windows 7 64 with thunderbird 17.03 not syncing new mails in INBOX ( no problem other folders ) reproducable on serveral computers , with new installs of thunderbird no antivirus etc was involved The accounts worked perfect with thunderbird same version in linux and in horde webmail, no bug in server or tb log was shown no thunderbird recover etc procedure helped i final ended up in deleting dovecot.index dovecot.index.cache dovecot.index.log dovecot.index.log.2 dovecot-uidlist this fixed the problem no idea why it only came up on windows Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dovecot at lists.wgwh.ch Mon Mar 4 16:18:15 2013 From: dovecot at lists.wgwh.ch (Oli Schacher) Date: Mon, 4 Mar 2013 15:18:15 +0100 Subject: [Dovecot] dsync-remote(): Error: doveadm client: No command given In-Reply-To: <20130304170347.7bc45646@work> References: <20130304170347.7bc45646@work> Message-ID: <20130304151815.7c0b7157@lists.wgwh.ch> On Mon, 4 Mar 2013 17:03:47 +0400 Aleksey Tsvetkov wrote: > I test dsync through tcp. > In a log error: > dsync-remote (): Error: doveadm client: No command given > > All are synchronized. The error is shown by rand for the user and on > that server where it is synchronized > Same thing here, also dsync over tcp. I got that error every few seconds on server2 when appending many messages to user1's mailbox on server1. Feb 28 17:54:01 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:08 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:09 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:25 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:43 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:51 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:54 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Feb 28 17:54:55 doco2 dovecot: dsync-remote(user1): Error: doveadm client: No command given Replication is still ok though. From tss at iki.fi Mon Mar 4 16:28:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 4 Mar 2013 16:28:09 +0200 Subject: [Dovecot] tcpwrap: Fatal: master: service(tcpwrap): child $PID killed with signal 11 In-Reply-To: <51335877.2070207@localhost.localdomain.org> References: <51335877.2070207@localhost.localdomain.org> Message-ID: On 3.3.2013, at 16.04, Pascal Volk wrote: > today I've started Dovecot v2.2.rc2 (976bf9e69367) for the first time. > > Mar 3 14:28:38 mail dovecot: tcpwrap: Fatal: master: service(tcpwrap): child $PID killed with signal 11 (core dumped) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/b5a1a40348b8 From david at davidwbrown.name Mon Mar 4 16:43:14 2013 From: david at davidwbrown.name (David Brown) Date: Mon, 04 Mar 2013 08:43:14 -0600 Subject: [Dovecot] dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections) Message-ID: <5134B302.7000901@davidwbrown.name> Hi, has anyone seen this issue before as I have not. I'm a long time dovecot user and I don't see anything in the config that should cause this. The mail.log gets hit a lot of times with this same log message: dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections) I have noted that it is more evident when I try to mass delete many messages. Any ideas of how to diagnose this issue? The dovecot -n follows: # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.1-rscloud x86_64 Ubuntu 10.04.4 LTS log_timestamp: %Y-%m-%d %H:%M:%S login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login login_processes_count: 5 login_max_processes_count: 256 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_debug: yes mbox_write_locks: fcntl dotlock auth default: realms: davidwbrown.name default_realm: dobbeltganger.com username_format: %n verbose: yes debug: yes debug_passwords: yes passdb: driver: shadow userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix From alessio at skye.it Mon Mar 4 16:55:25 2013 From: alessio at skye.it (Alessio Cecchi) Date: Mon, 04 Mar 2013 15:55:25 +0100 Subject: [Dovecot] dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections) In-Reply-To: <5134B302.7000901@davidwbrown.name> References: <5134B302.7000901@davidwbrown.name> Message-ID: <5134B5DD.2000609@skye.it> Il 04/03/2013 15:43, David Brown ha scritto: > Hi, has anyone seen this issue before as I have not. > > I'm a long time dovecot user and I don't see anything in the config that > should cause this. > > The mail.log gets hit a lot of times with this same log message: > > dovecot: imap-login: Maximum number of connections from user+IP exceeded > (mail_max_userip_connections) > > I have noted that it is more evident when I try to mass delete many > messages. > > Any ideas of how to diagnose this issue? Hi, is not an issue but a configuration limit for prevent abuse. You can increase these number with protocol imap { mail_max_userip_connections = 20 [...] or you can see you current limit with "dovecot -a" Ciao -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From andre.rodier at gmail.com Mon Mar 4 17:42:20 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Mon, 4 Mar 2013 15:42:20 +0000 Subject: [Dovecot] panic in dovecot when using fts with solr In-Reply-To: References: <513283CA.7080004@gmail.com> <51330C57.90400@gmail.com> Message-ID: Ok, I found the issue. The solr schema xml file was wrong, and I did not check the error logs correctly. So, the error was in solr: 04-Mar-2013 15:15:30 org.apache.solr.common.SolrException log SEVERE: org.apache.solr.common.SolrException: ERROR:unknown field 'uid' at org.apache.solr.update.DocumentBuilder.toDocument(DocumentBuilder.java:289) at org.apache.solr.update.processor.RunUpdateProcessor.processAdd(RunUpdateProcessorFactory.java:60) at org.apache.solr.handler.XMLLoader.processUpdate(XMLLoader.java:139) at org.apache.solr.handler.XMLLoader.load(XMLLoader.java:69) at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:54) at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:131) at org.apache.solr.core.SolrCore.execute(SolrCore.java:1317) at org.apache.solr.servlet.SolrDispatchFilter.execute(SolrDispatchFilter.java:338) at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:241) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:943) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:843) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) 04-Mar-2013 15:15:30 org.apache.solr.core.SolrCore execute INFO: [] webapp=/solr path=/update params={} status=400 QTime=70 However, IMHO, I don't think that dovecot handle the errors correctly. It should return an error message. Kind regards, Andr? Rodier On 4 March 2013 10:01, Andr? Rodier wrote: > This is my doveconf output. Please, note that since the panic, I have > switched to fts with squat, but it is very limited for large > mailboxes. > > Any idea how to fix this? > > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 > auth_default_realm = indiefield.co.uk > auth_master_user_separator = : > auth_mechanisms = plain login > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890 .-_@ > auth_username_translation = "- _ " > auth_verbose = yes > disable_plaintext_auth = no > dotlock_use_excl = no > hostname = smtp.indiefield.org.uk > lda_mailbox_autocreate = yes > lda_mailbox_autosubscribe = yes > lock_method = dotlock > mail_access_groups = vmail > mail_fsync = always > mail_gid = vmail > mail_location = maildir:~/Mails/Maildir/:INDEX=~/Mails/Indexes/ > mail_plugins = autocreate quota acl virtual listescape fts fts_squat > mail_privileged_group = vmail > mail_uid = vmail > maildir_copy_with_hardlinks = no > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > mmap_disable = yes > namespace { > hidden = no > inbox = no > list = yes > location = maildir:/var/vmail/%d/Public/Mails/Maildir/:INDEX=~/Mails/PublicIndexes/ > prefix = Public/ > separator = / > subscriptions = yes > type = public > } > namespace { > list = children > location = maildir:%%h/Mails/Maildir/:INDEX=~/Mails/SharedIndexes/%%u > prefix = Shared/%%d/%%n/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > hidden = no > inbox = yes > list = yes > location = maildir:~/Mails/Maildir/:INDEX=~/Mails/Indexes/ > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > subscriptions = yes > type = private > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_anyone = allow > acl_shared_dict = file:/var/vmail/indiefield.co.uk/shared-mailboxes > autocreate = Trash > autocreate2 = Drafts > autocreate3 = Sent > autocreate4 = Junk > autocreate5 = Archives > autosubscribe = Trash > autosubscribe2 = Drafts > autosubscribe3 = Sent > autosubscribe4 = Junk > autosubscribe5 = Archives > fts = squat > fts_squat = partial=4 full=10 > listescape_char = %% > quota = maildir:User quota > quota_warning = storage=95%% quota-warning 95 %u > sieve = ~/Mails/.dovecot.sieve > sieve_after = %h/Mails/Sieve/After/ > sieve_before = /etc/dovecot/sieve-default/before/ > sieve_dir = ~/Mails/Sieve > sieve_max_script_size = 4M > } > protocols = " imap lmtp sieve pop3" > service auth-worker { > user = vmail > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = vmail > mode = 0666 > user = postfix > } > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = postfix > } > user = vmail > } > service dict { > unix_listener dict { > group = vmail > mode = 0600 > user = vmail > } > } > service director { > fifo_listener login/proxy-notify { > group = postfix > mode = 0666 > user = postfix > } > unix_listener director-userdb { > group = postfix > mode = 0600 > user = postfix > } > unix_listener login/director { > group = postfix > mode = 0666 > user = postfix > } > } > service lmtp { > group = vmail > inet_listener lmtp { > port = 24 > } > user = vmail > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > } > service quota-warning { > executable = script /etc/dovecot/scripts/quota-warning.sh > unix_listener quota-warning { > user = vmail > } > user = dovecot > } > ssl_cert = ssl_key = userdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = quota sieve virtual > } > protocol lda { > auth_socket_path = /var/run/dovecot/auth-userdb > } > protocol imap { > mail_plugins = autocreate quota acl virtual listescape fts fts_squat > imap_quota imap_acl autocreate > } -- Andr? Rodier From dot5productions at gmail.com Mon Mar 4 22:21:32 2013 From: dot5productions at gmail.com (Isak Rubin) Date: Mon, 4 Mar 2013 22:21:32 +0200 Subject: [Dovecot] sieve-filter ignoring separator Message-ID: It seems like running sieve-filter from the console ignores the separator setting, thus not letting me filter into folder names containing dots. Normal delivery using lda handles it just fine, but not when using the sieve-filter command. Character not allowed in mailbox name: '.' Is there anyway to override this or is patching and recompiling the source my only option? # dovecot --version 2.1.9 /Isak From tlyons at ivenue.com Mon Mar 4 23:15:38 2013 From: tlyons at ivenue.com (Todd Lyons) Date: Mon, 4 Mar 2013 13:15:38 -0800 Subject: [Dovecot] [OCLUG] [Users] I need help with my mail client [Was: running cron on UTC] In-Reply-To: <20130301222555.459526e6@mydesk> References: <20130228220149.GA3078@ldev.tvplus.com> <512FFBE2.50400@NorthTech.US> <20130301014610.GA3687@ldev.tvplus.com> <51300A3A.7000606@ubuntu.com> <20130301025710.7fcc60dd@mydesk> <20130301003433.60dda881.itz@buug.org> <20130301070254.7eb99e25@scorpio> <20130301222555.459526e6@mydesk> Message-ID: On Fri, Mar 1, 2013 at 7:25 PM, Steve Litt wrote: > It's doubtful that the OCLUG's defaulting replies to > "list" (characterized by some as "munging") is the root cause here, > because probably 90% of the mailing lists I'm on default replies to the > list, and this symptom happens only with OCLUG's list. It would probably go away if we changed the mailman.oclug.org CNAME into an A record. When sendmail receives an email to a domain it's authoritative for (mailman.oclug.org) and it determines that the domain is a CNAME, internally it switches to calling it the A record that it points to, which in this case is penguin.oclug.org. This is why some places have penguin dot and others have mailman dot. It seems that your MUA is being extremely clever and detecting the different addresses, noticing that they are different, and deciding to send it to both of them. It also reminds me very much of mutt with its Reply versus Reply-All versus List-Reply capabilities, in that Claws is trying to read your mind and figure out what you want instead of just following the email (i.e. Reply-To is explicitly set, which munges anything else for most other clients). ...Todd -- The total budget at all receivers for solving senders' problems is $0. If you want them to accept your mail and manage it the way you want, send it the way the spec says to. --John Levine From s.mercieca at cheops.com.mt Tue Mar 5 11:41:59 2013 From: s.mercieca at cheops.com.mt (Sammy Mercieca) Date: Tue, 05 Mar 2013 10:41:59 +0100 Subject: [Dovecot] postfix+dovecot+samba4+openldap: dovecot lda:Error: user sammy: Initialization failed: mail_location not set and autodetection failed Message-ID: <5135BDE7.8020306@cheops.com.mt> I'm trying to setup a samba4 with openchange which uses postfix+dovecot+openldap on a ubuntu 12.04.2 system. I can send outgoing emails but incoming emails fail. I looked up the logs and I get: Mar 5 11:03:48 testerA dovecot: lda(sammy): Error: user sammy: Initialization failed: mail_location not set and autodetection failed: Mail storage autodetection failed with home=/var/mail Mar 5 11:03:48 testerA dovecot: lda(sammy): Fatal: Invalid user settings. Refer to server log for more information. any idea what I am doing wrong? Any hints, pointers would be much appreciated. now the user is a virtual user. The /var/mail/sammy exists: drwxr-sr-x 10 vmail vmail 4096 Mar 4 13:48 sammy lrwxrwxrwx 1 vmail vmail 5 Feb 28 12:12 Sammy -> sammy lrwxrwxrwx 1 vmail vmail 5 Feb 28 12:12 sammy at abertax.com -> sammy lrwxrwxrwx 1 vmail vmail 5 Feb 28 12:13 Sammy at abertax.com -> sammy lrwxrwxrwx 1 vmail vmail 5 Mar 1 15:05 sammy at abx.abertax.com -> sammy The dovecot configuration is: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-38-generic x86_64 Ubuntu 12.04.2 LTS ext4 disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes log_path = /var/log/dovecot.message log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/var/mail/%u mail_privileged_group = mail passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } passdb { driver = pam } protocols = imap service auth { unix_listener auth-master { group = vmail mode = 0600 user = vmail } unix_listener auth-userdb { user = vmail } user = root } ssl_cert = Hello. I tested dovecot's work with expunge messages on Mdbox over strace (see at tail of message). As I can see dovecot process opens old storage m.* file, reads it content, opens new temporary file, writes in this one content and rename this new one to m.(*+1). How fast this algorithm works on system with about 10000 users and 5Tb data? I will use mdbox_rotate_interval for delayed expunge but I think that simple delete file in Maildir must be faster than expunge from Mdbox. Please, tell me about real experience work with Mdbox on big loaded systems. ++++++++++++++++ 0.000017 open("/var/vmail/example.org/user/storage/.temp.1362474108.P7152Q0M909647.mailsys", O_RDWR|O_CREAT|O_TRUNC, 0666) = 11 0.000063 umask(077) = 066 0.000015 fallocate(11, 01, 0, 10485760) = 0 0.000054 fstat(11, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0 0.000043 pread(10, "\1\2N 0000000000000285\nFC"..., 8192, 16) = 1465 0.000025 write(11, "2 M1e C5135b47c\n\1\2N 000"..., 691) = 691 0.000041 stat("/var/vmail/example.org/user/indexes/storage/dovecot.map.index.log.2", 0x7fff235b34c0) = -1 ENOENT (No such file or directory) 0.000026 alarm(180) = 0 0.000018 fcntl(9, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0 0.000020 alarm(0) = 180 0.000018 stat("/var/vmail/example.org/user/indexes/storage/dovecot.map.index.log", {st_mode=S_IFREG|0600, st_size=3656, ...}) = 0 0.000031 fstat(9, {st_mode=S_IFREG|0600, st_size=3656, ...}) = 0 0.000041 write(11, "\n\1\3\nR5135ad97\nV29b\nG5840870697ad"..., 62) = 62 0.000023 fdatasync(11) = 0 0.079275 stat("/var/vmail/example.org/user/storage/m.8", 0x7fff235b3640) = -1 ENOENT (No such file or directory) 0.000061 rename("/var/vmail/example.org/user/storage/.temp.1362474108.P7152Q0M909647.mailsys", "/var/vmail/example.org/user/storage/m.8") = 0 0.000164 write(9, "\200\200\200\203\0\0\10\20\210\0\0\0\200\200\200\207@\0\0\20\0\0\0\0\0\0\0\0\10\0\0\0"..., 152) = 152 0.000094 fcntl(9, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0 0.000042 unlink("/var/vmail/example.org/user/storage/m.7") = 0 0.000059 stat("/var/vmail/example.org/user/indexes/storage/dovecot.map.index.log", {st_mode=S_IFREG|0600, st_size=3808, ...}) = 0 0.000055 fstat(9, {st_mode=S_IFREG|0600, st_size=3808, ...}) = 0 From simon.buongiorno at gmail.com Tue Mar 5 12:33:03 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 5 Mar 2013 11:33:03 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x Message-ID: Hi I'm about to upgrade to 2.1.7 in my test environment, but "doveconf -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I am unsure how to proceed. I know a lot has changed between them, so I don't really want to have to start from scratch unless I have to. I have tried both as my user and with sudo. Simon From janfrode at tanso.net Tue Mar 5 13:14:54 2013 From: janfrode at tanso.net (Jan-Frode Myklebust) Date: Tue, 5 Mar 2013 12:14:54 +0100 Subject: [Dovecot] Migration from v1 to v2 with hashed directory structure In-Reply-To: References: Message-ID: <20130305111454.GA15095@dibs.tanso.net> On Thu, Feb 28, 2013 at 02:59:52PM +0100, Pavel Dimow wrote: > > we have /var/spool/vmail/mydomain.com/user at mydomain.com and I want a > new server with version 2 to have > hashed directory structure like /var/spool/vmail/mydomain.com/u/s/user > I was wondering it f there is some better solution then dir hashing or > a way to hash a dir other then first two letters. We use: mail_home = /srv/mailstore/%256LRHu/%Ld/%Ln giving us 256 buckets based on Lowercase, Reversed Hash of username. Ref: http://wiki2.dovecot.org/Variables. > Also any suggestion how to perform this migration from old to new > server with hashing on the fly? Symlinks from old to new.. -jf From joseba.torre at ehu.es Tue Mar 5 13:59:18 2013 From: joseba.torre at ehu.es (Joseba Torre) Date: Tue, 05 Mar 2013 12:59:18 +0100 Subject: [Dovecot] lmtp problem with wrong index path In-Reply-To: <512CBC95.4070403@otenet.gr> References: <512B4AEC.2030805@otenet.gr> <46DBE0AE-2806-485B-91D5-5B0DC35FE371@iki.fi> <20130225223651.GD18593@otenet.gr> <512CBC95.4070403@otenet.gr> Message-ID: <5135DE16.6050800@ehu.es> El 26/02/13 14:45, Dimos Alevizos escribi?: > > I've noticed that our directors point to different backends if the user > logins as "user" vs "user at domain" and as a result there are users ending > up in more than one server (several of them use just their username in > one client and the full user at domain in another and vice versa). > Up till now we didn't think much about it because it's not that common. Sorry for being late; we had a similar problem and solved it with director_username_hash = %n HTH From skdovecot at smail.inf.fh-brs.de Tue Mar 5 16:20:44 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Tue, 5 Mar 2013 15:20:44 +0100 (CET) Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 5 Mar 2013, Simon Brereton wrote: > I'm about to upgrade to 2.1.7 in my test environment, but "doveconf > -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I > am unsure how to proceed. I know a lot has changed between them, so I honestly, especially because "a lot has changed between them" I would start from scratch. > don't really want to have to start from scratch unless I have to. check what you have changed in v1.2 config, then check if that particular setting has changed or the functionality has changed, and finally change the default in v2.1 - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTX/PV3r2wJMiz2NAQI2AAf+Iq80FmUHsZp1qvD7R8q14V2NCwK4Tktp 3LN+yjMaeaZ+FJEDGsZD99eEDhfqNSU1BCbQl/RfXjMngr8ptBLowqCb7ooSK3X4 jjK9bf8eHaKbjpEMMlHACFWkxl8nCgT0IHqQk//L+sic8UhgbuyXyv5oo4nyTc7A 4WQBWnB7nfx9zmfARDCJpEhM2sEPzU74BU9OQ94hyKCczIEMHj5Ri/rnqfuustvZ pBHOyOb6a4XJ51LffviVucgpoLvO1fYJK2L3ztbybS9RnySZTtIwFr56dtfTWNed VByo0ICJW0djinnkBKjOb0s29OydjHbrsTfFcZOEeCOgKj9mShyzqA== =F9YZ -----END PGP SIGNATURE----- From simon.buongiorno at gmail.com Tue Mar 5 16:30:05 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 5 Mar 2013 15:30:05 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: On 5 Mar 2013 15:19, "Steffen Kaiser" wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > On Tue, 5 Mar 2013, Simon Brereton wrote: > >> I'm about to upgrade to 2.1.7 in my test environment, but "doveconf >> -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I >> am unsure how to proceed. I know a lot has changed between them, so I > > > honestly, especially because "a lot has changed between them" > I would start from scratch. > > >> don't really want to have to start from scratch unless I have to. > > > check what you have changed in v1.2 config, then check if that particular setting has changed or the functionality has changed, and finally change the default in v2.1 I'd prefer to have a semi-decent config to work from without having to research 100 new variable names and values. The migration tool exists for a reason. Simon From professa at dementianati.com Tue Mar 5 17:28:06 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 05 Mar 2013 07:28:06 -0800 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: <51360F06.5010800@dementianati.com> On 3/5/2013 6:30 AM, Simon Brereton wrote: > > I'd prefer to have a semi-decent config to work from without having to > research 100 new variable names and values. The migration tool exists for > a reason. > I just went through the same thing - converting from 1.2.10 to 2.1.15. Trust me, you are better off starting from scratch. Use the default template then modify it for your customizations. I thought the same thing as you, but in the end, trying to convert the old config file turned out to be much more work. Dem From simon.buongiorno at gmail.com Tue Mar 5 17:34:53 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 5 Mar 2013 16:34:53 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <51360F06.5010800@dementianati.com> References: <51360F06.5010800@dementianati.com> Message-ID: On 5 March 2013 16:28, Professa Dementia wrote: > On 3/5/2013 6:30 AM, Simon Brereton wrote: > >> >> I'd prefer to have a semi-decent config to work from without having to >> research 100 new variable names and values. The migration tool exists for >> a reason. >> > > I just went through the same thing - converting from 1.2.10 to 2.1.15. Trust > me, you are better off starting from scratch. Use the default template then > modify it for your customizations. I thought the same thing as you, but in > the end, trying to convert the old config file turned out to be much more > work. What's the recommended approach then? Pack it all into dovecot.conf as it was before, or use the split config files under conf.d/ - is this even a choice? Simon From professa at dementianati.com Tue Mar 5 18:28:06 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 05 Mar 2013 08:28:06 -0800 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: <51360F06.5010800@dementianati.com> Message-ID: <51361D16.5090408@dementianati.com> On 3/5/2013 7:34 AM, Simon Brereton wrote: > What's the recommended approach then? Pack it all into dovecot.conf > as it was before, or use the split config files under conf.d/ - is > this even a choice? Split configs are nicer and easier to work with and I am all for nicer and easier. Dem From me at junc.eu Tue Mar 5 23:24:54 2013 From: me at junc.eu (Benny Pedersen) Date: Tue, 05 Mar 2013 22:24:54 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: <28ac208a657d1eb650939f50f8dd422d@junc.eu> Simon Brereton skrev den 2013-03-05 15:30: >> honestly, especially because "a lot has changed between them" >> I would start from scratch. as same as saying if new iso file is out anyone need to delete there old servers ? > I'd prefer to have a semi-decent config to work from without having > to > research 100 new variable names and values. The migration tool > exists for > a reason. dovecot -n is simple enough, but what about layouts ?, and will dovecot 2.x understand maildirs same way as it was under dovecot 1.x, nothing changed ? wiki.dovecot.org still exists so it should be safe to stay on 1.x :) From h.reindl at thelounge.net Tue Mar 5 23:50:16 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Tue, 05 Mar 2013 22:50:16 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <28ac208a657d1eb650939f50f8dd422d@junc.eu> References: <28ac208a657d1eb650939f50f8dd422d@junc.eu> Message-ID: <51366898.80806@thelounge.net> Am 05.03.2013 22:24, schrieb Benny Pedersen: > Simon Brereton skrev den 2013-03-05 15:30: > >>> honestly, especially because "a lot has changed between them" >>> I would start from scratch. > > as same as saying if new iso file is out anyone need to delete there old servers ? and you think convert a configration file to a new syntax is the same as reinstall the whole OS? >> I'd prefer to have a semi-decent config to work from without having to >> research 100 new variable names and values. The migration tool exists for >> a reason. > > dovecot -n is simple enough, but what about layouts ?, and will dovecot 2.x understand maildirs same way as it was > under dovecot 1.x, nothing changed ? > > wiki.dovecot.org still exists so it should be safe to stay on 1.x :) well you can also use CentOS5................... you can also use PHP 5.2............... but does it make sense over the long? problems are not solved by sit them out -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From noel.butler at ausics.net Wed Mar 6 00:25:19 2013 From: noel.butler at ausics.net (Noel Butler) Date: Wed, 06 Mar 2013 08:25:19 +1000 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: <1362522319.4083.5.camel@tardis> On Tue, 2013-03-05 at 11:33 +0100, Simon Brereton wrote: > Hi > > I'm about to upgrade to 2.1.7 in my test environment, but "doveconf > -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I > am unsure how to proceed. I know a lot has changed between them, so I > don't really want to have to start from scratch unless I have to. > > I have tried both as my user and with sudo. > > Simon Sounds like symptom of an error or something in 1.conf, I found converting that if it strikes something it does not like it bails there and then, but it gave me about 80% conversion, only requiring tweaking to finalise it, however it did not convert quota stuff to new format so start that from scratch. When you run convert it usually spits out what it is, or is not doing, that must give you some clue. and should matter what UID you are on, so long as you have read access to 1.conf and write access to 2.conf -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Wed Mar 6 00:27:51 2013 From: noel.butler at ausics.net (Noel Butler) Date: Wed, 06 Mar 2013 08:27:51 +1000 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <51361D16.5090408@dementianati.com> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> Message-ID: <1362522471.4083.7.camel@tardis> On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: > On 3/5/2013 7:34 AM, Simon Brereton wrote: > > > What's the recommended approach then? Pack it all into dovecot.conf > > as it was before, or use the split config files under conf.d/ - is > > this even a choice? > > Split configs are nicer and easier to work with and I am all for nicer > and easier. > > Dem WTF? Everything in one file is much nicer and easier, and you don't have to guess what option is in what file -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From Roger at rilynn.me.uk Wed Mar 6 01:05:46 2013 From: Roger at rilynn.me.uk (Roger Lynn) Date: Tue, 05 Mar 2013 23:05:46 +0000 Subject: [Dovecot] Corrupted squat uidlist file Message-ID: <51367A4A.2050209@rilynn.me.uk> Hi, I frequently get errors similar to this logged: Mar 5 17:49:20 alphonse dovecot: imap(roger): Error: Corrupted squat uidlist file /home/roger/Maildir/.Debian/dovecot.index.search.uids: wrong indexid I am running the Debian package version 1:2.1.7-7 on an up to date Debian Testing system with ext4 filing systems. 'doveadm index -A "*"' is run six nights a week and 'doveadm fts rescan -A' on the seventh night. The output of 'doveconf -n' should be attached. Is this something to be worried about? Am I doing something wrong? Thanks, Roger -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: doveconf URL: From daniel.parthey at informatik.tu-chemnitz.de Wed Mar 6 01:06:02 2013 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Wed, 6 Mar 2013 00:06:02 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <1362522471.4083.7.camel@tardis> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> Message-ID: <20130305230602.GA17283@daniel.localdomain> Noel Butler wrote: > On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: > > On 3/5/2013 7:34 AM, Simon Brereton wrote: > > > > > What's the recommended approach then? Pack it all into dovecot.conf > > > as it was before, or use the split config files under conf.d/ - is > > > this even a choice? > > > > Split configs are nicer and easier to work with and I am all for nicer > > and easier. > > WTF? Everything in one file is much nicer and easier, and you don't > have to guess what option is in what file We're using a single file too, since this can be easily managed by a configuration management system and avoids unexpected changes. Split files might get accidentally updated or added on package updates and change the behaviour of your whole mail system. Regards Daniel -- https://plus.google.com/103021802792276734820 From pch14 at myzel.net Wed Mar 6 01:11:21 2013 From: pch14 at myzel.net (Hungerburg) Date: Wed, 06 Mar 2013 00:11:21 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <1362522471.4083.7.camel@tardis> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> Message-ID: <51367B99.4020901@myzel.net> Am 2013-03-05 23:27, schrieb Noel Butler: > On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: >> On 3/5/2013 7:34 AM, Simon Brereton wrote: >> >>> What's the recommended approach then? Pack it all into dovecot.conf >>> as it was before, or use the split config files under conf.d/ - is >>> this even a choice? >> >> Split configs are nicer and easier to work with and I am all for nicer >> and easier. > > WTF? Everything in one file is much nicer and easier, and you don't > have to guess what option is in what file Using dovecot from .deb package in ubuntu, I am missing a way, to undo configs done in the conf.d in my local.conf file. Provided that, conf.d contains some reasonable defaults for everybody, and that the changes to accomodate local needs are few. -- Peter From professa at dementianati.com Wed Mar 6 01:33:57 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 05 Mar 2013 15:33:57 -0800 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <20130305230602.GA17283@daniel.localdomain> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130305230602.GA17283@daniel.localdomain> Message-ID: <513680E5.2010100@dementianati.com> On 3/5/2013 3:06 PM, Daniel Parthey wrote: > We're using a single file too, since this can be easily managed by > a configuration management system and avoids unexpected changes. > > Split files might get accidentally updated or added on package > updates and change the behaviour of your whole mail system. > This is a valid point, however, the same type of argument can be made for a single file. Updates, changes or bugs can corrupt your entire configuration all at once. With split files, you can set permissions so specific utilities or scripts can only access certain parts. There is better granularity that can be assigned to permissions. I am basing most of this on my experience of RedHat vs. the SuSE configuration for Apache. The split files of SuSE were always easier to manage and had less problems. And when there was a problem, I knew exactly where to go to look, and that file generally fit on one editor screen so I could see all the applicable directives all at once, instead of wading through a huge file, scrolling up and down, accidentally changing the wrong stanza, etc. Dem From noel.butler at ausics.net Wed Mar 6 03:56:30 2013 From: noel.butler at ausics.net (Noel Butler) Date: Wed, 06 Mar 2013 11:56:30 +1000 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <513680E5.2010100@dementianati.com> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130305230602.GA17283@daniel.localdomain> <513680E5.2010100@dementianati.com> Message-ID: <1362534990.5343.15.camel@tardis> On Tue, 2013-03-05 at 15:33 -0800, Professa Dementia wrote: > > I am basing most of this on my experience of RedHat vs. the SuSE > configuration for Apache. The split files of SuSE were always easier to httpd, which utilises identical directives is nothing like Dovecot with split config files containing different directives, no comparison. > manage and had less problems. And when there was a problem, I knew > exactly where to go to look, and that file generally fit on one editor > screen so I could see all the applicable directives all at once, instead > of wading through a huge file, scrolling up and down, accidentally > changing the wrong stanza, etc. > You got serious problems if your dovecot.conf ends up like a large httpd config with thousands of vhosts... my conf file is massive, so massive its like , wow, 4.7k in size, I should really split that into a bunch of tiny idy bidy files :) -------------- next part -------------- A non-text attachment was scrubbed... Name: face-smile.png Type: image/png Size: 873 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Wed Mar 6 03:57:36 2013 From: noel.butler at ausics.net (Noel Butler) Date: Wed, 06 Mar 2013 11:57:36 +1000 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <20130305230602.GA17283@daniel.localdomain> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130305230602.GA17283@daniel.localdomain> Message-ID: <1362535056.5343.16.camel@tardis> On Wed, 2013-03-06 at 00:06 +0100, Daniel Parthey wrote: > > WTF? Everything in one file is much nicer and easier, and you don't > > have to guess what option is in what file > > We're using a single file too, since this can be easily managed by > a configuration management system and avoids unexpected changes. > Exactly, and even if management tools were not in play, it would still be easier for a novice to check out a directive setting. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From pvsuja at gmail.com Wed Mar 6 07:19:12 2013 From: pvsuja at gmail.com (pvsuja) Date: Tue, 5 Mar 2013 21:19:12 -0800 (PST) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze Message-ID: <1362547151954-40634.post@n4.nabble.com> Dear sir, I have to set up a mail gateway which will be explored to Internet and a secure mail server in the Intranet. I need a smart imap proxy in the mail gateway which will fetch the mail from server and present to user through either a stand alone mail client or a web mail client. All authentication is through ldap server. I have installed Dovecot 2.2 Unstable in my Ubuntu 12.04 with ssl enabled But when I am starting dovecot, I am getting the following error *doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* I couldn't figure out what is wrong. Please help me to sort it out. Thanks & Regards, Suja PV LEOS -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634.html Sent from the Dovecot mailing list archive at Nabble.com. From me at junc.eu Wed Mar 6 08:19:16 2013 From: me at junc.eu (Benny Pedersen) Date: Wed, 06 Mar 2013 07:19:16 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <51366898.80806@thelounge.net> References: <28ac208a657d1eb650939f50f8dd422d@junc.eu> <51366898.80806@thelounge.net> Message-ID: <12d27d3d291705731aa1d35b2a8b6daa@junc.eu> Reindl Harald skrev den 2013-03-05 22:50: > Am 05.03.2013 22:24, schrieb Benny Pedersen: >> Simon Brereton skrev den 2013-03-05 15:30: >> >>>> honestly, especially because "a lot has changed between them" >>>> I would start from scratch. >> >> as same as saying if new iso file is out anyone need to delete there >> old servers ? > > and you think convert a configration file to a new syntax is the > same as reinstall the whole OS? does it matter what i think ?, or what problem others have ? >>> I'd prefer to have a semi-decent config to work from without having >>> to >>> research 100 new variable names and values. The migration tool >>> exists for >>> a reason. >> >> dovecot -n is simple enough, but what about layouts ?, and will >> dovecot 2.x understand maildirs same way as it was >> under dovecot 1.x, nothing changed ? >> >> wiki.dovecot.org still exists so it should be safe to stay on 1.x :) > > well you can also use CentOS5................... no go, i will not use any precompiled problems > you can also use PHP 5.2............... and i can compile with gcc 2.95 still ? > but does it make sense over the long? you ask to much :) > problems are not solved by sit them out thats why i use opensource, maybe i get it wrong, but this is my life From skdovecot at smail.inf.fh-brs.de Wed Mar 6 08:25:46 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 07:25:46 +0100 (CET) Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <20130305230602.GA17283@daniel.localdomain> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130305230602.GA17283@daniel.localdomain> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, Daniel Parthey wrote: > Noel Butler wrote: >> On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: >>> On 3/5/2013 7:34 AM, Simon Brereton wrote: >>> >>>> What's the recommended approach then? Pack it all into dovecot.conf >>>> as it was before, or use the split config files under conf.d/ - is >>>> this even a choice? >>> >>> Split configs are nicer and easier to work with and I am all for nicer >>> and easier. >> >> WTF? Everything in one file is much nicer and easier, and you don't >> have to guess what option is in what file > > We're using a single file too, since this can be easily managed by > a configuration management system and avoids unexpected changes. A single file with just one place a configuration setting might exist is easier for novices or installations without (half-)automatic processing, I agree with Noel. But I wonder why this is true for a configuration management system? Esp. then I would consider to put local options into yet another file is easier to manage and more robust. > Split files might get accidentally updated or added on package > updates and change the behaviour of your whole mail system. In Dovecot I can override any setting of the default files with conf.d/99-my-XYZ.conf, so the package management of the distribution keeps its hands off my files and my conf management system doesn't interfere with the packager and/or original author. I would expect a monolitic file to break easier, when an automatic script changes something therein. I do not have good experience with all-in-one config files and automatic processing. At least comments got screwed up. I want to enable ACLs, so I add conf.d/99-my-acl.conf protocol imap { mail_plugins = $mail_plugins imap_acl } plugin { acl = vfile } plugin { acl_shared_dict = proxy::acl } dict { acl = pgsql:[...]/dovecot-dict-sql.conf.ext } This file is part of my conf management system, but I leave 10-mail.conf and 20-imap.conf alone. If I change my ACL setting, I (well, the script or management system) need to fiddle in one small file with dramatic less places to get something wrong. One GoodThing(tm) with Dovecot is that you can have both: one monolitic flat file (no !include in primary .conf) and split files. That's however opens the probability for flame wars about what's better. ;-) Kind regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTbhal3r2wJMiz2NAQL1Ugf/bDDgLKG5yZ1heAT/l0wIi1/VcFJNsAvH IDQ9rjrbr2p22oFMvhWnVW4+97kwwO/yVg1am2mutFW8sjolIrkgbMYpVIh71QvC +rh+NRIk3WEuzZ8tlmE2g8r+5Hmy4G7qsckR4DkK/ciqgPWiYXdjLgrz5MS9+z37 kzn++riNc5XaDAve5poaayvAnuu36+NNMaxDfh0S1yACxfh0XXZR/xiXe3PC1qQo +pb5Dy69R+aEqvYSDWcpuUyjAF/eEcyDnS2/ZPSY9ZVFCxPw3RkH5iSN/msuy5P7 YIij4AUXXqLLQVL99mHliG3fpwq5z/ngXRSjsDn5u23PXz5JQy/ojw== =2EA7 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Mar 6 08:40:00 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 07:40:00 +0100 (CET) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1362547151954-40634.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 5 Mar 2013, pvsuja wrote: > I have installed Dovecot 2.2 Unstable in my Ubuntu 12.04 with ssl enabled > But when I am starting dovecot, I am getting the following error > > *doveconf: Fatal: Error in configuration file > /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: > ssl_cert* What's line #12 in /usr/local/etc/dovecot/conf.d/10-ssl.conf ? Does it match http://wiki2.dovecot.org/SSL ? What's your doveconf -n output? Does ./sbin/dovecot --build-options tells you that SSL is build in at all? Are you sure that you try to start Dovecot v2 rather than Dovecot v1? I mean, maybe you have multiple versions of Dovecot on your system and the init script starts another binary with the new config. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTbkwF3r2wJMiz2NAQIx2wf+J4Jl2j6V45T+F7wrezB4Da4O3oimHgN3 7MKwi07kxFcsXyexmvEPQFBJGZuit6Kh7fsr/HQ06LD1+mMNOQbQKKpQPR9Ohc6M VQ6GrVC0geHYRLohUkvUoU450HqXWwa3bM5w57phlAaWp4js6+orQ/OcY+hO1x1U f0SR0P6dmJa9pelbarqRvWzACpVWzOd3WVB8LB43S08tI/dY2bxRjmEuQPUcwdfh J5CX1YeJ3JZyQr5kp95+KWvUXnLM2jHU8VQXaOTn7dWC3+dZ/FgYUMgcD1cgQmDt v+Q0ceyID7N/A/c1tAzq8BbNu3MbOLunCMjIIW4JyJFHryOgP7UGfQ== =RHx6 -----END PGP SIGNATURE----- From p at sys4.de Wed Mar 6 08:40:57 2013 From: p at sys4.de (Patrick Ben Koetter) Date: Wed, 6 Mar 2013 07:40:57 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: References: Message-ID: <20130306064057.GA7219@sys4.de> Simon, * Simon Brereton : > I'm about to upgrade to 2.1.7 in my test environment, but "doveconf > -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I > am unsure how to proceed. I know a lot has changed between them, so I > don't really want to have to start from scratch unless I have to. unless you have spent hours tweaking your config, setting up Dovecot 2.x should be fairly easy. If your old config isn't too complex I wouldn't waste time discussing this problem, but move on to create it from scratch in 2.x. p at rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From stsiol at yahoo.co.uk Wed Mar 6 08:59:39 2013 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Wed, 6 Mar 2013 06:59:39 +0000 (GMT) Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <51366898.80806@thelounge.net> References: <28ac208a657d1eb650939f50f8dd422d@junc.eu> <51366898.80806@thelounge.net> Message-ID: <1362553179.20284.YahooMailNeo@web28802.mail.ir2.yahoo.com> ----- Original Message ----- > From: Reindl Harald > To: dovecot at dovecot.org > Cc: > Sent: Tuesday, 5 March 2013, 23:50 > Subject: Re: [Dovecot] Upgrading 1.2 to 2.x > > > > Am 05.03.2013 22:24, schrieb Benny Pedersen: >> Simon Brereton skrev den 2013-03-05 15:30: >> >>>> honestly, especially because "a lot has changed between > them" >>>> I would start from scratch. >> >> as same as saying if new iso file is out anyone need to delete there old > servers ? > > and you think convert a configration file to a new syntax is the > same as reinstall the whole OS? > >>> I'd prefer to have a semi-decent config to work from without having > to >>> research 100 new variable names and values.? The migration tool exists > for >>> a reason. >> >> dovecot -n is simple enough, but what about layouts ?, and will dovecot 2.x > understand maildirs same way as it was >> under dovecot 1.x, nothing changed ? >> >> wiki.dovecot.org still exists so it should be safe to stay on 1.x :) > > well you can also use CentOS5................... > you can also use PHP 5.2............... > but does it make sense over the long? > > problems are not solved by sit them out > Don't know if you are interested in this, but I always document installations and procedures. Extensively . . . HTH, s. ? ---- "I merely function as a channel that filters? music through the chaos of noise" - Vangelis From pvsuja at gmail.com Wed Mar 6 10:01:07 2013 From: pvsuja at gmail.com (pvsuja) Date: Wed, 6 Mar 2013 00:01:07 -0800 (PST) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: References: <1362547151954-40634.post@n4.nabble.com> Message-ID: <1362556867785-40640.post@n4.nabble.com> Line #12 is ssl_cert = doveconf: Fatal: Error in configuration file /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: ssl_cert* ./sbin/dovecot --build-options gives: *Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 Mail storages: shared mdbox sdbox maildir mbox cydir imapc_stub pop3c_stub raw SQL drivers: Passdb: checkpassword passwd passwd-file shadow Userdb: checkpassword nss passwd prefetch passwd-file * Note: I have not changed any settings. Simply copied from example_config and tried doveconf and getting this error. -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40640.html Sent from the Dovecot mailing list archive at Nabble.com. From goetz.reinicke at filmakademie.de Wed Mar 6 10:07:46 2013 From: goetz.reinicke at filmakademie.de (=?ISO-8859-15?Q?G=F6tz_Reinicke_-_IT_Koordinator?=) Date: Wed, 06 Mar 2013 09:07:46 +0100 Subject: [Dovecot] Suggestions for upgrading dovecot 1.0.7 Redhat EL 5.x - DONE In-Reply-To: <512C97A4.9050801@filmakademie.de> References: <512C97A4.9050801@filmakademie.de> Message-ID: <5136F952.30801@filmakademie.de> Am 26.02.13 12:08, schrieb G?tz Reinicke - IT Koordinator: <...> Hi folks, after some different considerations, we decided to do "just" a minor upgrade on the old/current hardware and OS version. We did the rpm upgrade from 1.0.x to 1.2.x and for now there are no problems. Just a few more warnings regarding "Corrupted index cache file". But no user complains. From my POV there is a significant performance boost on my large mailboxes... At the time we can get new hardware and maybe change some other things in our setup we will go wit 2.x I bet. so thanks for al the feedback! Regards . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5174 bytes Desc: S/MIME Kryptografische Unterschrift URL: From goetz.reinicke at filmakademie.de Wed Mar 6 10:15:48 2013 From: goetz.reinicke at filmakademie.de (=?ISO-8859-15?Q?G=F6tz_Reinicke_-_IT_Koordinator?=) Date: Wed, 06 Mar 2013 09:15:48 +0100 Subject: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) Message-ID: <5136FB34.5010802@filmakademie.de> Hi, currently I have one new user with a problem. When she logs in to dovecot with pop3 from her apple mail, dovecot tells problems with the +w permission. Error: open(/var/mail/******) failed: Permission denied (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail) /var/mail is rw by root.mail I cant see why just this particular user has that problem/gets that messages. AFAIK no one changed any default permissions on directories or set different users. What could be "wrong"? Any suggestions is welcome. Regards . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5174 bytes Desc: S/MIME Kryptografische Unterschrift URL: From professa at dementianati.com Wed Mar 6 10:38:36 2013 From: professa at dementianati.com (Professa Dementia) Date: Wed, 06 Mar 2013 00:38:36 -0800 Subject: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) In-Reply-To: <5136FB34.5010802@filmakademie.de> References: <5136FB34.5010802@filmakademie.de> Message-ID: <5137008C.2040504@dementianati.com> On 3/6/2013 12:15 AM, G?tz Reinicke - IT Koordinator wrote: > Hi, > > currently I have one new user with a problem. When she logs in to > dovecot with pop3 from her apple mail, dovecot tells problems with the > +w permission. > > Error: open(/var/mail/******) failed: Permission denied > (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail) > > /var/mail is rw by root.mail > > I cant see why just this particular user has that problem/gets that > messages. > > AFAIK no one changed any default permissions on directories or set > different users. > > What could be "wrong"? Any suggestions is welcome. Filesystem ACLs? Dem From simon.buongiorno at gmail.com Wed Mar 6 11:19:52 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Wed, 6 Mar 2013 10:19:52 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <1362522319.4083.5.camel@tardis> References: <1362522319.4083.5.camel@tardis> Message-ID: On 5 March 2013 23:25, Noel Butler wrote: > On Tue, 2013-03-05 at 11:33 +0100, Simon Brereton wrote: > >> Hi >> >> I'm about to upgrade to 2.1.7 in my test environment, but "doveconf >> -n -c dovecot.1.conf > dovecot.2.conf" is producing a blank file, so I >> am unsure how to proceed. I know a lot has changed between them, so I >> don't really want to have to start from scratch unless I have to. >> >> I have tried both as my user and with sudo. >> >> Simon > > > Sounds like symptom of an error or something in 1.conf, I found > converting that if it strikes something it does not like it bails there > and then, but it gave me about 80% conversion, only requiring tweaking > to finalise it, however it did not convert quota stuff to new format so > start that from scratch. > > When you run convert it usually spits out what it is, or is not doing, > that must give you some clue. > > and should matter what UID you are on, so long as you have read access > to 1.conf and write access to 2.conf So many replies - I feel like a celebrity! :) Noel - this is what I get when I run the command. As you can see dovecot.2.conf is empty afterwards. sbuongiorno at local:~$ doveconf -n -c dovecot.1.conf > dovecot.2.conf doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in dovecot.1.conf:4: 'imaps' protocol is no longer necessary, remove it doveconf: Warning: Obsolete setting in dovecot.1.conf:4: 'pop3s' protocol is no longer necessary, remove it doveconf: Warning: Obsolete setting in dovecot.1.conf:5: ssl_ca_file has been replaced by ssl_ca = References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130305230602.GA17283@daniel.localdomain> <1362535056.5343.16.camel@tardis> Message-ID: On 6 March 2013 02:57, Noel Butler wrote: > On Wed, 2013-03-06 at 00:06 +0100, Daniel Parthey wrote: > > >> > WTF? Everything in one file is much nicer and easier, and you don't >> > have to guess what option is in what file >> >> We're using a single file too, since this can be easily managed by >> a configuration management system and avoids unexpected changes. >> > > > Exactly, and even if management tools were not in play, it would still > be easier for a novice to check out a directive setting. :%s/novice/idiots like Simon/g ;) Simon From skdovecot at smail.inf.fh-brs.de Wed Mar 6 12:35:56 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 11:35:56 +0100 (CET) Subject: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) In-Reply-To: <5136FB34.5010802@filmakademie.de> References: <5136FB34.5010802@filmakademie.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, G?tz Reinicke - IT Koordinator wrote: > currently I have one new user with a problem. When she logs in to > dovecot with pop3 from her apple mail, dovecot tells problems with the > +w permission. > > Error: open(/var/mail/******) failed: Permission denied > (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail) > > /var/mail is rw by root.mail Does /var/mail/****** already exist? Do you have a mbox there and Dovecot needs to create a lock file there? If so, try flock. v2.2 has: # Which locking methods to use for locking mbox. There are four available: # dotlock: Create .lock file. This is the oldest and most NFS-safe # solution. If you want to use /var/mail/ like directory, the users # will need write access to that directory. # dotlock_try: Same as dotlock, but if it fails because of permissions or # because there isn't enough disk space, just skip it. # fcntl : Use this if possible. Works with NFS too if lockd is used. # flock : May not exist in all systems. Doesn't work with NFS. # lockf : May not exist in all systems. Doesn't work with NFS. # # You can use multiple locking methods; if you do the order they're declared # in is important to avoid deadlocks if other MTAs/MUAs are using multiple # locking methods as well. Some operating systems don't allow using some of # them simultaneously. #mbox_read_locks = fcntl #mbox_write_locks = dotlock fcntl dotlock will fail in your system. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTccDF3r2wJMiz2NAQIUFQf/QhJ2H1/ke4JrmAn15FbRkhsQS+LiyC2L WfaWvpvXSq3OjUzVQt5VflvPaeHjCS5OcDQzGufLo1ZeNT0rZMvfR7T9Ks59mFYb WRlSFZAsGkbxomlKZnt90CkFJqD0QZvIYya3Tp0Ca0NxHVaaSia601cINhVDwGY6 /VxPzwgIMPwM7gzTdjz9PqRhsXtifbl9/oo4ac3IJ2qAm2Wg/q6WL3u1+TTcnBpM KOlNLqSzU6eqaxEXUzKKHIEFDWR1Qg4Qo6oGsS0sL4w2KBtoXfzy1KdRHxeWPrrK 9a5eHdsyD/DVIC8Ouz0zJar3FenbWv0+MblK1jtdeSW/VayQwFKVkQ== =FBCf -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Mar 6 12:39:45 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 11:39:45 +0100 (CET) Subject: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) In-Reply-To: <5136FB34.5010802@filmakademie.de> References: <5136FB34.5010802@filmakademie.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, G?tz Reinicke - IT Koordinator wrote: > currently I have one new user with a problem. When she logs in to > dovecot with pop3 from her apple mail, dovecot tells problems with the > +w permission. > > Error: open(/var/mail/******) failed: Permission denied > (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail) > > /var/mail is rw by root.mail Do the other users have "mail" as secondary group? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTcc8V3r2wJMiz2NAQKwJAgAvtb4/Uot+KyXI1Xcbo9nvcLSPO4aPkXw YxRXQLLYwSeLuvygHOEu+3Y3eMJi7Y2BmUMuK5/8ZZLP6en7vfxCYuwGmcnfnO0A hqZYbddTGablWfgIO3aJDm0BWCs30g5IeRYwdVKajv8b4ldFOEex7msDJ01Ryw6E MtlrQ+ODw1/79xvnyGWExt6YNm4Du8HZtohD2Ol5rwdJ6tfBVxmw07vWlJVoHv/L iBZZiQcEJp2yphwKvxaRTTPjw7z2SexNY5VogTHWGspa6MaSwLZG6HK8Td630GIp V5vpUmaqHUCPOph5xebPJV3/MWkczf15axUvU2Dz0q4JisiNePV45g== =c0P3 -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Wed Mar 6 12:47:04 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 11:47:04 +0100 (CET) Subject: [Dovecot] Bug in maildir-size-fix.pl (was Broken physical size caching in Dovecot 2.1.10) In-Reply-To: <1361026252.3230.58.camel@hurina> References: <79BDD400309473478C82105B02CD6AA6112D9F@EXCH2010.heartoffice.co.uk> <1360030002.10326.52.camel@innu> <511B7DAF.30109@heartinternet.co.uk> <1361026252.3230.58.camel@hurina> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 16 Feb 2013, Timo Sirainen wrote: > BTW. http://dovecot.org/tools/maildir-size-fix.pl has been updated to > work with compressed files also, making maildir-size-check.sh obsolete. This script seems to be broken for v1.x uidlist files, because those do not have a ":" preceeding the filename always. Therefore the condition never matches. Attached patch corrects that. - --- maildir-size-fix.pl_orig 2013-03-06 09:20:53.000000000 +0100 +++ maildir-size-fix.pl_origExtraFix 2013-03-06 11:26:24.000000000 +0100 @@ -130,3 +130,3 @@ chomp $_; - - if (/^(\d+) ([^:]*)?:(.*)$/) { + if (/^(\d+) ([^:]*:)?(.*)$/) { my ($uid, $extra, $fname) = ($1, $2, $3); @@ -135,12 +135,15 @@ $base_fname =~ s/:.*$//; - - my $new_fname = $base_renames{$base_fname}; - - if (!$new_fname || !$preserve_pop3_uidl || $extra =~ /\bP/) { - - $fname = $new_fname if ($new_fname); - - print $fout "$uid $extra:$fname\n"; - - } else { - - $fname =~ s/:.*$//; - - print $fout "$uid P$fname $extra:$new_fname\n"; + if(exists $base_renames{$base_fname}) { + # filename changes + $extra = ":" unless defined $extra; # v2 uidlist has : always + print $fout $uid; + if ($preserve_pop3_uidl && $extra !~ /\bP/) { + print $fout " P", $base_fname; + } + print $fout " ", $extra, $base_renames{$base_fname}, "\n"; + } else { # no new name, keep line unchanged + print $fout $_, "\n"; } } else { - - print $fout "$_\n"; + print $fout $_, "\n"; } - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTceqF3r2wJMiz2NAQLEvgf9GcSFXRy3sdu6zTsBpD7csgtgUGbrbDxD z2zWtAsyGL61giNGEemaP+l4aZazS3dR8eby3uCrttduoAJ6ZEKm/H3pzHF9cTDd +LLZbw2Kz//ckdAWTaLEt3QoWzKgjMkyYrgVpHyP5OGsz8ZcKtpQ58/E2c3rQXnf WFX2f0P9edtM8ShVwbhYRozPnCXp54E/YW/ro37esJgAPTySY/pqyfrTEt38GhIH z3L30nIm1Cs83X4hRezMz6xQAWghnbJy4MttAZy6NSur5riHp5oZVWDR3fkAD89t +gh5q3+d6fBbTsLmi1I4E/r3qrtqcFHNmmdrP82YXtTL7SiCAMdlHw== =K0Vm -----END PGP SIGNATURE----- From goetz.reinicke at filmakademie.de Wed Mar 6 13:02:20 2013 From: goetz.reinicke at filmakademie.de (=?ISO-8859-15?Q?G=F6tz_Reinicke_-_IT_Koordinator?=) Date: Wed, 06 Mar 2013 12:02:20 +0100 Subject: [Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17) - SOLVED In-Reply-To: <5136FB34.5010802@filmakademie.de> References: <5136FB34.5010802@filmakademie.de> Message-ID: <5137223C.9040209@filmakademie.de> Thanks for all suggestions! "mail_privileged_group = mail" did the magic. I'v read the V1.0 -> 1.1 -> 1.2, but did not read ALL config options in the new dovecot.conf. /G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at filmakademie.de Filmakademie Baden-W?rttemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: J?rgen Walter MdL Staatssekret?r im Ministerium f?r Wissenschaft, Forschung und Kunst Baden-W?rttemberg Gesch?ftsf?hrer: Prof. Thomas Schadt -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5174 bytes Desc: S/MIME Kryptografische Unterschrift URL: From jg at softjury.de Wed Mar 6 13:52:32 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Wed, 06 Mar 2013 12:52:32 +0100 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1362556867785-40640.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> Message-ID: <51372E00.8000702@softjury.de> Am 06.03.2013 09:01, schrieb pvsuja: > Line #12 is > ssl_cert = > doveconf -n gives the error: > > <b>doveconf: Fatal: Error in configuration file > /usr/local/etc/dovecot/conf.d/10-ssl.conf line 12: Unknown setting: > ssl_cert* > Please post your 10-ssl.conf file on Pastebin and add the link. Greetings, Jan From amateo at um.es Wed Mar 6 14:15:02 2013 From: amateo at um.es (Angel L. Mateo) Date: Wed, 06 Mar 2013 13:15:02 +0100 Subject: [Dovecot] Lot of dovecot process writes Message-ID: <51373346.6010708@um.es> Hello, While monitoring my servers' behaviour (ubuntu 12.04 with dovecot 2.1.9, with about 70000 users) I have found that lots of disk usage is done by dovecot process (the parent process). Since lmtp, imap and pop3 connections are handle by their own process, what could be the reason of this? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.19um1 x86_64 Ubuntu 12.04.2 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_verbose = yes default_process_limit = 1024 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_access_groups = vmail mail_gid = vmail mail_location = maildir:~/Maildir:INDEX=/var/indexes/%2Ln/%Ln mail_plugins = quota zlib lazy_expunge acl mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 20 M namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes cache_key=%Ln dovecot driver = pam } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=3600 lazy_expunge = BORRADOS. quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0777 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = } From rs at sys4.de Wed Mar 6 14:22:10 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 06 Mar 2013 13:22:10 +0100 Subject: [Dovecot] Lot of dovecot process writes In-Reply-To: <51373346.6010708@um.es> References: <51373346.6010708@um.es> Message-ID: <513734F2.60902@sys4.de> Am 06.03.2013 13:15, schrieb Angel L. Mateo: > Hello, > > While monitoring my servers' behaviour (ubuntu 12.04 with dovecot > 2.1.9, with about 70000 users) I have found that lots of disk usage is > done by dovecot process (the parent process). Since lmtp, imap and pop3 > connections are handle by their own process, what could be the reason of > this? > maildir may no be optimal for such high amount of users, use i.e mdbox http://wiki2.dovecot.org/MailboxFormat/dbox Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From amateo at um.es Wed Mar 6 14:44:05 2013 From: amateo at um.es (Angel L. Mateo) Date: Wed, 06 Mar 2013 13:44:05 +0100 Subject: [Dovecot] Lot of dovecot process writes In-Reply-To: <513734F2.60902@sys4.de> References: <51373346.6010708@um.es> <513734F2.60902@sys4.de> Message-ID: <51373A15.4070800@um.es> El 06/03/13 13:22, Robert Schetterer escribi?: > Am 06.03.2013 13:15, schrieb Angel L. Mateo: >> Hello, >> >> While monitoring my servers' behaviour (ubuntu 12.04 with dovecot >> 2.1.9, with about 70000 users) I have found that lots of disk usage is >> done by dovecot process (the parent process). Since lmtp, imap and pop3 >> connections are handle by their own process, what could be the reason of >> this? >> > > maildir may no be optimal for such high amount of users, use i.e mdbox > > http://wiki2.dovecot.org/MailboxFormat/dbox > I know this. We are planning to migrate to dbox, but in a multiserver environment like ours is not so trivial because of indexes (we tried it with indexes in nfs storage but performance was poor). In any case, I don't understand why dovecot parent process has these huge amount of IO, since, I guess, IO should be done by user's processes (lmtp, imap or pop), not dovecot parent. My only hypothesis is related with log messages, but then IO should be done by rsyslog process, not dovecot, shouldn't it? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From rs at sys4.de Wed Mar 6 14:54:50 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 06 Mar 2013 13:54:50 +0100 Subject: [Dovecot] Lot of dovecot process writes In-Reply-To: <51373A15.4070800@um.es> References: <51373346.6010708@um.es> <513734F2.60902@sys4.de> <51373A15.4070800@um.es> Message-ID: <51373C9A.9000802@sys4.de> Am 06.03.2013 13:44, schrieb Angel L. Mateo: > El 06/03/13 13:22, Robert Schetterer escribi?: >> Am 06.03.2013 13:15, schrieb Angel L. Mateo: >>> Hello, >>> >>> While monitoring my servers' behaviour (ubuntu 12.04 with dovecot >>> 2.1.9, with about 70000 users) I have found that lots of disk usage is >>> done by dovecot process (the parent process). Since lmtp, imap and pop3 >>> connections are handle by their own process, what could be the reason of >>> this? >>> >> >> maildir may no be optimal for such high amount of users, use i.e mdbox >> >> http://wiki2.dovecot.org/MailboxFormat/dbox >> > I know this. We are planning to migrate to dbox, but in a > multiserver environment like ours is not so trivial because of indexes > (we tried it with indexes in nfs storage but performance was poor). yes ,migrations on big systems, are always difficult > > In any case, I don't understand why dovecot parent process has these > huge amount of IO, since, I guess, IO should be done by user's processes > (lmtp, imap or pop), not dovecot parent. > > My only hypothesis is related with log messages, but then IO should > be done by rsyslog process, not dovecot, shouldn't it? dont think that this has impact, what about upgrading to recent version first, dont speculate, do real analysis after all with such amount of users , you might want to use Professional Services i.e http://www.dovecot.fi/services-and-solutions/ for optimizing your setup. > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From hmoreno at gmv.com Wed Mar 6 16:27:16 2013 From: hmoreno at gmv.com (=?iso-8859-1?Q?H=E9ctor_Moreno_Blanco?=) Date: Wed, 6 Mar 2013 14:27:16 +0000 Subject: [Dovecot] problem with charset and encoding Message-ID: Hello everyone, We are having some troubles since we updated dovecot from 2.0.10 to 2.1.6. With 2.0.10 with messages with this headers: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Showed the special characters fine. However, with this new version, there are special characters that are not correctly showed. For example: "Su c=F3digo de activaci=F3n " must be "Su c?digo de activaci?n ", but in all email clients, even in webmail, is showed like the first way without decoding it. Maybe some configuration or libraries I missed? Could you please help us with this? Thank you very much in advanced. Kind regards, H?ctor Moreno Blanco. P Please consider the environment before printing this e-mail. ______________________ This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it. ______________________ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener informacion clasificada por su emisor como confidencial en el marco de su Sistema de Gestion de Seguridad de la Informacion siendo para uso exclusivo del destinatario, quedando prohibida su divulgacion copia o distribucion a terceros sin la autorizacion expresa del remitente. Si Vd. ha recibido este mensaje erroneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboracion. ______________________ From skdovecot at smail.inf.fh-brs.de Wed Mar 6 18:59:54 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 6 Mar 2013 17:59:54 +0100 (CET) Subject: [Dovecot] Bug in maildir-size-fix.pl (was Broken physical size caching in Dovecot 2.1.10) In-Reply-To: References: <79BDD400309473478C82105B02CD6AA6112D9F@EXCH2010.heartoffice.co.uk> <1360030002.10326.52.camel@innu> <511B7DAF.30109@heartinternet.co.uk> <1361026252.3230.58.camel@hurina> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, Steffen Kaiser wrote: Sorry for the noise, you cannot upgrade V1 uidlist files to V3 ones on the fly with this script, hence, this match: > chomp $_; > - if (/^(\d+) ([^:]*)?:(.*)$/) { > + if (/^(\d+) ([^:]*:)?(.*)$/) { > my ($uid, $extra, $fname) = ($1, $2, $3); breaks IMAP UIDs afterwards, so the patch for maildir-size-fix.pl is nonsense. I wonder why it worked in first tests ... . - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTd2Cl3r2wJMiz2NAQI69Qf+MpXpakEW02Yo2vAq+Z/aScpWTlurZBAD heBYWemoCeQ5liZYhPC/JbVlhhg6EH39WxvUtN8tMl3Cr7YZHIbZsguij3jR/+al +mYQ1BFpkSX0TUP8xTda82J2ShKEsEDMQLlaayXRZjod87LV6UcKlwRG4Gqr7Eho l382HgHb6XOiYe5bVyVXiwAvolHm1C9OmV50/cgLtrkWC+fKXbU0iP92HbLIobZI 2qkuL3yzLDdyGRJCFJhIlaGOyg/KS9hSZrckMX/giEVQlr2RYqpzc7cT0R38A6Bp QvbV8Lw4VuESLtRO+NtZQ+bV4mhuiwLKVNpb4XVp33ohKcSUBT5xXA== =y99O -----END PGP SIGNATURE----- From ivars.strazdins at gmail.com Wed Mar 6 22:49:49 2013 From: ivars.strazdins at gmail.com (=?iso-8859-4?Q?Ivars_Strazdi=F1=B9?=) Date: Wed, 6 Mar 2013 22:49:49 +0200 Subject: [Dovecot] failing ssl authentication Message-ID: Hi, I have a fairly basic dovecot 2.0.19 configuration on Ubuntu 12.04 LTS server with self signed certificates and "ssl = required" option set. It had been working for years flawlessly (including upgrade from 1.x to 2.0.19). Please see full "dovecot -n" output at the end of this post. Until recently, new mail user agents (MUA) are having problems. I cannot pass the account creation step, MUA says that there is some problem. I tried to isolate the problem and did some testing with various combinations of MUA and OS and I am still confused where is the problem - in dovecot, self signed certificates (in operation since 2003, expires this summer), or MUA, or operating system. All tests done with IMAP. For example, Recent Thunderbird versions (>10) do not work at all on most OS'es (tried Windows, Linux, OS X). Actually, v10 does not let me setup an account, but there is a way to get through by clicking on Advanced button. Then the account in Thunderbird is created. After that all works fine and Thunderbird can even be upgraded to the latest version. Windows Live Mail 2012 (former Outlook Express) works on Windows XP and Windows 7, but fails on Windows 8. dovecot.log gets this: 2013-03-06 22:44:38 imap-login: Info: Disconnected (no auth attempts): rip=x.x.x.x, lip=y.y.y.y, TLS handshaking: Disconnected Outlook 2013 does not work in either Windows 7 or Windows 8. Dovecot log for Outlook 2013 looks good, but Outlook complains. 2013-03-06 18:38:22 imap-login: Info: Login: user=, method=PLAIN, rip=x.x.x.x lip=y.y.y.y, mpid=16801, TLS I enabled verbose_ssl = yes in dovecot configuration, and all failing attempts produce this type of log 2013-03-06 22:34:10 imap-login: Warning: SSL failed: where=0x2002: SSLv3 read client certificate A [x.x.x.x] What does this mean - a problem with certificate on the client side, MUA, that is? How could this be cured then? Thanks for your time and patience! Ivars doveconf -n output: # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-37-virtual x86_64 Ubuntu 12.04.2 LTS auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-master auth_verbose = yes default_process_limit = 300 info_log_path = /var/log/dovecot-info.log lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes log_path = /var/log/dovecot.log log_timestamp = "%Y-%m-%d %H:%M:%S " mail_fsync = never mail_location = maildir:~/Maildir:INBOX=~/Maildir:LAYOUT=fs mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { driver = pam } plugin { antispam_backend = mailtrain antispam_mail_notspam = --ham antispam_mail_sendmail = /usr/local/sbin/antispam.sh antispam_mail_sendmail_args = -f;%u at edited.domain antispam_mail_spam = --spam antispam_spam = junk antispam_trash = Trash autocreate = junk autocreate2 = Sent autocreate3 = Drafts autocreate4 = Trash autosubscribe = junk autosubscribe2 = Sent autosubscribe3 = Drafts autosubscribe4 = Trash fts = squat fts_squat = partial=4 full=10 mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mail_log_fields = from, subject, flags, uid, box, msgid, size sieve = ~/roundcube.sieve sieve_dir = ~/sieve } postmaster_address = postmaster protocols = " imap sieve pop3" service auth-worker { client_limit = 0 } service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = musers mode = 0660 user = root } user = root } service imap { process_limit = 1024 } service pop3 { process_limit = 1024 } ssl = required ssl_cert = References: Message-ID: <5137AD16.4090209@thelounge.net> Am 06.03.2013 21:49, schrieb Ivars Strazdi??: > I have a fairly basic dovecot 2.0.19 configuration on Ubuntu 12.04 LTS server with self signed certificates and "ssl = required" option set well, do not use self sigend certificates at all for anybody but yourself - for several reasons: * users will complain because they do not understand the warnings * users get trained monkeys which ignore any warnings over the time -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From ivars.strazdins at gmail.com Wed Mar 6 23:14:23 2013 From: ivars.strazdins at gmail.com (=?iso-8859-4?Q?Ivars_Strazdi=F1=B9?=) Date: Wed, 6 Mar 2013 23:14:23 +0200 Subject: [Dovecot] failing ssl authentication In-Reply-To: <5137AD16.4090209@thelounge.net> References: <5137AD16.4090209@thelounge.net> Message-ID: <60151C89-D4A8-4BC5-9D53-9A3E23452101@gmail.com> On 2013. gada 6. marts, at 22:54, Reindl Harald wrote: > > well, do not use self sigend certificates at all I appreciate your advice, but anyway would like to understand why this problem started to appear only recently. Kind regards, Ivars From slitt at troubleshooters.com Wed Mar 6 23:29:34 2013 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 6 Mar 2013 16:29:34 -0500 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <51361D16.5090408@dementianati.com> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> Message-ID: <20130306162934.0acca3e0@mydesk> On Tue, 05 Mar 2013 08:28:06 -0800 Professa Dementia wrote: > On 3/5/2013 7:34 AM, Simon Brereton wrote: > > > What's the recommended approach then? Pack it all into dovecot.conf > > as it was before, or use the split config files under conf.d/ - is > > this even a choice? > > Split configs are nicer and easier to work with and I am all for > nicer and easier. > > Dem I couldn't disagree more. With everything in one file, you use your editor's search facility instead of needing to use grep on everything. You see everything by scanning up and down instead of changing windows or buffers. Copy and paste is harder between files than within one. When changing or experimenting, you need to make backup copies of more files. With one file, you always know which file to put something in, and you run less risk of duplicates. I see the attraction of a separate file for a separate and distinct facility added by the site administrator, but otherwise, I'm a big fan of the one file config. SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance From slitt at troubleshooters.com Wed Mar 6 23:42:01 2013 From: slitt at troubleshooters.com (Steve Litt) Date: Wed, 6 Mar 2013 16:42:01 -0500 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <1362522471.4083.7.camel@tardis> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> Message-ID: <20130306164201.789d0da8@mydesk> On Wed, 06 Mar 2013 08:27:51 +1000 Noel Butler wrote: > On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: > > > On 3/5/2013 7:34 AM, Simon Brereton wrote: > > > > > What's the recommended approach then? Pack it all into > > > dovecot.conf as it was before, or use the split config files > > > under conf.d/ - is this even a choice? > > > > Split configs are nicer and easier to work with and I am all for > > nicer and easier. > > > > Dem > > > WTF? Everything in one file is much nicer and easier, and you don't > have to guess what option is in what file Here's a question for both of you: 1) Is there any reason someone could not, after the fact, cut parts of the main file and put that cut into conf.d? 2) Is there any reason someone could not, after the fact, cut parts out of the conf.d files and paste them into the main files, perhaps adding a comment as to where they were originally? If both of those are possible, although we could still argue which should be the default (and I strongly believe in one file), at least each of us can have our own way with a half hour of work. Thanks, SteveT Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance From h.reindl at thelounge.net Wed Mar 6 23:50:34 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 06 Mar 2013 22:50:34 +0100 Subject: [Dovecot] failing ssl authentication In-Reply-To: <60151C89-D4A8-4BC5-9D53-9A3E23452101@gmail.com> References: <5137AD16.4090209@thelounge.net> <60151C89-D4A8-4BC5-9D53-9A3E23452101@gmail.com> Message-ID: <5137BA2A.60603@thelounge.net> Am 06.03.2013 22:14, schrieb Ivars Strazdi??: > On 2013. gada 6. marts, at 22:54, Reindl Harald wrote: >> >> well, do not use self sigend certificates at all > > I appreciate your advice, but anyway would like to understand why this problem started to appear only recently. maybe because client software tries to make et harder and harder blidnly import and accpet any sort of untrusted cerificates and making things harder leads for the ordinary user in impossible -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From h.reindl at thelounge.net Wed Mar 6 23:53:21 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Wed, 06 Mar 2013 22:53:21 +0100 Subject: [Dovecot] Upgrading 1.2 to 2.x In-Reply-To: <20130306164201.789d0da8@mydesk> References: <51360F06.5010800@dementianati.com> <51361D16.5090408@dementianati.com> <1362522471.4083.7.camel@tardis> <20130306164201.789d0da8@mydesk> Message-ID: <5137BAD1.3060903@thelounge.net> Am 06.03.2013 22:42, schrieb Steve Litt: > On Wed, 06 Mar 2013 08:27:51 +1000 > Noel Butler wrote: > >> On Tue, 2013-03-05 at 08:28 -0800, Professa Dementia wrote: >> >>> On 3/5/2013 7:34 AM, Simon Brereton wrote: >>> >>>> What's the recommended approach then? Pack it all into >>>> dovecot.conf as it was before, or use the split config files >>>> under conf.d/ - is this even a choice? >>> >>> Split configs are nicer and easier to work with and I am all for >>> nicer and easier. >>> >>> Dem >> >> >> WTF? Everything in one file is much nicer and easier, and you don't >> have to guess what option is in what file > > Here's a question for both of you: > > 1) Is there any reason someone could not, after the fact, cut parts of > the main file and put that cut into conf.d? > 2) Is there any reason someone could not, after the fact, cut parts out > of the conf.d files and paste them into the main files, perhaps > adding a comment as to where they were originally? > > If both of those are possible, although we could still argue which > should be the default (and I strongly believe in one file), at least > each of us can have our own way with a half hour of work. conf.d files are easier if the config is really large and for make it possible to add and remove pieces by software managment tools a monolithic config file is way better as long it is not too big at all because depending on your screen you can view most of the config at once and backup/restore is also much easier in many cases -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From pvsuja at gmail.com Thu Mar 7 06:26:18 2013 From: pvsuja at gmail.com (pvsuja) Date: Wed, 6 Mar 2013 20:26:18 -0800 (PST) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <51372E00.8000702@softjury.de> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> Message-ID: <1362630378275-40664.post@n4.nabble.com> I installed the stable version 2.1 and its working fine. Now there is a separate issue. I have set up my mail server to disable all plaintext auth. Now when i am trying to login with the imapcproxy, its giving error Unknown user/password The log says: In proxy: /mailproxy dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> / In server: /mailserver dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y/ Regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40664.html Sent from the Dovecot mailing list archive at Nabble.com. From shiquanwang at gmail.com Thu Mar 7 07:17:48 2013 From: shiquanwang at gmail.com (Shiquan Wang) Date: Thu, 7 Mar 2013 13:17:48 +0800 Subject: [Dovecot] Ask about IMAP UID Message-ID: Hi all, I am new to dovecot. I am trying to use offlineimap + dovecot + gnus for some emails on multiple machines. I need to use org-mode capture links on emails. I want to know if the same email will have the same IMAP UID on different machines given that they are synced by offlineimap to a local maildir and served by dovecot respectively. Best, Shiquan -- ??? Shiquan Wang ************************************************************************************** National Laboratory of Pattern Recognition (NLPR) Institute of Automation, Chinese Academy of Sciences(CASIA) No.95 ZhongGuanCun East Road, HaiDian District, Beijing, China, 100190 Tel: +86-10-62653768 Fax: +86-10-62551993 Email: sqwang at nlpr.ia.ac.cn / shiquanwang at gmail.com Homepage: http://www.cbsr.ia.ac.cn/users/sqwang/ ************************************************************************************** From h.reindl at thelounge.net Thu Mar 7 09:49:26 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 07 Mar 2013 08:49:26 +0100 Subject: [Dovecot] Ask about IMAP UID In-Reply-To: References: Message-ID: <51384686.1000905@thelounge.net> Am 07.03.2013 06:17, schrieb Shiquan Wang: > I am new to dovecot. I am trying to use offlineimap + dovecot + gnus for > some emails on multiple machines. > I need to use org-mode capture links on emails. > > I want to know if the same email will have the same IMAP UID on different > machines given that they are synced by offlineimap to a local maildir and > served by dovecot respectively no -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From skdovecot at smail.inf.fh-brs.de Thu Mar 7 09:55:01 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 7 Mar 2013 08:55:01 +0100 (CET) Subject: [Dovecot] Ask about IMAP UID In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Mar 2013, Shiquan Wang wrote: > I want to know if the same email will have the same IMAP UID on different > machines given that they are synced by offlineimap to a local maildir and > served by dovecot respectively. No, sync'ing does not include the UID. The UID is server-depended and may change across IMAP sessions, reflected by the change of UIDVALIDITY of the folder. However, Dovecot stores the UIDs in dovecot-uidlist files in each mailbox folder, so you could patch offlineimap to synchronize that file with the UIDs from the source IMAP server. But I think will get you other trouble. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThH1V3r2wJMiz2NAQJ3PAf+JUrPwxMoIfOcj/3Z9+JLJT7xOY8PVkeV htVx4dPSIKEQebRzHcjlCAbMwYNYHilsxxrZLsdQxLLMHt8RWQrt/uoyuPDiEE/s qRIiSvzNvAZPPhG8MmLuM9vAfFIjWQM0uL3kle0RNA21PtprMBqc8NNLouBtjIwx /2YMI+1JrhrT1w9Ydik+9dPNegWmFJaEogDc0V79iN9hIac2m26XXA3Fsq/n8Sso kmHcUqrYyW6OCNDRa0IaZZkG9nTBwaLsyGEy+777CK0dcLYYVbkujE7loddMesZF GcLr6lPsw9k6q+pLDnr8ocCoJb+69eZcDL8XR3gVndgcur7SKdca7w== =DPQP -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Mar 7 10:30:14 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 7 Mar 2013 09:30:14 +0100 (CET) Subject: [Dovecot] Core dump in 2.2.rc2 with FETCH 1 BODY.PEEK[ALL] Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Usingt ./sbin/dovecot --version 2.2.rc2 (7a08461c5559) with Maildir, 2 FETCH 1 BODY.PEEK[ALL] dumps core, bt full is: #0 0x00007fa166e721b5 in raise () from /lib/libc.so.6 No symbol table info available. #1 0x00007fa166e74fc0 in abort () from /lib/libc.so.6 No symbol table info available. #2 0x00007fa16721ac47 in default_fatal_finish (type=LOG_TYPE_PANIC, status=0) at failures.c:191 backtrace = 0x181e2d0 "/usr/local/dovecot-2.2.rc2/lib/dovecot/libdovecot.so.0(+0x78c20) [0x7fa16721ac20] -> /usr/local/dovecot-2.2.rc2/lib/dovecot/libdovecot.so.0(+0x7a0dd) [0x7fa16721c0dd] -> /usr/local/dovecot-2.2.rc2/lib"... #3 0x00007fa16721c0dd in i_internal_fatal_handler (ctx=0x7fffa3de5d90, format=0x7fa1675bbde1 "file %s: line %d: unreached", args=0x7fffa3de5d70) at failures.c:652 status = 0 #4 0x00007fa16721af90 in i_panic (format=0x7fa1675bbde1 "file %s: line %d: unreached") at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7fffa3de5e70, reg_save_area = 0x7fffa3de5da0}} #5 0x00007fa16759d415 in imap_msgpart_parse (section=0x181e278 "ALL", msgpart_r=0x18476c0) at imap-msgpart.c:291 msgpart = 0x1851c40 pool = 0x1851c20 i = 0 next_digit = true ret = 0 #6 0x000000000041e734 in imap_fetch_body_section_init (ctx=0x7fffa3de5fa0) at imap-fetch-body.c:358 body = 0x18476b8 list_args = 0x7fa1672152a7 list_count = 0 str = 0x0 p = 0x181e26e "" error = 0x7fffa3de6460 "\001" __FUNCTION__ = "imap_fetch_body_section_init" #7 0x000000000041d064 in fetch_body_init (ctx=0x7fffa3de5fa0) at imap-fetch.c:670 No locals. #8 0x000000000041b6b5 in imap_fetch_init_handler (init_ctx=0x7fffa3de5fa0) at imap-fetch.c:62 handler = 0x1827e10 lookup_name = 0x181e270 "BODY" p = 0x181e264 ".PEEK[ALL]" __FUNCTION__ = "imap_fetch_init_handler" #9 0x000000000040e6f5 in imap_fetch_cmd_init_handler (ctx=0x1847068, cmd=0x1846f60, name=0x181e260 "BODY.PEEK[ALL]", args=0x7fffa3de5fe8) at cmd-fetch.c:36 init_ctx = {fetch_ctx = 0x1847068, pool = 0x1846f40, name = 0x181e260 "BODY.PEEK[ALL]", args = 0x1829978, error = 0x0} __FUNCTION__ = "imap_fetch_cmd_init_handler" #10 0x000000000040e86d in fetch_parse_args (ctx=0x1847068, cmd=0x1846f60, arg=0x1829978, next_arg_r=0x7fffa3de6078) at cmd-fetch.c:69 str = 0x181e260 "BODY.PEEK[ALL]" macro = 0x0 #11 0x000000000040eef3 in cmd_fetch (cmd=0x1846f60) at cmd-fetch.c:258 client = 0x1846380 ctx = 0x1847068 args = 0x1829918 next_arg = 0x7fa166e75130 list_arg = 0x1847048 search_args = 0x1850c30 qresync_args = {qresync_sample_seqset = 0x1, qresync_sample_uidset = 0x41a22c} messageset = 0x1829a78 "1" send_vanished = false ret = 1 #12 0x000000000041a18f in command_exec (cmd=0x1846f60) at imap-commands.c:156 hook = 0x1827d70 ret = false #13 0x00000000004190f2 in client_command_input (cmd=0x1846f60) at imap-client.c:775 client = 0x1846380 command = 0x20041a274 __FUNCTION__ = "client_command_input" #14 0x00000000004193f2 in client_command_input (cmd=0x1846f60) at imap-client.c:836 client = 0x1846380 command = 0x1827858 __FUNCTION__ = "client_command_input" #15 0x0000000000419512 in client_handle_next_command (client=0x1846380, remove_io_r=0x7fffa3de61bd) at imap-client.c:874 No locals. #16 0x0000000000419592 in client_handle_input (client=0x1846380) at imap-client.c:886 _data_stack_cur_id = 3 ret = false remove_io = false handled_commands = false __FUNCTION__ = "client_handle_input" #17 0x0000000000419725 in client_input (client=0x1846380) at imap-client.c:928 cmd = 0x183c8a8 output = 0x1846d98 bytes = 26 __FUNCTION__ = "client_input" #18 0x00007fa167231e1b in io_loop_call_io (io=0x1846e60) at ioloop.c:387 ioloop = 0x1826700 t_id = 2 #19 0x00007fa167233aaa in io_loop_handler_run (ioloop=0x1826700) at ioloop-epoll.c:215 ctx = 0x1826a80 events = 0x1826af0 event = 0x1826af0 list = 0x1846eb0 io = 0x1846e60 tv = {tv_sec = 1725, tv_usec = 816704} events_count = 6 msecs = 1725817 ret = 1 i = 0 j = 0 call = true __FUNCTION__ = "io_loop_handler_run" #20 0x00007fa167231ebe in io_loop_run (ioloop=0x1826700) at ioloop.c:406 No locals. #21 0x00007fa1671caa45 in master_service_run (service=0x18265a0, callback=0x4262c6 ) at master-service.c:550 No locals. #22 0x00000000004265df in main (argc=1, argv=0x1826390) at main.c:400 set_roots = {0x42f700, 0x0} login_set = {auth_socket_path = 0x181e048 "\200\340\201\001", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x426078 , failure_callback = 0x426252 , request_auth_token = 1} service_flags = MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThQFl3r2wJMiz2NAQI+zwf8CLsphLKRsB2pgFAuoNT9UAcs74DVC5CT JqNw1X4IOau9fY+m0fyZC/xOowjZiPn0yz8ZIYG/6l5dFZxNKzuyUBwh1pHVqcP7 WOrM71+ZW43gT6hibCtaxyW61BQ3XoK/nIDVZM67eVcy7G/DFuGd9RJsV4Bh3iuO g3lXqaeFAeghukMKrvU/YwIXFVyjXsjjy8ZPm3QEtUEKWN8OXaveJ3O4VT/K0VWG 234D47rBT3KFt/kqwTn95LIp10DZzzch2i/QBe992acGi78Mz4F0+VT+lJFa6nlO ZIzAeqhQRXoM8a86N0RJHri4xIMCzPHXjx/5lWL0TDe6N4ITfzEMCQ== =PrvL -----END PGP SIGNATURE----- From alec at alec.pl Thu Mar 7 10:45:18 2013 From: alec at alec.pl (A.L.E.C) Date: Thu, 07 Mar 2013 09:45:18 +0100 Subject: [Dovecot] Core dump in 2.2.rc2 with FETCH 1 BODY.PEEK[ALL] In-Reply-To: References: Message-ID: <5138539E.3030901@alec.pl> On 03/07/2013 09:30 AM, Steffen Kaiser wrote: > Usingt ./sbin/dovecot --version > 2.2.rc2 (7a08461c5559) > with Maildir, > > 2 FETCH 1 BODY.PEEK[ALL] BTW, this is some extension? RFC3501 doesn't specify "ALL" section keyword? -- Aleksander 'A.L.E.C' Machniak LAN Management System Developer [http://lms.org.pl] Roundcube Webmail Developer [http://roundcube.net] --------------------------------------------------- PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl From skdovecot at smail.inf.fh-brs.de Thu Mar 7 11:19:28 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 7 Mar 2013 10:19:28 +0100 (CET) Subject: [Dovecot] Core dump in 2.2.rc2 with FETCH 1 BODY.PEEK[ALL] In-Reply-To: <5138539E.3030901@alec.pl> References: <5138539E.3030901@alec.pl> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Mar 2013, A.L.E.C wrote: > On 03/07/2013 09:30 AM, Steffen Kaiser wrote: >> Usingt ./sbin/dovecot --version >> 2.2.rc2 (7a08461c5559) >> with Maildir, >> >> 2 FETCH 1 BODY.PEEK[ALL] > > BTW, this is some extension? RFC3501 doesn't specify "ALL" section keyword? No, I mistyped the FETCH command. :-) I was debugging some client issues. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThboF3r2wJMiz2NAQIZUAf/a4ukGEBi0S9Qi0m6oQ4RVXCuDx7IlF9q SqapK9X42yzMJGg/T5Wa2OnkandOMyK49Q785S2FGJnDPjDpgbJ8if5jc6u+VfUh 4vl2QG2jvtlnvZz/iYbSn3ajPKjR4gShu0Qz1keK9LYNAwF01A9XhoGDjP4oUvWR zsLjk+qk/FZu35C7DOEUsbWUlqgJUwXZfJ6wgw+iLwvt4LLKcUVxLsOfe5s2kOnn by6l4DkelDu7515gGYvDG+vi3PpFAOgjalh6mPUVui0PixAOztJzUv9r2zCw/1Gl lj2yBeOiJmrNAw85R3UWRcbBAvdoV5ZyHKWKRm0lLWegzlHoSl/qhQ== =4v7l -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Thu Mar 7 11:31:40 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 7 Mar 2013 10:31:40 +0100 (CET) Subject: [Dovecot] problem with charset and encoding In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, H?ctor Moreno Blanco wrote: > We are having some troubles since we updated dovecot from 2.0.10 to 2.1.6. Did you upgraded the mail storage, too? > With 2.0.10 with messages with this headers: > > Content-Type: text/plain; charset=ISO-8859-1 > Content-Transfer-Encoding: quoted-printable > > Showed the special characters fine. However, with this new version, there are special characters that are not correctly showed. > > For example: > > "Su c=F3digo de activaci=F3n " must be "Su c?digo de activaci?n ", but in all email clients, even in webmail, is showed like the first way without decoding it. Do the messages look wired in other ways, e.g. do they have header lines at top? > Maybe some configuration or libraries I missed? No, I don't think so. The client renders the message, Dovecot should not alter its content. Do this happen for new accounts, too? If not, maybe you need to remove the old cache files. What mail storage do you use? With Maildir you could easily create a new mailbox and drop a file with: ==== START Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Test Message-ID: Su c=F3digo de activaci=F3n ====END there then view it with a client. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThefF3r2wJMiz2NAQJ9vQgAri6lB/a7UhtzgLQKG7TykMWV+4ZXBRRj 7KKozbAwD123QDfTpKC+TsD93XMENz4tQ6qTN6fjrUTV6nZfp74FfHu7XVki1XeU x52J4msbU6al6kc/BVboaUXB88WYUVX1DTFPQuLtyowkV9EJibRPRFtx/TnyHBfz phWGnGL4p4HgnljnJSJe1cM9k4m/tsSu+Ts2PMBFU0cewBRcSDzY9QkBvxjTkKZ0 g3q+NSDaCKBW2AS1kIhuBW0Yg0yMKARgcAKy2O2LBY2YKnzVnl4rcgscvn5z90H6 M7HIdx6uUW0CnqGTYzz0FzmkMY9QYr+GHt/bcncC8dVkbm3fsHVmXA== =94XE -----END PGP SIGNATURE----- From hmoreno at gmv.com Thu Mar 7 12:26:46 2013 From: hmoreno at gmv.com (=?iso-8859-1?Q?H=E9ctor_Moreno_Blanco?=) Date: Thu, 7 Mar 2013 10:26:46 +0000 Subject: [Dovecot] problem with charset and encoding In-Reply-To: References: Message-ID: Hello Steffen, The mail storage is the same, Maildir. The messages do not look weird, only the special characters. When you're saying to remove old cache files, do you mean dovecot index files in the Maildir directory (dovecot* files)? I haven't done anything but deleting those files, which were re-created when starting new session in dovecot. I have tried creating a mailbox with that information and the view was correct in TB, OL and Webmail. So the problem might be in that mailbox. Do I have to do something else to "repair" this mailbox? Thank you very much, Kind regards. H?ctor Moreno Blanco -----Mensaje original----- De: Steffen Kaiser [mailto:skdovecot at smail.inf.fh-brs.de] Enviado el: jueves, 07 de marzo de 2013 10:32 Para: H?ctor Moreno Blanco CC: dovecot at dovecot.org Asunto: Re: [Dovecot] problem with charset and encoding -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, H?ctor Moreno Blanco wrote: > We are having some troubles since we updated dovecot from 2.0.10 to 2.1.6. Did you upgraded the mail storage, too? > With 2.0.10 with messages with this headers: > > Content-Type: text/plain; charset=ISO-8859-1 > Content-Transfer-Encoding: quoted-printable > > Showed the special characters fine. However, with this new version, there are special characters that are not correctly showed. > > For example: > > "Su c=F3digo de activaci=F3n " must be "Su c?digo de activaci?n ", but in all email clients, even in webmail, is showed like the first way without decoding it. Do the messages look wired in other ways, e.g. do they have header lines at top? > Maybe some configuration or libraries I missed? No, I don't think so. The client renders the message, Dovecot should not alter its content. Do this happen for new accounts, too? If not, maybe you need to remove the old cache files. What mail storage do you use? With Maildir you could easily create a new mailbox and drop a file with: ==== START Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Test Message-ID: Su c=F3digo de activaci=F3n ====END there then view it with a client. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThefF3r2wJMiz2NAQJ9vQgAri6lB/a7UhtzgLQKG7TykMWV+4ZXBRRj 7KKozbAwD123QDfTpKC+TsD93XMENz4tQ6qTN6fjrUTV6nZfp74FfHu7XVki1XeU x52J4msbU6al6kc/BVboaUXB88WYUVX1DTFPQuLtyowkV9EJibRPRFtx/TnyHBfz phWGnGL4p4HgnljnJSJe1cM9k4m/tsSu+Ts2PMBFU0cewBRcSDzY9QkBvxjTkKZ0 g3q+NSDaCKBW2AS1kIhuBW0Yg0yMKARgcAKy2O2LBY2YKnzVnl4rcgscvn5z90H6 M7HIdx6uUW0CnqGTYzz0FzmkMY9QYr+GHt/bcncC8dVkbm3fsHVmXA== =94XE -----END PGP SIGNATURE----- P Please consider the environment before printing this e-mail. ______________________ This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it. ______________________ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener informacion clasificada por su emisor como confidencial en el marco de su Sistema de Gestion de Seguridad de la Informacion siendo para uso exclusivo del destinatario, quedando prohibida su divulgacion copia o distribucion a terceros sin la autorizacion expresa del remitente. Si Vd. ha recibido este mensaje erroneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboracion. ______________________ From nunzio.falcone at gmail.com Thu Mar 7 13:27:40 2013 From: nunzio.falcone at gmail.com (Nunzio Falcone) Date: Thu, 07 Mar 2013 12:27:40 +0100 Subject: [Dovecot] When dovecot delivery, nested maildir (/maildir/maildir) is "auto"created Message-ID: <513879AC.2080100@gmail.com> Scenario: Sogo/Mysql+Postfix+Dovecot(only IMAP)+LDAP (Active Directory) To make clean the understand of my issue I've performed those step go to /var/vmail/utente2 and perform in this directory "rm -rf *" After I send email to utente2 via "telenet localhost 25" I return to /var/vmail/utente2 and perform "ls -la" that shows me: maildir |-maildir |-cur |-new |-tmp but the expected results was |-maildir |-cur |-new |-tmp the relevant part of telnet session is: Mar 05 19:53:17 auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Mar 05 19:53:17 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Mar 05 19:53:17 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Mar 05 19:53:17 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Mar 05 19:53:17 auth: Debug: auth client connected (pid=3286) Mar 05 19:54:35 auth: Debug: master in: USER 1 utente2/maildir/@domain.local service=lda Mar 05 19:54:35 auth: Debug: master out: USER 1 utente2/maildir/@domain.local uid=500 gid=500 home=/var/vmail/utente2/maildir/@domain.local Mar 05 19:54:35 lda: Debug: auth input: utente2/maildir/@domain.local uid=500 gid=500 home=/var/vmail/utente2/maildir/@domain.local Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Effective uid=500, gid=500, home=/var/vmail/utente2/maildir/@domain.local Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Home dir not found: /var/vmail/utente2/maildir/@domain.local Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: maildir++: root=/var/vmail/utente2/maildir//maildir, index=, control=, inbox=/var/vmail/utente2/maildir//maildir Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: none: root=, index=, control=, inbox= Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Info: msgid=<20130305185423.6E56B407B6 at posta.domain.local>: saved mail to INBOX NB: note the wrong path of inbox inbox=/var/vmail/utente2/maildir//maildir From SOGO when I login the "autocreate" work well: in root folder of "utente2" I can see |-maildir |-cur |-new |-tmp But if I send email from SOGO frontend, same error of "telnetting" *What is wrong in my config?* dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.el6.x86_64 x86_64 CentOS release 6.3 (Final) ext4 auth_debug = yes auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@/ auth_username_format = %Lu first_valid_gid = 500 last_valid_gid = 500 last_valid_uid = 500 log_path = /var/log/dovecot mail_debug = yes mail_location = maildir:/var/vmail/%n/maildir mbox_write_locks = fcntl passdb { driver = pam } postmaster_address = administrator at domain.local protocols = imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } ssl = no ssl_cert = Hi Timo, hi all! Today i noticed imap throws segmentation faults and dumps cores. I looked into logs I can see: 2013-03-07T12:12:52.257986+01:00 meteor dovecot: imap(marcinxxx at kolekcja.mejor.pl) <7sRXtFPXYAA+eX93>: Error: Corrupted dbox file /dane/domeny/mejor.pl/mail/marcin//.mdbox/mailinglists/storage/m.75 (around offset=2779212): EOF reading msg header (got 0/30 bytes) 2013-03-07T12:12:52.258052+01:00 meteor dovecot: imap(marcinxxx at kolekcja.mejor.pl) <7sRXtFPXYAA+eX93>: Disconnected: Internal error occurred. Refer to server log for more information. [2013-03-07 12:12:52] in=5940 out=6637723 2013-03-07T12:12:52.258595+01:00 meteor dovecot: imap(marcinxxx at kolekcja.mejor.pl) <7sRXtFPXYAA+eX93>: Warning: fscking index file /dane/domeny/mejor.pl/mail/marcin//.mdbox/mailinglists/storage/dovecot.map.index 2013-03-07T12:12:52.285176+01:00 meteor dovecot: imap(marcinxxx at kolekcja.mejor.pl) <7sRXtFPXYAA+eX93>: Warning: mdbox /dane/domeny/mejor.pl/mail/marcin//.mdbox/mailinglists/storage: rebuilding indexes 2013-03-07T12:12:55.618752+01:00 meteor dovecot: imap(marcinxxx at kolekcja.mejor.pl) <7sRXtFPXYAA+eX93>: Fatal: master: service(imap): child 25626 killed with signal 11 (core dumped) Here is backtrace: echo -e "bt\nbt full" |gdb -q /usr/libexec/dovecot/imap 'core-1362654775-8-11-!usr!libexec!dovecot!imap-25626' [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2c831788000 Core was generated by `dovecot/imap'. Program terminated with signal 11, Segmentation fault. #0 rebuild_mailbox_multi (trans=0x751c14c870, view=, rebuild_ctx=0x751c14cbf0, ctx=0x751c007c00, mbox=) at mdbox-storage-rebuild.c:433 433 mdbox-storage-rebuild.c: Nie ma takiego pliku ani katalogu. (gdb) #0 rebuild_mailbox_multi (trans=0x751c14c870, view=, rebuild_ctx=0x751c14cbf0, ctx=0x751c007c00, mbox=) at mdbox-storage-rebuild.c:433 #1 rebuild_mailbox (vname=, ctx=0x751c007c00, ns=) at mdbox-storage-rebuild.c:546 #2 rebuild_namespace_mailboxes (ns=, ctx=0x751c007c00) at mdbox-storage-rebuild.c:577 #3 rebuild_mailboxes (ctx=0x751c007c00) at mdbox-storage-rebuild.c:597 #4 mdbox_storage_rebuild_scan (ctx=0x751c007c00) at mdbox-storage-rebuild.c:905 #5 mdbox_storage_rebuild_in_context (storage=0x751bf477a0, atomic=) at mdbox-storage-rebuild.c:928 #6 0x000002c8316c7703 in mdbox_storage_rebuild (storage=0x751bf477a0) at mdbox-storage-rebuild.c:944 #7 0x000002c8316c4d85 in mdbox_mailbox_close (box=0x751c0134b0) at mdbox-storage.c:195 #8 0x000002c8316f195e in mailbox_close (box=0x751c0134b0) at mail-storage.c:984 #9 0x000002c8316f19e7 in mailbox_free (_box=) at mail-storage.c:997 #10 0x000000751aabc869 in client_destroy (client=0x751bf6e220, reason=) at imap-client.c:213 #11 0x000000751aabcc7a in client_input (client=0x751bf6e220) at imap-client.c:843 #12 0x000002c83163a4b6 in io_loop_call_io (io=0x751bf939c0) at ioloop.c:379 #13 0x000002c83163b647 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 #14 0x000002c831639eb0 in io_loop_run (ioloop=0x751bf26350) at ioloop.c:398 #15 0x000002c831620827 in master_service_run (service=0x751bf26200, callback=) at master-service.c:544 #16 0x000000751aac65e5 in main (argc=1, argv=0x751bf26040) at main.c:389 (gdb) #0 rebuild_mailbox_multi (trans=0x751c14c870, view=, rebuild_ctx=0x751c14cbf0, ctx=0x751c007c00, mbox=) at mdbox-storage-rebuild.c:433 new_seq = 17683 hdr = 0x751c004ae0 data = 0x751c08348c expunged = false uid = 8877 map_uid = 127994 new_dbox_rec = {map_uid = 127994, save_date = 1362612657} rec = 0x0 old_seq = #1 rebuild_mailbox (vname=, ctx=0x751c007c00, ns=) at mdbox-storage-rebuild.c:546 box = 0x751bf7af30 mbox = 0x751bf7af30 rebuild_ctx = 0x751c14cbf0 ret = sync_ctx = 0x751c0132b0 view = 0x751c004f20 trans = 0x751c14c870 error = #2 rebuild_namespace_mailboxes (ns=, ctx=0x751c007c00) at mdbox-storage-rebuild.c:577 _data_stack_cur_id = 3 iter = 0x751c000340 info = ret = 0 #3 rebuild_mailboxes (ctx=0x751c007c00) at mdbox-storage-rebuild.c:597 storage = ns = #4 mdbox_storage_rebuild_scan (ctx=0x751c007c00) at mdbox-storage-rebuild.c:905 data = 0x751c00c2c0 data_size = 8 #5 mdbox_storage_rebuild_in_context (storage=0x751bf477a0, atomic=) at mdbox-storage-rebuild.c:928 ctx = 0x5137d1b10001f3fa ret = 0 #6 0x000002c8316c7703 in mdbox_storage_rebuild (storage=0x751bf477a0) at mdbox-storage-rebuild.c:944 atomic = 0x751bf983f0 ret = #7 0x000002c8316c4d85 in mdbox_mailbox_close (box=0x751c0134b0) at mdbox-storage.c:195 mstorage = #8 0x000002c8316f195e in mailbox_close (box=0x751c0134b0) at mail-storage.c:984 No locals. #9 0x000002c8316f19e7 in mailbox_free (_box=) at mail-storage.c:997 box = 0x751c0134b0 #10 0x000000751aabc869 in client_destroy (client=0x751bf6e220, reason=) at imap-client.c:213 cmd = __FUNCTION__ = "client_destroy" #11 0x000000751aabcc7a in client_input (client=0x751bf6e220) at imap-client.c:843 cmd = 0x2c83163a1fe output = 0x0 bytes = 208 __FUNCTION__ = "client_input" #12 0x000002c83163a4b6 in io_loop_call_io (io=0x751bf939c0) at ioloop.c:379 ioloop = 0x751bf26350 t_id = 2 #13 0x000002c83163b647 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:213 ctx = 0x751bf266c0 events = 0x0 event = 0x751bf26730 list = 0x751bf6fff0 io = tv = {tv_sec = 4, tv_usec = 921146} msecs = ret = 1 i = call = #14 0x000002c831639eb0 in io_loop_run (ioloop=0x751bf26350) at ioloop.c:398 No locals. #15 0x000002c831620827 in master_service_run (service=0x751bf26200, callback=) at master-service.c:544 No locals. #16 0x000000751aac65e5 in main (argc=1, argv=0x751bf26040) at main.c:389 set_roots = {0x751aacdfa0 , 0x0} login_set = {auth_socket_path = 0x751bf1dd40 "/run/dovecot/auth-master", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x751aac5e80 , failure_callback = 0x751aac5b90 } service_flags = storage_service_flags = username = c = (gdb) quit doveadm -v force-resync -u marcinxxx at kolekcja.mejor.pl "mailinglists.*" doveadm(marcinxxx at kolekcja.mejor.pl): Warning: fscking index file /dane/domeny/mejor.pl/mail/marcin//.mdbox/mailinglists/storage/dovecot.map.index doveadm(marcinxxx at kolekcja.mejor.pl): Warning: mdbox /dane/domeny/mejor.pl/mail/marcin//.mdbox/mailinglists/storage: rebuilding indexes Segmentation fault How should I repair mdbox file? I have another question, `doveadm force-resync -A "*"` doesn't do resync inside namespace. Is it feature or bug?;) Thanks, Marcin # 2.1.15: /etc/dovecot/dovecot.conf # OS: Linux 3.7.5-hardened-r1 x86_64 Gentoo Base System release 2.1 auth_cache_size = 1 k auth_mechanisms = login digest-md5 cram-md5 plain deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ dict { quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_attachment_dir = /dane/domeny/zalaczniki mail_attachment_min_size = 10000 k mail_cache_min_mail_count = 20 mail_gid = mail mail_log_prefix = "%s(%u) <%{session}>: " mail_plugins = autocreate quota notify mail_log stats zlib mail_privileged_group = mail mail_uid = mail maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_preallocate_space = yes mdbox_rotate_interval = 60 days mdbox_rotate_size = 50 M namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } # 2.1.15: /etc/dovecot/dovecot.conf # OS: Linux 3.7.5-hardened-r1 x86_64 Gentoo Base System release 2.1 auth_cache_size = 1 k auth_mechanisms = login digest-md5 cram-md5 plain deliver_log_format = msgid=%m: from=%f: phys=%p: virt=%w %$ dict { quota = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 8 last_valid_uid = 8 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_attachment_dir = /dane/domeny/zalaczniki mail_attachment_min_size = 10000 k mail_cache_min_mail_count = 20 mail_gid = mail mail_log_prefix = "%s(%u) <%{session}>: " mail_plugins = autocreate quota notify mail_log stats zlib mail_privileged_group = mail mail_uid = mail maildir_stat_dirs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_preallocate_space = yes mdbox_rotate_interval = 60 days mdbox_rotate_size = 50 M namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } postmaster_address = postmaster at mejor.pl protocols = imap pop3 sieve service auth { unix_listener auth-userdb { group = mail mode = 0660 user = root } } service dict { unix_listener dict { user = mail } } service stats { fifo_listener stats-mail { mode = 0600 user = mail } } ssl_cert = References: <51387E12.5050100@mejor.pl> Message-ID: <51388444.2090900@mejor.pl> Here is backtrace from doveadm force-resync: gdb -q /usr/bin/doveadm 'core-1362658246-8-11-!usr!bin!doveadm-3939' Reading symbols from /usr/bin/doveadm...Reading symbols from /usr/lib64/debug/usr/bin/doveadm.debug...done. done. [New LWP 3939] warning: Could not load shared library symbols for linux-vdso.so.1. Do you need "set solib-search-path" or "set sysroot"? [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". warning: no loadable sections found in added symbol-file system-supplied DSO at 0x3667f202000 Core was generated by `doveadm -v force-resync -u marcin at mejor.pl mailinglists.*'. Program terminated with signal 11, Segmentation fault. #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at mdbox-storage-rebuild.c:433 433 map_uid = rec->map_uid; (gdb) bt #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at mdbox-storage-rebuild.c:433 #1 rebuild_mailbox (vname=, ctx=0x428b57a9a0, ns=) at mdbox-storage-rebuild.c:546 #2 rebuild_namespace_mailboxes (ns=, ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:577 #3 rebuild_mailboxes (ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:597 #4 mdbox_storage_rebuild_scan (ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:905 #5 mdbox_storage_rebuild_in_context (storage=0x428b52e290, atomic=) at mdbox-storage-rebuild.c:928 #6 0x000003667f13356a in mdbox_sync_begin (mbox=0x428b564a90, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD, atomic=0x428b57ef10, ctx_r=0x3bcda49d568) at mdbox-sync.c:235 #7 0x000003667f133b75 in mdbox_sync (mbox=0x428b564a90, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD) at mdbox-sync.c:319 #8 0x000003667f133c86 in mdbox_storage_sync_init (box=0x428b564a90, flags=(MAILBOX_SYNC_FLAG_FIX_INCONSISTENT | MAILBOX_SYNC_FLAG_FORCE_RESYNC)) at mdbox-sync.c:349 #9 0x000003667f161631 in mailbox_sync_init (box=0x428b564a90, flags=(MAILBOX_SYNC_FLAG_FIX_INCONSISTENT | MAILBOX_SYNC_FLAG_FORCE_RESYNC)) at mail-storage.c:1326 #10 0x000003667f1617b7 in mailbox_sync (box=, flags=) at mail-storage.c:1374 #11 0x0000004289345a33 in cmd_force_resync_box (ctx=0x428b511de0, info=) at doveadm-mail.c:211 #12 cmd_force_resync_run (ctx=0x428b511de0, user=) at doveadm-mail.c:240 #13 0x000000428934566d in doveadm_mail_next_user (error_r=0x3bcda49d6c0, ctx=0x428b511de0, input=) at doveadm-mail.c:311 #14 doveadm_mail_next_user (ctx=0x428b511de0, input=, error_r=0x3bcda49d6c0) at doveadm-mail.c:270 #15 0x000000428934646e in doveadm_mail_cmd (cmd=0x428b511480, argc=4, argv=0x428b50d578) at doveadm-mail.c:520 #16 0x0000004289346a01 in doveadm_mail_try_run (cmd_name=0x428b50d593 "force-resync", argc=4, argv=0x428b50d560) at doveadm-mail.c:579 #17 0x000000428934f4eb in main (argc=4, argv=0x428b50d560) at doveadm.c:391 bt full: #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at mdbox-storage-rebuild.c:433 433 map_uid = rec->map_uid; (gdb) #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at mdbox-storage-rebuild.c:433 new_seq = 17684 hdr = 0x428b59fae0 data = 0x428b61ea8c expunged = false uid = 8877 map_uid = 127994 new_dbox_rec = {map_uid = 127994, save_date = 1362612657} rec = 0x0 old_seq = #1 rebuild_mailbox (vname=, ctx=0x428b57a9a0, ns=) at mdbox-storage-rebuild.c:546 box = 0x428b5ae880 mbox = 0x428b5ae880 rebuild_ctx = 0x428b5a0690 ret = sync_ctx = 0x428b5a10e0 view = 0x428b5a1ae0 trans = 0x428b58d090 error = #2 rebuild_namespace_mailboxes (ns=, ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:577 _data_stack_cur_id = 4 iter = 0x428b585620 info = ret = 0 #3 rebuild_mailboxes (ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:597 storage = ns = #4 mdbox_storage_rebuild_scan (ctx=0x428b57a9a0) at mdbox-storage-rebuild.c:905 data = 0x428b589e10 data_size = 8 #5 mdbox_storage_rebuild_in_context (storage=0x428b52e290, atomic=) at mdbox-storage-rebuild.c:928 ctx = 0x5137d1b10001f3fa ret = 0 #6 0x000003667f13356a in mdbox_sync_begin (mbox=0x428b564a90, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD, atomic=0x428b57ef10, ctx_r=0x3bcda49d568) at mdbox-sync.c:235 storage = 0x428b52e290 ctx = sync_flags = ret = 4 rebuild = true storage_rebuilt = false #7 0x000003667f133b75 in mdbox_sync (mbox=0x428b564a90, flags=MDBOX_SYNC_FLAG_FORCE_REBUILD) at mdbox-sync.c:319 sync_ctx = 0x0 atomic = 0x428b57ef10 ret = #8 0x000003667f133c86 in mdbox_storage_sync_init (box=0x428b564a90, flags=(MAILBOX_SYNC_FLAG_FIX_INCONSISTENT | MAILBOX_SYNC_FLAG_FORCE_RESYNC)) at mdbox-sync.c:349 mbox = 0x428b564a90 mdbox_sync_flags = ret = #9 0x000003667f161631 in mailbox_sync_init (box=0x428b564a90, flags=(MAILBOX_SYNC_FLAG_FIX_INCONSISTENT | MAILBOX_SYNC_FLAG_FORCE_RESYNC)) at mail-storage.c:1326 _data_stack_cur_id = 3 ctx = #10 0x000003667f1617b7 in mailbox_sync (box=, flags=) at mail-storage.c:1374 ctx = status = {sync_delayed_expunges = 0} #11 0x0000004289345a33 in cmd_force_resync_box (ctx=0x428b511de0, info=) at doveadm-mail.c:211 box = 0x428b564a90 ret = 0 #12 cmd_force_resync_run (ctx=0x428b511de0, user=) at doveadm-mail.c:240 _data_stack_cur_id = 2 iter = 0x428b554d40 info = 0x428b556e70 ret = 0 #13 0x000000428934566d in doveadm_mail_next_user (error_r=0x3bcda49d6c0, ctx=0x428b511de0, input=) at doveadm-mail.c:311 ret = 0 #14 doveadm_mail_next_user (ctx=0x428b511de0, input=, error_r=0x3bcda49d6c0) at doveadm-mail.c:270 error = ret = #15 0x000000428934646e in doveadm_mail_cmd (cmd=0x428b511480, argc=4, argv=0x428b50d578) at doveadm-mail.c:520 input = {module = 0x0, service = 0x4289370302 "doveadm", username = 0x428b50d5a3 "marcin at mejor.pl", session_id = 0x0, local_ip = {family = 0, u = {ip6 = { __in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = (unknown: 0), flags_override_remove = (unknown: 0), no_userdb_lookup = 0} ctx = 0x428b511de0 getopt_args = 0x42893702e5 "AS:u:" wildcard_user = 0x0 error = ret = c = #16 0x0000004289346a01 in doveadm_mail_try_run (cmd_name=0x428b50d593 "force-resync", argc=4, argv=0x428b50d560) at doveadm-mail.c:579 cmd__foreach_end = 0x428b511690 cmd = 0x428b511480 cmd_name_len = __FUNCTION__ = "doveadm_mail_try_run" #17 0x000000428934f4eb in main (argc=4, argv=0x428b50d560) at doveadm.c:391 cmd_name = i = quick_init = false c = (gdb) quit From marcin at mejor.pl Thu Mar 7 14:53:31 2013 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 07 Mar 2013 13:53:31 +0100 Subject: [Dovecot] [dovecot-2.1.15] mdbox corruption, doveadm force-resync can't repair it (throws segfault) In-Reply-To: <51388444.2090900@mejor.pl> References: <51387E12.5050100@mejor.pl> <51388444.2090900@mejor.pl> Message-ID: <51388DCB.1010708@mejor.pl> clang static analyzer also suspect dereference of null pointer in mdbox-storage-rebuild.c 433 (if you can't have fresh analyse here it is: http://mejor.pl/clang-analysis/dovecot-2.15/ ) From rgm at htt-consult.com Thu Mar 7 15:19:43 2013 From: rgm at htt-consult.com (Robert Moskowitz) Date: Thu, 07 Mar 2013 08:19:43 -0500 Subject: [Dovecot] Migrating from CourierMail to Dovecot Message-ID: <513893EF.6000604@htt-consult.com> My current mail server is a Fedora12 system running postfix/mysql/couriermail/squirrelmail mix. My new server is a Centos6 running postfix/mysql/postfixadmin/dovecot/roundcube mix. I have 4 virtual domains and about 20 users; not a big setup by any measure. Both servers have the same host name, but are currently on separate subnets. My current plan is to stop services on the old server, switch them on subnets, rename the old server, and let 'slow users' drain the old server over a couple of days. Then I got to thinking, could I migrate the /home/vmail/domain/user/new folders from the old to new server? Not too many rsync commands to run to pull it off, but would that work? Is there something dovecot needs to do, and not just drop the files into the .../new folder? Or is there some utility to run to properly place the mail files? The file names are similar. Courier file names look like: 1362661301.Vfd01I2422e6M121970.klovia.htt-consult.com,S=17381 Whereas dovecot adds a ",W=nnn" string to the file name. I am assuming the content is otherwise the same. I would like to test out the migration, and then pull it off over a sunday. Due to meetings and holidays, this won't happen until early April, so I have time to work out the details. All guidance and pointers are greatly appreciated. From rgm at htt-consult.com Thu Mar 7 15:36:08 2013 From: rgm at htt-consult.com (Robert Moskowitz) Date: Thu, 07 Mar 2013 08:36:08 -0500 Subject: [Dovecot] Migrating from CourierMail to Dovecot In-Reply-To: <513893EF.6000604@htt-consult.com> References: <513893EF.6000604@htt-consult.com> Message-ID: <513897C8.9050707@htt-consult.com> On 03/07/2013 08:19 AM, Robert Moskowitz wrote: > My current mail server is a Fedora12 system running > postfix/mysql/couriermail/squirrelmail mix. > > My new server is a Centos6 running > postfix/mysql/postfixadmin/dovecot/roundcube mix. > > I have 4 virtual domains and about 20 users; not a big setup by any > measure. > > Both servers have the same host name, but are currently on separate > subnets. My current plan is to stop services on the old server, > switch them on subnets, rename the old server, and let 'slow users' > drain the old server over a couple of days. > > Then I got to thinking, could I migrate the > /home/vmail/domain/user/new folders from the old to new server? Not > too many rsync commands to run to pull it off, but would that work? Is > there something dovecot needs to do, and not just drop the files into > the .../new folder? Or is there some utility to run to properly place > the mail files? > > The file names are similar. Courier file names look like: > > 1362661301.Vfd01I2422e6M121970.klovia.htt-consult.com,S=17381 > > Whereas dovecot adds a ",W=nnn" string to the file name. I am > assuming the content is otherwise the same. > > I would like to test out the migration, and then pull it off over a > sunday. Due to meetings and holidays, this won't happen until early > April, so I have time to work out the details. > > All guidance and pointers are greatly appreciated. Forgot to include that all users are only popping their mail. Some use of squirrelmail to check mail while on the road, so I don't have to migrate any imap directories. This will change with the move, I myself, will move to imap after popping mail for ~20 years... From skdovecot at smail.inf.fh-brs.de Thu Mar 7 15:42:51 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 7 Mar 2013 14:42:51 +0100 (CET) Subject: [Dovecot] When dovecot delivery, nested maildir (/maildir/maildir) is "auto"created In-Reply-To: <513879AC.2080100@gmail.com> References: <513879AC.2080100@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Mar 2013, Nunzio Falcone wrote: > After I send email to utente2 via "telenet localhost 25" > > I return to /var/vmail/utente2 and perform "ls -la" that shows me: > maildir > |-maildir > |-cur > |-new > |-tmp > > but the expected results was > |-maildir > |-cur > |-new > |-tmp > > Mar 05 19:54:35 auth: Debug: master in: USER 1 utente2/maildir/@domain.local service=lda > Mar 05 19:54:35 auth: Debug: master out: USER 1 utente2/maildir/@domain.local uid=500 gid=500 home=/var/vmail/utente2/maildir/@domain.local > Mar 05 19:54:35 lda: Debug: auth input: utente2/maildir/@domain.local uid=500 gid=500 home=/var/vmail/utente2/maildir/@domain.local > Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Effective uid=500, gid=500, home=/var/vmail/utente2/maildir/@domain.local > Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Home dir not found: /var/vmail/utente2/maildir/@domain.local > Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: maildir++: root=/var/vmail/utente2/maildir//maildir, index=, control=, inbox=/var/vmail/utente2/maildir//maildir When I interprete lines 1 and 2 correctly, you pass "utente2/maildir/@domain.local" as username to Dovecot. Line 3 evaluates your homedir using "%Lu" correctly, 6th line is using "%n" variable, which resembles to "utente2/maildir/"; there you get the double "maildir//maildir" - note the double /, too, one from the username, one from the mail_location pattern. For some reason, I do not know, you allow "/" in usernames, hence, they gets passed to the path of homedir and mail location. The only question now is, do you really send the message to: utente2/maildir/@domain.local or does Postfix mangles the recipient in some way? Via SoGo you do logon with utente2 instead of "utente2/maildir/@domain.local", hence, there is just one "maildir" autocreated, because "%n" is substituted by "utente2" instead of "utente2/maildir/". > From SOGO when I login the "autocreate" work well: in root folder of > "utente2" I can see > |-maildir > |-cur > |-new > |-tmp > mail_location = maildir:/var/vmail/%n/maildir > userdb { > args = uid=500 gid=500 home=/var/vmail/%Lu allow_all_users=yes > dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail > argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${recipient} - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTiZW13r2wJMiz2NAQLdYwgAkNu9/d2P0EKvi5PnygDRQaT30I4hbfTg lPfHuO3Zl+B3d87VjOwMC1cq240YHjQoOTQhOBaiCFy1FnlPy5sH8ocPeqZLvTYb 4R27oTt9/o4i+mhGKwzDTYZ69qDdCEzZ+vUYbcrlyU2DAvnj+oo3pEgYDd6acFDf hDxqJssg6mv0xfk/F6jXjLGXOQ7wEjf4UixW/hQReSPaTzDZE5ZhOJ5938tjYE5s tHIzioszyyxPwlaK/3U7HC40W6ixzmcbO7qH4NLs4OiZqCJhytSs3lqlemb9eznL 35pw/8L8U0T2zCnmuHL8gtDAmt2SeDhMqmOxjkxOCd0t1V71Z5uvpA== =9Nai -----END PGP SIGNATURE----- From arto.saraniva at artio.net Thu Mar 7 15:44:31 2013 From: arto.saraniva at artio.net (Arto Saraniva) Date: Thu, 7 Mar 2013 15:44:31 +0200 Subject: [Dovecot] Changin password in LDAP In-Reply-To: References: <042901ce0f67$be587780$3b096680$@saraniva@artio.net> Message-ID: <05d901ce1b39$e56e9b00$b04bd100$@saraniva@artio.net> Case closed. Thank you! -arto > -----Original Message----- > From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] > On Behalf Of Steffen Kaiser > Sent: Wednesday, February 20, 2013 4:21 PM > To: Arto Saraniva > Cc: dovecot at dovecot.org > Subject: Re: [Dovecot] Changin password in LDAP > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 20 Feb 2013, Arto Saraniva wrote: > > > We are using now dovecot 2.0.21 with open-ldap, but this situations > > has already taken a quite long time. When user changes the password, > > we have to reload dovecot every time, otherwise the change is ignored > > and dovecot sees only the old password. Any ideas where the problem > > might exist? > > does this help? > > http://wiki2.dovecot.org/Authentication/Caching?highlight=(auth_cache_t > tl) > > - -- > Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUSTb2l3r2wJMiz2NAQLp3gf8DM2xCn03yWoVrCjbYNZeflBNRLbD67gE > zqvrKUOqkyyDbUl1lgNcJOG39MI2eZpbDXzyWZ8nzzCnPKGOF2mNN76vPGmf6ZrR > AQ0EaiJaYRoE14BQykQGvBSnoXgcyW0Ue4Z2RcmIS0iILfGN+VODDKc9PitC99Rc > RJb6dQPft3FLM3oWca6BI1OkUuIF9EJcK3M4ROwr84s+OAs/6rkxIDgCCIdh5JZ5 > svOkUxVE38zod+Det3yBuoWo5HOXYiE9Qi9jKn8xjQl8a06snXRuw1QktsyLKLjc > 64T7KFa5IfXaVzOXCIWiiPiN7T0BVJzJ8G1YbHMzFqYkiPNa4NIO2Q== > =NDhf > -----END PGP SIGNATURE----- From dmiller at amfes.com Thu Mar 7 17:50:02 2013 From: dmiller at amfes.com (Daniel L. Miller) Date: Thu, 07 Mar 2013 07:50:02 -0800 Subject: [Dovecot] Inotify max_user_instances Message-ID: Maybe I have multiple problems - dunno. I've started seeing the following log lines: Mar 7 07:46:22 bubba dovecot: imap(dmiller at amfes.com): Warning: Inotify instance limit for user 5000 (UID vmail) exceeded, disabling. Increase /proc/sys/fs/inotify/max_user_instances max_user_instances is currently 128. I've tried stopping and restarting dovecot - the message immediately returns. I could just increase max_user_instances - but I'd like to understand what the number SHOULD be and why simply restarting Dovecot doesn't fix it. If this issue is for user "vmail" this is used by mail services only - and I've only got a few users on my system. I'm also fighting a netfilter issue - my connection tracking counters keep climbing. Don't know if this is in any way related. -- Daniel From acherniak at gmail.com Thu Mar 7 19:10:47 2013 From: acherniak at gmail.com (Alex Cherniak) Date: Thu, 7 Mar 2013 12:10:47 -0500 Subject: [Dovecot] ACL to make mailboxes populated by master account Read Only for regular users. Message-ID: We have a solution using Dovecot as a secondary mail archive. All mailboxes are populated/groomed by master account and the actual users have only read access. This is achieved by a simple ACL approach. dovecot.conf has protocol imap { mail_plugins = acl quota imap_quota zlib } plugin { acl = vfile:/etc/dovecot/acls:cache_secs=300 } /etc/dovecot/acls/.DEFAULT file is trivial: user=master lrwstipekxa owner lr It used to work with Dovecot 2.0.4 for years, but after upgrade to 2.0.18 users now have full access to folders created by master account and can delete, add and move mails. Should it behave this way? How can I "secure" mailboxes again? Any help is appreciated. From nunzio.falcone at gmail.com Fri Mar 8 00:22:12 2013 From: nunzio.falcone at gmail.com (Nunzio Falcone) Date: Thu, 07 Mar 2013 23:22:12 +0100 Subject: [Dovecot] When dovecot delivery, nested maildir (/maildir/maildir) is "auto"created In-Reply-To: References: <513879AC.2080100@gmail.com> Message-ID: <51391314.9080907@gmail.com> Il 07/03/2013 14:42, Steffen Kaiser ha scritto: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 7 Mar 2013, Nunzio Falcone wrote: > >> After I send email to utente2 via "telenet localhost 25" >> >> I return to /var/vmail/utente2 and perform "ls -la" that shows me: >> maildir >> |-maildir >> |-cur >> |-new >> |-tmp >> >> but the expected results was >> |-maildir >> |-cur >> |-new >> |-tmp >> >> Mar 05 19:54:35 auth: Debug: master in: USER 1 >> utente2/maildir/@domain.local service=lda >> Mar 05 19:54:35 auth: Debug: master out: USER 1 >> utente2/maildir/@domain.local uid=500 gid=500 >> home=/var/vmail/utente2/maildir/@domain.local >> Mar 05 19:54:35 lda: Debug: auth input: utente2/maildir/@domain.local >> uid=500 gid=500 home=/var/vmail/utente2/maildir/@domain.local >> Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Effective >> uid=500, gid=500, home=/var/vmail/utente2/maildir/@domain.local >> Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: Home dir >> not found: /var/vmail/utente2/maildir/@domain.local >> Mar 05 19:54:35 lda(utente2/maildir/@domain.local): Debug: maildir++: >> root=/var/vmail/utente2/maildir//maildir, index=, control=, >> inbox=/var/vmail/utente2/maildir//maildir > > When I interprete lines 1 and 2 correctly, you pass > "utente2/maildir/@domain.local" as username to Dovecot. > Line 3 evaluates your homedir using "%Lu" correctly, 6th line is using > "%n" variable, which resembles to > "utente2/maildir/"; there you get the double "maildir//maildir" - note > the double /, too, one from the username, one from the mail_location > pattern. > > For some reason, I do not know, you allow "/" in usernames, hence, > they gets passed to the > path of homedir and mail location. > > The only question now is, do you really send the message to: > utente2/maildir/@domain.local > > or does Postfix mangles the recipient in some way? > i've performed those task set /etc/dovecot/conf.d/10-auth.conf # modifiche dovecot+postfix+ad #auth_username_format = %Lu *auth_username_format = %n* auth_debug = yes ssl = no first_valid_uid = 500 last_valid_uid = 500 first_valid_gid = 500 last_valid_gid = 500 and execute the following telnet session [root at posta ~]# telnet localhost 25 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 posta.domain.local ESMTP Postfix HELO domain.local 250 posta.domain.local mail from:domain at domain.local 250 2.1.0 Ok rcpt to:utente2 250 2.1.5 Ok data 354 End data with . blabla . 250 2.0.0 Ok: queued as EF9CE406F9 note the use of login (only "utente2) this is the debug session Mar 07 23:06:15 auth: Debug: master in: USER 1 utente2/maildir/@domain.local service=lda Mar 07 23:06:15 auth: Debug: master out: USER 1 utente2/maildir/ uid=500 gid=500 home=/var/vmail/utente2/maildir/ Mar 07 23:06:15 lda: Debug: auth input: utente2/maildir/ uid=500 gid=500 home=/var/vmail/utente2/maildir/ Mar 07 23:06:15 lda: Debug: changed username to utente2/maildir/ Mar 07 23:06:15 lda(utente2/maildir/): Debug: Effective uid=500, gid=500, home=/var/vmail/utente2/maildir/ Mar 07 23:06:15 lda(utente2/maildir/): Debug: Home dir not found: /var/vmail/utente2/maildir/ Mar 07 23:06:15 lda(utente2/maildir/): Debug: maildir++: root=/var/vmail/utente2/maildir//maildir, index=, control=, inbox=/var/vmail/utente2/maildir//maildir Mar 07 23:06:15 lda(utente2/maildir/): Debug: Namespace : Permission lookup failed from /var/vmail/utente2/maildir//maildir Mar 07 23:06:15 lda(utente2/maildir/): Debug: Namespace : Using permissions from /var/vmail/utente2/maildir//maildir: mode=0700 gid=-1 Mar 07 23:06:15 lda(utente2/maildir/): Debug: none: root=, index=, control=, inbox= Mar 07 23:06:15 lda(utente2/maildir/): Info: msgid=<20130307220609.EF9CE406F9 at posta.domain.local>: saved mail to INBOX but the result is the same maildir |-maildir |-cur |-new |-tmp this is my first insallation so any help is appreciated -- *Nunzio Falcone* nunzio.falcone at gmail.com *Cell * +39 320 1167923 *Voip*+39 081 0117933 *Fax * +39 081 0113049 From pvsuja at gmail.com Fri Mar 8 08:08:45 2013 From: pvsuja at gmail.com (pvsuja) Date: Thu, 7 Mar 2013 22:08:45 -0800 (PST) Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> Message-ID: <1362722925153-40684.post@n4.nabble.com> Hi, I have set up ImapcProxy based on the wiki2 page. My server is set up for no plain text auth without starttls. When I am trying to login in the proxy server, I am getting an error Unknown username/password. The log says: *dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>* The server log: *dovecot: imap-login: Disconnected (tried to use disabled plaintext auth): rip=10.x.x.x, lip=10.x.x.y* Through wireshark, I found the username and password is going in plain text only to the server. How will I enable starttls in ImapcProxy before any communication starts? Thanks and regards, Suja -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684.html Sent from the Dovecot mailing list archive at Nabble.com. From jg at softjury.de Fri Mar 8 09:56:02 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Fri, 08 Mar 2013 08:56:02 +0100 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1362630378275-40664.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> Message-ID: <51399992.1020401@softjury.de> Am 07.03.2013 05:26, schrieb pvsuja: > > > In proxy: > /mailproxy dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 > secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, > session=<1pBG/03XogB/AAAB> Well....as you see, your mail-client tries to speak PLAIN, so it shouldn't work. From jg at softjury.de Fri Mar 8 10:01:03 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Fri, 08 Mar 2013 09:01:03 +0100 Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> In-Reply-To: <1362722925153-40684.post@n4.nabble.com> References: <1362722925153-40684.post@n4.nabble.com> Message-ID: <51399ABF.40301@softjury.de> Am 08.03.2013 07:08, schrieb pvsuja: > Through wireshark, I found the username and password is going in plain text > only to the server. > How will I enable starttls in ImapcProxy before any communication starts? Mhh, well, communication encryption and password encryption are two different things. If you speak over SSL with your server, it doesn't matter if the password is transmitted in plain. http://wiki.dovecot.org/Authentication/Mechanisms From skdovecot at smail.inf.fh-brs.de Fri Mar 8 10:31:26 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 8 Mar 2013 09:31:26 +0100 (CET) Subject: [Dovecot] Inotify max_user_instances In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Mar 2013, Daniel L. Miller wrote: > Maybe I have multiple problems - dunno. > > I've started seeing the following log lines: > Mar 7 07:46:22 bubba dovecot: imap(dmiller at amfes.com): Warning: Inotify > instance limit for user 5000 (UID vmail) exceeded, disabling. Increase > /proc/sys/fs/inotify/max_user_instances > > max_user_instances is currently 128. > > I've tried stopping and restarting dovecot - the message immediately returns. > I could just increase max_user_instances - but I'd like to understand what > the number SHOULD be and why simply restarting Dovecot doesn't fix it. If > this issue is for user "vmail" this is used by mail services only - and I've > only got a few users on my system. see http://stackoverflow.com/questions/11110245/inotify-fd-why-is-the-limit-per-user-id-and-not-per-process Dovecot needs one inotify entity per IDLE, maybe more for internal purposes. So in theory, you will need: * + , because you use one _system_ user for all IMAP-users. > I'm also fighting a netfilter issue - my connection tracking counters keep > climbing. Don't know if this is in any way related. Do you use NAT on the same machine? Or some intrusion detection system? When you get many short connections, esp. UDP ones, the connection tracker fills up easily. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTmh3l3r2wJMiz2NAQLrDAgAmeGRMX2i+ZTJcpK4elivCorxYwfuI9uu ZUf0dpGI+KBEGMbaYaBYNiW1PtrGlxLXgpNOAl4nYtMhwzULX46CkU6aefGrGLZy 44DrkyHqqgnKhr3AGnr1Hofq4BZkpuPVx+RAiU5bg1wyYyUh90GEEw+SlonJSg7r rxWB70rfVrWmoY6HbE3CcEg2ZZEFmgKlRHuNBinzfBj8VQbwQ8qL2/HErGY9MIvk etyR1cv1FRYjOq68/G2axPRZO5C+0tmjW4lUeAl1fDIEDR8U3xsRZhGlhdlgxC/c ojxpVvOTrzAw1H+bfqWzX/SmN59H0k+dOh/c1iK+Olc7gh6+PyJ4+w== =cnZt -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Fri Mar 8 10:44:35 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 8 Mar 2013 09:44:35 +0100 (CET) Subject: [Dovecot] When dovecot delivery, nested maildir (/maildir/maildir) is "auto"created In-Reply-To: <51391314.9080907@gmail.com> References: <513879AC.2080100@gmail.com> <51391314.9080907@gmail.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 7 Mar 2013, Nunzio Falcone wrote: > and execute the following telnet session > [root at posta ~]# telnet localhost 25 > Trying 127.0.0.1... > 220 posta.domain.local ESMTP Postfix > rcpt to:utente2 > 250 2.1.5 Ok > > note the use of login (only "utente2) > > this is the debug session > Mar 07 23:06:15 auth: Debug: master in: USER 1 utente2/maildir/@domain.local service=lda > Mar 07 23:06:15 auth: Debug: master out: USER 1 utente2/maildir/ uid=500 gid=500 home=/var/vmail/utente2/maildir/ Hmm, utente2 became utente2/maildir/@domain.local again. I have no experience with postfix, so I would first make sure, postfix passes the correct values to the Dovecot LDA, by: create wrapper script: ===== START #!/bin/bash ( date echo arguments "$@" id /usr/libexec/dovecot/deliver "$@" rc=$? echo rc=$rc exit $rc ) >> /tmp/dovecot-lda-wrapper.$$.log 2>&1 ==== END /etc/postfix/master.cf (relevant) # Dovecot LDA dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/path/to/wrapper -f ${sender} -d ${recipient} see changed argv= argument. Then check the created log files in /tmp, if the argument of "-d" does or does not contain the "/maildir/" part. If it does, you will have to check your postfix installation, when the recipient string gets changed. Maybe your postfix was configured to deliver to Maildirs directly before and therefore at some point the "/maildir/" is added. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUTmk9F3r2wJMiz2NAQLpWwgAsg6f+nIjmOmeBsfK9kAwUhkAgOO7HtKu jmiaqY5DxDo9GRp+8X62y3kBGvVtrKCbJcoRqW4wlBwYvJaBbZqAZU2NS0q3QVV0 Dz63/DjSQsj+eQcMWnuX2Ci0D9JlC/UDA8FD+c2Os86LwIz0zBGET2sdqkUHqYxv wm6YwK7CBRzlmF98hRHMcj3bnZSpXWDx8+1nygoylUdwzV4rwcflWJ67jnGTs58+ RJfsiVnAzdlWzrwEjwlswOClM5mmRlwU5MVHfOczZMO9Z/XmHXxrISCx9pFKrwjT +X++0MDEerEqLuc+S8vrobe8XeTlvHzWmdpqd6F6RiEncGuy/21IRg== =y3pK -----END PGP SIGNATURE----- From pvsuja at gmail.com Fri Mar 8 11:04:25 2013 From: pvsuja at gmail.com (pvsuja) Date: Fri, 8 Mar 2013 01:04:25 -0800 (PST) Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> In-Reply-To: <51399ABF.40301@softjury.de> References: <1362722925153-40684.post@n4.nabble.com> <51399ABF.40301@softjury.de> Message-ID: <1362733465966-40689.post@n4.nabble.com> Yes, I know that. When I am telnetting to my ImapcProxy over 143, the capabilities are listed ...... STARTTLS AUTH=PLAIN AUTH=LOGIN ..... I need the AUTH capability to be enabled only after STARTTLS I have done this in Postfix. Is there a way to do it in Dovecot? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40689.html Sent from the Dovecot mailing list archive at Nabble.com. From professa at dementianati.com Fri Mar 8 12:12:11 2013 From: professa at dementianati.com (Professa Dementia) Date: Fri, 08 Mar 2013 02:12:11 -0800 Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> In-Reply-To: <1362733465966-40689.post@n4.nabble.com> References: <1362722925153-40684.post@n4.nabble.com> <51399ABF.40301@softjury.de> <1362733465966-40689.post@n4.nabble.com> Message-ID: <5139B97B.7050807@dementianati.com> On 3/8/2013 1:04 AM, pvsuja wrote: > > Yes, I know that. > When I am telnetting to my ImapcProxy over 143, the capabilities are listed > > ...... STARTTLS AUTH=PLAIN AUTH=LOGIN ..... > > I need the AUTH capability to be enabled only after STARTTLS > I have done this in Postfix. > Is there a way to do it in Dovecot? From the template /etc/dovecot/conf.d/10-auth.conf # Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. #disable_plaintext_auth = yes Dem From dmiller at amfes.com Fri Mar 8 14:21:54 2013 From: dmiller at amfes.com (Daniel L. Miller) Date: Fri, 08 Mar 2013 04:21:54 -0800 Subject: [Dovecot] Inotify max_user_instances In-Reply-To: References: <5138B72A.10501@amfes.com> Message-ID: On 3/8/2013 12:31 AM, Steffen Kaiser wrote: > > see > http://stackoverflow.com/questions/11110245/inotify-fd-why-is-the-limit-per-user-id-and-not-per-process > > > Dovecot needs one inotify entity per IDLE, maybe more for internal > purposes. So in theory, you will need: users> * + , > because you use one _system_ user for all IMAP-users. Thanks. I actually had this increased previously - but for whatever reason my sysctl.d/60-inotify.conf didn't get applied last reboot. > >> I'm also fighting a netfilter issue - my connection tracking counters >> keep climbing. Don't know if this is in any way related. > > Do you use NAT on the same machine? Or some intrusion detection > system? When you get many short connections, esp. UDP ones, the > connection tracker fills up easily. Yes and Yes. Could fail2ban be hurting more than it's helping? -- Daniel From jg at softjury.de Fri Mar 8 15:13:54 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Fri, 08 Mar 2013 14:13:54 +0100 Subject: [Dovecot] zlib plugin bug? Message-ID: <5139E412.7010202@softjury.de> Hi there, got a problem with the zlib plugin, just wanted to test it on a test-mailserver, configured like in the wiki (http://wiki2.dovecot.org/Plugins/Zlib) and restarted the server. I've send an email to a blank maildir++ mailbox, the file is saved as gzip compressed file, but the "Z" flag is missing in the filename. Is that a bug in the plugin, or in dovecot? Greetings, Jan ------------------------------------------------------------- --- additional data: >>> find . ./dovecot-uidlist ./dovecot.mailbox.log ./tmp ./cur ./cur/1362746783.M97516P28534.s16,S=1321,W=1352:2,Sa ./maildirsize ./new ./dovecot.index.cache ./dovecot-keywords ./dovecot-uidvalidity.5139a483 ./subscriptions ./dovecot.index.log ./dovecot-uidvalidity ./dovecot-acl-list >>> file ./cur/1362746783.M97516P28534* ./cur/1362746783.M97516P28534.s16,S=1321,W=1352:2,Sa: gzip compressed data, from Unix >>> dpkg -l |grep dove ii debian-dovecot-auto-keyring 2010.01.30 GnuPG archive keys of the Automatic Dovecot Debian repository ii dovecot-common 2:2.2.0~rc2-0~auto+23 Transitional package for dovecot ii dovecot-core 2:2.2.0~rc2-0~auto+23 secure mail server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-imapd 2:2.2.0~rc2-0~auto+23 secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-lmtpd 2:2.2.0~rc2-0~auto+23 secure LMTP server for Dovecot ii dovecot-managesieved 2:2.2.0~rc2-0~auto+23 secure ManageSieve server for Dovecot ii dovecot-mysql 2:2.2.0~rc2-0~auto+23 MySQL support for Dovecot ii dovecot-pop3d 2:2.2.0~rc2-0~auto+23 secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes ii dovecot-sieve 2:2.2.0~rc2-0~auto+23 sieve filters support for Dovecot >>> doveconf -n # 2.2.rc2 (52e5d4186006): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.7 ext3 auth_debug = yes auth_verbose = yes listen = * mail_debug = yes mail_gid = vmail mail_location = maildir:/var/vmail/%d/%n/Maildir:LAYOUT=fs mail_plugins = quota acl zlib mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile acl_anyone = allow autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autocreate5 = Archives autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent quota = maildir:User quota sieve = ~/.dovecot.sieve sieve_dir = ~/sieve zlib_save = gz zlib_save_level = 6 } protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { idle_kill = 1 hours unix_listener dict { group = vmail mode = 0660 } } service imap-login { inet_listener imap { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } service pop3-login { inet_listener pop3 { port = 0 } } ssl_cert = /maildir/maildir) is "auto"created In-Reply-To: References: <513879AC.2080100@gmail.com> <51391314.9080907@gmail.com> Message-ID: <513A0AA8.1070606@gmail.com> Il 08/03/2013 09:44, Steffen Kaiser ha scritto: > #!/bin/bash > > ( date > echo arguments "$@" > id > /usr/libexec/dovecot/deliver "$@" > rc=$? > echo rc=$rc > exit $rc > ) >> /tmp/dovecot-lda-wrapper.$$.log 2>&1 this is output Fri Mar 8 16:39:00 CET 2013 arguments -f domain at domain.local -d utente2/maildir/@nolanitalia.local uid=500(vmail) gid=500(vmail) groups=500(vmail) rc=0 the -d argument contains "/maildir"!!! what do you think of this? what postfix config to check? Thanx -- *Nunzio Falcone* nunzio.falcone at gmail.com *Cell * +39 320 1167923 *Voip*+39 081 0117933 *Fax * +39 081 0113049 From nunzio.falcone at gmail.com Fri Mar 8 19:06:31 2013 From: nunzio.falcone at gmail.com (Nunzio Falcone) Date: Fri, 08 Mar 2013 18:06:31 +0100 Subject: [Dovecot] When dovecot delivery, nested maildir (/maildir/maildir) is "auto"created In-Reply-To: <513A0AA8.1070606@gmail.com> References: <513879AC.2080100@gmail.com> <51391314.9080907@gmail.com> <513A0AA8.1070606@gmail.com> Message-ID: <513A1A97.7060103@gmail.com> Il 08/03/2013 16:58, Nunzio Falcone ha scritto: > Il 08/03/2013 09:44, Steffen Kaiser ha scritto: >> #!/bin/bash >> >> ( date >> echo arguments "$@" >> id >> /usr/libexec/dovecot/deliver "$@" >> rc=$? >> echo rc=$rc >> exit $rc >> ) >> /tmp/dovecot-lda-wrapper.$$.log 2>&1 > this is output > Fri Mar 8 16:39:00 CET 2013 > arguments -f domain at domain.local -d utente2/maildir/@nolanitalia.local > uid=500(vmail) gid=500(vmail) groups=500(vmail) > rc=0 > > the -d argument contains "/maildir"!!! > > what do you think of this? what postfix config to check? *SOLVED* modifyng /etc/postfix/ldap-users.cf (relevant) from query_filter = (&(objectclass=person) (mail=%s)) result_attribute = sAMAccountName version = 3 result_format=%s/Maildir/ to query_filter = (&(objectclass=person) (mail=%s)) result_attribute = sAMAccountName version = 3 *result_format=%s* ThankU for your support -- *Nunzio Falcone* nunzio.falcone at gmail.com *Cell * +39 320 1167923 *Voip*+39 081 0117933 *Fax * +39 081 0113049 From andre.rodier at gmail.com Sun Mar 10 10:00:03 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Sun, 10 Mar 2013 08:00:03 +0000 Subject: [Dovecot] virtual folder - crash while searching In-Reply-To: <381E6606-D4BA-4F8C-8A78-3B78CAA031BA@iki.fi> References: <5018C827.80406@zu-con.org> <2AF993EE-5501-40CC-A23C-8C0B4411D4B3@iki.fi> <501981CB.3030709@zu-con.org> <182345D6-4CE3-4FBF-8E5D-5D8A5C5C826C@iki.fi> <50198C31.5070902@zu-con.org> <6ED90634-A3FC-46F2-BA72-393B1E9ECD27@iki.fi> <5019905F.3010102@zu-con.org> <381E6606-D4BA-4F8C-8A78-3B78CAA031BA@iki.fi> Message-ID: Hello everyone, I had the same errors on my server, and I fixed it by increasing the header size buffer of my server to 65535, for instance. For jetty, the option is named headerBufferSize. See: 30000 2 false 8443 65536 5000 5000 On 3 August 2012 15:14, Timo Sirainen wrote: > On 1.8.2012, at 23.23, Matthias Rieber wrote: > >> alright. Some resources say that "413 FULL head" means request too large. Maybe that's caused by the pretty big folder virtual.all which contains more than 360000 mails. > Probably it means that the virtual folder consists of too many real folders. Dovecot's Solr query adds each real folder's GUID to the query. I guess there should be some limit and it would have to send more than one query and merge the results. > No need to do this. -- Andr? Rodier From dovecot.pkoch at dfgh.net Sun Mar 10 12:28:54 2013 From: dovecot.pkoch at dfgh.net (dovecot.pkoch at dfgh.net) Date: Sun, 10 Mar 2013 11:28:54 +0100 Subject: [Dovecot] Logon with Client Certificate and OTP fallback Message-ID: Dear Dovecot experts, we have unusual authentication requirements, namely: - almost all of our user are using a smartcard to connect with our mailserver. Thunderbird is our friend here as it will use the smartcard as an additional certificate store and Thunderbird will do client certificate based authentication when connecting via SSL with a mailserver - there's no way (at least that I know of) for our iPad users to use a smartcard, so our iPad and iPhone users use OTP token (http://www.gooze.eu/catalog/otp-tokens-oath-0) For 10 years we are using a very simple POP3-server where I replaced the authentication routines with my own functions and these function are doing the following: 1) if the connection was made without SSL refuse to connect 2) if the client was using a client certificate extract the username from the certificate. Since we cannot stop Thunderbird from sending a username/passowrd-combination we compare the username from the certificate with the username Thunderbird has sent. If the usernames matches we allow access and ignore the password. 3) if the client did not sent a client certificate we calculate the current OneTimePassword of the users OTP-token and compare that with the password Thunderbird has sent. If the passwords matches we allow access. If a OTP-password was validated it can be used for 24 hours so our OTP-users must use their tokens only once a day. Now we would like to switch from POP3 to IMAP, so here are my questions: - can Dovecot be CONFIGURED to do the above. I compiled it yesterday and SSL client authentication works as expected. OTP seems to be supported via PAM and I can write a PAM-modul for our OTP-tokens, so OTP would be possible too. But how do I tell Dovecot to do OTP-auth as a fallback for ClientCert-auth. - I already looked into the sourcecode of Dovecot. Seems like all the authentication routines were built as pluggable modules. Is there any documentation out there on how how to built my own auth-module. Integrating the OTP-auth directly into Dovecot would be a lot easier (for me) than creating a PAM-module, so I would prefer that. If there was interest from other people I would add some configuration options to Dovecot (for example the location of the OTP-token list). Otherwise I would just hardcode everything into the source. Peter From rs at sys4.de Sun Mar 10 13:57:27 2013 From: rs at sys4.de (Robert Schetterer) Date: Sun, 10 Mar 2013 12:57:27 +0100 Subject: [Dovecot] Logon with Client Certificate and OTP fallback In-Reply-To: References: Message-ID: <513C7527.6000908@sys4.de> Am 10.03.2013 11:28, schrieb dovecot.pkoch at dfgh.net: > Dear Dovecot experts, > > we have unusual authentication requirements, namely: > > - almost all of our user are using a smartcard to connect > with our mailserver. Thunderbird is our friend here as it will > use the smartcard as an additional certificate store and > Thunderbird will do client certificate based authentication > when connecting via SSL with a mailserver > > - there's no way (at least that I know of) for our iPad users > to use a smartcard, so our iPad and iPhone users use > OTP token (http://www.gooze.eu/catalog/otp-tokens-oath-0) > > For 10 years we are using a very simple POP3-server where > I replaced the authentication routines with my own functions > and these function are doing the following: > > 1) if the connection was made without SSL refuse to connect > 2) if the client was using a client certificate extract the username > from the certificate. Since we cannot stop Thunderbird from > sending a username/passowrd-combination we compare the > username from the certificate with the username Thunderbird has > sent. If the usernames matches we allow access and ignore > the password. > 3) if the client did not sent a client certificate we calculate the > current OneTimePassword of the users OTP-token and compare > that with the password Thunderbird has sent. If the passwords matches > we allow access. If a OTP-password was validated it can be used > for 24 hours so our OTP-users must use their tokens only once a day. > > Now we would like to switch from POP3 to IMAP, so here are my > questions: > > - can Dovecot be CONFIGURED to do the above. I compiled it yesterday > and SSL client authentication works as expected. OTP seems to be > supported via PAM and I can write a PAM-modul for our OTP-tokens, > so OTP would be possible too. But how do I tell Dovecot to do > OTP-auth as a fallback for ClientCert-auth. > > - I already looked into the sourcecode of Dovecot. Seems like all the > authentication routines were built as pluggable modules. Is there any > documentation out there on how how to built my own auth-module. > Integrating the OTP-auth directly into Dovecot would be a lot > easier (for me) than creating a PAM-module, so I would prefer that. > If there was interest from other people I would add some configuration > options to Dovecot (for example the location of the OTP-token list). > Otherwise I would just hardcode everything into the source. > > Peter > try read http://wiki2.dovecot.org/PasswordDatabase/PAM ... This can be useful with e.g. pam_opie to find out which one time password you're supposed to give: 1 LOGIN username otp 1 NO otp-md5 324 0x1578 ext, Response: ... Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dovecot.pkoch at dfgh.net Sun Mar 10 15:09:41 2013 From: dovecot.pkoch at dfgh.net (dovecot.pkoch at dfgh.net) Date: Sun, 10 Mar 2013 14:09:41 +0100 Subject: [Dovecot] Logon with Client Certificate and OTP fallback (dovecot: message 4 of 20) In-Reply-To: <513C7527.6000908@sys4.de> References: <513C7527.6000908@sys4.de> Message-ID: Hi Robert 2013/3/10 Robert Schetterer - rs at sys4.de < dovecot.pkoch.74fa2fe130.rs#sys4.de at ob.0sg.net> > try read > > http://wiki2.dovecot.org/PasswordDatabase/PAM > > ... > This can be useful with e.g. pam_opie to find out which one time > password you're supposed to give: > > 1 LOGIN username otp > 1 NO otp-md5 324 0x1578 ext, Response: > I don't worry about how to use Dovecot with either SSL Client-Certitifaces or our OTP-token. SSL ClientCerts do work as expected and using our token is just a matter of finding the right PAM-module. pam_opie is the wrong module as OPIE is a method to pregenerate a list of One Time Passwords in software. What we are using is a hardware token that generates One Time Password as described in RFC 4226. There are PAM-modules out there that might do the job but since I have implemented the algorithm already into our POP3-server I could built a PAM-module myself. What I would like to know in advance is: How do I configure Dovecot such that SSL Client-Auth is used with priority 1 and OTP-auth is used only for SSL-connections without a ClientCert. Non-SSL connections should not be allowed at all. If that combination was not possible I'm hoping to get some hints on how to change the Dovecot source. Kind regards Peter From gizmo at giz-works.com Sun Mar 10 20:34:12 2013 From: gizmo at giz-works.com (Chris Richards) Date: Sun, 10 Mar 2013 13:34:12 -0500 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> <20130302171558.GA5031@daniel.localdomain> <20130303221332.GA11783@daniel.localdomain> Message-ID: <9c0a3697cf8dd6cb60421f892c9f7bd1.squirrel@www.giz-works.com> I was finally able to make this change. It doesn't appear to have broken anything, which is a plus. ;) I'll ping back in a couple of days or so and let you know if the issue appears resolved. Thanks again for your help! Chris On Sun, March 3, 2013 6:31 pm, Chris Richards wrote: > >> In order for dovecot-lda to work, default internal user "dovecot" >> seems to need permission for the user listing. This should work, >> but you should try to narrow the permissions down: >> >> service auth { >> unix_listener auth-userdb { >> group = dovecot >> mode = 0666 >> user = dovecot >> } >> } > > I'll give this a whirl tomorrow during off-mail time. I'm thinking there > was a reason I did vmail:users, but it's not coming to me at the moment. > > I'm also puzzled by why lda is using dovecot:dovecot rather than > vmail:users. Does it drop back to dovecot:dovecot and retry if the > requested uid:gid fails to work? I can't imagine where postfix would get > uid:gid of dovecot:dovecot to call with, so I don't think it's a postfix > problem. > > Thanks for your help! > > Chris > > From amateo at um.es Mon Mar 11 09:05:47 2013 From: amateo at um.es (Angel L. Mateo) Date: Mon, 11 Mar 2013 08:05:47 +0100 Subject: [Dovecot] zlib plugin bug? In-Reply-To: <5139E412.7010202@softjury.de> References: <5139E412.7010202@softjury.de> Message-ID: <513D824B.6070708@um.es> El 08/03/13 14:13, Jan Phillip Greimann escribi?: > Hi there, > got a problem with the zlib plugin, just wanted to test it on a > test-mailserver, configured like in the wiki > (http://wiki2.dovecot.org/Plugins/Zlib) and restarted the server. > > I've send an email to a blank maildir++ mailbox, the file is saved as > gzip compressed file, but the "Z" flag is missing in the filename. > zlib plugin doesn't put any flag in messages. The Z flag mentioned in the wiki is one you could put if your are compressing an existing mailbox in order to know which files you have previously compressed. -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 From dovecot-l at fu-berlin.de Mon Mar 11 16:00:35 2013 From: dovecot-l at fu-berlin.de (Heiko Schlichting) Date: Mon, 11 Mar 2013 15:00:35 +0100 Subject: [Dovecot] 2.2rc2 core dump Message-ID: <20130311140034.GA513329@zedat.fu-berlin.de> Hi, using dovecot 2.2rc2 I got core dumps during IMAP subscription change if the CONTROL directory (specified in mail_location) does not exists. userdb_mail: mbox:~/Test:INBOX=~/Test/heiko:INDEX=~/.imap/index:CONTROL=~/.imap/control If ~/.imap/control does not exists, dovecot crashes. See below for log msg, full backtrace and configuration. Heiko Heiko Schlichting Freie Universit?t Berlin heiko.schlichting at fu-berlin.de Zentraleinrichtung f?r Datenverarbeitung Telefon +49 30 838-54327 Fabeckstra?e 32 Telefax +49 30 838454327 14195 Berlin ----------------------------------------------------------------------- Mar 11 13:57:42 12:island dovecot: imap(heiko): Panic: file mailbox-list.c: line 1066 (mailbox_list_try_mkdir_root): assertion failed: (strncmp(root_dir, path, strlen(root_dir)) == 0) Mar 11 13:57:42 13:island dovecot: imap(heiko): Error: Raw backtrace: /home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x60c8a) [0x7f12ad342c8a] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x60cd6) [0x7f12ad342cd6] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f12ad303faf] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_try_mkdir_root+0x573) [0x7f12ad61db43] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_mkdir_root+0x12) [0x7f12ad61db92] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(subsfile_set_subscribed+0x346) [0x7f12ad62ff66] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_set_subscribed+0x1b) [0x7f12ad61aebb] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(index_storage_set_subscribed+0x48) [0x7f12ad63f3c8] -> dovecot/imap [heiko 130.133.5.5 subscribe](cmd_subscribe_full+0xd8) [0x4129c8] -> dovecot/imap [heiko 130.133.5.5 subscribe](command_exec+0x3d) [0x41604d] -> dovecot/imap [heiko 130.133.5.5 subscribe]() [0x4151a0] -> dovecot/imap [heiko 130.133.5.5 subscribe]() [0x41528d] -> dovecot/imap [heiko 130.133.5.5 subscribe](client_handle_input+0x11d) [0x41550d] -> dovecot/imap [heiko 130.133.5.5 subscribe](client_input+0x6f) [0x41588f] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f12ad3518f6] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xaf) [0x7f12ad35296f] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f12ad351898] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f12ad308c03] -> dovecot/imap [heiko 130.133.5.5 subscribe](main+0x2a7) [0x41eb17] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f12acf9ec8d] -> dovecot/imap [heiko 130.133.5.5 subscribe]() [0x40b559] Mar 11 13:57:42 12:island dovecot: imap(heiko): Fatal: master: service(imap): child 387120 killed with signal 6 (core dumped) ----------------------------------------------------------------------- Core was generated by `dovecot/imap'. Program terminated with signal 6, Aborted. #0 0x00007f12acfb21b5 in *__GI_raise (sig=) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 in ../nptl/sysdeps/unix/sysv/linux/raise.c #0 0x00007f12acfb21b5 in *__GI_raise (sig=) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 pid = selftid = #1 0x00007f12acfb4fc0 in *__GI_abort () at abort.c:92 act = {__sigaction_handler = {sa_handler = 0x2, sa_sigaction = 0x2}, sa_mask = {__val = {139718192212334, 140734208616120, 140734208615824, 15504224, 139718192015737, 139718188100360, 139718199721984, 206158430224, 4294967295, 140734208615136, 1, 2826480, 0, 140734208615824, 15504224, 139718191620096}}, sa_flags = -1383389422, sa_restorer = 0x1} sigs = {__val = {32, 0 }} #2 0x00007f12ad342c9d in default_fatal_finish (type=, status=0) at failures.c:191 backtrace = 0xec93d0 "/home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x60c8a) [0x7f12ad342c8a] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x60cd6) [0x7f12ad342cd6] -> /home/dovecot/server/lib/dovecot/libdoveco"... #3 0x00007f12ad342cd6 in i_internal_fatal_handler (ctx=0x7fff3c832420, format=, args=) at failures.c:652 status = 0 #4 0x00007f12ad303faf in i_panic (format=0x5e830
) at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7fff3c8324f0, reg_save_area = 0x7fff3c832430}} #5 0x00007f12ad61db43 in mailbox_list_try_mkdir_root (list=0xedfa30, path=0xec9340 "/home/heiko/.imap/control", type=MAILBOX_LIST_PATH_TYPE_CONTROL, error_r=0x7fff3c8326b8) at mailbox-list.c:1066 root_dir = 0xec9360 "/home/heiko/.imap/control/.imap" error = st = {st_dev = 0, st_ino = 139718191603264, st_nlink = 6471272, st_mode = 63, st_uid = 0, st_gid = 2908382760, __pad0 = 32530, st_rdev = 139718199874936, st_size = 140734208616208, st_blksize = 4294967295, st_blocks = 139718194534888, st_atim = {tv_sec = 1, tv_nsec = 3167384}, st_mtim = {tv_sec = 0, tv_nsec = 15602912}, st_ctim = {tv_sec = 139718199711400, tv_nsec = 139718194466816}, __unused = {139718197716754, 1, 0}} perm = {file_uid = 5006, file_gid = 700, file_create_mode = 416, dir_create_mode = 488, file_create_gid = 4294967295, file_create_gid_origin = 0xedfdf8 "/home/heiko/Test", gid_origin_is_mailbox_path = false, mail_index_permissions_set = false} __FUNCTION__ = "mailbox_list_try_mkdir_root" #6 0x00007f12ad61db92 in mailbox_list_mkdir_root (list=0x5e830, path=0x5e830
, type=MAILBOX_LIST_PATH_TYPE_INDEX_PRIVATE) at mailbox-list.c:1100 error = #7 0x00007f12ad62ff66 in subsfile_set_subscribed (list=0xedfa30, path=0xec9310 "/home/heiko/.imap/control/.subscriptions", temp_prefix=, name=0xee8360 "hostmaster", set=true) at subscription-file.c:122 mail_set = 0xee14e0 dotlock_set = {temp_prefix = 0xedfc28 ".temp.Island.387120.", lock_suffix = 0x0, timeout = 120, stale_timeout = 30, callback = 0, context = 0x0, use_excl_lock = 1, nfs_flush = 1, use_io_notify = 0} dotlock = 0x0 perm = {file_uid = 5006, file_gid = 700, file_create_mode = 416, dir_create_mode = 488, file_create_gid = 4294967295, file_create_gid_origin = 0xedfca0 "/home/heiko/Test", gid_origin_is_mailbox_path = false, mail_index_permissions_set = false} line = input = output = fd_in = fd_out = -1 type = found = changed = false failed = false #8 0x00007f12ad61aebb in mailbox_list_set_subscribed (list=0x5e830, name=0x5e830
, set=6) at mailbox-list.c:1481 ret = 6 #9 0x00007f12ad63f3c8 in index_storage_set_subscribed (box=0xee8000, set=6) at index-storage.c:854 ns = 0xee8000 list = 0xedfa30 subs_name = 0x5e830
guid = "\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000" __FUNCTION__ = "index_storage_set_subscribed" #10 0x00000000004129c8 in cmd_subscribe_full (cmd=0xee57e0, subscribe=48) at cmd-subscribe.c:72 ns = box = 0xee8000 box2 = 0x7f12ad34080b mailbox = 0xec92b0 "hostmaster" orig_mailbox = 0xed4aa0 "hostmaster" unsubscribed_mailbox2 = false sep = 0 '\000' #11 0x000000000041604d in command_exec (cmd=0xee57e0) at imap-commands.c:156 hook = 0xed2d90 ret = #12 0x00000000004151a0 in client_command_input (cmd=0xee57e0) at imap-client.c:775 client = 0xee4e30 command = __FUNCTION__ = "client_command_input" #13 0x000000000041528d in client_command_input (cmd=0xee57e0) at imap-client.c:836 client = 0xee4e30 command = 0x0 __FUNCTION__ = "client_command_input" #14 0x000000000041550d in client_handle_next_command (client=0xee4e30) at imap-client.c:874 No locals. #15 client_handle_input (client=0xee4e30) at imap-client.c:886 _data_stack_cur_id = 3 ret = 48 remove_io = handled_commands = false __FUNCTION__ = "client_handle_input" #16 0x000000000041588f in client_input (client=0xee4e30) at imap-client.c:928 cmd = output = 0xee5688 bytes = __FUNCTION__ = "client_input" #17 0x00007f12ad3518f6 in io_loop_call_io (io=0xee06f0) at ioloop.c:387 ioloop = 0xed1720 t_id = 2 #18 0x00007f12ad35296f in io_loop_handler_run (ioloop=) at ioloop-epoll.c:215 ctx = 0xed1aa0 event = 0xed1b10 list = 0xee5730 io = 0x5e830 tv = {tv_sec = 1799, tv_usec = 999958} msecs = ret = 1 i = 0 call = false __FUNCTION__ = "io_loop_handler_run" #19 0x00007f12ad351898 in io_loop_run (ioloop=0xed1720) at ioloop.c:406 No locals. #20 0x00007f12ad308c03 in master_service_run (service=0xed15c0, callback=0x5e830) at master-service.c:550 No locals. #21 0x000000000041eb17 in main (argc=1, argv=0xed1390) at main.c:400 set_roots = {0x426140, 0x0} login_set = {auth_socket_path = 0xec9050 "\035", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x41ed10 , failure_callback = 0x41ecb0 , request_auth_token = 1} service_flags = storage_service_flags = MAIL_STORAGE_SERVICE_FLAG_DISALLOW_ROOT username = 0x0 c = ----------------------------------------------------------------------- # 2.2.rc2: /home/dovecot/server/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.7 auth_mechanisms = plain login auth_username_format = %Ln auth_verbose = yes default_login_user = nobody default_vsz_limit = 2 G first_valid_uid = 1000 listen = 130.133.10.100 mail_fsync = always mail_nfs_storage = yes namespace inbox { inbox = yes location = prefix = separator = / type = private } passdb { args = /server/dovecot/bin/checkpassword-isnet driver = checkpassword } protocols = imap service auth-worker { user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service imap { process_limit = 1024 } shutdown_clients = no ssl = required ssl_cert = References: <5139E412.7010202@softjury.de> <513D824B.6070708@um.es> Message-ID: <513DECC9.9060301@softjury.de> Am 11.03.2013 08:05, schrieb Angel L. Mateo: > zlib plugin doesn't put any flag in messages. The Z flag mentioned > in the wiki is one you could put if your are compressing an existing > mailbox in order to know which files you have previously compressed. Thank you. I noticed later that there is no Z-flag by default for compressed mails. I think it should be added to the plugin, but maybe it isn't possible. Greetings, Jan From tabbingout at gmail.com Mon Mar 11 16:51:16 2013 From: tabbingout at gmail.com (Tabbed Out) Date: Mon, 11 Mar 2013 10:51:16 -0400 Subject: [Dovecot] Random questions on backing up Dovecot Message-ID: Hi, I've read a few threads about the subject, but I am hoping someone can comment on a few misunderstandings that I might have? It seems like doing a tar of the mail folder location then rsyncing it over to the backup location is the general idea. I plan to have dovecot create 6 virtual users using Maildir, located at /var/mail. A few specifics I am unclear on: 1) Someone here gave a descriptive outline on this here: http://www.dovecot.org/list/dovecot/2011-August/060368.html It's a bit silly, but does anyone have any comments about his suggestion on doing a 'tar cvf' first, then doing a gzip on that archive? Are the benefits really that great? 2) My lack of understanding of control files and index files contribute to this question. If I want to move to a new server and I only tar'd my /var/mail, how does this affect control files? Is it as simple as just copying pasting back into /var/mail on the new server, and then Dovecot will create new UUIDs for the messages? 3) How do I handle the case where the script is currently tarring/gzipping the entire /var/mail, but I receive a new mail during that period? What happens if I use thunderbird to delete a mail during the archiving process? From info at stos.se Mon Mar 11 18:57:15 2013 From: info at stos.se (info at stos.se) Date: Mon, 11 Mar 2013 17:57:15 +0100 Subject: [Dovecot] Integrating with Drupal SQL db Message-ID: <165856345e36d2e24681cdacdb686d3e@localhost> Hi I'm trying to get Dovecot to use Drupal users password for authenticating IMAP users. But I just cant figure out how to make Dovecot understand the password hash type that Drupal 7 is using. My example user with password Teacher1 looks like this in Drupal database: $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU Dovecot retrieves this hash but complains that its not a recognized hash type, or that the hash is wrong, depending on if I change the default hash type in Dovecot config. Any help appreciated. root at SSiS:/etc/postfix# dovecot --version 1.2.15 root at SSiS:/etc/postfix# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs log_timestamp: %Y-%m-%d %H:%M:%S login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:/home/vmail/ mbox_write_locks: fcntl dotlock auth default: verbose: yes debug: yes debug_passwords: yes passdb: driver: pam passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: passwd root at SSiS:/etc/postfix# root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' /etc/dovecot/dovecot-sql.conf driver = mysql connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu default_pass_scheme = CRYPT password_query = SELECT name AS user, pass AS password FROM users WHERE name='%n' user_query = SELECT CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') AS mail FROM users WHERE name='%n' root at SSiS:/etc/postfix# tail /var/log/mail.log Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: pid=8593 Mar 11 16:17:51 SSiS dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx Mar 11 16:17:51 SSiS dovecot: auth-worker(default): pam(Teacher1,127.0.0.1): lookup service=dovecot Mar 11 16:17:51 SSiS dovecot: auth-worker(default): pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: Mar 11 16:17:54 SSiS dovecot: auth-worker(default): pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) (given password: Teacher1) Mar 11 16:17:54 SSiS dovecot: auth-worker(default): sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password FROM users WHERE name='Teacher1' Mar 11 16:17:54 SSiS dovecot: auth-worker(default): sql(Teacher1,127.0.0.1): Password mismatch Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): Not a valid MD5-CRYPT or PLAIN-MD5 password Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in passdb Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in passdb Mar 11 16:17:54 SSiS dovecot: auth-worker(default): sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' Mar 11 16:17:56 SSiS dovecot: auth(default): client out: FAIL#0111#011user=Teacher1 Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid commands (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: pid=9075 Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured root at SSiS:/etc/postfix# From list at airstreamcomm.net Mon Mar 11 21:00:22 2013 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Mon, 11 Mar 2013 14:00:22 -0500 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <165856345e36d2e24681cdacdb686d3e@localhost> References: <165856345e36d2e24681cdacdb686d3e@localhost> Message-ID: <513E29C6.9070800@airstreamcomm.net> On 3/11/13 11:57 AM, info at stos.se wrote: > Hi > > I'm trying to get Dovecot to use Drupal users password for authenticating > IMAP users. But I just cant figure out how to make Dovecot understand the > password hash type that Drupal 7 is using. > > My example user with password Teacher1 looks like this in Drupal database: > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU > > Dovecot retrieves this hash but complains that its not a recognized hash > type, or that the hash is wrong, depending on if I change the default hash > type in Dovecot config. > > Any help appreciated. > > > root at SSiS:/etc/postfix# dovecot --version > 1.2.15 > root at SSiS:/etc/postfix# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs > log_timestamp: %Y-%m-%d %H:%M:%S > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_privileged_group: mail > mail_location: maildir:/home/vmail/ > mbox_write_locks: fcntl dotlock > auth default: > verbose: yes > debug: yes > debug_passwords: yes > passdb: > driver: pam > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: passwd > root at SSiS:/etc/postfix# > root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' > /etc/dovecot/dovecot-sql.conf > driver = mysql > connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu > default_pass_scheme = CRYPT > password_query = SELECT name AS user, pass AS password FROM users WHERE > name='%n' > user_query = SELECT > CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') AS > mail FROM users WHERE name='%n' > root at SSiS:/etc/postfix# tail /var/log/mail.log > Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: pid=8593 > Mar 11 16:17:51 SSiS dovecot: auth(default): client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): lookup service=dovecot > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication failure > (password mismatch?) (given password: Teacher1) > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password FROM > users WHERE name='Teacher1' > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): Password mismatch > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): > Not a valid MD5-CRYPT or PLAIN-MD5 password > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != > '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' > Mar 11 16:17:56 SSiS dovecot: auth(default): client out: > FAIL#0111#011user=Teacher1 > Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (auth failed, 1 attempts): user=, method=PLAIN, > rip=127.0.0.1, lip=127.0.0.1, secured > Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: pid=9075 > Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured > root at SSiS:/etc/postfix# > > As far as I understand Drupal uses salted passwords, so you would need to return the password + salt in the sql query. I am not sure what position the salt is offset for a password with Drupal, but that should be simple to determine looking at the source. From anmeyer at anup.de Mon Mar 11 21:05:36 2013 From: anmeyer at anup.de (Andreas Meyer) Date: Mon, 11 Mar 2013 20:05:36 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <165856345e36d2e24681cdacdb686d3e@localhost> References: <165856345e36d2e24681cdacdb686d3e@localhost> Message-ID: <20130311200536.07d8a877@itxnew.bitcorner.intern> wrote: > Hi > > I'm trying to get Dovecot to use Drupal users password for authenticating > IMAP users. But I just cant figure out how to make Dovecot understand the > password hash type that Drupal 7 is using. > > My example user with password Teacher1 looks like this in Drupal database: > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU This is not CRAM-MD5, is it? > Dovecot retrieves this hash but complains that its not a recognized hash > type, or that the hash is wrong, depending on if I change the default hash > type in Dovecot config. > > Any help appreciated. This is what I get connecting to your server: Connected to stos.se. Escape character is '^]'. * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 ready This is what I get connecting to mine: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. I see no AUTH=CRAM-MD5 in capabilites of your server. Andreas From seirp.samoht at googlemail.com Mon Mar 11 21:20:35 2013 From: seirp.samoht at googlemail.com (Thomas Pries) Date: Mon, 11 Mar 2013 20:20:35 +0100 Subject: [Dovecot] doveadm password check Message-ID: <513E2E83.8000900@googlemail.com> Hi, I want to write some php code that users can change there dovecot password via a roundcube plugin. I'm using php function crypt(...) to generate the hashes and everything works well so far. I'm using doveadm pw to generate testhashes e.g.: srv:~ # doveadm pw -r 5 -s BLF-CRYPT -p abc {BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y I expected an "ok" when using -t the hash when entering abc as a password, but I got: srv:~ # doveadm pw -r 5 -s BLF-CRYPT -t \{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y Enter password to verify: doveadm(root): Fatal: reverse password verification check failed: Password mismatch What went wrong? Kind Regards Thomas From anmeyer at anup.de Mon Mar 11 21:38:39 2013 From: anmeyer at anup.de (Andreas Meyer) Date: Mon, 11 Mar 2013 20:38:39 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <48731c2f-92a9-4c2f-846f-f12993c7fba4.maildroid@localhost> References: <165856345e36d2e24681cdacdb686d3e@localhost> <20130311200536.07d8a877@itxnew.bitcorner.intern> <48731c2f-92a9-4c2f-846f-f12993c7fba4.maildroid@localhost> Message-ID: <20130311203839.2bc7fcb4@itxnew.bitcorner.intern> Hello! I took the thread back to the list. Tobias R?denholt wrote: > I think it is ssha512 hashing. It's not stos.se that's affected. It's > swedishschoolinsydney.org.au Just found this: capabilities are 'IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS LOGINDISABLED' meaning you can log in via STARTTLS but not via plaintext authentication. Does it have something to do woth your problem? > Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (auth failed, 1 attempts): user=, method=PLAIN, > rip=127.0.0.1, lip=127.0.0.1, secured > Thanks! > /Tobias Andreas > wrote: > > > Hi > > > > I'm trying to get Dovecot to use Drupal users password for authenticating > > IMAP users. But I just cant figure out how to make Dovecot understand the > > password hash type that Drupal 7 is using. > > > > My example user with password Teacher1 looks like this in Drupal database: > > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU > > This is not CRAM-MD5, is it? > > > Dovecot retrieves this hash but complains that its not a recognized hash > > type, or that the hash is wrong, depending on if I change the default hash > > type in Dovecot config. > > > > Any help appreciated. > > This is what I get connecting to your server: > Connected to stos.se. > Escape character is '^]'. > * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel 7.83 ready > > This is what I get connecting to mine: > * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. > > I see no AUTH=CRAM-MD5 in capabilites of your server. > > Andreas From professa at dementianati.com Mon Mar 11 21:49:37 2013 From: professa at dementianati.com (Professa Dementia) Date: Mon, 11 Mar 2013 12:49:37 -0700 Subject: [Dovecot] doveadm password check In-Reply-To: <513E2E83.8000900@googlemail.com> References: <513E2E83.8000900@googlemail.com> Message-ID: <513E3551.8060502@dementianati.com> On 3/11/2013 12:20 PM, Thomas Pries wrote: > Hi, > > I want to write some php code that users can change there dovecot > password via a roundcube plugin. I'm using php function crypt(...) to > generate the hashes and everything works well so far. > > > I'm using doveadm pw to generate testhashes e.g.: > > srv:~ # doveadm pw -r 5 -s BLF-CRYPT -p abc > {BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y > > I expected an "ok" when using -t the hash when entering abc as a > password, but I got: > > srv:~ # doveadm pw -r 5 -s BLF-CRYPT -t > \{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y > Enter password to verify: > doveadm(root): Fatal: reverse password verification check failed: > Password mismatch There are several bugs dealing with what you are doing. They are currently in the works and will be fixed in a future release of Dovecot. 1) Crypt hashes should not have the {...} prefix. The $2a$ is the prefix that specifies the Eksblowfish crypt hash, just like $1$ specifies the MD5 crypt hash. doveadm blindly puts the {...} in front of all hashes, which is a bug. When the program goes to verify the hash, it passes the entire string including the {...} part to crypt, which fails, since it does not know what to do with it. 2) The Eksblowfish hash (the $2a$) was originally written on OpenBSD by Niels Provos and David Mazi?res and was called Bcrypt (Bcrypt is the correct name, not BLF-CRYPT as is used in Dovecot). It was rewritten by Alexander Peslyak. This rewritten version became more popular with Linux distros. This version, however, turned out to have a bug, which Peslyak later fixed, but it means that $2a$ hashes were incompatible based on which library they used: the original OpenBSD, or the buggy Peslyak one. A new hash type, $2y was used to specify the correct hash. Even OpenBSD switched to the new system to maintain compatibility, even though their original libraries were correct. Depending on whether your Eksblowfish (Bcrypt) libraries have been updated or not, there could be a problem with the $2a$ hash. First try to remove the {BLF-CRYPT} from your hash. It is not needed, and may be enough for it to verify. If it still does not verify, then you may have an issue with your crypt libraries. You might, then try changing the $2a$ to $2y$ and see if that makes the Eksblowfish libraries happy. Dem From user+dovecot at localhost.localdomain.org Mon Mar 11 23:41:58 2013 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Mon, 11 Mar 2013 22:41:58 +0100 Subject: [Dovecot] doveadm password check In-Reply-To: <513E2E83.8000900@googlemail.com> References: <513E2E83.8000900@googlemail.com> Message-ID: <513E4FA6.7090804@localhost.localdomain.org> On 03/11/2013 08:20 PM Thomas Pries wrote: > Hi, > > I want to write some php code that users can change there dovecot > password via a roundcube plugin. I'm using php function crypt(...) to > generate the hashes and everything works well so far. > > > I'm using doveadm pw to generate testhashes e.g.: > > srv:~ # doveadm pw -r 5 -s BLF-CRYPT -p abc > {BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y > > I expected an "ok" when using -t the hash when entering abc as a > password, but I got: > > srv:~ # doveadm pw -r 5 -s BLF-CRYPT -t > \{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y > Enter password to verify: > doveadm(root): Fatal: reverse password verification check failed: > Password mismatch > > What went wrong? Usage would be: doveadm pw -t '{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y' Your shell expands $2a and $05$W8? to empty strings. Therefore you should single quotes around strings that contains the dollar sign. Regards, Pascal -- The trapper recommends today: cafebabe.1307022 at localdomain.org From seirp.samoht at googlemail.com Tue Mar 12 00:02:07 2013 From: seirp.samoht at googlemail.com (Thomas Pries) Date: Mon, 11 Mar 2013 23:02:07 +0100 Subject: [Dovecot] doveadm password check In-Reply-To: <513E4FA6.7090804@localhost.localdomain.org> References: <513E2E83.8000900@googlemail.com> <513E4FA6.7090804@localhost.localdomain.org> Message-ID: <513E545F.20306@googlemail.com> Hi, On 11.03.2013 22:41, Pascal Volk wrote: > On 03/11/2013 08:20 PM Thomas Pries wrote: >> >> I expected an "ok" ... > > Usage would be: > doveadm pw -t '{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y' > > Your shell expands $2a and $05$W8? to empty strings.... Thanks, sometimes it is hard to see the wood for the trees :-). From patrickdk at patrickdk.com Tue Mar 12 02:40:16 2013 From: patrickdk at patrickdk.com (Patrick Domack) Date: Mon, 11 Mar 2013 20:40:16 -0400 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <165856345e36d2e24681cdacdb686d3e@localhost> References: <165856345e36d2e24681cdacdb686d3e@localhost> Message-ID: <20130311204016.Horde.C_zG9XtQ5biSjaiqj1XVFQ1@mail.patrickdk.com> The issue is, drupal uses a custom password format. You could rewrite the password hashs that drupal uses, into a normal crypt ssha256 version, that dovecot will understand, but it will probably going be much easier, to just program it into dovecot to support it. http://joncave.co.uk/2011/01/password-storage-in-drupal-and-wordpress/ Quoting info at stos.se: > Hi > > I'm trying to get Dovecot to use Drupal users password for authenticating > IMAP users. But I just cant figure out how to make Dovecot understand the > password hash type that Drupal 7 is using. > > My example user with password Teacher1 looks like this in Drupal database: > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU > > Dovecot retrieves this hash but complains that its not a recognized hash > type, or that the hash is wrong, depending on if I change the default hash > type in Dovecot config. > > Any help appreciated. > > > root at SSiS:/etc/postfix# dovecot --version > 1.2.15 > root at SSiS:/etc/postfix# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs > log_timestamp: %Y-%m-%d %H:%M:%S > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_privileged_group: mail > mail_location: maildir:/home/vmail/ > mbox_write_locks: fcntl dotlock > auth default: > verbose: yes > debug: yes > debug_passwords: yes > passdb: > driver: pam > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: passwd > root at SSiS:/etc/postfix# > root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' > /etc/dovecot/dovecot-sql.conf > driver = mysql > connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu > default_pass_scheme = CRYPT > password_query = SELECT name AS user, pass AS password FROM users WHERE > name='%n' > user_query = SELECT > CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') AS > mail FROM users WHERE name='%n' > root at SSiS:/etc/postfix# tail /var/log/mail.log > Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: pid=8593 > Mar 11 16:17:51 SSiS dovecot: auth(default): client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): lookup service=dovecot > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication failure > (password mismatch?) (given password: Teacher1) > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password FROM > users WHERE name='Teacher1' > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): Password mismatch > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): > Not a valid MD5-CRYPT or PLAIN-MD5 password > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != > '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' > Mar 11 16:17:56 SSiS dovecot: auth(default): client out: > FAIL#0111#011user=Teacher1 > Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (auth failed, 1 attempts): user=, method=PLAIN, > rip=127.0.0.1, lip=127.0.0.1, secured > Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: pid=9075 > Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured > root at SSiS:/etc/postfix# From gp at holisticgp.com.au Tue Mar 12 03:45:19 2013 From: gp at holisticgp.com.au (Dr Michael Daly) Date: Tue, 12 Mar 2013 12:45:19 +1100 (EST) Subject: [Dovecot] dovecot virtual user 'unknown'... Message-ID: <47266.149.135.147.24.1363052719.squirrel@www.holisticgp.com.au> Hi I have a problem whereby Dovecot 1.0.7 is reporting that a recently setup virtual user in /etc/dovecot_passdb is 'unknown'. I have been trying to setup the user 'info' in a plaintext passwd-file /etc/dovecot_passdb as a virtual user, ie non system user. I suspect I have not properly setup 'info' as a virtual imap user... if so, how should I do this? Existing system users are in '/etc/passdb' and authenticate without problems. System users have their home directory in /home/system_user1/mail/.imap eg /home/system_user1/mail/.imap/INBOX ...file is /var/spool/mail/systemuser1 /home/system_user1/mail/.imap/Sent ... file is in /home/system_user1/mail/Sent /home/system_user1/mail/.imap/Drafts... file is in /home/system_user1/mail/Drafts whereas the postfix virtual user's (username is 'info') mailbox is configured as... call it /var/spool/mail/virtualusersdomain1/info Postfix's virtual_mailbox_base = /var/spool/mail. The virtual_mailbox_domains, including that of user 'info', are a subdirectory of /var/spool/mail This is the log entry produced when user 'info' attempts to login via squirrelmail: PLAIN service=IMAP secured lip=::ffff:127.0.0.1 rip=::ffff:127.0.0.1 resp= dovecot: Mar 12 00:32:40 Info: auth(default): passwd-file(info,::ffff:127.0.0.1): lookup: user=info file=/etc/dovecot_passdb dovecot: Mar 12 00:32:40 Info: auth(default): passwd-file(info,::ffff:127.0.0.1): unknown user dovecot: Mar 12 00:32:40 Info: auth(default): pam(info,::ffff:127.0.0.1): lookup service=dovecot dovecot: Mar 12 00:32:40 Info: auth(default): new auth connection: pid=569 dovecot: Mar 12 00:32:42 Info: auth(default): pam(info,::ffff:127.0.0.1): pam_authenticate() failed: Authentication failure dovecot: Mar 12 00:32:42 Info: imap-login: Aborted login: user=, method=PLAIN, rip=::ffff:127.0.0.1, lip=::ffff:127.0.0.1, secured dovecot: Mar 12 00:32:42 Info: auth(default): client out: FAIL 1 user=info So, /etc/dovecot_passdb has ownership root:root, permissions 644 and only the contents: info:{PLAIN}Myplaintextpassword I have tried logging in both as info and also as info at virtualusersdomain1 dovecot -n shows: # 1.0.7: /etc/dovecot.conf log_path: /var/log/dovecot.log login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_processes_count: 2 mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: verbose: yes debug: yes passdb: driver: passwd-file args: /etc/dovecot_passdb passdb: driver: pam userdb: driver: passwd-file args: home=/var/spool/mail/%d/%n mail=mbox:~/mail /etc/dovecot_passdb userdb: driver: passwd args: /etc/passwd This is all that was in orginally in /etc/dovecot.conf: protocols = imap imaps pop3 pop3s disable_plaintext_auth = no protocol imap { } protocol pop3 { } protocol lda { } auth default { mechanisms = plain } passdb pam { } userdb passwd { } user = root dict { } Dovecot runs as root. Anyway, any advice would be great! Thanks From info at stos.se Tue Mar 12 05:48:33 2013 From: info at stos.se (info at stos.se) Date: Tue, 12 Mar 2013 04:48:33 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <20130311204016.Horde.C_zG9XtQ5biSjaiqj1XVFQ1@mail.patrickdk.com> References: <165856345e36d2e24681cdacdb686d3e@localhost> <20130311204016.Horde.C_zG9XtQ5biSjaiqj1XVFQ1@mail.patrickdk.com> Message-ID: Do you have any clue on how to rewrite Dovecot to support Drupal 7 hashes? I have a feeling this is going to become over my head. Regards Tobias On Mon, 11 Mar 2013 20:40:16 -0400, Patrick Domack wrote: > The issue is, drupal uses a custom password format. > > You could rewrite the password hashs that drupal uses, into a normal > crypt ssha256 version, that dovecot will understand, but it will > probably going be much easier, to just program it into dovecot to > support it. > > http://joncave.co.uk/2011/01/password-storage-in-drupal-and-wordpress/ > > > Quoting info at stos.se: > >> Hi >> >> I'm trying to get Dovecot to use Drupal users password for authenticating >> IMAP users. But I just cant figure out how to make Dovecot understand the >> password hash type that Drupal 7 is using. >> >> My example user with password Teacher1 looks like this in Drupal >> database: >> $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU >> >> Dovecot retrieves this hash but complains that its not a recognized hash >> type, or that the hash is wrong, depending on if I change the default >> hash >> type in Dovecot config. >> >> Any help appreciated. >> >> >> root at SSiS:/etc/postfix# dovecot --version >> 1.2.15 >> root at SSiS:/etc/postfix# dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs >> log_timestamp: %Y-%m-%d %H:%M:%S >> login_dir: /var/run/dovecot/login >> login_executable: /usr/lib/dovecot/imap-login >> mail_privileged_group: mail >> mail_location: maildir:/home/vmail/ >> mbox_write_locks: fcntl dotlock >> auth default: >> verbose: yes >> debug: yes >> debug_passwords: yes >> passdb: >> driver: pam >> passdb: >> driver: sql >> args: /etc/dovecot/dovecot-sql.conf >> userdb: >> driver: passwd >> root at SSiS:/etc/postfix# >> root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' >> /etc/dovecot/dovecot-sql.conf >> driver = mysql >> connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu >> default_pass_scheme = CRYPT >> password_query = SELECT name AS user, pass AS password FROM users WHERE >> name='%n' >> user_query = SELECT >> CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') >> AS >> mail FROM users WHERE name='%n' >> root at SSiS:/etc/postfix# tail /var/log/mail.log >> Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: >> pid=8593 >> Mar 11 16:17:51 SSiS dovecot: auth(default): client in: >> AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx >> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): lookup service=dovecot >> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication >> failure >> (password mismatch?) (given password: Teacher1) >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password >> FROM >> users WHERE name='Teacher1' >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): Password mismatch >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): >> Not a valid MD5-CRYPT or PLAIN-MD5 password >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >> passdb >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >> passdb >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != >> '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' >> Mar 11 16:17:56 SSiS dovecot: auth(default): client out: >> FAIL#0111#011user=Teacher1 >> Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid >> commands (auth failed, 1 attempts): user=, method=PLAIN, >> rip=127.0.0.1, lip=127.0.0.1, secured >> Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: >> pid=9075 >> Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid >> commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured >> root at SSiS:/etc/postfix# From info at stos.se Tue Mar 12 05:51:04 2013 From: info at stos.se (info at stos.se) Date: Tue, 12 Mar 2013 04:51:04 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <20130311203839.2bc7fcb4@itxnew.bitcorner.intern> References: <165856345e36d2e24681cdacdb686d3e@localhost> <20130311200536.07d8a877@itxnew.bitcorner.intern> <48731c2f-92a9-4c2f-846f-f12993c7fba4.maildroid@localhost> <20130311203839.2bc7fcb4@itxnew.bitcorner.intern> Message-ID: <7a3a0a31402dd04f66913031f4d71744@localhost> Hi! I dont know if thats related. The specific error message in the log is that the hash is not a valid one. Regards Tobias On Mon, 11 Mar 2013 20:38:39 +0100, Andreas Meyer wrote: > Hello! > > I took the thread back to the list. > > Tobias R?denholt wrote: > >> I think it is ssha512 hashing. It's not stos.se that's affected. It's >> swedishschoolinsydney.org.au > > Just found this: > capabilities are 'IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE > STARTTLS LOGINDISABLED' meaning you can log in via STARTTLS but not via > plaintext authentication. > > Does it have something to do woth your problem? > >> Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid >> commands (auth failed, 1 attempts): user=, method=PLAIN, >> rip=127.0.0.1, lip=127.0.0.1, secured > >> Thanks! >> /Tobias > > Andreas > > >> wrote: >> >> > Hi >> > >> > I'm trying to get Dovecot to use Drupal users password for >> > authenticating >> > IMAP users. But I just cant figure out how to make Dovecot understand >> > the >> > password hash type that Drupal 7 is using. >> > >> > My example user with password Teacher1 looks like this in Drupal >> > database: >> > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU >> >> This is not CRAM-MD5, is it? >> >> > Dovecot retrieves this hash but complains that its not a recognized >> > hash >> > type, or that the hash is wrong, depending on if I change the default >> > hash >> > type in Dovecot config. >> > >> > Any help appreciated. >> >> This is what I get connecting to your server: >> Connected to stos.se. >> Escape character is '^]'. >> * OK [CAPABILITY IMAP4REV1 NAMESPACE ID AUTH=PLAIN AUTH=LOGIN UIDPLUS >> STARTTLS ACL METADATA] Debian-60-squeeze-64-minimal IMAP4rev1 Citadel >> 7.83 ready >> >> This is what I get connecting to mine: >> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE >> IDLE STARTTLS AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready. >> >> I see no AUTH=CRAM-MD5 in capabilites of your server. >> >> Andreas From info at stos.se Tue Mar 12 05:54:39 2013 From: info at stos.se (info at stos.se) Date: Tue, 12 Mar 2013 04:54:39 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <513E29C6.9070800@airstreamcomm.net> References: <165856345e36d2e24681cdacdb686d3e@localhost> <513E29C6.9070800@airstreamcomm.net> Message-ID: Hi again, this is what I've found regarding how Drupal 7 hashes. $hash = md5($salt . $password, TRUE); do { $hash = md5($hash . $password, TRUE); } while (--$count); The whole final hash value is encoded into 16 base64 characters and prepended by an identifying string, the standard phpass MD5 mode uses $P$ (Drupal?s modified version uses $S$ to indicate SHA-512) and a single base64 character to indicate the number of MD5 iterations used. Examples of a hashed password are: # Drupal 7 hash $S$CgwilRJS4VIF1.2y0R7B4qkXJ8F8SJPcuvXRKGlMWESVXMST.5n4 WordPress 3.0.4 uses the phpass default of 8193 iterations ($count being 8192) and Drupal 7 uses 16385 ? notice that the Drupal password has C after the identifier whereas WordPress has B, converted from crypt style base64 (character set [./0-9A-Za-z]) these are 14 and 13 respectively, then take 214 + 1 = 16385. A John the Ripper benchmark, after patching and enabling the usage of phpass portable passwords (WordPress style, 8193 iterations), quotes approximately 700 passwords checked per second. Can I use this inforamtion to make Dovecot understand how to interpret the hash? Thanks! Regards Tobias On Mon, 11 Mar 2013 14:00:22 -0500, "list at airstreamcomm.net" wrote: > On 3/11/13 11:57 AM, info at stos.se wrote: >> Hi >> >> I'm trying to get Dovecot to use Drupal users password for authenticating >> IMAP users. But I just cant figure out how to make Dovecot understand the >> password hash type that Drupal 7 is using. >> >> My example user with password Teacher1 looks like this in Drupal >> database: >> $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU >> >> Dovecot retrieves this hash but complains that its not a recognized hash >> type, or that the hash is wrong, depending on if I change the default >> hash >> type in Dovecot config. >> >> Any help appreciated. >> >> >> root at SSiS:/etc/postfix# dovecot --version >> 1.2.15 >> root at SSiS:/etc/postfix# dovecot -n >> # 1.2.15: /etc/dovecot/dovecot.conf >> # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs >> log_timestamp: %Y-%m-%d %H:%M:%S >> login_dir: /var/run/dovecot/login >> login_executable: /usr/lib/dovecot/imap-login >> mail_privileged_group: mail >> mail_location: maildir:/home/vmail/ >> mbox_write_locks: fcntl dotlock >> auth default: >> verbose: yes >> debug: yes >> debug_passwords: yes >> passdb: >> driver: pam >> passdb: >> driver: sql >> args: /etc/dovecot/dovecot-sql.conf >> userdb: >> driver: passwd >> root at SSiS:/etc/postfix# >> root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' >> /etc/dovecot/dovecot-sql.conf >> driver = mysql >> connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu >> default_pass_scheme = CRYPT >> password_query = SELECT name AS user, pass AS password FROM users WHERE >> name='%n' >> user_query = SELECT >> CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') >> AS >> mail FROM users WHERE name='%n' >> root at SSiS:/etc/postfix# tail /var/log/mail.log >> Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: >> pid=8593 >> Mar 11 16:17:51 SSiS dovecot: auth(default): client in: >> AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx >> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): lookup service=dovecot >> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication >> failure >> (password mismatch?) (given password: Teacher1) >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password >> FROM >> users WHERE name='Teacher1' >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): Password mismatch >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): >> Not a valid MD5-CRYPT or PLAIN-MD5 password >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >> passdb >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >> passdb >> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != >> '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' >> Mar 11 16:17:56 SSiS dovecot: auth(default): client out: >> FAIL#0111#011user=Teacher1 >> Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid >> commands (auth failed, 1 attempts): user=, method=PLAIN, >> rip=127.0.0.1, lip=127.0.0.1, secured >> Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: >> pid=9075 >> Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid >> commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured >> root at SSiS:/etc/postfix# >> >> > As far as I understand Drupal uses salted passwords, so you would need > to return the password + salt in the sql query. I am not sure what > position the salt is offset for a password with Drupal, but that should > be simple to determine looking at the source. From kgc at corp.sonic.net Tue Mar 12 06:51:36 2013 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Mon, 11 Mar 2013 21:51:36 -0700 Subject: [Dovecot] stats plugins causing dns lookup per connection Message-ID: <513EB458.8030501@corp.sonic.net> I noticed our imap servers were generating a lot of A record lookups for their own IP's the other day and just got around to tracking down the source. Seems like they are all being caused by guid_128_generate() - perhaps the lookup could be cached at start up or it could just use make use of the hostname rather than spending the effort to get the IP via gethostbyname() calls. The function is used in a few other places too, so this might help more than just the stats plugin. nscd and/or host entries mitigate the total time spent on the lookup of course, but it seems unnecessary. -- Kelsey Cummings - kgc at corp.sonic.net sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 From andreas at cymail.eu Tue Mar 12 15:28:49 2013 From: andreas at cymail.eu (andreas at cymail.eu) Date: Tue, 12 Mar 2013 17:28:49 +0400 Subject: [Dovecot] Documentation Clarification Message-ID: <2d0bc55fe0270588e7ddbb119d46c4ac@cymail.eu> Can somebody please clarify the following in the documentation? I am actually looging at the 2.x docs: In the http://wiki2.dovecot.org/Authentication file there is a good effort to clarify between authentication mechanisms and password schemes. The authentication mechanisms are described in http://wiki2.dovecot.org/Authentication/Mechanisms. That is fine. But then looking at the http://wiki2.dovecot.org/Authentication/PasswordSchemes there is a section "Non-plaintext authentication mechanisms" which looks to me to be a repeat of what there is in the description of the authentication mechanisms. This section lists one more mechanism, LANMAN. Can somebody explain why this section is in this file? And which of the two is applicable. Thank you Andreas From simon.buongiorno at gmail.com Tue Mar 12 15:43:14 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 12 Mar 2013 14:43:14 +0100 Subject: [Dovecot] mail_max_userip_connections Message-ID: Hi Sometimes, I hit mail_max_userip_connections limit. As far as I know I'm the only person that does, but I would like to find out why before someone else hits the limit. Is there a command available that can list the connections per IP? I'd like to find out which client is causing this. Or do you have a better suggestion? Should I just raise the limit (it's still at the default 10, which I never changed). What are the implications of this. Thanks. Simon From AxelLuttgens at swing.be Tue Mar 12 15:58:51 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 12 Mar 2013 14:58:51 +0100 Subject: [Dovecot] stats plugins causing dns lookup per connection In-Reply-To: <513EB458.8030501@corp.sonic.net> References: <513EB458.8030501@corp.sonic.net> Message-ID: <36762238-5569-4AA2-947F-ADDC2D25F7E6@swing.be> Le 12 mars 2013 ? 05:51, Kelsey Cummings a ?crit : > I noticed our imap servers were generating a lot of A record lookups for > their own IP's the other day and just got around to tracking down the > source. Seems like they are all being caused by guid_128_generate() - > perhaps the lookup could be cached at start up or it could just use make > use of the hostname rather than spending the effort to get the IP via > gethostbyname() calls. The function is used in a few other places too, > so this might help more than just the stats plugin. Hello Kelsey, This one: http://www.dovecot.org/list/dovecot/2013-February/088286.html started for seemingly unrelated reasons, but ended with some form of cacheing of the results fetched with gethostbyname(). Which version of Dovecot are you running? Axel From AxelLuttgens at swing.be Tue Mar 12 16:30:28 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 12 Mar 2013 15:30:28 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: Message-ID: Le 12 mars 2013 ? 14:43, Simon Brereton a ?crit : > Hi > > [...] > > Is there a command available that can list the connections per IP? Hello Simon, You could have a look at 'doveadm who' (http://wiki2.dovecot.org/Tools/Doveadm/Who). HTH, Axel From list at airstreamcomm.net Tue Mar 12 16:41:42 2013 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Tue, 12 Mar 2013 09:41:42 -0500 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: References: <165856345e36d2e24681cdacdb686d3e@localhost> <513E29C6.9070800@airstreamcomm.net> Message-ID: <513F3EA6.7000907@airstreamcomm.net> On 3/11/13 10:54 PM, info at stos.se wrote: > Hi again, > > this is what I've found regarding how Drupal 7 hashes. > > $hash = md5($salt . $password, TRUE); > do { > $hash = md5($hash . $password, TRUE); > } while (--$count); > > > The whole final hash value is encoded into 16 base64 characters and > prepended by an identifying string, the standard phpass MD5 mode uses $P$ > (Drupal?s modified version uses $S$ to indicate SHA-512) and a single > base64 character to indicate the number of MD5 iterations used. Examples of > a hashed password are: > > # Drupal 7 hash > $S$CgwilRJS4VIF1.2y0R7B4qkXJ8F8SJPcuvXRKGlMWESVXMST.5n4 > > WordPress 3.0.4 uses the phpass default of 8193 iterations ($count being > 8192) and Drupal 7 uses 16385 ? notice that the Drupal password has C > after the identifier whereas WordPress has B, converted from crypt style > base64 (character set [./0-9A-Za-z]) these are 14 and 13 respectively, then > take 214 + 1 = 16385. A John the Ripper benchmark, after patching and > enabling the usage of phpass portable passwords (WordPress style, 8193 > iterations), quotes approximately 700 passwords checked per second. > > Can I use this inforamtion to make Dovecot understand how to interpret the > hash? > > Thanks! > > Regards > Tobias > > On Mon, 11 Mar 2013 14:00:22 -0500, "list at airstreamcomm.net" > wrote: >> On 3/11/13 11:57 AM, info at stos.se wrote: >>> Hi >>> >>> I'm trying to get Dovecot to use Drupal users password for > authenticating >>> IMAP users. But I just cant figure out how to make Dovecot understand > the >>> password hash type that Drupal 7 is using. >>> >>> My example user with password Teacher1 looks like this in Drupal >>> database: >>> $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU >>> >>> Dovecot retrieves this hash but complains that its not a recognized hash >>> type, or that the hash is wrong, depending on if I change the default >>> hash >>> type in Dovecot config. >>> >>> Any help appreciated. >>> >>> >>> root at SSiS:/etc/postfix# dovecot --version >>> 1.2.15 >>> root at SSiS:/etc/postfix# dovecot -n >>> # 1.2.15: /etc/dovecot/dovecot.conf >>> # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs >>> log_timestamp: %Y-%m-%d %H:%M:%S >>> login_dir: /var/run/dovecot/login >>> login_executable: /usr/lib/dovecot/imap-login >>> mail_privileged_group: mail >>> mail_location: maildir:/home/vmail/ >>> mbox_write_locks: fcntl dotlock >>> auth default: >>> verbose: yes >>> debug: yes >>> debug_passwords: yes >>> passdb: >>> driver: pam >>> passdb: >>> driver: sql >>> args: /etc/dovecot/dovecot-sql.conf >>> userdb: >>> driver: passwd >>> root at SSiS:/etc/postfix# >>> root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' >>> /etc/dovecot/dovecot-sql.conf >>> driver = mysql >>> connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu >>> default_pass_scheme = CRYPT >>> password_query = SELECT name AS user, pass AS password FROM users WHERE >>> name='%n' >>> user_query = SELECT >>> CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') >>> AS >>> mail FROM users WHERE name='%n' >>> root at SSiS:/etc/postfix# tail /var/log/mail.log >>> Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: >>> pid=8593 >>> Mar 11 16:17:51 SSiS dovecot: auth(default): client in: >>> > AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx >>> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >>> pam(Teacher1,127.0.0.1): lookup service=dovecot >>> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >>> pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>> pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication >>> failure >>> (password mismatch?) (given password: Teacher1) >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>> sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password >>> FROM >>> users WHERE name='Teacher1' >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>> sql(Teacher1,127.0.0.1): Password mismatch >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > md5_verify(Teacher1): >>> Not a valid MD5-CRYPT or PLAIN-MD5 password >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >>> passdb >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >>> passdb >>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>> sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != >>> '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' >>> Mar 11 16:17:56 SSiS dovecot: auth(default): client out: >>> FAIL#0111#011user=Teacher1 >>> Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid >>> commands (auth failed, 1 attempts): user=, method=PLAIN, >>> rip=127.0.0.1, lip=127.0.0.1, secured >>> Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: >>> pid=9075 >>> Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid >>> commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured >>> root at SSiS:/etc/postfix# >>> >>> >> As far as I understand Drupal uses salted passwords, so you would need >> to return the password + salt in the sql query. I am not sure what >> position the salt is offset for a password with Drupal, but that should >> be simple to determine looking at the source. This is not going to work via SQL query unfortunately. Another option would be to modify Drupal to also save a copy of the password in another table which could be used for Dovecot. This module might be what you're looking for http://drupal.org/project/cryptpw. It creates a table of user information that has a CRYPT password, which dovecot could use for authentication. From info at stos.se Tue Mar 12 16:57:31 2013 From: info at stos.se (info at stos.se) Date: Tue, 12 Mar 2013 15:57:31 +0100 Subject: [Dovecot] Integrating with Drupal SQL db In-Reply-To: <513F3EA6.7000907@airstreamcomm.net> References: <165856345e36d2e24681cdacdb686d3e@localhost> <513E29C6.9070800@airstreamcomm.net> <513F3EA6.7000907@airstreamcomm.net> Message-ID: <500bc5699206f0918391082979a19e04@localhost> On Tue, 12 Mar 2013 09:41:42 -0500, "list at airstreamcomm.net" wrote: > On 3/11/13 10:54 PM, info at stos.se wrote: >> Hi again, >> >> this is what I've found regarding how Drupal 7 hashes. >> >> $hash = md5($salt . $password, TRUE); >> do { >> $hash = md5($hash . $password, TRUE); >> } while (--$count); >> >> >> The whole final hash value is encoded into 16 base64 characters and >> prepended by an identifying string, the standard phpass MD5 mode uses $P$ >> (Drupal?s modified version uses $S$ to indicate SHA-512) and a single >> base64 character to indicate the number of MD5 iterations used. Examples >> of >> a hashed password are: >> >> # Drupal 7 hash >> $S$CgwilRJS4VIF1.2y0R7B4qkXJ8F8SJPcuvXRKGlMWESVXMST.5n4 >> >> WordPress 3.0.4 uses the phpass default of 8193 iterations ($count being >> 8192) and Drupal 7 uses 16385 ? notice that the Drupal password has C >> after the identifier whereas WordPress has B, converted from crypt style >> base64 (character set [./0-9A-Za-z]) these are 14 and 13 respectively, >> then >> take 214 + 1 = 16385. A John the Ripper benchmark, after patching and >> enabling the usage of phpass portable passwords (WordPress style, 8193 >> iterations), quotes approximately 700 passwords checked per second. >> >> Can I use this inforamtion to make Dovecot understand how to interpret >> the >> hash? >> >> Thanks! >> >> Regards >> Tobias >> >> On Mon, 11 Mar 2013 14:00:22 -0500, "list at airstreamcomm.net" >> wrote: >>> On 3/11/13 11:57 AM, info at stos.se wrote: >>>> Hi >>>> >>>> I'm trying to get Dovecot to use Drupal users password for >> authenticating >>>> IMAP users. But I just cant figure out how to make Dovecot understand >> the >>>> password hash type that Drupal 7 is using. >>>> >>>> My example user with password Teacher1 looks like this in Drupal >>>> database: >>>> $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU >>>> >>>> Dovecot retrieves this hash but complains that its not a recognized >>>> hash >>>> type, or that the hash is wrong, depending on if I change the default >>>> hash >>>> type in Dovecot config. >>>> >>>> Any help appreciated. >>>> >>>> >>>> root at SSiS:/etc/postfix# dovecot --version >>>> 1.2.15 >>>> root at SSiS:/etc/postfix# dovecot -n >>>> # 1.2.15: /etc/dovecot/dovecot.conf >>>> # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs >>>> log_timestamp: %Y-%m-%d %H:%M:%S >>>> login_dir: /var/run/dovecot/login >>>> login_executable: /usr/lib/dovecot/imap-login >>>> mail_privileged_group: mail >>>> mail_location: maildir:/home/vmail/ >>>> mbox_write_locks: fcntl dotlock >>>> auth default: >>>> verbose: yes >>>> debug: yes >>>> debug_passwords: yes >>>> passdb: >>>> driver: pam >>>> passdb: >>>> driver: sql >>>> args: /etc/dovecot/dovecot-sql.conf >>>> userdb: >>>> driver: passwd >>>> root at SSiS:/etc/postfix# >>>> root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' >>>> /etc/dovecot/dovecot-sql.conf >>>> driver = mysql >>>> connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu >>>> default_pass_scheme = CRYPT >>>> password_query = SELECT name AS user, pass AS password FROM users WHERE >>>> name='%n' >>>> user_query = SELECT >>>> CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') >>>> AS >>>> mail FROM users WHERE name='%n' >>>> root at SSiS:/etc/postfix# tail /var/log/mail.log >>>> Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: >>>> pid=8593 >>>> Mar 11 16:17:51 SSiS dovecot: auth(default): client in: >>>> >> AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx >>>> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >>>> pam(Teacher1,127.0.0.1): lookup service=dovecot >>>> Mar 11 16:17:51 SSiS dovecot: auth-worker(default): >>>> pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>>> pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication >>>> failure >>>> (password mismatch?) (given password: Teacher1) >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>>> sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password >>>> FROM >>>> users WHERE name='Teacher1' >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>>> sql(Teacher1,127.0.0.1): Password mismatch >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >> md5_verify(Teacher1): >>>> Not a valid MD5-CRYPT or PLAIN-MD5 password >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >>>> passdb >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in >>>> passdb >>>> Mar 11 16:17:54 SSiS dovecot: auth-worker(default): >>>> sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != >>>> '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' >>>> Mar 11 16:17:56 SSiS dovecot: auth(default): client out: >>>> FAIL#0111#011user=Teacher1 >>>> Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many >>>> invalid >>>> commands (auth failed, 1 attempts): user=, method=PLAIN, >>>> rip=127.0.0.1, lip=127.0.0.1, secured >>>> Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: >>>> pid=9075 >>>> Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many >>>> invalid >>>> commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured >>>> root at SSiS:/etc/postfix# >>>> >>>> >>> As far as I understand Drupal uses salted passwords, so you would need >>> to return the password + salt in the sql query. I am not sure what >>> position the salt is offset for a password with Drupal, but that should >>> be simple to determine looking at the source. > This is not going to work via SQL query unfortunately. Another option > would be to modify Drupal to also save a copy of the password in another > table which could be used for Dovecot. This module might be what you're > looking for http://drupal.org/project/cryptpw. It creates a table of > user information that has a CRYPT password, which dovecot could use for > authentication. That is great! I had the idea of a similar solution but it never crossed my mind that there might be an actual module for it. I can see that the module is for Drupal 6, not 7. But it might be possible to find another one. /T From simon.buongiorno at gmail.com Tue Mar 12 17:21:40 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 12 Mar 2013 16:21:40 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: Message-ID: On 12 Mar 2013 15:31, "Axel Luttgens" wrote: > > Le 12 mars 2013 ? 14:43, Simon Brereton a ?crit : > > > Hi > > > > [...] > > > > Is there a command available that can list the connections per IP? > > Hello Simon, > > You could have a look at 'doveadm who' ( http://wiki2.dovecot.org/Tools/Doveadm/Who). > I really should get around to upgrading.. Simon From AxelLuttgens at swing.be Tue Mar 12 17:37:05 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 12 Mar 2013 16:37:05 +0100 Subject: [Dovecot] Documentation Clarification In-Reply-To: <2d0bc55fe0270588e7ddbb119d46c4ac@cymail.eu> References: <2d0bc55fe0270588e7ddbb119d46c4ac@cymail.eu> Message-ID: <5DB3ACE8-48F4-4CF6-A96B-06249090F1E0@swing.be> Le 12 mars 2013 ? 14:28, andreas at cymail.eu a ?crit : > Can somebody please clarify the following in the documentation? > > I am actually looging at the 2.x docs: > In the http://wiki2.dovecot.org/Authentication file there is > a good effort to clarify between authentication mechanisms and password schemes. > The authentication mechanisms are described in http://wiki2.dovecot.org/Authentication/Mechanisms. > That is fine. But then looking at the http://wiki2.dovecot.org/Authentication/PasswordSchemes > there is a section "Non-plaintext authentication mechanisms" which looks to me to be a repeat > of what there is in the description of the authentication mechanisms. Hello Andreas, The mechanisms page enumerates the various authentication protocols supported by Dovecot, and mentions that each of these mechanisms may be used with a password stored as plaintext or using a mechanism-specific scheme (storage). On the other hand, the schemes page enumerates various ways for storing passwords implemented by Dovecot, and relates each of those schemes to the mechanism(s) that may make use of it. So, I would be tempted to speak about cross-references, not exactly about a repeat. > This section lists one more mechanism, LANMAN. Well, my understanding is that there was the LANMAN protocol (the mechanism) that used the LANMAN hash (the scheme). Later, that hash has been used for the NTLMv1 protocol as well. > Can somebody explain why this section is in this file? And which of the two is applicable. Yes, perhaps could the section title "Non-plaintext authentication mechanisms" be changed into something like "Password schemes specific to non-plaintext mechanisms". HTH, Axel From AxelLuttgens at swing.be Tue Mar 12 17:59:27 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 12 Mar 2013 16:59:27 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: Message-ID: Le 12 mars 2013 ? 16:21, Simon Brereton a ?crit : > On 12 Mar 2013 15:31, "Axel Luttgens" wrote: >> >> [...] >> You could have a look at 'doveadm who' (http://wiki2.dovecot.org/Tools/Doveadm/Who). >> > > I really should get around to upgrading.. :-) Now, there are still the more generic ways, yet probably requiring a bit more guesswork; for example, assuming binary lsof is available on your system: sudo lsof -n -i :imap,pop3 On the other hand, I don't remember exactly what happens when that mail_max_userip_connections limit is hit; doesn't Dovecot log some hint that would allow you to track the "culprit"? Axel From simon.buongiorno at gmail.com Tue Mar 12 18:18:58 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 12 Mar 2013 17:18:58 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: Message-ID: On 12 March 2013 16:59, Axel Luttgens wrote: > Le 12 mars 2013 ? 16:21, Simon Brereton a ?crit : > >> On 12 Mar 2013 15:31, "Axel Luttgens" wrote: >>> >>> [...] >>> You could have a look at 'doveadm who' (http://wiki2.dovecot.org/Tools/Doveadm/Who). >>> >> >> I really should get around to upgrading.. > > :-) > > Now, there are still the more generic ways, yet probably requiring a bit more guesswork; for example, assuming binary lsof is available on your system: > > sudo lsof -n -i :imap,pop3 Handy. Thanks. Of course it only works in the instant I get the message (which isn't always apparent from the client). > On the other hand, I don't remember exactly what happens when that mail_max_userip_connections limit is hit; doesn't Dovecot log some hint that would allow you to track the "culprit"? Well, not that I could see - that's why I asked on the list :) That's not to say it isn't there, but all I see in the log is: Mar 12 13:47:12 mail dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections): user=, method=PLAIN, rip=127.0.0.1, secured I suppose this implies it's the webmail client., but even having that open on two different machines shouldn't open 10 connections. Should it? Simon From AxelLuttgens at swing.be Tue Mar 12 19:03:37 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Tue, 12 Mar 2013 18:03:37 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: Message-ID: <2AE879CC-D586-4F6D-A8E0-4F22E257BDBB@swing.be> Le 12 mars 2013 ? 17:18, Simon Brereton a ?crit : > [...] > > I suppose this implies it's the webmail client., So, to be sure: the webmail server is running on the same box as the one running Dovecot? > but even having that > open on two different machines shouldn't open 10 connections. Should > it? I tended to believe that usually, a webmail application tends to open/close connections sequentially, or to consecutively select relevant mailboxes within a single connection. But who knows... Which webmail app have you installed? When connecting to/making use of the webmail, you should at least see connect/disconnect entries written in Dovecot's log. Do they tend to overlap? Axel From paddy at paddyjoy.com Wed Mar 13 04:55:03 2013 From: paddy at paddyjoy.com (Patrick Joy) Date: Wed, 13 Mar 2013 13:55:03 +1100 Subject: [Dovecot] Limiting size of stored emails Message-ID: <513FEA87.8000303@paddyjoy.com> Hi, Would appreciate some advice on this issue. I'm running dovecot version 1.0.10 on ubuntu 8.04 LTS. Recently a user created a draft email in their client (outlook) and added a 4GB attachment. The email was uploaded to the draft imap folder on the server. After this the client would then go into a endless synchronisation loop every time outlook was opened. For example in the most recent case 400GB of data was downloaded to the client when the user left outlook synchronising for 5 days. I know this may be a bug with the client or client os however I would like to know if there is a way to limit the size of individual emails that can be stored in the imap store to prevent users creating huge drafts. There is no reason they should need an email draft of this size as it can never be sent through SMTP. Thanks From stan at hardwarefreak.com Wed Mar 13 06:07:25 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Tue, 12 Mar 2013 23:07:25 -0500 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <513FEA87.8000303@paddyjoy.com> References: <513FEA87.8000303@paddyjoy.com> Message-ID: <513FFB7D.5010005@hardwarefreak.com> On 3/12/2013 9:55 PM, Patrick Joy wrote: > Would appreciate some advice on this issue. > > I'm running dovecot version 1.0.10 on ubuntu 8.04 LTS. Ancient and no longer supported. Upgrade to the latest 1.2.x or 2.x that you can get from your distro ecosystem, or install from source if necessary. > Recently a user created a draft email in their client (outlook) and > added a 4GB attachment. The email was uploaded to the draft imap folder > on the server. After this the client would then go into a endless > synchronisation loop every time outlook was opened. For example in the > most recent case 400GB of data was downloaded to the client when the > user left outlook synchronising for 5 days. First, beat the user with a heavy clue stick whilst educating said user about sane attachment sizes, and use of things like FTP, burned DVD, thumb drives, etc, for large file transfers. > I know this may be a bug with the client or client os however I would > like to know if there is a way to limit the size of individual emails > that can be stored in the imap store to prevent users creating huge > drafts. There is no reason they should need an email draft of this size > as it can never be sent through SMTP. You cannot limit the size of individual emails written to IMAP folders AFAIK, but you can limit the size of folders. See: http://wiki.dovecot.org/Quota -- Stan From gp at holisticgp.com.au Wed Mar 13 06:11:31 2013 From: gp at holisticgp.com.au (Dr Michael Daly) Date: Wed, 13 Mar 2013 15:11:31 +1100 (EST) Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <513FFB7D.5010005@hardwarefreak.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> Message-ID: <41994.149.135.147.67.1363147891.squirrel@www.holisticgp.com.au> How can you safely upgrad dovecot? I am running an even earlier version. Re Message Size, if postfix is your MTA, in main.cfg you can set the parameter: message_size_limit = 5242880 #e.g. for 5 megs limit! HTH On 3/12/2013 9:55 PM, Patrick Joy wrote: > Would appreciate some advice on this issue. > > I'm running dovecot version 1.0.10 on ubuntu 8.04 LTS. Ancient and no longer supported. Upgrade to the latest 1.2.x or 2.x that you can get from your distro ecosystem, or install from source if necessary. > Recently a user created a draft email in their client (outlook) and > added a 4GB attachment. The email was uploaded to the draft imap folder > on the server. After this the client would then go into a endless > synchronisation loop every time outlook was opened. For example in the > most recent case 400GB of data was downloaded to the client when the > user left outlook synchronising for 5 days. First, beat the user with a heavy clue stick whilst educating said user about sane attachment sizes, and use of things like FTP, burned DVD, thumb drives, etc, for large file transfers. > I know this may be a bug with the client or client os however I would > like to know if there is a way to limit the size of individual emails > that can be stored in the imap store to prevent users creating huge > drafts. There is no reason they should need an email draft of this size > as it can never be sent through SMTP. You cannot limit the size of individual emails written to IMAP folders AFAIK, but you can limit the size of folders. See: http://wiki.dovecot.org/Quota -- Stan Dr Michael Daly MB, BS GradDip(Integrative Medicine), GradCert(Evidence Based Practice), M Bus(Information Innovation), GradDip(Document Management) 03 9521 0352 0413 879 029 From paddy at paddyjoy.com Wed Mar 13 06:30:58 2013 From: paddy at paddyjoy.com (Patrick Joy) Date: Wed, 13 Mar 2013 15:30:58 +1100 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <513FFB7D.5010005@hardwarefreak.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> Message-ID: <51400102.9010608@paddyjoy.com> Thanks for the reply. I have been putting off an upgrade as I need to upgrade the complete OS which is not a trivial task unfortunately but is inevitable. I may need to setup a nightly cron job to check for files bigger than xmb in the mail store for now. On 13/03/13 15:07, Stan Hoeppner wrote: > On 3/12/2013 9:55 PM, Patrick Joy wrote: > >> Would appreciate some advice on this issue. >> >> I'm running dovecot version 1.0.10 on ubuntu 8.04 LTS. > Ancient and no longer supported. Upgrade to the latest 1.2.x or 2.x > that you can get from your distro ecosystem, or install from source if > necessary. > >> Recently a user created a draft email in their client (outlook) and >> added a 4GB attachment. The email was uploaded to the draft imap folder >> on the server. After this the client would then go into a endless >> synchronisation loop every time outlook was opened. For example in the >> most recent case 400GB of data was downloaded to the client when the >> user left outlook synchronising for 5 days. > First, beat the user with a heavy clue stick whilst educating said user > about sane attachment sizes, and use of things like FTP, burned DVD, > thumb drives, etc, for large file transfers. > >> I know this may be a bug with the client or client os however I would >> like to know if there is a way to limit the size of individual emails >> that can be stored in the imap store to prevent users creating huge >> drafts. There is no reason they should need an email draft of this size >> as it can never be sent through SMTP. > You cannot limit the size of individual emails written to IMAP folders > AFAIK, but you can limit the size of folders. See: > > http://wiki.dovecot.org/Quota > From mysqlstudent at gmail.com Wed Mar 13 06:37:02 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 13 Mar 2013 00:37:02 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird Message-ID: Hi, I have an fc18 system with postfix and dovecot-2.1.13 and have configured them to use sasl for SMTP Auth and Maildir with imaps. The system is running now, so I'm trying to set up thunderbird to autodetect all settings during the initial account setup. However, it seems to want to use port 143 and STARTTLS, and not port 993, which is what I would expect. When I force it to use 993, I receive a certificate failure message: Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: initializing the server-side TLS engine Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: open smtpd TLS cache btree:/var/lib/postfix/smtpd_tls_session_cache Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: tlsmgr_cache_run_event: start TLS smtpd session cache cleanup Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: connect from unknown[192.168.1.43] Mar 12 23:20:45 propnew dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.1.43, lip=66.111.222.101, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42, session= Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: lost connection after CONNECT from unknown[192.168.1.43] These are self-signed certs created using dovecot's mkcert.sh script. Is this a problem with the cert or with the dovecot configuration? Is it conventional to use port 143 for encrypted IMAP connections these days, and not just 993? I'm finding that port 25 works with TLS and postfix now too, not just port 587, so I'm really confused. I've included my doveconf output below. I'd appreciate it if someone could review it for me to be sure. # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.8.1-201.fc18.x86_64 x86_64 Fedora release 18 (Spherical Cow) ext4 auth_debug = yes auth_mechanisms = plain login auth_verbose = yes default_client_limit = 2000 disable_plaintext_auth = no lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_debug = yes mail_location = maildir:/home/%u/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { port = 993 ssl = yes } process_min_avail = 20 service_count = 0 } ssl_cert = References: Message-ID: Hi, > I have an fc18 system with postfix and dovecot-2.1.13 and have > configured them to use sasl for SMTP Auth and Maildir with imaps. > > The system is running now, so I'm trying to set up thunderbird to > autodetect all settings during the initial account setup. However, it > seems to want to use port 143 and STARTTLS, and not port 993, which is > what I would expect. When I force it to use 993, I receive a > certificate failure message: > > Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: initializing > the server-side TLS engine > Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: open smtpd TLS cache > btree:/var/lib/postfix/smtpd_tls_session_cache > Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: tlsmgr_cache_run_event: > start TLS smtpd session cache cleanup > Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: connect from > unknown[192.168.1.43] > Mar 12 23:20:45 propnew dovecot: imap-login: Disconnected (no auth > attempts in 0 secs): user=<>, rip=192.168.1.43, lip=66.111.222.101, > TLS: SSL_read() failed: error:14094412:SSL > routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number > 42, session= After doing a bit more research, it looks like it's failing because Thunderbird doesn't prompt to accept the self-signed certificate during the "auto config" part of the setup, so just falls back to using port 143. Although I think it's still using TLS on 143. I'm really hoping someone can help me to clarify more specifically what's going on here. Thanks, Alex From stan at hardwarefreak.com Wed Mar 13 07:28:37 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 13 Mar 2013 00:28:37 -0500 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <51400102.9010608@paddyjoy.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> <51400102.9010608@paddyjoy.com> Message-ID: <51400E85.4060007@hardwarefreak.com> On 3/12/2013 11:30 PM, Patrick Joy wrote: > Thanks for the reply. > > I have been putting off an upgrade as I need to upgrade the complete OS > which is not a trivial task unfortunately but is inevitable. Debian is designed for rolling upgrades, thus Ubuntu should be as well. They're painless on Debian so I would assume the same for Ubuntu. Which begs the question: why have not been doing rolling upgrades given your platform is specifically designed for such a model? > I may need to setup a nightly cron job to check for files bigger than > xmb in the mail store for now. Probably a good idea. As well as educating the user who attached a 4GB file. That's just plain nuts and smacks of ignorance. Honestly I'm surprised Outlook didn't crash when attaching such a file. -- Stan > On 13/03/13 15:07, Stan Hoeppner wrote: >> On 3/12/2013 9:55 PM, Patrick Joy wrote: >> >>> Would appreciate some advice on this issue. >>> >>> I'm running dovecot version 1.0.10 on ubuntu 8.04 LTS. >> Ancient and no longer supported. Upgrade to the latest 1.2.x or 2.x >> that you can get from your distro ecosystem, or install from source if >> necessary. >> >>> Recently a user created a draft email in their client (outlook) and >>> added a 4GB attachment. The email was uploaded to the draft imap folder >>> on the server. After this the client would then go into a endless >>> synchronisation loop every time outlook was opened. For example in the >>> most recent case 400GB of data was downloaded to the client when the >>> user left outlook synchronising for 5 days. >> First, beat the user with a heavy clue stick whilst educating said user >> about sane attachment sizes, and use of things like FTP, burned DVD, >> thumb drives, etc, for large file transfers. >> >>> I know this may be a bug with the client or client os however I would >>> like to know if there is a way to limit the size of individual emails >>> that can be stored in the imap store to prevent users creating huge >>> drafts. There is no reason they should need an email draft of this size >>> as it can never be sent through SMTP. >> You cannot limit the size of individual emails written to IMAP folders >> AFAIK, but you can limit the size of folders. See: >> >> http://wiki.dovecot.org/Quota >> > From stan at hardwarefreak.com Wed Mar 13 07:51:31 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 13 Mar 2013 00:51:31 -0500 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: Message-ID: <514013E3.8070803@hardwarefreak.com> On 3/13/2013 12:00 AM, Alex wrote: > Hi, Hi "Alex" >> I have an fc18 system with postfix and dovecot-2.1.13 and have >> configured them to use sasl for SMTP Auth and Maildir with imaps. >> >> The system is running now, so I'm trying to set up thunderbird to >> autodetect all settings during the initial account setup. However, it >> seems to want to use port 143 and STARTTLS, and not port 993, which is >> what I would expect. When I force it to use 993, I receive a >> certificate failure message: >> >> Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: initializing >> the server-side TLS engine >> Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: open smtpd TLS cache >> btree:/var/lib/postfix/smtpd_tls_session_cache >> Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: tlsmgr_cache_run_event: >> start TLS smtpd session cache cleanup >> Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: connect from >> unknown[192.168.1.43] >> Mar 12 23:20:45 propnew dovecot: imap-login: Disconnected (no auth >> attempts in 0 secs): user=<>, rip=192.168.1.43, lip=66.111.222.101, >> TLS: SSL_read() failed: error:14094412:SSL >> routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number >> 42, session= > > After doing a bit more research, it looks like it's failing because > Thunderbird doesn't prompt to accept the self-signed certificate > during the "auto config" part of the setup, so just falls back to > using port 143. > > Although I think it's still using TLS on 143. I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without first accepting the self signed cert. > I'm really hoping someone can help me to clarify more specifically > what's going on here. You've already clarified it. You simply can't do account auto configuration with a self signed cert, at least not with a vanilla TB setup. The only possible solution I can think of would be to preload the user profile with the certificate. I don't know how you'd do this. I think you have some research ahead of you. -- Stan From professa at dementianati.com Wed Mar 13 08:31:02 2013 From: professa at dementianati.com (Professa Dementia) Date: Tue, 12 Mar 2013 23:31:02 -0700 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <514013E3.8070803@hardwarefreak.com> References: <514013E3.8070803@hardwarefreak.com> Message-ID: <51401D26.1070002@dementianati.com> > I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without > first accepting the self signed cert. > >> I'm really hoping someone can help me to clarify more specifically >> what's going on here. > > You've already clarified it. You simply can't do account auto > configuration with a self signed cert, at least not with a vanilla TB > setup. The only possible solution I can think of would be to preload > the user profile with the certificate. I don't know how you'd do this. > I think you have some research ahead of you. > You can. 1) Select Menu Tools > Account Settings... 2) Below the left pane click the Account Actions button, then select Add Mail Account... 3) Fill in the first name and email address. Uncheck Remember password and leave the password field blank. Click the Continue button. 4) VERY QUICKLY!!! As soon as the next window opens, click the Manual Config button at the bottom. 5) Fill in the proper data. Under SSL select None and None. Under Authentication, select Normal Password for both fields. 6) Make sure the ports have real numbers, not Auto. For POP use 110, for IMAP use 143, for SMTP use 25. 7) The "Done" button should undim and be clickable. Click it. 8) You will get a red window warning about no encryption. Check the "I understand ..." box and click Done. 9) Select the account you just created in the left pane, then fix all the settings to use SSL, etc. Dem From paddy at paddyjoy.com Wed Mar 13 10:38:08 2013 From: paddy at paddyjoy.com (Patrick Joy) Date: Wed, 13 Mar 2013 19:38:08 +1100 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <51400E85.4060007@hardwarefreak.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> <51400102.9010608@paddyjoy.com> <51400E85.4060007@hardwarefreak.com> Message-ID: <51403AF0.6030807@paddyjoy.com> On 13/03/13 16:28, Stan Hoeppner wrote: > On 3/12/2013 11:30 PM, Patrick Joy wrote: >> Thanks for the reply. >> >> I have been putting off an upgrade as I need to upgrade the complete OS >> which is not a trivial task unfortunately but is inevitable. > Debian is designed for rolling upgrades, thus Ubuntu should be as well. > They're painless on Debian so I would assume the same for Ubuntu. > Which begs the question: why have not been doing rolling upgrades given > your platform is specifically designed for such a model? My provider has me over a barrel on this one. My server is a large VPS and the provider is running an old kernel that isn't supported by the latest versions of Ubuntu/Debian. To upgrade I need to move to a different platform which costs more and will involve moving everything. The move needs to happen I'm just procrastinating. > >> I may need to setup a nightly cron job to check for files bigger than >> xmb in the mail store for now. > Probably a good idea. As well as educating the user who attached a 4GB > file. That's just plain nuts and smacks of ignorance. Honestly I'm > surprised Outlook didn't crash when attaching such a file. It's always hard to educate them when they are paying customers but I will try. From stan at hardwarefreak.com Wed Mar 13 11:06:26 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 13 Mar 2013 04:06:26 -0500 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <51403AF0.6030807@paddyjoy.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> <51400102.9010608@paddyjoy.com> <51400E85.4060007@hardwarefreak.com> <51403AF0.6030807@paddyjoy.com> Message-ID: <51404192.1040405@hardwarefreak.com> On 3/13/2013 3:38 AM, Patrick Joy wrote: > On 13/03/13 16:28, Stan Hoeppner wrote: >> On 3/12/2013 11:30 PM, Patrick Joy wrote: >>> Thanks for the reply. >>> >>> I have been putting off an upgrade as I need to upgrade the complete OS >>> which is not a trivial task unfortunately but is inevitable. >> Debian is designed for rolling upgrades, thus Ubuntu should be as well. >> They're painless on Debian so I would assume the same for Ubuntu. >> Which begs the question: why have not been doing rolling upgrades given >> your platform is specifically designed for such a model? > My provider has me over a barrel on this one. My server is a large VPS > and the provider is running an old kernel that isn't supported by the > latest versions of Ubuntu/Debian. To upgrade I need to move to a > different platform which costs more and will involve moving everything. > The move needs to happen I'm just procrastinating. This is a classic example of why it's almost always better to own your own box and colocate it, especially if you have paying customers. Yes, it costs more, but having full control of the system is worth the added rent. And for a 1U chassis it's actually pretty cheap to colo at many facilities. The problem is finding one within sane driving distance with low prices. >>> I may need to setup a nightly cron job to check for files bigger than >>> xmb in the mail store for now. >> Probably a good idea. As well as educating the user who attached a 4GB >> file. That's just plain nuts and smacks of ignorance. Honestly I'm >> surprised Outlook didn't crash when attaching such a file. > It's always hard to educate them when they are paying customers but I > will try. Your problem here is lack of a TOS agreement. If you're providing a paid service you should already have one. In that TOS you spell out what is/not allowed or supported by your service, such as 4GB attachments. -- Stan From simon.buongiorno at gmail.com Wed Mar 13 11:37:25 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Wed, 13 Mar 2013 10:37:25 +0100 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: <2AE879CC-D586-4F6D-A8E0-4F22E257BDBB@swing.be> References: <2AE879CC-D586-4F6D-A8E0-4F22E257BDBB@swing.be> Message-ID: On 12 March 2013 18:03, Axel Luttgens wrote: > Le 12 mars 2013 ? 17:18, Simon Brereton a ?crit : > >> [...] >> >> I suppose this implies it's the webmail client., > > So, to be sure: the webmail server is running on the same box as the one running Dovecot? Si. Yes. >> but even having that >> open on two different machines shouldn't open 10 connections. Should >> it? > > I tended to believe that usually, a webmail application tends to open/close connections sequentially, or to consecutively select relevant mailboxes within a single connection. But who knows... > Which webmail app have you installed? I believe that as well, especially as I don't have tons of folders (some of my users do). I'm using Horde. > When connecting to/making use of the webmail, you should at least see connect/disconnect entries written in Dovecot's log. > Do they tend to overlap? With two machine and two phones, it's difficult to keep track of that - but I will try. To avoid that I was hoping there was a way to print out in table form which connections for which user were from where. And so now I have another reason to upgrade. I need to fix the mess I made with postfix first though. Simon From lst_hoe02 at kwsoft.de Wed Mar 13 12:15:54 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Wed, 13 Mar 2013 10:15:54 +0000 Subject: [Dovecot] Converting from Cyrus -> Dovecot sdbox Message-ID: <20130313101554.Horde.Pf_3QY45CkiI0KGCejNbWA1@horde4.hq.kwsoft.de> Hello we like to convert a IMAP server with Cyrus 2.2 to Dovecot 2.0.19 and sdbox mail format. From what i have read until now this is a two stage process with converting first from Cyrus to (Dovecot) maildir with for example cyrus2dovecot and than with dsync from maildir to sdbox. Is this correct or are there other possibilities to go in one step from Cyrus format to sdbox? Regards Andreas From CMarcus at Media-Brokers.com Wed Mar 13 12:26:41 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 13 Mar 2013 06:26:41 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: Message-ID: <51405461.6090003@Media-Brokers.com> On 2013-03-13 12:37 AM, Alex wrote: > Is it conventional to use port 143 for encrypted IMAP connections > these days, and not just 993? Port 143 uses STARTTLS, port 993 uses SSL/TLS... been that way for a long time, and yes there is a (slight) difference. STARTTLS *begins* as an unencrypted session, but immediately negotiates the encrypted session. SSL is encrypted from the very beginning of the connection. > I'm finding that port 25 works with TLS and postfix now too, not just > port 587, so I'm really confused. Both ports 25 and 587 have always worked with STARTTLS... although unless you have a very, very specific need, you will never FORCE STARTTLS on port 25, unlike port 587 where you (should) always *require* it. -- Best regards, Charles From CMarcus at Media-Brokers.com Wed Mar 13 12:29:52 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 13 Mar 2013 06:29:52 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <51401D26.1070002@dementianati.com> References: <514013E3.8070803@hardwarefreak.com> <51401D26.1070002@dementianati.com> Message-ID: <51405520.7030805@Media-Brokers.com> Interesting, thanks Prof. Looks like I have some experimenting to do to see what about:config options this sets, so I can add them to my list. On 2013-03-13 2:31 AM, Professa Dementia wrote: > >> I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without >> first accepting the self signed cert. >> >>> I'm really hoping someone can help me to clarify more specifically >>> what's going on here. >> >> You've already clarified it. You simply can't do account auto >> configuration with a self signed cert, at least not with a vanilla TB >> setup. The only possible solution I can think of would be to preload >> the user profile with the certificate. I don't know how you'd do this. >> I think you have some research ahead of you. >> > > > You can. > > 1) Select Menu Tools > Account Settings... > > 2) Below the left pane click the Account Actions button, then select > Add Mail Account... > > 3) Fill in the first name and email address. Uncheck Remember > password and leave the password field blank. Click the Continue button. > > 4) VERY QUICKLY!!! As soon as the next window opens, click the Manual > Config button at the bottom. > > 5) Fill in the proper data. Under SSL select None and None. Under > Authentication, select Normal Password for both fields. > > 6) Make sure the ports have real numbers, not Auto. For POP use 110, > for IMAP use 143, for SMTP use 25. > > 7) The "Done" button should undim and be clickable. Click it. > > 8) You will get a red window warning about no encryption. Check the > "I understand ..." box and click Done. > > 9) Select the account you just created in the left pane, then fix all > the settings to use SSL, etc. > > > Dem > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax From philip at turmel.org Wed Mar 13 15:01:18 2013 From: philip at turmel.org (Phil Turmel) Date: Wed, 13 Mar 2013 09:01:18 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <514013E3.8070803@hardwarefreak.com> References: <514013E3.8070803@hardwarefreak.com> Message-ID: <5140789E.7010408@turmel.org> On 03/13/2013 01:51 AM, Stan Hoeppner wrote: > On 3/13/2013 12:00 AM, Alex wrote: > I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without > first accepting the self signed cert. > >> I'm really hoping someone can help me to clarify more specifically >> what's going on here. > > You've already clarified it. You simply can't do account auto > configuration with a self signed cert, at least not with a vanilla TB > setup. The only possible solution I can think of would be to preload > the user profile with the certificate. I don't know how you'd do this. > I think you have some research ahead of you. It's relatively easy. On first starting TB with no account, cancel the wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> "Options..." to get to TB's configuration pages. There, use "Advanced" -> "Certificates" -> "View Certificates" -> "Servers" and finally "Import..." After you've imported the needed cert, you can re-open the wizard with "Create new account". You can also use this method to import a self-signed certificate authority if you want to run your own signing operation. Phil From paddy at paddyjoy.com Wed Mar 13 15:07:02 2013 From: paddy at paddyjoy.com (Patrick Joy) Date: Thu, 14 Mar 2013 00:07:02 +1100 Subject: [Dovecot] Limiting size of stored emails In-Reply-To: <51404192.1040405@hardwarefreak.com> References: <513FEA87.8000303@paddyjoy.com> <513FFB7D.5010005@hardwarefreak.com> <51400102.9010608@paddyjoy.com> <51400E85.4060007@hardwarefreak.com> <51403AF0.6030807@paddyjoy.com> <51404192.1040405@hardwarefreak.com> Message-ID: <514079F6.8050501@paddyjoy.com> Thanks great advice, while I don't have the resources to go colo at the moment a dedicated server would work much better, and I will start writing a TOS! On 13/03/13 20:06, Stan Hoeppner wrote: > On 3/13/2013 3:38 AM, Patrick Joy wrote: >> On 13/03/13 16:28, Stan Hoeppner wrote: >>> On 3/12/2013 11:30 PM, Patrick Joy wrote: >>>> Thanks for the reply. >>>> >>>> I have been putting off an upgrade as I need to upgrade the complete OS >>>> which is not a trivial task unfortunately but is inevitable. >>> Debian is designed for rolling upgrades, thus Ubuntu should be as well. >>> They're painless on Debian so I would assume the same for Ubuntu. >>> Which begs the question: why have not been doing rolling upgrades given >>> your platform is specifically designed for such a model? >> My provider has me over a barrel on this one. My server is a large VPS >> and the provider is running an old kernel that isn't supported by the >> latest versions of Ubuntu/Debian. To upgrade I need to move to a >> different platform which costs more and will involve moving everything. >> The move needs to happen I'm just procrastinating. > This is a classic example of why it's almost always better to own your > own box and colocate it, especially if you have paying customers. Yes, > it costs more, but having full control of the system is worth the added > rent. And for a 1U chassis it's actually pretty cheap to colo at many > facilities. The problem is finding one within sane driving distance > with low prices. > >>>> I may need to setup a nightly cron job to check for files bigger than >>>> xmb in the mail store for now. >>> Probably a good idea. As well as educating the user who attached a 4GB >>> file. That's just plain nuts and smacks of ignorance. Honestly I'm >>> surprised Outlook didn't crash when attaching such a file. >> It's always hard to educate them when they are paying customers but I >> will try. > Your problem here is lack of a TOS agreement. If you're providing a > paid service you should already have one. In that TOS you spell out > what is/not allowed or supported by your service, such as 4GB attachments. > From delrio at mie.utoronto.ca Wed Mar 13 16:26:22 2013 From: delrio at mie.utoronto.ca (Oscar del Rio) Date: Wed, 13 Mar 2013 10:26:22 -0400 Subject: [Dovecot] mail_max_userip_connections In-Reply-To: References: <2AE879CC-D586-4F6D-A8E0-4F22E257BDBB@swing.be> Message-ID: <51408C8E.1050106@mie.utoronto.ca> On 03/13/13 05:37 AM, Simon Brereton wrote: > On 12 March 2013 18:03, Axel Luttgens wrote: >> Le 12 mars 2013 ? 17:18, Simon Brereton a ?crit : >> >>> [...] >>> >>> I suppose this implies it's the webmail client., >> So, to be sure: the webmail server is running on the same box as the one running Dovecot? > Si. Yes. > >>> but even having that >>> open on two different machines shouldn't open 10 connections. Should >>> it? >> I tended to believe that usually, a webmail application tends to open/close connections sequentially, or to consecutively select relevant mailboxes within a single connection. But who knows... >> Which webmail app have you installed? > I believe that as well, especially as I don't have tons of folders > (some of my users do). I'm using Horde. Try imapproxy for Horde. It would keep a single connection to Dovecot open during a webmail session. http://www.horde.org/apps/imp/docs/PERFORMANCE Since Horde and Dovecot are on the same server, you can configure imapproxy on a different port, e.g. 1143. Horde -> imapproxyd (port 1143) -> Dovecot (port 143) From hardyjm at potsdam.edu Wed Mar 13 19:25:05 2013 From: hardyjm at potsdam.edu (Jeff Hardy) Date: 13 Mar 2013 13:25:05 -0400 Subject: [Dovecot] Qmail-LDAP/Dovecot Cluster Message-ID: <5140B671.1080301@potsdam.edu> Hello, I have worked with qmail-ldap and Dovecot for a number of years, and recently wrote up a piece going into great detail about all aspects of our environment. It currently supports a rather small installation of ~10K active users. If it should be of interest: http://fritz.potsdam.edu/projects/email It is intended primarily for system administrators or mail administrators interested in building mail infrastructure on top of open-source technologies, and is inspired by the likes of Life with qmail. Topics include storage, backup, directory integration, local and remote mail exchange, checkpassword SMTP-Auth and Dovecot login, RBLs, content-scanning and anti-spam, quarantine, webmail, etc. Full installation directions and configuration stanzas are provided for nearly every piece of the infrastructure. Comments/criticism welcome. Cheers. -Jeff -- Jeffrey M Hardy Network / Systems Administrator hardyjm at potsdam.edu From dbrooks at mdah.state.ms.us Wed Mar 13 20:51:12 2013 From: dbrooks at mdah.state.ms.us (Donny Brooks) Date: Wed, 13 Mar 2013 13:51:12 -0500 Subject: [Dovecot] Sieve mark message as read Message-ID: <2fc5-5140ca80-44d-ff80cc0@72640969> I am trying to get the advanced functionality of managesieve working for our users. If this is not the proper place to ask this, please just say so. I have enabled sieve and it works just fine for basic moving messages to folders. However the problem comes in to play when a user selects something like "delete" or "mark as read" in the filter. It just simply does not do that function. I have installed the imapflags and imap4flags and added the needed parts to the dovecot config but it still does not seem to work. We are running Centos 6.3 with dovecot-2.0.9-2.el6_1.1.x86_64 and dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64 installed. What could I be missing to make this work? -- Donny B. From rs at sys4.de Wed Mar 13 21:43:42 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 13 Mar 2013 20:43:42 +0100 Subject: [Dovecot] Sieve mark message as read In-Reply-To: <2fc5-5140ca80-44d-ff80cc0@72640969> References: <2fc5-5140ca80-44d-ff80cc0@72640969> Message-ID: <5140D6EE.8030602@sys4.de> Am 13.03.2013 19:51, schrieb Donny Brooks: > I am trying to get the advanced functionality of managesieve working for our users. If this is not the proper place to ask this, please just say so. I have enabled sieve and it works just fine for basic moving messages to folders. However the problem comes in to play when a user selects something like "delete" or "mark as read" in the filter. It just simply does not do that function. I have installed the imapflags and imap4flags and added the needed parts to the dovecot config but it still does not seem to work. We are running Centos 6.3 with dovecot-2.0.9-2.el6_1.1.x86_64 and dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64 installed. What could I be missing to make this work? > try http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration?highlight=%28flags%29 sieve_extensions = Which Sieve language extensions are available to users. By default, all supported extensions are available, except for deprecated extensions, extensions that require explicit configuration or those that are still under development. Some system administrators may want to disable certain Sieve extensions or enable those that are not available by default. All supported extensions are listed here. Normally, all enabled extensions must be listed for this setting, but starting with Sieve version 0.1.7, this setting can use '+' and '-' to specify differences relative to the default. For example sieve_extensions = +imapflags will enable the deprecated imapflags extension in addition to all extensions enabled by default. ... >From CMUSieve (Dovecot v1.0/v1.1) For the most part, migration from CMUSieve to Pigeonhole Sieve is just a matter of changing the used plugin name from cmusieve to sieve in the mail_plugins option in the protocol lda section of the config file (as explained above). However, there are a few important differences in the supported Sieve language features: The imapflags extension is now called imap4flags. The CMUSieve implementation is based on an old draft specification that is not completely compatible with the new version. Particularly, the mark and unmark commands were removed from the new specification. For backwards compatibility, support for the old imapflags extension can be enabled using the sieve_extensions setting (as explained above). This is disabled by default. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dbrooks at mdah.state.ms.us Wed Mar 13 22:28:01 2013 From: dbrooks at mdah.state.ms.us (Donny Brooks) Date: Wed, 13 Mar 2013 15:28:01 -0500 Subject: [Dovecot] Sieve mark message as read In-Reply-To: <5140D6EE.8030602@sys4.de> Message-ID: <34be-5140e180-f-687e6280@39203190> On Wednesday, March 13, 2013 02:43 PM CDT, Robert Schetterer wrote: > Am 13.03.2013 19:51, schrieb Donny Brooks: > > I am trying to get the advanced functionality of managesieve working for our users. If this is not the proper place to ask this, please just say so. I have enabled sieve and it works just fine for basic moving messages to folders. However the problem comes in to play when a user selects something like "delete" or "mark as read" in the filter. It just simply does not do that function. I have installed the imapflags and imap4flags and added the needed parts to the dovecot config but it still does not seem to work. We are running Centos 6.3 with dovecot-2.0.9-2.el6_1.1.x86_64 and dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64 installed. What could I be missing to make this work? > > > > try > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration?highlight=%28flags%29 > > sieve_extensions = > > Which Sieve language extensions are available to users. By default, > all supported extensions are available, except for deprecated > extensions, extensions that require explicit configuration or those that > are still under development. Some system administrators may want to > disable certain Sieve extensions or enable those that are not available > by default. All supported extensions are listed here. Normally, all > enabled extensions must be listed for this setting, but starting with > Sieve version 0.1.7, this setting can use '+' and '-' to specify > differences relative to the default. For example sieve_extensions = > +imapflags will enable the deprecated imapflags extension in addition to > all extensions enabled by default. > > ... > > From CMUSieve (Dovecot v1.0/v1.1) > > For the most part, migration from CMUSieve to Pigeonhole Sieve is just a > matter of changing the used plugin name from cmusieve to sieve in the > mail_plugins option in the protocol lda section of the config file (as > explained above). However, there are a few important differences in the > supported Sieve language features: > > The imapflags extension is now called imap4flags. The CMUSieve > implementation is based on an old draft specification that is not > completely compatible with the new version. Particularly, the mark and > unmark commands were removed from the new specification. For backwards > compatibility, support for the old imapflags extension can be enabled > using the sieve_extensions setting (as explained above). This is > disabled by default. > > Best Regards > MfG Robert Schetterer > > -- > [*] sys4 AG > > http://sys4.de, +49 (89) 30 90 46 64 > Franziskanerstra?e 15, 81669 M?nchen > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > Aufsichtsratsvorsitzender: Joerg Heidrich Right, my line in /etc/dovecot/conf.d/90-sieve.conf looks like this: sieve_extensions = +notify +imap4flags +imapflags I have tried it without the +imapflags, leaving only the first two, also with same results. Part of my sieve script that has the "mark as seen" is as follows: if anyof (header :is "subject" "Check dd") { fileinto "Junk"; addflag "\\Seen"; } When I send myself an email from a different account with the subject "Check dd" it is properly filed in the Junk folder but it still remains unseen. Any ideas? -- Donny B. From dbrooks at mdah.state.ms.us Wed Mar 13 22:46:30 2013 From: dbrooks at mdah.state.ms.us (Donny Brooks) Date: Wed, 13 Mar 2013 15:46:30 -0500 Subject: [Dovecot] Sieve mark message as read In-Reply-To: <34be-5140e180-f-687e6280@39203190> Message-ID: <34cb-5140e580-13-3b486800@249351226> On Wednesday, March 13, 2013 03:28 PM CDT, "Donny Brooks" wrote: > > > > On Wednesday, March 13, 2013 02:43 PM CDT, Robert Schetterer wrote: > > > Am 13.03.2013 19:51, schrieb Donny Brooks: > > > I am trying to get the advanced functionality of managesieve working for our users. If this is not the proper place to ask this, please just say so. I have enabled sieve and it works just fine for basic moving messages to folders. However the problem comes in to play when a user selects something like "delete" or "mark as read" in the filter. It just simply does not do that function. I have installed the imapflags and imap4flags and added the needed parts to the dovecot config but it still does not seem to work. We are running Centos 6.3 with dovecot-2.0.9-2.el6_1.1.x86_64 and dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64 installed. What could I be missing to make this work? > > > > > > > try > > > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration?highlight=%28flags%29 > > > > sieve_extensions = > > > > Which Sieve language extensions are available to users. By default, > > all supported extensions are available, except for deprecated > > extensions, extensions that require explicit configuration or those that > > are still under development. Some system administrators may want to > > disable certain Sieve extensions or enable those that are not available > > by default. All supported extensions are listed here. Normally, all > > enabled extensions must be listed for this setting, but starting with> Sieve version 0.1.7, this setting can use '+' and '-' to specify > > differences relative to the default. For example sieve_extensions => +imapflags will enable the deprecated imapflags extension in addition to > > all extensions enabled by default. > > > > ... > > > > From CMUSieve (Dovecot v1.0/v1.1) > > > > For the most part, migration from CMUSieve to Pigeonhole Sieve is just a > > matter of changing the used plugin name from cmusieve to sieve in the> mail_plugins option in the protocol lda section of the config file (as > > explained above). However, there are a few important differences in the > > supported Sieve language features: > > > > The imapflags extension is now called imap4flags. The CMUSieve > > implementation is based on an old draft specification that is not > > completely compatible with the new version. Particularly, the mark and > > unmark commands were removed from the new specification. For backwards > > compatibility, support for the old imapflags extension can be enabled> using the sieve_extensions setting (as explained above). This is > > disabled by default. > > > > Best Regards > > MfG Robert Schetterer > > > > -- > > [*] sys4 AG > > > > http://sys4.de, +49 (89) 30 90 46 64 > > Franziskanerstra?e 15, 81669 M?nchen > > > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > > Aufsichtsratsvorsitzender: Joerg Heidrich > > > Right, my line in /etc/dovecot/conf.d/90-sieve.conf looks like this: > > sieve_extensions = +notify +imap4flags +imapflags > > I have tried it without the +imapflags, leaving only the first two, also with same results. Part of my sieve script that has the "mark as seen" is as follows: > > if anyof (header :is "subject" "Check dd") { > fileinto "Junk"; > addflag "\\Seen"; > } > > When I send myself an email from a different account with the subject "Check dd" it is properly filed in the Junk folder but it still remains unseen. Any ideas? > > -- > > Donny B. > I think I see part of my problem. I am using postfix and dovecot. So in the postfix main.cf I have this: mailbox_command = /usr/libexec/dovecot/deliver -a "$RECIPIENT" While that was fine when we were on the 1.X branch on our old mail server I think it needs to be changed to something more like this: mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" Ideas? -- Donny B. From dbrooks at mdah.state.ms.us Wed Mar 13 23:09:46 2013 From: dbrooks at mdah.state.ms.us (Donny Brooks) Date: Wed, 13 Mar 2013 16:09:46 -0500 Subject: [Dovecot] Sieve mark message as read In-Reply-To: <34cb-5140e580-13-3b486800@249351226> Message-ID: <34cd-5140eb00-1b-4f8c0f80@12829365> On Wednesday, March 13, 2013 03:46 PM CDT, "Donny Brooks" wrote: > > > > On Wednesday, March 13, 2013 03:28 PM CDT, "Donny Brooks" wrote: > > > > > > > > > On Wednesday, March 13, 2013 02:43 PM CDT, Robert Schetterer wrote: > > > > > Am 13.03.2013 19:51, schrieb Donny Brooks: > > > > I am trying to get the advanced functionality of managesieve working for our users. If this is not the proper place to ask this, please just say so. I have enabled sieve and it works just fine for basic moving messages to folders. However the problem comes in to play when a user selects something like "delete" or "mark as read" in the filter. It just simply does not do that function. I have installed the imapflags and imap4flags and added the needed parts to the dovecot config but it still does not seem to work. We are running Centos 6.3 with dovecot-2.0.9-2.el6_1.1.x86_64 and dovecot-pigeonhole-2.0.9-2.el6_1.1.x86_64 installed. What could I be missing to make this work? > > > > > > > > > > try > > > > > > http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration?highlight=%28flags%29 > > > > > > sieve_extensions = > > > > > > Which Sieve language extensions are available to users. By default, > > > all supported extensions are available, except for deprecated > > > extensions, extensions that require explicit configuration or those that > > > are still under development. Some system administrators may want to> > disable certain Sieve extensions or enable those that are not available > > > by default. All supported extensions are listed here. Normally, all> > enabled extensions must be listed for this setting, but starting with> Sieve version 0.1.7, this setting can use '+' and '-' to specify > > > differences relative to the default. For example sieve_extensions => +imapflags will enable the deprecated imapflags extension in addition to > > > all extensions enabled by default. > > > > > > ... > > > > > > From CMUSieve (Dovecot v1.0/v1.1) > > > > > > For the most part, migration from CMUSieve to Pigeonhole Sieve is just a > > > matter of changing the used plugin name from cmusieve to sieve in the> mail_plugins option in the protocol lda section of the config file (as > > > explained above). However, there are a few important differences in the > > > supported Sieve language features: > > > > > > The imapflags extension is now called imap4flags. The CMUSieve > > > implementation is based on an old draft specification that is not > > > completely compatible with the new version. Particularly, the mark and > > > unmark commands were removed from the new specification. For backwards > > > compatibility, support for the old imapflags extension can be enabled> using the sieve_extensions setting (as explained above). This is > > > disabled by default. > > > > > > Best Regards > > > MfG Robert Schetterer > > > > > > -- > > > [*] sys4 AG > > > > > > http://sys4.de, +49 (89) 30 90 46 64 > > > Franziskanerstra?e 15, 81669 M?nchen > > > > > > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > > > Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer > > > Aufsichtsratsvorsitzender: Joerg Heidrich > > > > > > Right, my line in /etc/dovecot/conf.d/90-sieve.conf looks like this: > > > > sieve_extensions = +notify +imap4flags +imapflags > > > > I have tried it without the +imapflags, leaving only the first two, also with same results. Part of my sieve script that has the "mark as seen" is as follows: > > > > if anyof (header :is "subject" "Check dd") { > > fileinto "Junk"; > > addflag "\\Seen"; > > } > > > > When I send myself an email from a different account with the subject "Check dd" it is properly filed in the Junk folder but it still remains unseen. Any ideas? > > > > -- > > > > Donny B. > > > > I think I see part of my problem. I am using postfix and dovecot. So in the postfix main.cf I have this: > > mailbox_command = /usr/libexec/dovecot/deliver -a "$RECIPIENT" > > While that was fine when we were on the 1.X branch on our old mail server I think it needs to be changed to something more like this: > > mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" > > Ideas? > > -- > > Donny B. > I found the issue I believe. Instead of my filter filing the message into the folder first then mark as seen I had to do the opposite. This is the proper syntax now: if anyof (header :is "subject" "Check dd") { addflag "\\Seen"; fileinto "Junk"; } Sorry for all the noise. -- Donny B. From kgc at corp.sonic.net Thu Mar 14 02:07:03 2013 From: kgc at corp.sonic.net (Kelsey Cummings) Date: Wed, 13 Mar 2013 17:07:03 -0700 Subject: [Dovecot] stats plugins causing dns lookup per connection In-Reply-To: <36762238-5569-4AA2-947F-ADDC2D25F7E6@swing.be> References: <513EB458.8030501@corp.sonic.net> <36762238-5569-4AA2-947F-ADDC2D25F7E6@swing.be> Message-ID: <514114A7.1020802@corp.sonic.net> On 03/12/13 06:58, Axel Luttgens wrote: > started for seemingly unrelated reasons, but ended with some form of cacheing of the results fetched with gethostbyname(). It is a bit odd that it would totally block unless DNS requests on your hosts weren't working at all - and even then, the requests would timeout eventually and unblock. > Which version of Dovecot are you running? 2.1.13 I see that caching is in 2.2 now too. Timo, if there are any other 2.1.x releases it'd be nice to get this back ported to it as well. -K From stan at hardwarefreak.com Thu Mar 14 02:27:08 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Wed, 13 Mar 2013 19:27:08 -0500 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <5140789E.7010408@turmel.org> References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> Message-ID: <5141195C.7060003@hardwarefreak.com> On 3/13/2013 8:01 AM, Phil Turmel wrote: > On 03/13/2013 01:51 AM, Stan Hoeppner wrote: >> On 3/13/2013 12:00 AM, Alex wrote: > >> I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without >> first accepting the self signed cert. >> >>> I'm really hoping someone can help me to clarify more specifically >>> what's going on here. >> >> You've already clarified it. You simply can't do account auto >> configuration with a self signed cert, at least not with a vanilla TB >> setup. The only possible solution I can think of would be to preload >> the user profile with the certificate. I don't know how you'd do this. >> I think you have some research ahead of you. > > It's relatively easy. On first starting TB with no account, cancel the > wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> > "Options..." to get to TB's configuration pages. There, use "Advanced" > -> "Certificates" -> "View Certificates" -> "Servers" and finally > "Import..." > > After you've imported the needed cert, you can re-open the wizard with > "Create new account". > > You can also use this method to import a self-signed certificate > authority if you want to run your own signing operation. How does he do this at scale Phil? That's what I was commenting on. Importing the cert manually into each client profile probably isn't a realistic option here. Alex is not a sysadmin but a solutions provider. He needs to drop the server in place and get out with minimal fuss, and without walking around to each user desktop at his clients' sites. Which is why Alex wanted to use auto configuration to begin with, I'd guess. So assuming these are MS Windows desktops, I'd think he'd need to use one of the Windows specific deployment tools to preload each user profile with the cert. That's why I said he had some research ahead of him. Unless someone here has that answer at hand. -- Stan From mysqlstudent at gmail.com Thu Mar 14 02:55:25 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 13 Mar 2013 20:55:25 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <5141195C.7060003@hardwarefreak.com> References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> Message-ID: Hi guys, >> It's relatively easy. On first starting TB with no account, cancel the >> wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> >> "Options..." to get to TB's configuration pages. There, use "Advanced" >> -> "Certificates" -> "View Certificates" -> "Servers" and finally >> "Import..." >> >> After you've imported the needed cert, you can re-open the wizard with >> "Create new account". >> >> You can also use this method to import a self-signed certificate >> authority if you want to run your own signing operation. > > How does he do this at scale Phil? All of these options suck, frankly. I should have mentioned, however, that this is only for the test server. There's an actual signed cert for the production server, which is really the same server. So, the test server is mail1.prop.example.com, which will be renamed to just mail.prop.example.com after the staff complete their test. The trouble is staff are basically end-users, so documenting these steps really sucks. That's where I'm at right now. The damn software works fine (thanks to everyone's help and clarifications); it's just finding the easiest way to convince them it's working that's become the problem. They're going to want screenshots, blah, blah, blah... I do have other questions (of course), but I'm still reading and absorbing all that everyone has written thus far. Had I had more time, I would have just made them create another cert for the test server, but I didn't anticipate the difficulty with thunderbird and/or outlook and using self-signed certs. Thanks, Alex From mysqlstudent at gmail.com Thu Mar 14 04:38:05 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 13 Mar 2013 22:38:05 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> Message-ID: Hi guys, >>> It's relatively easy. On first starting TB with no account, cancel the >>> wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> >>> "Options..." to get to TB's configuration pages. There, use "Advanced" >>> -> "Certificates" -> "View Certificates" -> "Servers" and finally >>> "Import..." >>> >>> After you've imported the needed cert, you can re-open the wizard with >>> "Create new account". >>> >>> You can also use this method to import a self-signed certificate >>> authority if you want to run your own signing operation. >> >> How does he do this at scale Phil? It appears that if you delete all the unsigned certs, then set up the account using all the proper ports and auth types, then just restart thunderbird, it works as expected. Upon restarting thunderbird, it will prompt you to "confirm security exception", then it automatically imports the cert for 993. It somehow seemed to automatically import the cert for 587. Can someone else confirm that restarting Thunderbird is a way around having to manually import the certs or change them later through the account settings menu? Does anyone have any experience with configuring Outlook to use self-signed certs? Thanks, Alex From simon.buongiorno at gmail.com Thu Mar 14 04:51:44 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Thu, 14 Mar 2013 03:51:44 +0100 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> Message-ID: On 14 Mar 2013 03:38, "Alex" wrote: > > Hi guys, > > >>> It's relatively easy. On first starting TB with no account, cancel the > >>> wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> > >>> "Options..." to get to TB's configuration pages. There, use "Advanced" > >>> -> "Certificates" -> "View Certificates" -> "Servers" and finally > >>> "Import..." > >>> > >>> After you've imported the needed cert, you can re-open the wizard with > >>> "Create new account". > >>> > >>> You can also use this method to import a self-signed certificate > >>> authority if you want to run your own signing operation. > >> > >> How does he do this at scale Phil? > > It appears that if you delete all the unsigned certs, then set up the > account using all the proper ports and auth types, then just restart > thunderbird, it works as expected. Upon restarting thunderbird, it > will prompt you to "confirm security exception", then it automatically > imports the cert for 993. It somehow seemed to automatically import > the cert for 587. > > Can someone else confirm that restarting Thunderbird is a way around > having to manually import the certs or change them later through the > account settings menu? > > Does anyone have any experience with configuring Outlook to use > self-signed certs? > > Thanks, > Alex Import it using internet explorer. Follow the prompts. http://www.google.com/search?hl=en&gl=GB&ie=UTF-8&q=outlook+self+signed+certificate++how-to Simon From noeldude at gmail.com Thu Mar 14 05:02:00 2013 From: noeldude at gmail.com (Noel) Date: Wed, 13 Mar 2013 22:02:00 -0500 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> Message-ID: <51413DA8.8020409@gmail.com> On 3/13/2013 9:38 PM, Alex wrote: > Hi guys, > >>>> It's relatively easy. On first starting TB with no account, cancel the >>>> wizard. The use "Edit" -> "Preferences" or "?" -> "Options..." -> >>>> "Options..." to get to TB's configuration pages. There, use "Advanced" >>>> -> "Certificates" -> "View Certificates" -> "Servers" and finally >>>> "Import..." >>>> >>>> After you've imported the needed cert, you can re-open the wizard with >>>> "Create new account". >>>> >>>> You can also use this method to import a self-signed certificate >>>> authority if you want to run your own signing operation. >>> How does he do this at scale Phil? > It appears that if you delete all the unsigned certs, then set up the > account using all the proper ports and auth types, then just restart > thunderbird, it works as expected. Upon restarting thunderbird, it > will prompt you to "confirm security exception", then it automatically > imports the cert for 993. It somehow seemed to automatically import > the cert for 587. > > Can someone else confirm that restarting Thunderbird is a way around > having to manually import the certs or change them later through the > account settings menu? > > Does anyone have any experience with configuring Outlook to use > self-signed certs? > > Thanks, > Alex This sounds like you're working on a fairly big project, so spend $20 and 15 minutes to get a REAL certificate for the test domain from one of the countless online vendors. Surely your time is worth something --- you've spent two days futzing around with this already, and aren't done yet. -- Noel Jones From mysqlstudent at gmail.com Thu Mar 14 05:23:01 2013 From: mysqlstudent at gmail.com (Alex) Date: Wed, 13 Mar 2013 23:23:01 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <51413DA8.8020409@gmail.com> References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> <51413DA8.8020409@gmail.com> Message-ID: Hi, >> Can someone else confirm that restarting Thunderbird is a way around >> having to manually import the certs or change them later through the >> account settings menu? >> >> Does anyone have any experience with configuring Outlook to use >> self-signed certs? > > > This sounds like you're working on a fairly big project, so spend > $20 and 15 minutes to get a REAL certificate for the test domain > from one of the countless online vendors. Yeah, tell me about it. The problem is politics and the difference between when the project is expected to be done and the amount of time involved with getting the certificate, explaining what is needed, etc. It still might be worth it, though. I'll send them an email and see what they say. Thanks, Alex From noeldude at gmail.com Thu Mar 14 05:36:59 2013 From: noeldude at gmail.com (Noel) Date: Wed, 13 Mar 2013 22:36:59 -0500 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> <51413DA8.8020409@gmail.com> Message-ID: <514145DB.6030401@gmail.com> On 3/13/2013 10:23 PM, Alex wrote: > Hi, > >>> Can someone else confirm that restarting Thunderbird is a way around >>> having to manually import the certs or change them later through the >>> account settings menu? >>> >>> Does anyone have any experience with configuring Outlook to use >>> self-signed certs? >> >> This sounds like you're working on a fairly big project, so spend >> $20 and 15 minutes to get a REAL certificate for the test domain >> from one of the countless online vendors. > Yeah, tell me about it. The problem is politics and the difference > between when the project is expected to be done and the amount of time > involved with getting the certificate, explaining what is needed, etc. > > It still might be worth it, though. I'll send them an email and see > what they say. > > Thanks, > Alex If they're paying you for this, it's worth $20 out of pocket to just get it done and out of your hair. If they're not paying you, tell them you need to borrow a credit card and they can watch. https://www.rapidsslonline.com/ less than $20/year, takes literally 15 minutes from start to having a certificate. Well, maybe 30 minutes the first time when you need to read everything. There are probably dozens of other sites offering similar services; I've used this one several times. -- Noel Jones From pvsuja at gmail.com Thu Mar 14 07:41:50 2013 From: pvsuja at gmail.com (pvsuja) Date: Wed, 13 Mar 2013 22:41:50 -0700 (PDT) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <51399992.1020401@softjury.de> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> Message-ID: <1363239710512-40763.post@n4.nabble.com> Hi Jan, Thanks for your response and Sorry for this late reply. I was out of station. And my question is why my mail client is sending the auth details in plain text? how will i make sure, auth is done after starttls only? -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40763.html Sent from the Dovecot mailing list archive at Nabble.com. From andre.rodier at gmail.com Thu Mar 14 08:54:15 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Thu, 14 Mar 2013 06:54:15 +0000 Subject: [Dovecot] Panic when indexing virtual folder with solr Message-ID: <20130314065415.GA8318@london.s2end.co.uk> Hello Timo and everyone, I am using dovecot 2.1 on debian7 with the fts-solr plugin, and everything is working fine. I have a Virtual folder with all emails, and when I run a doveadm index, I have an error if I don't index real folders first. Example: doveadm -v index -u 'andre rodier' 'Search/*' => Panic: file solr-connection.c: line 416 (solr_connection_select): assertion failed: (!conn->posting) Now, if I rune the doveadm index on the real folders first, the next time I do the index on the virtual folder, everything is fine: doveadm -v index -u 'andre rodier' '*' doveadm -v index -u 'andre rodier' 'Search/*' I wonder if dovecot can run the index on the real folder instead of displaying this error? I hope that will help. From jg at softjury.de Thu Mar 14 11:13:26 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Thu, 14 Mar 2013 10:13:26 +0100 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1363239710512-40763.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> Message-ID: <514194B6.7010900@softjury.de> Am 14.03.2013 06:41, schrieb pvsuja: > Hi Jan, > > Thanks for your response and Sorry for this late reply. I was out of > station. > > And my question is why my mail client is sending the auth details in plain > text? Configuration? I don't know which client you use, but in my Thunderbird you can configure between "Password, normal (plain), Crypted, Kerberos, NTLM, TLS-Certificate" (Hope this is correctly translated). Here i use "Password, normal". Also i can configure how the client talk the server "Connection Security: Unsecure, STARTTLS, SSL/TLS" which is set to "SSL / TLS". > how will i make sure, auth is done after starttls only? Trust your client? Don't trust your client and listen with wireshark? Use "SSL / TLS" from the beginning? Tell us your client, I think that would help. Greetings, Jan From jg at softjury.de Thu Mar 14 11:15:28 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Thu, 14 Mar 2013 10:15:28 +0100 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1363239710512-40763.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> Message-ID: <51419530.8040004@softjury.de> Small correction: Am 14.03.2013 06:41, schrieb pvsuja: > how will i make sure, auth is done after starttls only? > In proxy: > /mailproxy dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 > secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> your proxy says that the authentication was going over TLS. :) From cryptodan at gmail.com Thu Mar 14 04:50:30 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Wed, 13 Mar 2013 22:50:30 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot Message-ID: All, Thank you for having this list, and I have a question regarding why postfix is not handing off delivery to Dovecot to virtual users. Here is all I can offer since I am not at my server: *Here is the debug information for my postfix setup:* [code] Mar 13 20:23:55 andromeda postfix/smtpd[15316]: name_mask: ipv4 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: inet_addr_local: configured 2 IPv4 addresses Mar 13 20:23:55 andromeda postfix/smtpd[15316]: process generation: 3 (3) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: mynetworks ~? debug_peer_list Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: mynetworks ~? fast_flush_domains Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: mynetworks ~? mynetworks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? debug_peer_list Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? fast_flush_domains Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? mynetworks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? permit_mx_backup_networks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? qmqpd_authorized_clients Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: relay_domains ~? smtpd_access_maps Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: relay_domains: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: permit_mx_backup_networks ~? debug_peer_list Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: permit_mx_backup_networks ~? fast_flush_domains Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: permit_mx_backup_networks ~? mynetworks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: connect to subsystem private/proxymap Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr request = open Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr table = unix:passwd.byname Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr flags = 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/proxymap socket: wanted attribute: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/proxymap socket: wanted attribute: flags Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: flags Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 16 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/proxymap socket: wanted attribute: (list terminator) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: (end) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: proxy:unix:passwd.byname Mar 13 20:23:55 andromeda postfix/smtpd[15316]: Compiled against Berkeley DB: 5.1.25? Mar 13 20:23:55 andromeda postfix/smtpd[15316]: Run-time linked against Berkeley DB: 5.1.25? Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: hash:/etc/aliases Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: user = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: password = hidden Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: dbname = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: result_format = %s Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_int: /etc/postfix/ mysql_va_maps.cf: expansion_limit = 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: query = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: table = alias Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: select_field = goto Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: where_field = address Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: additional_conditions = and active = '1' Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: domain = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_va_maps.cf: hosts = 127.0.0.1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: mysql:/etc/postfix/mysql_va_maps.cf Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: user = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: password = hidden Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: dbname = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: result_format = %s Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_int: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: expansion_limit = 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' AND alias.address=concat('%u', '@', alias_domain.target_domain) AND alias.active = 1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: domain = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_alias_domainaliases_maps.cf: hosts = 127.0.0.1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: user = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: password = hidden Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: dbname = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: result_format = %s Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_int: /etc/postfix/ mysql_vmb_maps.cf: expansion_limit = 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: query = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: table = mailbox Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: select_field = CONCAT(domain, '/', local_part) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: where_field = username Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: additional_conditions = and active = '1' Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: domain = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_vmb_maps.cf: hosts = 127.0.0.1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: mysql:/etc/postfix/mysql_vmb_maps.cf Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: user = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: password = hidden Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: dbname = mail Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: result_format = %s Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_int: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: expansion_limit = 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: query = SELECT maildir FROM mailbox, alias_domain \ WHERE alias_domain.alias_domain = '%d' \ AND mailbox.username=concat('%u', '@', alias_domain.target_domain ) \ AND mailbox.active = 1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: domain = Mar 13 20:23:55 andromeda postfix/smtpd[15316]: cfg_get_str: /etc/postfix/ mysql_virtual_mailbox_domainaliases_maps.cf: hosts = 127.0.0.1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: dict_open: mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? debug_peer_list Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? fast_flush_domains Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? mynetworks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? permit_mx_backup_networks Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: smtpd_access_maps ~? smtpd_access_maps Mar 13 20:23:55 andromeda postfix/smtpd[15316]: unknown_helo_hostname_tempfail_action = defer_if_permit Mar 13 20:23:55 andromeda postfix/smtpd[15316]: unknown_address_tempfail_action = defer_if_permit Mar 13 20:23:55 andromeda postfix/smtpd[15316]: unverified_recipient_tempfail_action = defer_if_permit Mar 13 20:23:55 andromeda postfix/smtpd[15316]: unverified_sender_tempfail_action = defer_if_permit Mar 13 20:23:55 andromeda postfix/smtpd[15316]: name_mask: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: auto_clnt_create: transport=local endpoint=private/tlsmgr Mar 13 20:23:55 andromeda postfix/smtpd[15316]: auto_clnt_open: connected to private/tlsmgr Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr request = seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr size = 32 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: AHVrzbFVvc2OBJm0YrMwfr0jnTbg7Iomx767MU6gr+4= Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: (list terminator) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: (end) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr request = policy Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr cache_type = smtpd Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: cachable Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: cachable Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: (list terminator) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: (end) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: fast_flush_domains ~? debug_peer_list Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_string: fast_flush_domains ~? fast_flush_domains Mar 13 20:23:55 andromeda postfix/smtpd[15316]: auto_clnt_create: transport=local endpoint=private/anvil Mar 13 20:23:55 andromeda postfix/smtpd[15316]: connection established Mar 13 20:23:55 andromeda postfix/smtpd[15316]: master_notify: status 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: name_mask: resource Mar 13 20:23:55 andromeda postfix/smtpd[15316]: name_mask: software Mar 13 20:23:55 andromeda postfix/smtpd[15316]: connect from mail-ve0-f174.google.com[209.85.128.174] Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: mail-ve0-f174.google.com: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: 209.85.128.174: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: mail-ve0-f174.google.com: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: 209.85.128.174: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: smtp_stream_setup: maxtime=300 enable_deadline=0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_hostname: mail-ve0-f174.google.com ~? 127.0.0.0/8 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_hostaddr: 209.85.128.174 ~? 127.0.0.0/8 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: mail-ve0-f174.google.com: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: 209.85.128.174: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: auto_clnt_open: connected to private/anvil Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr request = connect Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr ident = smtp:209.85.128.174 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/anvil: wanted attribute: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/anvil: wanted attribute: count Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: count Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/anvil: wanted attribute: rate Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: rate Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 1 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/anvil: wanted attribute: (list terminator) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: (end) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: report connect to all milters Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "j" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: result "andromeda.home" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{daemon_name}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: result "andromeda.home" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "v" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: result "Postfix 2.9.6" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: non-protocol events for protocol version 6: Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: transport=inet endpoint=127.0.0.1:8891 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: trying... [127.0.0.1] Mar 13 20:23:55 andromeda postfix/smtpd[15316]: vstream_tweak_tcp: TCP_MAXSEG 16384 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: my_version=0x6 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: my_actions=0x1ff SMFIF_ADDHDRS SMFIF_CHGBODY SMFIF_ADDRCPT SMFIF_DELRCPT SMFIF_CHGHDRS SMFIF_QUARANTINE SMFIF_CHGFROM SMFIF_ADDRCPT_PAR SMFIF_SETSYMLIST Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: my_events=0x1fffff SMFIP_NOCONNECT SMFIP_NOHELO SMFIP_NOMAIL SMFIP_NORCPT SMFIP_NOBODY SMFIP_NOHDRS SMFIP_NOEOH SMFIP_NR_HDR SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_RCPT_REJ SMFIP_NR_CONN SMFIP_NR_HELO SMFIP_NR_MAIL SMFIP_NR_RCPT SMFIP_NR_DATA SMFIP_NR_UNKN SMFIP_NR_EOH SMFIP_NR_BODY SMFIP_HDR_LEADSPC Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: milter inet:127.0.0.1:8891 version 6 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: events SMFIP_NOHELO SMFIP_NOUNKNOWN SMFIP_NODATA SMFIP_SKIP SMFIP_HDR_LEADSPC Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_CHGHDRS SMFIF_SETSYMLIST Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_conn_event: milter inet:127.0.0.1:8891: connect mail-ve0-f174.google.com/209.85.128.174 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: event: SMFIC_CONNECT; macros: j=andromeda.home {daemon_name}=andromeda.home v=Postfix 2.9.6 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: reply: SMFIR_CONTINUE data 0 bytes Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 220 andromeda.home ESMTP Postfix (Ubuntu) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: < mail-ve0-f174.google.com[209.85.128.174]: EHLO mail-ve0-f174.google.com Mar 13 20:23:55 andromeda postfix/smtpd[15316]: report helo to all milters Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{tls_version}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{cipher}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{cipher_bits}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{cert_subject}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter_macro_lookup: "{cert_issuer}" Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_helo_event: milter inet:127.0.0.1:8891: helo mail-ve0-f174.google.com Mar 13 20:23:55 andromeda postfix/smtpd[15316]: event: SMFIC_HELO; macros: (none) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: skipping event SMFIC_HELO for milter inet:127.0.0.1:8891 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: mail-ve0-f174.google.com: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: match_list_match: 209.85.128.174: no match Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-andromeda.home Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-PIPELINING Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-SIZE 10240000 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-VRFY Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-ETRN Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-STARTTLS Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-ENHANCEDSTATUSCODES Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250-8BITMIME Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 250 DSN Mar 13 20:23:55 andromeda postfix/smtpd[15316]: < mail-ve0-f174.google.com[209.85.128.174]: STARTTLS Mar 13 20:23:55 andromeda postfix/smtpd[15316]: query milter states for other event Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_other_event: milter inet:127.0.0.1:8891 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: > mail-ve0-f174.google.com[209.85.128.174]: 220 2.0.0 Ready to start TLS Mar 13 20:23:55 andromeda postfix/smtpd[15316]: abort all milters Mar 13 20:23:55 andromeda postfix/smtpd[15316]: milter8_abort: abort milter inet:127.0.0.1:8891 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr request = seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: send attr size = 32 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: status Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: 0 Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: seed Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute value: Yq65+voc3LQNVdBh7hwpJK7T0kNDyGKblUpQTyAY8oA= Mar 13 20:23:55 andromeda postfix/smtpd[15316]: private/tlsmgr: wanted attribute: (list terminator) Mar 13 20:23:55 andromeda postfix/smtpd[15316]: input attribute name: (end) Mar 13 20:23:55 andromeda postfix/cleanup[15325]: D43E610006A: message-id=< CADUOTo1h8zkNH-Pi-xpZ03Ko+n1_GqbhEdW23MN-npSYVyjYPA at mail.gmail.com> Mar 13 20:23:55 andromeda opendkim[28129]: D43E610006A: mail-ve0-f174.google.com [209.85.128.174] not internal Mar 13 20:23:55 andromeda opendkim[28129]: D43E610006A: not authenticated Mar 13 20:23:55 andromeda opendkim[28129]: D43E610006A: no signing domain match for 'gmail.com' Mar 13 20:23:55 andromeda opendkim[28129]: D43E610006A: no signing subdomain match for 'gmail.com' Mar 13 20:23:55 andromeda postfix/qmgr[15301]: D43E610006A: from=< cryptodan at gmail.com>, size=6398, nrcpt=1 (queue active) Mar 13 20:23:55 andromeda postfix/local[15327]: D43E610006A: to=< cryptodan at cryptodan.net>, relay=local, delay=0.16, delays=0.15/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir) Mar 13 20:23:55 andromeda postfix/qmgr[15301]: D43E610006A: removed Mar 13 20:24:01 andromeda postfix/smtpd[15316]: proxymap stream disconnect Mar 13 20:24:01 andromeda postfix/smtpd[15316]: auto_clnt_close: disconnect private/tlsmgr stream Mar 13 20:24:01 andromeda postfix/smtpd[15316]: rewrite stream disconnect Mar 13 20:25:35 andromeda postfix/smtpd[15316]: idle timeout -- exiting Mar 13 20:27:12 andromeda dovecot: auth-worker: mysql(localhost): Connected to database mail Mar 13 20:27:12 andromeda dovecot: pop3-login: Login: user=< cryptodan at cryptodan.net>, method=PLAIN, rip=96.244.76.114, lip=192.168.1.8, mpid=15341, TLS Mar 13 20:27:12 andromeda dovecot: pop3(cryptodan at cryptodan.net): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Mar 13 20:27:15 andromeda postfix/anvil[15319]: statistics: max connection rate 1/60s for (smtp:209.85.128.174) at Mar 14 00:23:55 Mar 13 20:27:15 andromeda postfix/anvil[15319]: statistics: max connection count 1 for (smtp:209.85.128.174) at Mar 14 00:23:55 Mar 13 20:27:15 andromeda postfix/anvil[15319]: statistics: max cache size 1 at Mar 14 00:23:55 [/code] *Here is the output of postconf -d:* [code] root at andromeda:/etc/postfix# postconf -d 2bounce_notice_recipient = postmaster access_map_defer_code = 450 access_map_reject_code = 554 address_verify_cache_cleanup_interval = 12h address_verify_default_transport = $default_transport address_verify_local_transport = $local_transport address_verify_map = btree:$data_directory/verify_cache address_verify_negative_cache = yes address_verify_negative_expire_time = 3d address_verify_negative_refresh_time = 3h address_verify_poll_count = ${stress?1}${stress:3} address_verify_poll_delay = 3s address_verify_positive_expire_time = 31d address_verify_positive_refresh_time = 7d address_verify_relay_transport = $relay_transport address_verify_relayhost = $relayhost address_verify_sender = $double_bounce_sender address_verify_sender_dependent_default_transport_maps = $sender_dependent_default_transport_maps address_verify_sender_dependent_relayhost_maps = $sender_dependent_relayhost_maps address_verify_sender_ttl = 0s address_verify_service_name = verify address_verify_transport_maps = $transport_maps address_verify_virtual_transport = $virtual_transport alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, nis:mail.aliases allow_mail_to_commands = alias, forward allow_mail_to_files = alias, forward allow_min_user = no allow_percent_hack = yes allow_untrusted_routing = no alternate_config_directories = always_add_missing_headers = no always_bcc = anvil_rate_time_unit = 60s anvil_status_update_time = 600s append_at_myorigin = yes append_dot_mydomain = yes application_event_drain_time = 100s authorized_flush_users = static:anyone authorized_mailq_users = static:anyone authorized_submit_users = static:anyone backwards_bounce_logfile_compatibility = yes berkeley_db_create_buffer_size = 16777216 berkeley_db_read_buffer_size = 131072 best_mx_transport = biff = yes body_checks = body_checks_size_limit = 51200 bounce_notice_recipient = postmaster bounce_queue_lifetime = 5d bounce_service_name = bounce bounce_size_limit = 50000 bounce_template_file = broken_sasl_auth_clients = no bsmtp_delivery_slot_cost = $default_delivery_slot_cost bsmtp_delivery_slot_discount = $default_delivery_slot_discount bsmtp_delivery_slot_loan = $default_delivery_slot_loan bsmtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit bsmtp_destination_concurrency_limit = $default_destination_concurrency_limit bsmtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback bsmtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback bsmtp_destination_rate_delay = $default_destination_rate_delay bsmtp_destination_recipient_limit = $default_destination_recipient_limit bsmtp_extra_recipient_limit = $default_extra_recipient_limit bsmtp_initial_destination_concurrency = $initial_destination_concurrency bsmtp_minimum_delivery_slots = $default_minimum_delivery_slots bsmtp_recipient_limit = $default_recipient_limit bsmtp_recipient_refill_delay = $default_recipient_refill_delay bsmtp_recipient_refill_limit = $default_recipient_refill_limit bsmtp_time_limit = $command_time_limit canonical_classes = envelope_sender, envelope_recipient, header_sender, header_recipient canonical_maps = cleanup_service_name = cleanup command_directory = /usr/sbin command_execution_directory = command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ command_time_limit = 1000s config_directory = /etc/postfix connection_cache_protocol_timeout = 5s connection_cache_service_name = scache connection_cache_status_update_time = 600s connection_cache_ttl_limit = 2s content_filter = cyrus_sasl_config_path = daemon_directory = /usr/lib/postfix daemon_table_open_error_is_fatal = no daemon_timeout = 18000s data_directory = /var/lib/postfix debug_peer_level = 2 debug_peer_list = debugger_command = default_database_type = hash default_delivery_slot_cost = 5 default_delivery_slot_discount = 50 default_delivery_slot_loan = 3 default_destination_concurrency_failed_cohort_limit = 1 default_destination_concurrency_limit = 20 default_destination_concurrency_negative_feedback = 1 default_destination_concurrency_positive_feedback = 1 default_destination_rate_delay = 0s default_destination_recipient_limit = 50 default_extra_recipient_limit = 1000 default_filter_nexthop = default_minimum_delivery_slots = 3 default_privs = nobody default_process_limit = 100 default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} default_recipient_limit = 20000 default_recipient_refill_delay = 5s default_recipient_refill_limit = 100 default_transport = smtp default_verp_delimiters = += defer_code = 450 defer_service_name = defer defer_transports = delay_logging_resolution_limit = 2 delay_notice_recipient = postmaster delay_warning_time = 0h deliver_lock_attempts = 20 deliver_lock_delay = 1s destination_concurrency_feedback_debug = no detect_8bit_encoding_header = yes disable_dns_lookups = no disable_mime_input_processing = no disable_mime_output_conversion = no disable_verp_bounces = no disable_vrfy_command = no dnsblog_reply_delay = 0s dnsblog_service_name = dnsblog dont_remove = 0 double_bounce_sender = double-bounce dovecot_delivery_slot_cost = $default_delivery_slot_cost dovecot_delivery_slot_discount = $default_delivery_slot_discount dovecot_delivery_slot_loan = $default_delivery_slot_loan dovecot_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit dovecot_destination_concurrency_limit = $default_destination_concurrency_limit dovecot_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback dovecot_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback dovecot_destination_rate_delay = $default_destination_rate_delay dovecot_destination_recipient_limit = $default_destination_recipient_limit dovecot_extra_recipient_limit = $default_extra_recipient_limit dovecot_initial_destination_concurrency = $initial_destination_concurrency dovecot_minimum_delivery_slots = $default_minimum_delivery_slots dovecot_recipient_limit = $default_recipient_limit dovecot_recipient_refill_delay = $default_recipient_refill_delay dovecot_recipient_refill_limit = $default_recipient_refill_limit dovecot_time_limit = $command_time_limit duplicate_filter_limit = 1000 empty_address_default_transport_maps_lookup_key = <> empty_address_recipient = MAILER-DAEMON empty_address_relayhost_maps_lookup_key = <> enable_long_queue_ids = no enable_original_recipient = yes error_delivery_slot_cost = $default_delivery_slot_cost error_delivery_slot_discount = $default_delivery_slot_discount error_delivery_slot_loan = $default_delivery_slot_loan error_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit error_destination_concurrency_limit = $default_destination_concurrency_limit error_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback error_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback error_destination_rate_delay = $default_destination_rate_delay error_destination_recipient_limit = $default_destination_recipient_limit error_extra_recipient_limit = $default_extra_recipient_limit error_initial_destination_concurrency = $initial_destination_concurrency error_minimum_delivery_slots = $default_minimum_delivery_slots error_notice_recipient = postmaster error_recipient_limit = $default_recipient_limit error_recipient_refill_delay = $default_recipient_refill_delay error_recipient_refill_limit = $default_recipient_refill_limit error_service_name = error execution_directory_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ expand_owner_alias = no export_environment = TZ MAIL_CONFIG LANG fallback_transport = fallback_transport_maps = fast_flush_domains = $relay_domains fast_flush_purge_time = 7d fast_flush_refresh_time = 12h fault_injection_code = 0 flush_service_name = flush fork_attempts = 5 fork_delay = 1s forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward frozen_delivered_to = yes hash_queue_depth = 1 hash_queue_names = deferred, defer header_address_token_limit = 10240 header_checks = header_size_limit = 102400 helpful_warnings = yes home_mailbox = hopcount_limit = 50 html_directory = no ifmail_delivery_slot_cost = $default_delivery_slot_cost ifmail_delivery_slot_discount = $default_delivery_slot_discount ifmail_delivery_slot_loan = $default_delivery_slot_loan ifmail_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit ifmail_destination_concurrency_limit = $default_destination_concurrency_limit ifmail_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback ifmail_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback ifmail_destination_rate_delay = $default_destination_rate_delay ifmail_destination_recipient_limit = $default_destination_recipient_limit ifmail_extra_recipient_limit = $default_extra_recipient_limit ifmail_initial_destination_concurrency = $initial_destination_concurrency ifmail_minimum_delivery_slots = $default_minimum_delivery_slots ifmail_recipient_limit = $default_recipient_limit ifmail_recipient_refill_delay = $default_recipient_refill_delay ifmail_recipient_refill_limit = $default_recipient_refill_limit ifmail_time_limit = $command_time_limit ignore_mx_lookup_error = no import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C in_flow_delay = 1s inet_interfaces = all inet_protocols = all initial_destination_concurrency = 5 internal_mail_filter_classes = invalid_hostname_reject_code = 501 ipc_idle = 5s ipc_timeout = 3600s ipc_ttl = 1000s line_length_limit = 2048 lmtp_address_preference = any lmtp_assume_final = no lmtp_bind_address = lmtp_bind_address6 = lmtp_body_checks = lmtp_cname_overrides_servername = no lmtp_connect_timeout = 0s lmtp_connection_cache_destinations = lmtp_connection_cache_on_demand = yes lmtp_connection_cache_time_limit = 2s lmtp_connection_reuse_time_limit = 300s lmtp_data_done_timeout = 600s lmtp_data_init_timeout = 120s lmtp_data_xfer_timeout = 180s lmtp_defer_if_no_mx_address_found = no lmtp_delivery_slot_cost = $default_delivery_slot_cost lmtp_delivery_slot_discount = $default_delivery_slot_discount lmtp_delivery_slot_loan = $default_delivery_slot_loan lmtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit lmtp_destination_concurrency_limit = $default_destination_concurrency_limit lmtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback lmtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback lmtp_destination_rate_delay = $default_destination_rate_delay lmtp_destination_recipient_limit = $default_destination_recipient_limit lmtp_discard_lhlo_keyword_address_maps = lmtp_discard_lhlo_keywords = lmtp_dns_resolver_options = lmtp_enforce_tls = no lmtp_extra_recipient_limit = $default_extra_recipient_limit lmtp_generic_maps = lmtp_header_checks = lmtp_host_lookup = dns lmtp_initial_destination_concurrency = $initial_destination_concurrency lmtp_lhlo_name = $myhostname lmtp_lhlo_timeout = 300s lmtp_line_length_limit = 998 lmtp_mail_timeout = 300s lmtp_mime_header_checks = lmtp_minimum_delivery_slots = $default_minimum_delivery_slots lmtp_mx_address_limit = 5 lmtp_mx_session_limit = 2 lmtp_nested_header_checks = lmtp_per_record_deadline = no lmtp_pix_workaround_delay_time = 10s lmtp_pix_workaround_maps = lmtp_pix_workaround_threshold_time = 500s lmtp_pix_workarounds = disable_esmtp,delay_dotcrlf lmtp_quit_timeout = 300s lmtp_quote_rfc821_envelope = yes lmtp_randomize_addresses = yes lmtp_rcpt_timeout = 300s lmtp_recipient_limit = $default_recipient_limit lmtp_recipient_refill_delay = $default_recipient_refill_delay lmtp_recipient_refill_limit = $default_recipient_refill_limit lmtp_reply_filter = lmtp_rset_timeout = 20s lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus lmtp_send_dummy_mail_auth = no lmtp_send_xforward_command = no lmtp_sender_dependent_authentication = no lmtp_skip_5xx_greeting = yes lmtp_skip_quit_response = no lmtp_starttls_timeout = 300s lmtp_tcp_port = 24 lmtp_tls_CAfile = lmtp_tls_CApath = lmtp_tls_block_early_mail_reply = no lmtp_tls_cert_file = lmtp_tls_ciphers = export lmtp_tls_dcert_file = lmtp_tls_dkey_file = $lmtp_tls_dcert_file lmtp_tls_eccert_file = lmtp_tls_eckey_file = $lmtp_tls_eccert_file lmtp_tls_enforce_peername = yes lmtp_tls_exclude_ciphers = lmtp_tls_fingerprint_cert_match = lmtp_tls_fingerprint_digest = md5 lmtp_tls_key_file = $lmtp_tls_cert_file lmtp_tls_loglevel = 0 lmtp_tls_mandatory_ciphers = medium lmtp_tls_mandatory_exclude_ciphers = lmtp_tls_mandatory_protocols = !SSLv2 lmtp_tls_note_starttls_offer = no lmtp_tls_per_site = lmtp_tls_policy_maps = lmtp_tls_protocols = !SSLv2 lmtp_tls_scert_verifydepth = 9 lmtp_tls_secure_cert_match = nexthop lmtp_tls_security_level = lmtp_tls_session_cache_database = lmtp_tls_session_cache_timeout = 3600s lmtp_tls_verify_cert_match = hostname lmtp_use_tls = no lmtp_xforward_timeout = 300s local_command_shell = local_delivery_slot_cost = $default_delivery_slot_cost local_delivery_slot_discount = $default_delivery_slot_discount local_delivery_slot_loan = $default_delivery_slot_loan local_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit local_destination_concurrency_limit = 2 local_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback local_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback local_destination_rate_delay = $default_destination_rate_delay local_destination_recipient_limit = 1 local_extra_recipient_limit = $default_extra_recipient_limit local_header_rewrite_clients = permit_inet_interfaces local_initial_destination_concurrency = $initial_destination_concurrency local_minimum_delivery_slots = $default_minimum_delivery_slots local_recipient_limit = $default_recipient_limit local_recipient_maps = proxy:unix:passwd.byname $alias_maps local_recipient_refill_delay = $default_recipient_refill_delay local_recipient_refill_limit = $default_recipient_refill_limit local_transport = local:$myhostname luser_relay = mail_name = Postfix mail_owner = postfix mail_release_date = 20130203 mail_spool_directory = /var/mail mail_version = 2.9.6 mailbox_command = mailbox_command_maps = mailbox_delivery_lock = fcntl, dotlock mailbox_size_limit = 51200000 mailbox_transport = mailbox_transport_maps = maildrop_delivery_slot_cost = $default_delivery_slot_cost maildrop_delivery_slot_discount = $default_delivery_slot_discount maildrop_delivery_slot_loan = $default_delivery_slot_loan maildrop_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit maildrop_destination_concurrency_limit = $default_destination_concurrency_limit maildrop_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback maildrop_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback maildrop_destination_rate_delay = $default_destination_rate_delay maildrop_destination_recipient_limit = $default_destination_recipient_limit maildrop_extra_recipient_limit = $default_extra_recipient_limit maildrop_initial_destination_concurrency = $initial_destination_concurrency maildrop_minimum_delivery_slots = $default_minimum_delivery_slots maildrop_recipient_limit = $default_recipient_limit maildrop_recipient_refill_delay = $default_recipient_refill_delay maildrop_recipient_refill_limit = $default_recipient_refill_limit maildrop_time_limit = $command_time_limit mailman_delivery_slot_cost = $default_delivery_slot_cost mailman_delivery_slot_discount = $default_delivery_slot_discount mailman_delivery_slot_loan = $default_delivery_slot_loan mailman_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit mailman_destination_concurrency_limit = $default_destination_concurrency_limit mailman_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback mailman_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback mailman_destination_rate_delay = $default_destination_rate_delay mailman_destination_recipient_limit = $default_destination_recipient_limit mailman_extra_recipient_limit = $default_extra_recipient_limit mailman_initial_destination_concurrency = $initial_destination_concurrency mailman_minimum_delivery_slots = $default_minimum_delivery_slots mailman_recipient_limit = $default_recipient_limit mailman_recipient_refill_delay = $default_recipient_refill_delay mailman_recipient_refill_limit = $default_recipient_refill_limit mailman_time_limit = $command_time_limit mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man maps_rbl_domains = maps_rbl_reject_code = 554 masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = master_service_disable = max_idle = 100s max_use = 100 maximal_backoff_time = 4000s maximal_queue_lifetime = 5d message_reject_characters = message_size_limit = 10240000 message_strip_characters = milter_command_timeout = 30s milter_connect_macros = j {daemon_name} v milter_connect_timeout = 30s milter_content_timeout = 300s milter_data_macros = i milter_default_action = tempfail milter_end_of_data_macros = i milter_end_of_header_macros = i milter_header_checks = milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer} milter_macro_daemon_name = $myhostname milter_macro_v = $mail_name $mail_version milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} milter_protocol = 6 milter_rcpt_macros = i {rcpt_addr} {rcpt_host} {rcpt_mailer} milter_unknown_command_macros = mime_boundary_length_limit = 2048 mime_header_checks = $header_checks mime_nesting_limit = 100 minimal_backoff_time = 300s multi_instance_directories = multi_instance_enable = no multi_instance_group = multi_instance_name = multi_instance_wrapper = multi_recipient_bounce_reject_code = 550 mydestination = $myhostname, localhost.$mydomain, localhost mydomain = localdomain myhostname = andromeda.home mynetworks = 127.0.0.0/8 192.168.1.0/24 mynetworks_style = subnet myorigin = $myhostname nested_header_checks = $header_checks newaliases_path = /usr/bin/newaliases non_fqdn_reject_code = 504 non_smtpd_milters = notify_classes = resource, software owner_request_special = yes parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,smtpd_access_maps permit_mx_backup_networks = pickup_service_name = pickup plaintext_reject_code = 450 postmulti_control_commands = reload flush postmulti_start_commands = start postmulti_stop_commands = stop abort drain quick-stop postscreen_access_list = permit_mynetworks postscreen_bare_newline_action = ignore postscreen_bare_newline_enable = no postscreen_bare_newline_ttl = 30d postscreen_blacklist_action = ignore postscreen_cache_cleanup_interval = 12h postscreen_cache_map = btree:$data_directory/postscreen_cache postscreen_cache_retention_time = 7d postscreen_client_connection_count_limit = $smtpd_client_connection_count_limit postscreen_command_count_limit = 20 postscreen_command_filter = postscreen_command_time_limit = ${stress?10}${stress:300}s postscreen_disable_vrfy_command = $disable_vrfy_command postscreen_discard_ehlo_keyword_address_maps = $smtpd_discard_ehlo_keyword_address_maps postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords postscreen_dnsbl_action = ignore postscreen_dnsbl_reply_map = postscreen_dnsbl_sites = postscreen_dnsbl_threshold = 1 postscreen_dnsbl_ttl = 1h postscreen_enforce_tls = $smtpd_enforce_tls postscreen_expansion_filter = $smtpd_expansion_filter postscreen_forbidden_commands = $smtpd_forbidden_commands postscreen_greet_action = ignore postscreen_greet_banner = $smtpd_banner postscreen_greet_ttl = 1d postscreen_greet_wait = ${stress?2}${stress:6}s postscreen_helo_required = $smtpd_helo_required postscreen_non_smtp_command_action = drop postscreen_non_smtp_command_enable = no postscreen_non_smtp_command_ttl = 30d postscreen_pipelining_action = enforce postscreen_pipelining_enable = no postscreen_pipelining_ttl = 30d postscreen_post_queue_limit = $default_process_limit postscreen_pre_queue_limit = $default_process_limit postscreen_reject_footer = $smtpd_reject_footer postscreen_tls_security_level = $smtpd_tls_security_level postscreen_use_tls = $smtpd_use_tls postscreen_watchdog_timeout = 10s postscreen_whitelist_interfaces = static:all prepend_delivered_header = command, file, forward process_id_directory = pid propagate_unmatched_extensions = canonical, virtual proxy_interfaces = proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps $alias_maps proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name $address_verify_map $postscreen_cache_map proxymap_service_name = proxymap proxywrite_service_name = proxywrite qmgr_clog_warn_time = 300s qmgr_daemon_timeout = 1000s qmgr_fudge_factor = 100 qmgr_ipc_timeout = 60s qmgr_message_active_limit = 20000 qmgr_message_recipient_limit = 20000 qmgr_message_recipient_minimum = 10 qmqpd_authorized_clients = qmqpd_client_port_logging = no qmqpd_error_delay = 1s qmqpd_timeout = 300s queue_directory = /var/spool/postfix queue_file_attribute_count_limit = 100 queue_minfree = 0 queue_run_delay = 300s queue_service_name = qmgr rbl_reply_maps = readme_directory = /usr/share/doc/postfix receive_override_options = recipient_bcc_maps = recipient_canonical_classes = envelope_recipient, header_recipient recipient_canonical_maps = recipient_delimiter = reject_code = 554 reject_tempfail_action = defer_if_permit relay_clientcerts = relay_delivery_slot_cost = $default_delivery_slot_cost relay_delivery_slot_discount = $default_delivery_slot_discount relay_delivery_slot_loan = $default_delivery_slot_loan relay_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit relay_destination_concurrency_limit = $default_destination_concurrency_limit relay_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback relay_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback relay_destination_rate_delay = $default_destination_rate_delay relay_destination_recipient_limit = $default_destination_recipient_limit relay_domains = $mydestination relay_domains_reject_code = 554 relay_extra_recipient_limit = $default_extra_recipient_limit relay_initial_destination_concurrency = $initial_destination_concurrency relay_minimum_delivery_slots = $default_minimum_delivery_slots relay_recipient_limit = $default_recipient_limit relay_recipient_maps = relay_recipient_refill_delay = $default_recipient_refill_delay relay_recipient_refill_limit = $default_recipient_refill_limit relay_transport = relay relayhost = relocated_maps = remote_header_rewrite_domain = require_home_directory = no reset_owner_alias = no resolve_dequoted_address = yes resolve_null_domain = no resolve_numeric_domain = no retry_delivery_slot_cost = $default_delivery_slot_cost retry_delivery_slot_discount = $default_delivery_slot_discount retry_delivery_slot_loan = $default_delivery_slot_loan retry_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit retry_destination_concurrency_limit = $default_destination_concurrency_limit retry_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback retry_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback retry_destination_rate_delay = $default_destination_rate_delay retry_destination_recipient_limit = $default_destination_recipient_limit retry_extra_recipient_limit = $default_extra_recipient_limit retry_initial_destination_concurrency = $initial_destination_concurrency retry_minimum_delivery_slots = $default_minimum_delivery_slots retry_recipient_limit = $default_recipient_limit retry_recipient_refill_delay = $default_recipient_refill_delay retry_recipient_refill_limit = $default_recipient_refill_limit rewrite_service_name = rewrite sample_directory = /usr/share/doc/postfix/examples scalemail-backend_delivery_slot_cost = $default_delivery_slot_cost scalemail-backend_delivery_slot_discount = $default_delivery_slot_discount scalemail-backend_delivery_slot_loan = $default_delivery_slot_loan scalemail-backend_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit scalemail-backend_destination_concurrency_limit = $default_destination_concurrency_limit scalemail-backend_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback scalemail-backend_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback scalemail-backend_destination_rate_delay = $default_destination_rate_delay scalemail-backend_destination_recipient_limit = $default_destination_recipient_limit scalemail-backend_extra_recipient_limit = $default_extra_recipient_limit scalemail-backend_initial_destination_concurrency = $initial_destination_concurrency scalemail-backend_minimum_delivery_slots = $default_minimum_delivery_slots scalemail-backend_recipient_limit = $default_recipient_limit scalemail-backend_recipient_refill_delay = $default_recipient_refill_delay scalemail-backend_recipient_refill_limit = $default_recipient_refill_limit scalemail-backend_time_limit = $command_time_limit send_cyrus_sasl_authzid = no sender_bcc_maps = sender_canonical_classes = envelope_sender, header_sender sender_canonical_maps = sender_dependent_default_transport_maps = sender_dependent_relayhost_maps = sendmail_fix_line_endings = always sendmail_path = /usr/sbin/sendmail service_throttle_time = 60s setgid_group = postdrop show_user_unknown_table_name = yes showq_service_name = showq smtp_address_preference = any smtp_always_send_ehlo = yes smtp_bind_address = smtp_bind_address6 = smtp_body_checks = smtp_cname_overrides_servername = no smtp_connect_timeout = 30s smtp_connection_cache_destinations = smtp_connection_cache_on_demand = yes smtp_connection_cache_time_limit = 2s smtp_connection_reuse_time_limit = 300s smtp_data_done_timeout = 600s smtp_data_init_timeout = 120s smtp_data_xfer_timeout = 180s smtp_defer_if_no_mx_address_found = no smtp_delivery_slot_cost = $default_delivery_slot_cost smtp_delivery_slot_discount = $default_delivery_slot_discount smtp_delivery_slot_loan = $default_delivery_slot_loan smtp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit smtp_destination_concurrency_limit = $default_destination_concurrency_limit smtp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback smtp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback smtp_destination_rate_delay = $default_destination_rate_delay smtp_destination_recipient_limit = $default_destination_recipient_limit smtp_discard_ehlo_keyword_address_maps = smtp_discard_ehlo_keywords = smtp_dns_resolver_options = smtp_enforce_tls = no smtp_extra_recipient_limit = $default_extra_recipient_limit smtp_fallback_relay = $fallback_relay smtp_generic_maps = smtp_header_checks = smtp_helo_name = $myhostname smtp_helo_timeout = 300s smtp_host_lookup = dns smtp_initial_destination_concurrency = $initial_destination_concurrency smtp_line_length_limit = 998 smtp_mail_timeout = 300s smtp_mime_header_checks = smtp_minimum_delivery_slots = $default_minimum_delivery_slots smtp_mx_address_limit = 5 smtp_mx_session_limit = 2 smtp_nested_header_checks = smtp_never_send_ehlo = no smtp_per_record_deadline = no smtp_pix_workaround_delay_time = 10s smtp_pix_workaround_maps = smtp_pix_workaround_threshold_time = 500s smtp_pix_workarounds = disable_esmtp,delay_dotcrlf smtp_quit_timeout = 300s smtp_quote_rfc821_envelope = yes smtp_randomize_addresses = yes smtp_rcpt_timeout = 300s smtp_recipient_limit = $default_recipient_limit smtp_recipient_refill_delay = $default_recipient_refill_delay smtp_recipient_refill_limit = $default_recipient_refill_limit smtp_reply_filter = smtp_rset_timeout = 20s smtp_sasl_auth_cache_name = smtp_sasl_auth_cache_time = 90d smtp_sasl_auth_enable = no smtp_sasl_auth_soft_bounce = yes smtp_sasl_mechanism_filter = smtp_sasl_password_maps = smtp_sasl_path = smtp_sasl_security_options = noplaintext, noanonymous smtp_sasl_tls_security_options = $smtp_sasl_security_options smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options smtp_sasl_type = cyrus smtp_send_dummy_mail_auth = no smtp_send_xforward_command = no smtp_sender_dependent_authentication = no smtp_skip_5xx_greeting = yes smtp_skip_quit_response = yes smtp_starttls_timeout = 300s smtp_tls_CAfile = smtp_tls_CApath = smtp_tls_block_early_mail_reply = no smtp_tls_cert_file = smtp_tls_ciphers = export smtp_tls_dcert_file = smtp_tls_dkey_file = $smtp_tls_dcert_file smtp_tls_eccert_file = smtp_tls_eckey_file = $smtp_tls_eccert_file smtp_tls_enforce_peername = yes smtp_tls_exclude_ciphers = smtp_tls_fingerprint_cert_match = smtp_tls_fingerprint_digest = md5 smtp_tls_key_file = $smtp_tls_cert_file smtp_tls_loglevel = 0 smtp_tls_mandatory_ciphers = medium smtp_tls_mandatory_exclude_ciphers = smtp_tls_mandatory_protocols = !SSLv2 smtp_tls_note_starttls_offer = no smtp_tls_per_site = smtp_tls_policy_maps = smtp_tls_protocols = !SSLv2 smtp_tls_scert_verifydepth = 9 smtp_tls_secure_cert_match = nexthop, dot-nexthop smtp_tls_security_level = smtp_tls_session_cache_database = smtp_tls_session_cache_timeout = 3600s smtp_tls_verify_cert_match = hostname smtp_use_tls = no smtp_xforward_timeout = 300s smtpd_authorized_verp_clients = $authorized_verp_clients smtpd_authorized_xclient_hosts = smtpd_authorized_xforward_hosts = smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_connection_count_limit = 50 smtpd_client_connection_rate_limit = 0 smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks} smtpd_client_message_rate_limit = 0 smtpd_client_new_tls_session_rate_limit = 0 smtpd_client_port_logging = no smtpd_client_recipient_rate_limit = 0 smtpd_client_restrictions = smtpd_command_filter = smtpd_data_restrictions = smtpd_delay_open_until_valid_rcpt = yes smtpd_delay_reject = yes smtpd_discard_ehlo_keyword_address_maps = smtpd_discard_ehlo_keywords = smtpd_end_of_data_restrictions = smtpd_enforce_tls = no smtpd_error_sleep_time = 1s smtpd_etrn_restrictions = smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ smtpd_forbidden_commands = CONNECT GET POST smtpd_hard_error_limit = ${stress?1}${stress:20} smtpd_helo_required = no smtpd_helo_restrictions = smtpd_history_flush_threshold = 100 smtpd_junk_command_limit = ${stress?1}${stress:100} smtpd_milters = smtpd_noop_commands = smtpd_null_access_lookup_key = <> smtpd_peername_lookup = yes smtpd_per_record_deadline = ${stress?yes}${stress:no} smtpd_policy_service_max_idle = 300s smtpd_policy_service_max_ttl = 1000s smtpd_policy_service_timeout = 100s smtpd_proxy_ehlo = $myhostname smtpd_proxy_filter = smtpd_proxy_options = smtpd_proxy_timeout = 100s smtpd_recipient_limit = 1000 smtpd_recipient_overshoot_limit = 1000 smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination smtpd_reject_footer = smtpd_reject_unlisted_recipient = yes smtpd_reject_unlisted_sender = no smtpd_restriction_classes = smtpd_sasl_auth_enable = no smtpd_sasl_authenticated_header = no smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = cyrus smtpd_sender_login_maps = smtpd_sender_restrictions = smtpd_service_name = smtpd smtpd_soft_error_limit = 10 smtpd_starttls_timeout = ${stress?10}${stress:300}s smtpd_timeout = ${stress?10}${stress:300}s smtpd_tls_CAfile = smtpd_tls_CApath = smtpd_tls_always_issue_session_ids = yes smtpd_tls_ask_ccert = no smtpd_tls_auth_only = no smtpd_tls_ccert_verifydepth = 9 smtpd_tls_cert_file = smtpd_tls_ciphers = export smtpd_tls_dcert_file = smtpd_tls_dh1024_param_file = smtpd_tls_dh512_param_file = smtpd_tls_dkey_file = $smtpd_tls_dcert_file smtpd_tls_eccert_file = smtpd_tls_eckey_file = $smtpd_tls_eccert_file smtpd_tls_eecdh_grade = strong smtpd_tls_exclude_ciphers = smtpd_tls_fingerprint_digest = md5 smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_exclude_ciphers = smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = smtpd_tls_received_header = no smtpd_tls_req_ccert = no smtpd_tls_security_level = smtpd_tls_session_cache_database = smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_use_tls = no soft_bounce = no stale_lock_time = 500s stress = strict_7bit_headers = no strict_8bitmime = no strict_8bitmime_body = no strict_mailbox_ownership = yes strict_mime_encoding_domain = no strict_rfc821_envelopes = no sun_mailtool_compatibility = no swap_bangpath = yes syslog_facility = mail syslog_name = ${multi_instance_name:postfix}${multi_instance_name?$multi_instance_name} tcp_windowsize = 0 tls_append_default_CA = no tls_daemon_random_bytes = 32 tls_disable_workarounds = tls_eecdh_strong_curve = prime256v1 tls_eecdh_ultra_curve = secp384r1 tls_export_cipherlist = aNULL:-aNULL:ALL:+RC4:@STRENGTH tls_high_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH tls_legacy_public_key_fingerprints = no tls_low_cipherlist = aNULL:-aNULL:ALL:!EXPORT:+RC4:@STRENGTH tls_medium_cipherlist = aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH tls_null_cipherlist = eNULL:!aNULL tls_preempt_cipherlist = no tls_random_bytes = 32 tls_random_exchange_name = ${data_directory}/prng_exch tls_random_prng_update_period = 3600s tls_random_reseed_period = 3600s tls_random_source = dev:/dev/urandom tlsproxy_enforce_tls = $smtpd_enforce_tls tlsproxy_service_name = tlsproxy tlsproxy_tls_CAfile = $smtpd_tls_CAfile tlsproxy_tls_CApath = $smtpd_tls_CApath tlsproxy_tls_always_issue_session_ids = $smtpd_tls_always_issue_session_ids tlsproxy_tls_ask_ccert = $smtpd_tls_ask_ccert tlsproxy_tls_ccert_verifydepth = $smtpd_tls_ccert_verifydepth tlsproxy_tls_cert_file = $smtpd_tls_cert_file tlsproxy_tls_ciphers = $smtpd_tls_ciphers tlsproxy_tls_dcert_file = $smtpd_tls_dcert_file tlsproxy_tls_dh1024_param_file = $smtpd_tls_dh1024_param_file tlsproxy_tls_dh512_param_file = $smtpd_tls_dh512_param_file tlsproxy_tls_dkey_file = $smtpd_tls_dkey_file tlsproxy_tls_eccert_file = $smtpd_tls_eccert_file tlsproxy_tls_eckey_file = $smtpd_tls_eckey_file tlsproxy_tls_eecdh_grade = $smtpd_tls_eecdh_grade tlsproxy_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers tlsproxy_tls_fingerprint_digest = $smtpd_tls_fingerprint_digest tlsproxy_tls_key_file = $smtpd_tls_key_file tlsproxy_tls_loglevel = $smtpd_tls_loglevel tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers tlsproxy_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols tlsproxy_tls_protocols = $smtpd_tls_protocols tlsproxy_tls_req_ccert = $smtpd_tls_req_ccert tlsproxy_tls_security_level = $smtpd_tls_security_level tlsproxy_tls_session_cache_timeout = $smtpd_tls_session_cache_timeout tlsproxy_use_tls = $smtpd_use_tls tlsproxy_watchdog_timeout = 10s trace_service_name = trace transport_maps = transport_retry_time = 60s trigger_timeout = 10s undisclosed_recipients_header = unknown_address_reject_code = 450 unknown_address_tempfail_action = $reject_tempfail_action unknown_client_reject_code = 450 unknown_helo_hostname_tempfail_action = $reject_tempfail_action unknown_hostname_reject_code = 450 unknown_local_recipient_reject_code = 550 unknown_relay_recipient_reject_code = 550 unknown_virtual_alias_reject_code = 550 unknown_virtual_mailbox_reject_code = 550 unverified_recipient_defer_code = 450 unverified_recipient_reject_code = 450 unverified_recipient_reject_reason = unverified_recipient_tempfail_action = $reject_tempfail_action unverified_sender_defer_code = 450 unverified_sender_reject_code = 450 unverified_sender_reject_reason = unverified_sender_tempfail_action = $reject_tempfail_action uucp_delivery_slot_cost = $default_delivery_slot_cost uucp_delivery_slot_discount = $default_delivery_slot_discount uucp_delivery_slot_loan = $default_delivery_slot_loan uucp_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit uucp_destination_concurrency_limit = $default_destination_concurrency_limit uucp_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback uucp_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback uucp_destination_rate_delay = $default_destination_rate_delay uucp_destination_recipient_limit = $default_destination_recipient_limit uucp_extra_recipient_limit = $default_extra_recipient_limit uucp_initial_destination_concurrency = $initial_destination_concurrency uucp_minimum_delivery_slots = $default_minimum_delivery_slots uucp_recipient_limit = $default_recipient_limit uucp_recipient_refill_delay = $default_recipient_refill_delay uucp_recipient_refill_limit = $default_recipient_refill_limit uucp_time_limit = $command_time_limit verp_delimiter_filter = -=+ virtual_alias_domains = $virtual_alias_maps virtual_alias_expansion_limit = 1000 virtual_alias_maps = $virtual_maps virtual_alias_recursion_limit = 1000 virtual_delivery_slot_cost = $default_delivery_slot_cost virtual_delivery_slot_discount = $default_delivery_slot_discount virtual_delivery_slot_loan = $default_delivery_slot_loan virtual_destination_concurrency_failed_cohort_limit = $default_destination_concurrency_failed_cohort_limit virtual_destination_concurrency_limit = $default_destination_concurrency_limit virtual_destination_concurrency_negative_feedback = $default_destination_concurrency_negative_feedback virtual_destination_concurrency_positive_feedback = $default_destination_concurrency_positive_feedback virtual_destination_rate_delay = $default_destination_rate_delay virtual_destination_recipient_limit = $default_destination_recipient_limit virtual_extra_recipient_limit = $default_extra_recipient_limit virtual_gid_maps = virtual_initial_destination_concurrency = $initial_destination_concurrency virtual_mailbox_base = virtual_mailbox_domains = $virtual_mailbox_maps virtual_mailbox_limit = 51200000 virtual_mailbox_lock = fcntl, dotlock virtual_mailbox_maps = virtual_minimum_delivery_slots = $default_minimum_delivery_slots virtual_minimum_uid = 100 virtual_recipient_limit = $default_recipient_limit virtual_recipient_refill_delay = $default_recipient_refill_delay virtual_recipient_refill_limit = $default_recipient_refill_limit virtual_transport = virtual virtual_uid_maps = [/code] *Here is the output of my dovecot -n:* [code] root at andromeda:/etc/postfix# dovecot -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-38-generic-pae i686 Ubuntu 12.04.2 LTS ext4 disable_plaintext_auth = no first_valid_uid = 150 last_valid_uid = 150 mail_gid = mail mail_location = mbox:/var/vmail/%d/%n mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at cryptodan.net protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = mail mode = 01224 user = vmail } } ssl_ca = was automatically rejected:%n%r } [/code] I hope I provided enough information. Thanks, -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From brain at click.com.py Thu Mar 14 10:28:23 2013 From: brain at click.com.py (Cesar) Date: Thu, 14 Mar 2013 01:28:23 -0700 (PDT) Subject: [Dovecot] Dovecot error wuth MySQL Message-ID: <1363249703373-40765.post@n4.nabble.com> Hello PeopleCan anybody help me?My scenario:- One computer with:a) postfix-2.6.6-2.2.el6_1.x86_64b) mysql-5.1.66-2.el6_3.x86_64c) dovecot-2.0.9-2.el6_1.1.x86_64d) dovecot-mysql-2.0.9-2.el6_1.1.x86_64Postfix and Dovecot auth over MySQLThe Problem:- logwatch show me: Dovecot disconnects: auth failed, 1 attempts: 1 Time(s) in IDLE: 2 Time(s) no auth attempts: 6 Time(s) no reason: 6 Time(s) **Unmatched Entries** dovecot: auth: Error: mysql: Query failed, retrying: MySQL server has gone away: 125 Time(s)(125 Times Wow)For example part of maillog show me:About MySQL auth failed:Mar 10 03:55:05 gateway dovecot: auth: Error: mysql: Query failed, retrying: MySQL server has gone awayMar 10 03:55:05 gateway dovecot: auth: mysql: Connected to localhost (mail)Mar 10 03:55:05 gateway dovecot: pop3-login: Login: user=user-name at domain.com>, method=PLAIN, rip=192.168.100.31, lip=190.128.232.2, mpid=16352Mar 10 03:55:05 gateway dovecot: pop3(user-name at domain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0The Question:How to fix it? (i don't want to see the dovecot auth error mysql)I will be very grateful to anyone who can help me ----- Best Regards Cesar -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-error-wuth-MySQL-tp40765.html Sent from the Dovecot mailing list archive at Nabble.com. From h.reindl at thelounge.net Thu Mar 14 11:44:05 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Thu, 14 Mar 2013 10:44:05 +0100 Subject: [Dovecot] Dovecot error wuth MySQL In-Reply-To: <1363249703373-40765.post@n4.nabble.com> References: <1363249703373-40765.post@n4.nabble.com> Message-ID: <51419BE5.3050101@thelounge.net> Am 14.03.2013 09:28, schrieb Cesar: > Hello PeopleCan anybody help me?My scenario:- One computer with:a) > postfix-2.6.6-2.2.el6_1.x86_64b) mysql-5.1.66-2.el6_3.x86_64c) > dovecot-2.0.9-2.el6_1.1.x86_64d) dovecot-mysql-2.0.9-2.el6_1.1.x86_64Postfix > and Dovecot auth over MySQLThe Problem:- logwatch show me: Dovecot > disconnects: auth failed, 1 attempts: 1 Time(s) in IDLE: 2 Time(s) > no auth attempts: 6 Time(s) no reason: 6 Time(s) **Unmatched Entries** > dovecot: auth: Error: mysql: Query failed, retrying: MySQL server has gone > away: 125 Time(s)(125 Times Wow)For example part of maillog show me:About > MySQL auth failed:Mar 10 03:55:05 gateway dovecot: auth: Error: mysql: Query > failed, retrying: MySQL server has gone awayMar 10 03:55:05 gateway dovecot: > auth: mysql: Connected to localhost (mail)Mar 10 03:55:05 gateway dovecot: > pop3-login: Login: user=user-name at domain.com>, method=PLAIN, > rip=192.168.100.31, lip=190.128.232.2, mpid=16352Mar 10 03:55:05 gateway > dovecot: pop3(user-name at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/0, size=0 > The Question:How to fix it? (i don't want to see > the dovecot auth error mysql)I will be very grateful to anyone who can help > me not not shutdown mysqld or filter in /etc/rsyslog.conf which would be a silly idea because the next time with a problem you supress maybe important messages and starts eeking for help -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From ws+dovecot at iai.uni-bonn.de Thu Mar 14 12:05:29 2013 From: ws+dovecot at iai.uni-bonn.de (Walter Steiner) Date: Thu, 14 Mar 2013 11:05:29 +0100 Subject: [Dovecot] v2.2 dsync In-Reply-To: <20130227132749.GC28069@uran.iai.uni-bonn.de> References: <20130226154031.GH6073@uran.iai.uni-bonn.de> <1361968244.27458.30.camel@hurina> <20130227132749.GC28069@uran.iai.uni-bonn.de> Message-ID: <20130314100529.GA18113@uran.iai.uni-bonn.de> On Wed, Feb 27, 2013 at 14:27:49 +0100, Walter Steiner wrote: > > > 2) and without the acl plugin > > .. > > > Core was generated by `/m/sw/dc/a/bin/doveadm -Dv backup -R -u cyrtest1 at iai.uni-bonn.de -m INBOX imapc'. > > > Program terminated with signal 11, Segmentation fault. > > > [New process 94912 ] > > > #0 0x00000000004578cc in dsync_ibc_send_mail_request (ibc=0x4a9f20, request=0x5441c0) at dsync-ibc.c:38 > > > 38 return ibc->v.is_send_queue_full(ibc) ? > > > (gdb) bt full > > > #0 0x00000000004578cc in dsync_ibc_send_mail_request (ibc=0x4a9f20, request=0x5441c0) at dsync-ibc.c:38 > > > __FUNCTION__ = "dsync_ibc_send_mail_request" > > > #1 0x000000000044a6b1 in dsync_brain_send_mail_request (brain=0x4aa5e0) at dsync-brain-mails.c:25 > > > request = (const struct dsync_mail_request *) 0x5441c0 > > > __FUNCTION__ = "dsync_brain_send_mail_request" > > > > Now this is a strange one. Can you reproduce itIn gdb show also the > > result of: > > > > p *ibc > > (gdb) p *ibc > $1 = {v = {deinit = 0x45c5eb , send_handshake = 0x45c753 , recv_handshake = 0x45c804 , > send_end_of_list = 0x45c8b6 , send_mailbox_state = 0x45c8e4 , recv_mailbox_state = 0x45c951 , > send_mailbox_tree_node = 0x45c9e1 , recv_mailbox_tree_node = 0x45ca54 , > send_mailbox_deletes = 0x45cade , recv_mailbox_deletes = 0x45cb3d , send_mailbox = 0x45cbc8 , > recv_mailbox = 0x45cd11 , send_change = 0x45cd79 , recv_change = 0x45cdce , > send_mail_request = 0x45ce36 , recv_mail_request = 0x45ce9f , send_mail = 0x45cf07 , > recv_mail = 0x45cfff , close_mail_streams = 0x45d0ce , is_send_queue_full = 0x45c855 , > has_pending_data = 0x45c889 }, io_callback = 0x445827 , io_context = 0x4a9fd0, failed = 0} > Hello Timo et al, is there a chance that the crash I have reported two weeks ago can be fixed? Or any thoughts about what triggers it / what I better try to avoid / I do wrong? Any help is appreciated! I'm afraid that our window of time for switching IMAP server software will shut this month and we are forced to stay with cyrus for another dozen of years. I've compiled each nightly but a segmentation fault remains. Is there anything I can do to avoid it or give helpful information? Short reminder: with 2.1.15 mailboxes are being transferred from the cyrus box. With 2.2(-20130314) not even a single mail in a single mailbox made it to the dovecot side. The plan is to use doveadm backup to transfer and adapt the content of the cyrus server to the new dovecot server while the cyrus server remains in use. After running some iter- ations (each will take less time) we switch the service from cyrus to dovecot. We think it is better to not start with 2.1.x as we want to benefit from the new 2.2 dsync protocol to keep two dovecot servers in sync. I have tried to simplify the configuration which is following: # 20130314: /m/sw/dc/2.2-20130314/etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc zfs auth_debug = yes auth_debug_passwords = yes auth_default_realm = iai.uni-bonn.de auth_master_user_separator = * auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot/ debug_log_path = /tmp/dcd imapc_features = rfc822.size imapc_host = mailbox.iai.uni-bonn.de imapc_list_prefix = INBOX imapc_master_user = *removed* imapc_password = *removed* imapc_port = 993 imapc_ssl = imaps imapc_ssl_verify = no imapc_user = %n log_path = /tmp/dce mail_debug = yes mail_gid = dovemail mail_location = sdbox:/m/d/imap/mbox/m/%n mail_plugins = notify mail_log mail_uid = dovemail namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace user { hidden = no list = children location = sdbox:/m/d/imap/mbox/m/%%n prefix = user/%%u/ separator = / type = shared } passdb { args = scheme=CRYPT username_format=%u /m/d/etc/user/pw driver = passwd-file } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-giat driver = passwd-file master = yes pass = yes } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-top driver = passwd-file master = yes pass = yes } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-top driver = passwd-file } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mailbox_create save flag_change mail_log_fields = uid box msgid size } protocols = imap pop3 service auth-worker { user = doveauth } service auth { user = doveauth } service imap-login { process_min_avail = 4 service_count = 1 } service imap { executable = imap process_limit = 1024 } service pop3 { executable = pop3 process_limit = 64 } ssl_cert = References: <1363249703373-40765.post@n4.nabble.com> Message-ID: <5141A752.8010501@sys4.de> Am 14.03.2013 09:28, schrieb Cesar: > Hello PeopleCan anybody help me?My scenario:- One computer with:a) > postfix-2.6.6-2.2.el6_1.x86_64b) mysql-5.1.66-2.el6_3.x86_64c) > dovecot-2.0.9-2.el6_1.1.x86_64d) dovecot-mysql-2.0.9-2.el6_1.1.x86_64Postfix > and Dovecot auth over MySQLThe Problem:- logwatch show me: Dovecot > disconnects: auth failed, 1 attempts: 1 Time(s) in IDLE: 2 Time(s) > no auth attempts: 6 Time(s) no reason: 6 Time(s) **Unmatched Entries** > dovecot: auth: Error: mysql: Query failed, retrying: MySQL server has gone > away: 125 Time(s)(125 Times Wow)For example part of maillog show me:About > MySQL auth failed:Mar 10 03:55:05 gateway dovecot: auth: Error: mysql: Query > failed, retrying: MySQL server has gone awayMar 10 03:55:05 gateway dovecot: > auth: mysql: Connected to localhost (mail)Mar 10 03:55:05 gateway dovecot: > pop3-login: Login: user=user-name at domain.com>, method=PLAIN, > rip=192.168.100.31, lip=190.128.232.2, mpid=16352Mar 10 03:55:05 gateway > dovecot: pop3(user-name at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/0, size=0The Question:How to fix it? (i don't want to see > the dovecot auth error mysql)I will be very grateful to anyone who can help > me > > > > ----- > Best Regards > Cesar > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-error-wuth-MySQL-tp40765.html > Sent from the Dovecot mailing list archive at Nabble.com. > looks like your mysql server was not reachable Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From heupink at merit.unu.edu Thu Mar 14 12:37:32 2013 From: heupink at merit.unu.edu (mourik jan c heupink) Date: Thu, 14 Mar 2013 11:37:32 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: Message-ID: <5141A86C.8050103@merit.unu.edu> Hi Daniel, I'm new to dovecot myself, but did you read this: http://wiki2.dovecot.org/LDA/Postfix I'm guessing that perhaps you need to configure your virtual transport? So, in master.cf, include a line like: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} and configure virtual_transport = dovecot in main.cf But again... I'm very new to all this myself, but perhaps it helps? Regards, MJ From cryptodan at gmail.com Thu Mar 14 12:53:37 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Thu, 14 Mar 2013 10:53:37 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot Message-ID: Replying back to the list. On Thu, Mar 14, 2013 at 10:51 AM, mourik jan c heupink < heupink at merit.unu.edu> wrote: > please reply to the list > > > On 3/14/2013 11:38 AM, Daniel Reinhardt wrote: > >> Yes I have read everything on that, and yet postfix does not even see >> the dovecot virtual transport. >> >> >> On Thu, Mar 14, 2013 at 10:37 AM, mourik jan c heupink >> **> wrote: >> >> Hi Daniel, >> >> I'm new to dovecot myself, but did you read this: >> http://wiki2.dovecot.org/LDA/_**_Postfix >> >> >> > >> >> I'm guessing that perhaps you need to configure your virtual >> transport? So, in master.cf , include a line like: >> >> >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:vmail >> argv=/usr/local/libexec/__**dovecot/dovecot-lda -f ${sender} -d >> ${recipient} >> >> and configure virtual_transport = dovecot in main.cf >> >> >> But again... I'm very new to all this myself, but perhaps it helps? >> >> Regards, >> MJ >> >> >> >> >> -- >> Daniel Reinhardt >> cryptodan at cryptodan.net >> > >> http://www.cryptodan.net >> 301-875-7018(c) >> 410-455-0488(h) >> > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From jerry at seibercom.net Thu Mar 14 12:56:37 2013 From: jerry at seibercom.net (Jerry) Date: Thu, 14 Mar 2013 06:56:37 -0400 Subject: [Dovecot] Dovecot error wuth MySQL In-Reply-To: <1363249703373-40765.post@n4.nabble.com> References: <1363249703373-40765.post@n4.nabble.com> Message-ID: <20130314065637.539b4c4f@scorpio> On Thu, 14 Mar 2013 01:28:23 -0700 (PDT) Cesar articulated: > Hello PeopleCan anybody help me?My scenario:- One computer with:a) > postfix-2.6.6-2.2.el6_1.x86_64b) mysql-5.1.66-2.el6_3.x86_64c) > dovecot-2.0.9-2.el6_1.1.x86_64d) > dovecot-mysql-2.0.9-2.el6_1.1.x86_64Postfix and Dovecot auth over > MySQLThe Problem:- logwatch show me: Dovecot disconnects: auth > failed, 1 attempts: 1 Time(s) in IDLE: 2 Time(s) no auth attempts: > 6 Time(s) no reason: 6 Time(s) **Unmatched Entries** dovecot: > auth: Error: mysql: Query failed, retrying: MySQL server has gone > away: 125 Time(s)(125 Times Wow)For example part of maillog show > me:About MySQL auth failed:Mar 10 03:55:05 gateway dovecot: auth: > Error: mysql: Query failed, retrying: MySQL server has gone awayMar > 10 03:55:05 gateway dovecot: auth: mysql: Connected to localhost > (mail)Mar 10 03:55:05 gateway dovecot: pop3-login: Login: > user=user-name at domain.com>, method=PLAIN, rip=192.168.100.31, > lip=190.128.232.2, mpid=16352Mar 10 03:55:05 gateway dovecot: > pop3(user-name at domain.com): Disconnected: Logged out top=0/0, > retr=0/0, del=0/0, size=0The Question:How to fix it? (i don't want to > see the dovecot auth error mysql)I will be very grateful to anyone > who can help The line wrapping is making this mess extremely difficult to read and decipher. Are you even sure the MySQL server is even running? Have you tried shutting down your system and rebooting and observing what transpires? Do you have log entries from the MySQL and Dovecot servers? Post the unaltered output of: postconf -n dovecot -n It might be helpful to post the MySQL file that dovecot is using to contact the MySQL server also. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From heupink at merit.unu.edu Thu Mar 14 13:02:38 2013 From: heupink at merit.unu.edu (mourik jan c heupink) Date: Thu, 14 Mar 2013 12:02:38 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: Message-ID: <5141AE4E.70005@merit.unu.edu> Looking at your config, I notice virtual_transport = virtual However according to http://wiki2.dovecot.org/LDA/Postfix: main.cf: dovecot_destination_recipient_limit = 1 virtual_mailbox_domains = your.domain.here virtual_transport = dovecot master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/dovecot-lda -f ${sender} -d ${recipient} But again, I'm new to all this. Here postfix/dovecot/virtual works fine, and all I did was follow the docs. On 3/14/2013 11:53 AM, Daniel Reinhardt wrote: > Replying back to the list. > > On Thu, Mar 14, 2013 at 10:51 AM, mourik jan c heupink < > heupink at merit.unu.edu> wrote: > >> please reply to the list >> >> >> On 3/14/2013 11:38 AM, Daniel Reinhardt wrote: >> >>> Yes I have read everything on that, and yet postfix does not even see >>> the dovecot virtual transport. >>> >>> >>> On Thu, Mar 14, 2013 at 10:37 AM, mourik jan c heupink >>> **> wrote: >>> >>> Hi Daniel, >>> >>> I'm new to dovecot myself, but did you read this: >>> http://wiki2.dovecot.org/LDA/_**_Postfix >>> >>> >>>> >>> >>> I'm guessing that perhaps you need to configure your virtual >>> transport? So, in master.cf , include a line like: >>> >>> >>> dovecot unix - n n - - pipe >>> flags=DRhu user=vmail:vmail >>> argv=/usr/local/libexec/__**dovecot/dovecot-lda -f ${sender} -d >>> ${recipient} >>> >>> and configure virtual_transport = dovecot in main.cf >>> >>> >>> But again... I'm very new to all this myself, but perhaps it helps? >>> >>> Regards, >>> MJ >>> >>> >>> >>> >>> -- >>> Daniel Reinhardt >>> cryptodan at cryptodan.net >>>> >>> http://www.cryptodan.net >>> 301-875-7018(c) >>> 410-455-0488(h) >>> >> > > From cryptodan at gmail.com Thu Mar 14 13:11:14 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Thu, 14 Mar 2013 11:11:14 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5141AE4E.70005@merit.unu.edu> References: <5141AE4E.70005@merit.unu.edu> Message-ID: I looked at my config in main.cf and I do not see it. Can you point it out? On Thu, Mar 14, 2013 at 11:02 AM, mourik jan c heupink < heupink at merit.unu.edu> wrote: > Looking at your config, I notice > virtual_transport = virtual > > However according to http://wiki2.dovecot.org/LDA/**Postfix > : > main.cf: > dovecot_destination_recipient_**limit = 1 > virtual_mailbox_domains = your.domain.here > virtual_transport = dovecot > > master.cf: > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/local/libexec/**dovecot/dovecot-lda > -f ${sender} -d ${recipient} > > But again, I'm new to all this. Here postfix/dovecot/virtual works fine, > and all I did was follow the docs. > > > On 3/14/2013 11:53 AM, Daniel Reinhardt wrote: > >> Replying back to the list. >> >> On Thu, Mar 14, 2013 at 10:51 AM, mourik jan c heupink < >> heupink at merit.unu.edu> wrote: >> >> please reply to the list >>> >>> >>> On 3/14/2013 11:38 AM, Daniel Reinhardt wrote: >>> >>> Yes I have read everything on that, and yet postfix does not even see >>>> the dovecot virtual transport. >>>> >>>> >>>> On Thu, Mar 14, 2013 at 10:37 AM, mourik jan c heupink >>>> ****> wrote: >>>> >>>> Hi Daniel, >>>> >>>> I'm new to dovecot myself, but did you read this: >>>> http://wiki2.dovecot.org/LDA/_****_Postfix >>>> >>>> > >>>> >>>> >>>> >>>> > >>>> >>>> >>>>> >>>> I'm guessing that perhaps you need to configure your virtual >>>> transport? So, in master.cf , include a line >>>> like: >>>> >>>> >>>> dovecot unix - n n - - pipe >>>> flags=DRhu user=vmail:vmail >>>> argv=/usr/local/libexec/__****dovecot/dovecot-lda -f ${sender} -d >>>> >>>> ${recipient} >>>> >>>> and configure virtual_transport = dovecot in main.cf < >>>> http://main.cf> >>>> >>>> >>>> But again... I'm very new to all this myself, but perhaps it helps? >>>> >>>> Regards, >>>> MJ >>>> >>>> >>>> >>>> >>>> -- >>>> Daniel Reinhardt >>>> cryptodan at cryptodan.net >>> cryptodan at cryptodan.net> >>>> >>>>> >>>>> http://www.cryptodan.net >>>> 301-875-7018(c) >>>> 410-455-0488(h) >>>> >>>> >>> >> >> -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From CMarcus at Media-Brokers.com Thu Mar 14 13:26:30 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 14 Mar 2013 07:26:30 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: Message-ID: <5141B3E6.5000601@Media-Brokers.com> Where to begin... 1. Daniel, when Mourik told you to reply back to the list, they meant that if they send a reply to the list, then you reply to that, send that reply to the list, not to the person who replied. Meaning, all replies should go to the list (unless they are merely personal commentary). Mourik replied to you on the list. You sent your reply back only to him. You should have replied keeping the thread on the list. Fyi, dovecot list does not do reply-to-munging - meaning, if you only click the 'Reply' button in your email program, it will only reply to the original sender. Use the 'Reply-to-list' button (if you have one - ), or click 'Reply-to-all' button and remove the original senders address before sending... 2. Why do you have postfix logging in verbose mode?! Turn that off and repost logs. On the postfix list, you will be told the same thing - normal postfix logging is sufficient for troubleshooting 99.9% of all problems you may run into. Enabling verbose logging only makes things vastly more difficult, hiding the actual problem among all the other noise. 3. Why did you post postconf -d output? Just like dovecot, that only shows you the *defaults*. We need to see the actual config you are using. So, please post output of postconf -n That will be enough to show you how to fix your problems. And Mouriks comment was right on point... you probably have to *enable* the dovecot LDA in main.cf. Just having it in master.cf isn't enough, you have to actually turn it on in main.cf, and postconf -n output should show you it is being used. If you are still having problems after doing all of this, come back and post non-verbose logs exhibiting your problem, and postconf -n output. If you still have a postfix problem, you will likely be directed to the postfix list to pursue further troubleshooting, but a lot of people on this list also use postfix and will likely be able to help you fix the problem if you provide enough of the right information. Charles On 2013-03-13 10:50 PM, Daniel Reinhardt wrote: > All, > > Thank you for having this list, and I have a question regarding why postfix > is not handing off delivery to Dovecot to virtual users. > > Here is all I can offer since I am not at my server: > > *Here is the debug information for my postfix setup:* irrelevant verbose logging and postconf -d output > *Here is the output of my dovecot -n:* > > [code] > root at andromeda:/etc/postfix# dovecot -n > # 2.0.19: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-38-generic-pae i686 Ubuntu 12.04.2 LTS ext4 > disable_plaintext_auth = no > first_valid_uid = 150 > last_valid_uid = 150 > mail_gid = mail > mail_location = mbox:/var/vmail/%d/%n > mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > postmaster_address = postmaster at cryptodan.net > protocols = imap pop3 sieve > service auth { > unix_listener /var/spool/postfix/private/dovecot-auth { > group = postfix > mode = 0660 > user = postfix > } > unix_listener auth-userdb { > group = mail > mode = 01224 > user = vmail > } > } > ssl_ca = ssl_cert = ssl_cipher_list = > ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM > ssl_key = userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep > mail_max_userip_connections = 10 > } > protocol pop3 { > mail_max_userip_connections = 10 > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > } > protocol lda { > deliver_log_format = msgid=%m: %$ > mail_plugins = sieve > postmaster_address = postmaster > quota_full_tempfail = yes > rejection_reason = Your message to <%t> was automatically rejected:%n%r > } > [/code] > > I hope I provided enough information. Well at least you posted dovecot -n output. -- Best regards, Charles From CMarcus at Media-Brokers.com Thu Mar 14 13:34:52 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 14 Mar 2013 07:34:52 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> Message-ID: <5141B5DC.6040107@Media-Brokers.com> On 2013-03-14 7:11 AM, Daniel Reinhardt wrote: > I looked at my config in main.cf and I do not see it. Can you point it out? First, virtual_transport = virtual is the default setting. Since you posted -d output, that is what was shown. With postfix (and I believe dovecot), the last config entry wins. So, if you have a certain setting specified twice in the config file, the last one (closest to the bottom) is the one that is used. Postconf -n output will show you whether or not you have changed it. If you are certain you have changed it, and postconf -n output doesn't show virtual_transport = dovecot, then you either have your change somewhere above the default in main.cf (meaning your setting is not the last one, and so is over-ridden), or, you are not using the main.cf file you think you are. Show contents of master.cf (minus commented lines)... Is your postfix chroot'd? If so (no 'n' in the chroot column), then you are probably editing the wrong main.cf. A long time ago I decided it was easier to just create a section at the very end of main.cf, and put all of my changes there. -- Best regards, Charles From tmikaeld at gmail.com Thu Mar 14 15:07:14 2013 From: tmikaeld at gmail.com (tmikaeld) Date: Thu, 14 Mar 2013 06:07:14 -0700 (PDT) Subject: [Dovecot] Panic when indexing virtual folder with solr In-Reply-To: <20130314065415.GA8318@london.s2end.co.uk> References: <20130314065415.GA8318@london.s2end.co.uk> Message-ID: <1363266434061-40779.post@n4.nabble.com> This happened to me too, i just downloaded the source for Dovecot 2.1.15 and used the Solr XML scheme from there instead of the one supplied with Ubuntu. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Panic-when-indexing-virtual-folder-with-solr-tp40764p40779.html Sent from the Dovecot mailing list archive at Nabble.com. From skdovecot at smail.inf.fh-brs.de Thu Mar 14 18:22:25 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 14 Mar 2013 17:22:25 +0100 (CET) Subject: [Dovecot] Converting from Cyrus -> Dovecot sdbox In-Reply-To: <20130313101554.Horde.Pf_3QY45CkiI0KGCejNbWA1@horde4.hq.kwsoft.de> References: <20130313101554.Horde.Pf_3QY45CkiI0KGCejNbWA1@horde4.hq.kwsoft.de> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 13 Mar 2013, lst_hoe02 at kwsoft.de wrote: > cyrus2dovecot and than with dsync from maildir to sdbox. Is this correct or > are there other possibilities to go in one step from Cyrus format to sdbox? if both servers are available simultaneously and you have an admin user on both servers, you can use imapsync (or similiar) tools to sync via IMAP. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUH5Q13r2wJMiz2NAQIkXQf8D+scvvi2B3qk+bH8VVDQTEblkLZfybG/ fzHn+H2oe76y9Pfz+03oJhJxz5cKWZ2x6JeQi3UQxQiToxwVNZVijcxszzkVVFou 73RruqB1fy3SIfv05uXgGkZPg66IhCd29lQbXMr1+UAsDaYqxIXbDFYffdbBRgb0 557wNOh3pvUBf0pZA9enu3Ysf0P0bhYuLukwy3uAjnQet92DYX8PdM2cUQqL/KHO GKWQLdUg/+JzPL0e+lKEMyhSaYImAFJ2Xi8uSlV/lwM+IpzEmL1w3C36yIt6MXW/ XAp7DjJg2v07dOSiHbdpyxfkVTfp8OB4KCwABg/NVGQLPlGJQowuiQ== =yOil -----END PGP SIGNATURE----- From brain at click.com.py Thu Mar 14 21:43:08 2013 From: brain at click.com.py (Cesar) Date: Thu, 14 Mar 2013 12:43:08 -0700 (PDT) Subject: [Dovecot] Dovecot error wuth MySQL In-Reply-To: <20130314065637.539b4c4f@scorpio> References: <1363249703373-40765.post@n4.nabble.com> <20130314065637.539b4c4f@scorpio> Message-ID: <1363290188019-40781.post@n4.nabble.com> Thanls for your answers (about pf my problem with Dovecot and MySQL) *This is the answers: postconf -n:* alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = localhost mydomain = raho.com.py myhostname = mail.raho.com.py mynetworks_style = host myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/tls/certs/mail.raho.com.py.crt smtpd_tls_key_file = /etc/pki/tls/private/mail.raho.com.py.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache.db smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_catchall_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:5000 *dovecot -n:* # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_mechanisms = plain login cram-md5 dict { quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no first_valid_gid = 5000 first_valid_uid = 5000 last_valid_gid = 5000 last_valid_uid = 5000 mail_gid = 5000 mail_location = maildir:%hMaildir mail_plugins = quota mail_uid = 5000 mbox_write_locks = fcntl namespace { inbox = yes location = prefix = INBOX. separator = type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:user::proxy::quotadict quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u } postmaster_address = postmaster at raho.com.py service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } service dict { unix_listener dict { user = vmail } } service quota-warning { executable = script /etc/dovecot/quota-warning.sh unix_listener quota-warning { user = vmail } user = vmail } ssl_cert = May be the configuration of Mysql?, Note: I don't want to use write cache, read cache is welcome, this is my my.cnf file* [mysqld] port = 3306 socket = /var/lib/mysql/mysql.sock datadir = /var/lib/mysql user = mysql # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 default-storage-engine = InnoDB innodb_flush_log_at_trx_commit=1 sync_binlog=1 skip-external-locking #max_delayed_threads = 0 connect_timeout = 15 wait_timeout = 60 interactive_timeout = 60 bind-address = 127.0.0.1 log_error = /var/log/mysqld.log log_warnings = 0 local_infile = 0 skip-symbolic-links max_connections = 200 max_user_connections = 170 back_log = 50 max_join_size = 256M max_allowed_packet = 16M key_buffer_size = 64M myisam-recover = BACKUP,FORCE query_cache_size = 64M query_cache_type = 1 query_cache_limit = 1M delay_key_write = OFF table_open_cache = 4096 thread_cache_size = 64 tmp_table_size = 64M max_tmp_tables = 64 max_heap_table_size = 64M open_files_limit = 8192 thread_stack = 256K innodb_thread_concurrency = 8 innodb_log_file_size = 5M innodb_file_per_table = 1 innodb_buffer_pool_size = 128M innodb_flush_method = O_DIRECT long_query_time = 10 slow_query_log= 1 slow_query_log_file=/var/log/mysqld-slow.log log-queries-not-using-indexes log-short-format= 1 [myisamchk] key_buffer = 512M sort_buffer_size = 512M read_buffer = 16M write_buffer = 16M [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid ----- Best Regards Cesar -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-error-with-MySQL-tp40765p40781.html Sent from the Dovecot mailing list archive at Nabble.com. From CMarcus at Media-Brokers.com Thu Mar 14 22:44:36 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 14 Mar 2013 16:44:36 -0400 Subject: [Dovecot] Bare bones Debian vmWare appliance? Message-ID: <514236B4.2010102@Media-Brokers.com> Hi all, Does anyone know of a decent bare-bones debian vmWare appliance I can download to play with? Thanks, -- Best regards, Charles From werner at aloah-from-hell.de Thu Mar 14 22:56:02 2013 From: werner at aloah-from-hell.de (Werner Detter) Date: Thu, 14 Mar 2013 21:56:02 +0100 Subject: [Dovecot] Bare bones Debian vmWare appliance? In-Reply-To: <514236B4.2010102@Media-Brokers.com> References: <514236B4.2010102@Media-Brokers.com> Message-ID: <51423962.5060405@aloah-from-hell.de> Hi, > Does anyone know of a decent bare-bones debian vmWare appliance I can > download to play with? I don't but: a base installation of Debian within VMWare with the netinstall image takes approximately 5 Minutes ... regards, WErner From CMarcus at Media-Brokers.com Thu Mar 14 22:58:21 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 14 Mar 2013 16:58:21 -0400 Subject: [Dovecot] Bare bones Debian vmWare appliance? In-Reply-To: <51423962.5060405@aloah-from-hell.de> References: <514236B4.2010102@Media-Brokers.com> <51423962.5060405@aloah-from-hell.de> Message-ID: <514239ED.9030403@Media-Brokers.com> On 2013-03-14 4:56 PM, Werner Detter wrote: >> Does anyone know of a decent bare-bones debian vmWare appliance I can >> download to play with? > I don't but: a base installation of Debian within VMWare with the > netinstall image takes approximately 5 Minutes ... Ok, guess I'll give that a shot (zero experience with Debian)... Thanks From cryptodan at gmail.com Fri Mar 15 00:41:14 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Thu, 14 Mar 2013 22:41:14 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5141B5DC.6040107@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> Message-ID: Thank you for point that out, so I went ahead and removed postfix, mysql, and dovecot in hopes to start fresh and follow the guide I used previously. Yet Postfix still isnt sending mail to the virtual mailbox setting defined in my dovecot config: Here is the output of the postconf -n. I aplogize for the postconf -d, as I was not aware of the difference. //// Postconf -n append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 disable_vrfy_command = yes dovecot_destination_recipient_limit = 1 inet_interfaces = all mailbox_size_limit = 0 maximal_backoff_time = 8000s maximal_queue_lifetime = 7d minimal_backoff_time = 1000s mydestination = localhost, cryptodan.net, mail.cryptodan.net, mail.pandorah.net, pandorah.net, andromeda.milkyway myhostname = andromeda.milkyway mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mynetworks_style = host myorigin = /etc/hostname readme_directory = no recipient_delimiter = + smtp_helo_timeout = 60s smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org smtpd_data_restrictions = reject_unauth_pipelining smtpd_delay_reject = yes smtpd_hard_error_limit = 12 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_limit = 16 smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, check_policy_service inet:127.0.0.1:10023, permit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit smtpd_soft_error_limit = 3 smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 450 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf virtual_gid_maps = static:8 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf virtual_transport = dovecot virtual_uid_maps = static:150 //// Here is the virtual_transport set in master.cf to dovecot: dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d $(recipient) Here is my dovecot -n output: /////root at andromeda:/etc/postfix# dovecot -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-38-generic-pae i686 Ubuntu 12.04.2 LTS ext4 disable_plaintext_auth = no first_valid_uid = 150 last_valid_uid = 150 mail_gid = mail mail_location = maildir:/var/vmail/%d/%n mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 sieve service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = mail mode = 01224 user = vmail } } ssl_cert = was automatically rejected:%n%r } //// Thanks, Daniel Reinhardt On Thu, Mar 14, 2013 at 11:34 AM, Charles Marcus wrote: > On 2013-03-14 7:11 AM, Daniel Reinhardt wrote: > >> I looked at my config in main.cf and I do not see it. Can you point it >> out? >> > > First, virtual_transport = virtual is the default setting. Since you > posted -d output, that is what was shown. > > With postfix (and I believe dovecot), the last config entry wins. So, if > you have a certain setting specified twice in the config file, the last one > (closest to the bottom) is the one that is used. > > Postconf -n output will show you whether or not you have changed it. > > If you are certain you have changed it, and postconf -n output doesn't > show virtual_transport = dovecot, then you either have your change > somewhere above the default in main.cf (meaning your setting is not the > last one, and so is over-ridden), or, you are not using the main.cf file > you think you are. > > Show contents of master.cf (minus commented lines)... > > Is your postfix chroot'd? If so (no 'n' in the chroot column), then you > are probably editing the wrong main.cf. > > A long time ago I decided it was easier to just create a section at the > very end of main.cf, and put all of my changes there. > > -- > > Best regards, > > Charles > > > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From brain at click.com.py Fri Mar 15 02:30:53 2013 From: brain at click.com.py (Cesar) Date: Thu, 14 Mar 2013 17:30:53 -0700 (PDT) Subject: [Dovecot] Dovecot error with MySQL In-Reply-To: <1363290188019-40781.post@n4.nabble.com> References: <1363249703373-40765.post@n4.nabble.com> <20130314065637.539b4c4f@scorpio> <1363290188019-40781.post@n4.nabble.com> Message-ID: <1363307453040-40786.post@n4.nabble.com> Hi Jerry can you or anybody help me please? In addition to my previous post where I show the configurations (dovecot postconf-n and-n) added more files that dovecot is using to contact the MySQL server: *dovecot.conf:* protocols = imap pop3 lmtp dict { quotadict = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } !include conf.d/*.conf !include_try /etc/dovecot/local.conf *File /etc/docevot/conf.d/auth-sql.conf.ext:* passdb { driver = sql } userdb { driver = prefetch } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } *dovecot-dict-sql.conf.ext:* connect = host=localhost dbname=mail user=mail_admin password=[mysql-passwd-Access] map { pattern = priv/quota/storage table = quota2 username_field = username value_field = bytes } map { pattern = priv/quota/messages table = quota2 username_field = username value_field = messages } *dovecot-sql.conf.ext (number of lines is only for reference)* (line 1:)driver = mysql (line 2:)connect = host=localhost dbname=mail user=mail_admin password=[mysql-passwd-Access] (line 3:)default_pass_scheme = MD5 (line 4:)user_query = SELECT CONCAT('/var/mail/vhosts/', maildir) AS home, 5000 AS uid, 5000 AS gid, CONCAT('*:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active='1' (line 5:)password_query = SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = '%u' AND active='1' In the expectation of your reply I say goodbye. ----- Best Regards Cesar -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-error-with-MySQL-tp40765p40786.html Sent from the Dovecot mailing list archive at Nabble.com. From msmith at datafoundry.com Thu Mar 14 21:07:50 2013 From: msmith at datafoundry.com (Michael Smith (DF)) Date: Thu, 14 Mar 2013 19:07:50 +0000 Subject: [Dovecot] dsync migration questions Message-ID: We are currently in the process of replacing one of our customer mail systems with a dovecot solution. However, one of the sticking points right now is how to get the old mail to the new system. On the dovecot side, we are using mdbox storage. On the old system we are using qpopper/mbox mailboxes in the following setup. All user inboxes are in /mnt/mail/mail_spool. Only select, privileged, users have mail folders in /mnt/mail/mail_spool/FOLDERS/user/. I know, insane setup, but it's almost 18 years legacy now. Like this... /mnt/mail/mail_spool/user1.mbox /mnt/mail/mail_spool/user2.mbox /mnt/mail/mail_spool/user3.mbox /mnt/mail/mail_spool/user4.mbox /mnt/mail/mail_spool/FOLDERS/user2/folder1.mbox /mnt/mail/mail_spool/FOLDERS/user2/folder2.mbox Also, the UIDs between the old system and the new dovecot solution are different. User1 may have uid 2134 on the old system, but have uid 193847 on the new system. We've tried the following. Note: User Anakin has a single message already in the new inbox. mkdir -p /mnt/mail/mail_spool/.migrate/ ln /mnt/mail/mail_spool/anakin /mnt/mail/mail_spool/.migrate/inbox chmod 644 /mnt/mail/mail_spool/.migrate/inbox dsync -D -v -R -u anakin at domain.com backup mbox:/mnt/mail/mail_spool/.migrate/ ... chmod 600 /mnt/mail/mail_spool/.migrate/inbox /bin/rm -rf /mnt/mail/mail_spool/.migrate dsync(root): Debug: Loading modules from directory: /usr/lib64/dovecot dsync(root): Debug: Module loaded: /usr/lib64/dovecot/lib10_quota_plugin.so dsync(root): Debug: Module loaded: /usr/lib64/dovecot/lib20_zlib_plugin.so dsync(root): Debug: auth input: anakin uid=1000001228 gid=1000001228 home=/var/spool/mail/CC/1000001228 quota_rule=*:storage=0:messages=0 dsync(root): Debug: Added userdb setting: plugin/quota_rule=*:storage=0:messages=0 dsync(root): Debug: Effective uid=1000001228, gid=1000001228, home=/var/spool/mail/CC/1000001228 dsync(root): Debug: Quota root: name=User quota backend=dict args=:file:/var/spool/mail/CC/1000001228/dovecot.quota dsync(root): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 dsync(root): Debug: dict quota: user=anakin, uri=file:/var/spool/mail/CC/1000001228/dovecot.quota, noenforcing=0 dsync(root): Debug: fs: root=/var/spool/mail/CC/1000001228/mail, index=/var/spool/mail/CC/1000001228/index, control=, inbox= dsync(root): Debug: Namespace : Using permissions from /var/spool/mail/CC/1000001228/mail: mode=0700 gid=-1 dsync(root): Debug: Effective uid=1000001228, gid=1000001228, home=/var/spool/mail/CC/1000001228 dsync(root): Debug: Quota root: name=User quota backend=dict args=:file:/var/spool/mail/CC/1000001228/dovecot.quota dsync(root): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 dsync(root): Debug: dict quota: user=anakin, uri=file:/var/spool/mail/CC/1000001228/dovecot.quota, noenforcing=0 dsync(root): Debug: mbox: INBOX defaulted to /mnt/test/mail_spool/.migrate/inbox dsync(root): Debug: fs: root=/mnt/test/mail_spool/.migrate, index=, control=, inbox=/mnt/test/mail_spool/.migrate/inbox dsync(anakin): Debug: Namespace : Using permissions from /mnt/test/mail_spool/.migrate: mode=0777 gid=-1 dsync(anakin): Error: Can't delete mailbox INBOX: INBOX can't be deleted. dsync(anakin): Debug: Namespace : Permission lookup failed from /var/spool/mail/CC/1000001228/mail/mailboxes/INBOX_b6845831821c42517c490000a72406a4 dsync(anakin): Debug: Namespace : Using permissions from /var/spool/mail/CC/1000001228/mail: mode=0700 gid=-1 dsync(anakin): Debug: Namespace : Permission lookup failed from /var/spool/mail/CC/1000001228/mail/mailboxes/INBOX_b6845831821c42517c490000a72406a4 dsync(anakin): Debug: Namespace : Using permissions from /var/spool/mail/CC/1000001228/mail: mode=0700 gid=-1 dsync(anakin): Info: INBOX: only in dest dsync(anakin): Info: INBOX: only in source dsync(anakin): Error: Trying to open a non-listed mailbox with guid=814b6332541c425169490000a72406a4 dsync(anakin): Error: msg iteration failed: Couldn't open mailbox 814b6332541c425169490000a72406a4 dsync(anakin): Error: Trying to open a non-listed mailbox with guid=814b6332541c425169490000a72406a4 Nothing was migrated. In some other combinations, trying to reproduce them again, it does migrate the old mail, but first destroys the existing mail in the new mailbox. Our goal is to cut mail delivery over to the new dovecot system (which will result in existing emails before migration), and then migrate the old mail *while* maintaining message UIDs. This is the easiest way to ensure no "lost" email with the migration. What are we doing wrong, and how do we achieve our goals? Thanks in advance. -- Michael Smith From skdovecot at smail.inf.fh-brs.de Fri Mar 15 09:59:09 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 15 Mar 2013 08:59:09 +0100 (CET) Subject: [Dovecot] Bare bones Debian vmWare appliance? In-Reply-To: <514239ED.9030403@Media-Brokers.com> References: <514236B4.2010102@Media-Brokers.com> <51423962.5060405@aloah-from-hell.de> <514239ED.9030403@Media-Brokers.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 14 Mar 2013, Charles Marcus wrote: > On 2013-03-14 4:56 PM, Werner Detter wrote: >>> Does anyone know of a decent bare-bones debian vmWare appliance I can >>> download to play with? >> I don't but: a base installation of Debian within VMWare with the >> netinstall image takes approximately 5 Minutes ... > > Ok, guess I'll give that a shot (zero experience with Debian)... There is: http://www.trendsigma.net/vmware/debian6t.html but I never tried it myself, I go with Werner's advice :-) To install the Vmware tools does require some Unix-knowledge now and then, because it does not compile the modules most of the times I tried it. I install the "basic" built environment with: aptitude install module-assistant m-a prepare [hit ENTER two or three times] That installs more than the required stuff, but it's easy to remember. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUULUzl3r2wJMiz2NAQKaeQf+Lm/89BBI069JyBuUbLZf+A1CXGY2hFtG 1WdFeuZeAxZ3TkgLnKSW9qyo9G7q166f8rELgxHCWBTsZZSVUrsXGDweri9TobTE r7UqNI8DGU+EEY1zhPJdJzgDcQuRAybqADe+gSsM4VV7I646BYEG1H1qeuA7AMXe j7wLYojDzTt51xI1WKNhkr0Aa/w+RRjsMxu8LxbRjImSesX9n9y+FH+ZrJAr97/A 8P87jCQsK0luG0yKSg63SVvbuQEhve1QoZvMGNZC/6ODyol3hex8RHaS8PmpPQOB v1hnSgrSj8K0rWD6a+IprhSSTnx5muONx92JGsPDz229NPfl+8w/ng== =w/n9 -----END PGP SIGNATURE----- From hmoreno at gmv.com Fri Mar 15 12:37:21 2013 From: hmoreno at gmv.com (=?iso-8859-1?Q?H=E9ctor_Moreno_Blanco?=) Date: Fri, 15 Mar 2013 10:37:21 +0000 Subject: [Dovecot] problem with charset and encoding In-Reply-To: References: Message-ID: Hello everyone, Could anyone help me with this issue? Thank you very much. Kind regards. H?ctor Moreno Blanco. -----Mensaje original----- De: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] En nombre de H?ctor Moreno Blanco Enviado el: jueves, 07 de marzo de 2013 11:27 Para: dovecot at dovecot.org Asunto: Re: [Dovecot] problem with charset and encoding Hello Steffen, The mail storage is the same, Maildir. The messages do not look weird, only the special characters. When you're saying to remove old cache files, do you mean dovecot index files in the Maildir directory (dovecot* files)? I haven't done anything but deleting those files, which were re-created when starting new session in dovecot. I have tried creating a mailbox with that information and the view was correct in TB, OL and Webmail. So the problem might be in that mailbox. Do I have to do something else to "repair" this mailbox? Thank you very much, Kind regards. H?ctor Moreno Blanco -----Mensaje original----- De: Steffen Kaiser [mailto:skdovecot at smail.inf.fh-brs.de] Enviado el: jueves, 07 de marzo de 2013 10:32 Para: H?ctor Moreno Blanco CC: dovecot at dovecot.org Asunto: Re: [Dovecot] problem with charset and encoding -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Mar 2013, H?ctor Moreno Blanco wrote: > We are having some troubles since we updated dovecot from 2.0.10 to 2.1.6. Did you upgraded the mail storage, too? > With 2.0.10 with messages with this headers: > > Content-Type: text/plain; charset=ISO-8859-1 > Content-Transfer-Encoding: quoted-printable > > Showed the special characters fine. However, with this new version, there are special characters that are not correctly showed. > > For example: > > "Su c=F3digo de activaci=F3n " must be "Su c?digo de activaci?n ", but in all email clients, even in webmail, is showed like the first way without decoding it. Do the messages look wired in other ways, e.g. do they have header lines at top? > Maybe some configuration or libraries I missed? No, I don't think so. The client renders the message, Dovecot should not alter its content. Do this happen for new accounts, too? If not, maybe you need to remove the old cache files. What mail storage do you use? With Maildir you could easily create a new mailbox and drop a file with: ==== START Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Test Message-ID: Su c=F3digo de activaci=F3n ====END there then view it with a client. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUThefF3r2wJMiz2NAQJ9vQgAri6lB/a7UhtzgLQKG7TykMWV+4ZXBRRj 7KKozbAwD123QDfTpKC+TsD93XMENz4tQ6qTN6fjrUTV6nZfp74FfHu7XVki1XeU x52J4msbU6al6kc/BVboaUXB88WYUVX1DTFPQuLtyowkV9EJibRPRFtx/TnyHBfz phWGnGL4p4HgnljnJSJe1cM9k4m/tsSu+Ts2PMBFU0cewBRcSDzY9QkBvxjTkKZ0 g3q+NSDaCKBW2AS1kIhuBW0Yg0yMKARgcAKy2O2LBY2YKnzVnl4rcgscvn5z90H6 M7HIdx6uUW0CnqGTYzz0FzmkMY9QYr+GHt/bcncC8dVkbm3fsHVmXA== =94XE -----END PGP SIGNATURE----- P Please consider the environment before printing this e-mail. ______________________ This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it. ______________________ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener informacion clasificada por su emisor como confidencial en el marco de su Sistema de Gestion de Seguridad de la Informacion siendo para uso exclusivo del destinatario, quedando prohibida su divulgacion copia o distribucion a terceros sin la autorizacion expresa del remitente. Si Vd. ha recibido este mensaje erroneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboracion. ______________________ P Please consider the environment before printing this e-mail. ______________________ This message including any attachments may contain confidential information, according to our Information Security Management System, and intended solely for a specific individual to whom they are addressed. Any unauthorised copy, disclosure or distribution of this message is strictly forbidden. If you have received this transmission in error, please notify the sender immediately and delete it. ______________________ Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede contener informacion clasificada por su emisor como confidencial en el marco de su Sistema de Gestion de Seguridad de la Informacion siendo para uso exclusivo del destinatario, quedando prohibida su divulgacion copia o distribucion a terceros sin la autorizacion expresa del remitente. Si Vd. ha recibido este mensaje erroneamente, se ruega lo notifique al remitente y proceda a su borrado. Gracias por su colaboracion. ______________________ From CMarcus at Media-Brokers.com Fri Mar 15 12:58:18 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 15 Mar 2013 06:58:18 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> Message-ID: <5142FECA.1000206@Media-Brokers.com> On 2013-03-14 6:41 PM, Daniel Reinhardt wrote: > Here is the output of the postconf -n. I aplogize for the postconf -d, as > I was not aware of the difference. No problem... but you forgot the other most important thing... NON-VERBOSE postfix logs exhibiting the problem... -- Best regards, Charles From cryptodan at gmail.com Fri Mar 15 13:11:13 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Fri, 15 Mar 2013 11:11:13 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5142FECA.1000206@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> Message-ID: Here are the non-verbose mode of the logs exhibiting the problem: /// Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Mar 15 06:56:38 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Mar 15 06:56:38 andromeda postfix/local[5433]: E6DD110007E: to=< cryptodan at cryptodan.net>, relay=local, delay=0.11, delays=0.07/0/0/0.04, dsn=4.3.0, status=deferred (temporary failure) Mar 15 06:56:38 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Mar 15 06:56:38 andromeda postfix/local[5439]: 20BB2100076: to=< cryptodan at cryptodan.net>, relay=local, delay=879, delays=879/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure) Mar 15 06:59:56 andromeda postfix/anvil[5420]: statistics: max connection rate 1/60s for (smtp:209.85.212.41) at Mar 15 10:56:35 Mar 15 06:59:56 andromeda postfix/anvil[5420]: statistics: max connection count 1 for (smtp:209.85.212.41) at Mar 15 10:56:35 Mar 15 06:59:56 andromeda postfix/anvil[5420]: statistics: max cache size 1 at Mar 15 10:56:35 /// I did not remove anything, just separated the log entries to make them more readable. dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d $(recipient) On Fri, Mar 15, 2013 at 10:58 AM, Charles Marcus wrote: > On 2013-03-14 6:41 PM, Daniel Reinhardt wrote: > >> Here is the output of the postconf -n. I aplogize for the postconf -d, as >> I was not aware of the difference. >> > > No problem... but you forgot the other most important thing... > > NON-VERBOSE postfix logs exhibiting the problem... > > -- > > Best regards, > > Charles > > > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From CMarcus at Media-Brokers.com Fri Mar 15 13:20:16 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 15 Mar 2013 07:20:16 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> Message-ID: <514303F0.8090707@Media-Brokers.com> On 2013-03-14 6:41 PM, Daniel Reinhardt wrote: > Here is the virtual_transport set in master.cf to dovecot: > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d > $(recipient) I don't totally understand this stuff, but mine is different, and contains: dovecot unix - n n - - pipe flags=DROhu user=postfix:postfix argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -a ${recipient} -d ${user}@${nexthop} and none of the examples on t he dovecot wiki look like yours: http://wiki2.dovecot.org/LDA/Postfix -- Best regards, Charles From CMarcus at Media-Brokers.com Fri Mar 15 13:35:14 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 15 Mar 2013 07:35:14 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> Message-ID: <51430772.6030708@Media-Brokers.com> On 2013-03-15 7:11 AM, Daniel Reinhardt wrote: > Here are the non-verbose mode of the logs exhibiting the problem: > > /// > Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) > from mail_gid setting) failed with euid=1000(cryptodan), > gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This > binary should probably be called with process group set to 8(mail) instead > of 1000(cryptodan)) Ok, thanks - that should be enough for someone who knows more than me to figure out what you have done wrong... -- Best regards, Charles From andre.rodier at gmail.com Fri Mar 15 13:51:24 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Fri, 15 Mar 2013 11:51:24 +0000 Subject: [Dovecot] Panic when indexing virtual folder with solr In-Reply-To: <1363266434061-40779.post@n4.nabble.com> References: <20130314065415.GA8318@london.s2end.co.uk> <1363266434061-40779.post@n4.nabble.com> Message-ID: Thank you, I will try this soon ! Kind regards, Andr? Rodier. On 14 March 2013 13:07, tmikaeld wrote: > This happened to me too, i just downloaded the source for Dovecot 2.1.15 and > used the Solr XML scheme from there instead of the one supplied with Ubuntu. > > > > -- > View this message in context: http://dovecot.2317879.n4.nabble.com/Panic-when-indexing-virtual-folder-with-solr-tp40764p40779.html > Sent from the Dovecot mailing list archive at Nabble.com. -- Andr? Rodier From heupink at merit.unu.edu Fri Mar 15 14:14:49 2013 From: heupink at merit.unu.edu (mourik jan heupink) Date: Fri, 15 Mar 2013 13:14:49 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> Message-ID: <514310B9.5080609@merit.unu.edu> Just a guess: Is your dovecot-lda running as root? Because: > Operation not permitted (This >> binary should probably be called with process group set to 8(mail) instead >> of 1000(cryptodan)) this could mean it tries to become 8(mail) to be able to deliver, and it's not allowed to? MJ From heupink at merit.unu.edu Fri Mar 15 14:15:25 2013 From: heupink at merit.unu.edu (mourik jan heupink) Date: Fri, 15 Mar 2013 13:15:25 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <514303F0.8090707@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> Message-ID: <514310DD.1000705@merit.unu.edu> >> dovecot unix - n n - - pipe >> flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d >> $(recipient) > > I don't totally understand this stuff, but mine is different, and contains: > > dovecot unix - n n - - pipe > flags=DROhu user=postfix:postfix argv=/usr/libexec/dovecot/dovecot-lda > -f ${sender} -a ${recipient} -d ${user}@${nexthop} And for what it's worth... here is mine: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -d ${recipient} From skdovecot at smail.inf.fh-brs.de Fri Mar 15 14:46:46 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 15 Mar 2013 13:46:46 +0100 (CET) Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51430772.6030708@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> <51430772.6030708@Media-Brokers.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 15 Mar 2013, Charles Marcus wrote: > On 2013-03-15 7:11 AM, Daniel Reinhardt wrote: >> Here are the non-verbose mode of the logs exhibiting the problem: >> >> /// >> Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) >> from mail_gid setting) failed with euid=1000(cryptodan), >> gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This >> binary should probably be called with process group set to 8(mail) instead >> of 1000(cryptodan)) > > Ok, thanks - that should be enough for someone who knows more than me to > figure out what you have done wrong... Check out mail_access_groups setting or make LDA setuid. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUMYNl3r2wJMiz2NAQIyJgf/VhNc/VjhXAMjiDbv9U27IWw9iwabh4/t c+SDKxFocvD08pVYc0tejH6t9Q4RwAWXVukDa7a+pKBc6oOeDzX7MUA6ylsei4vN Sqlo3Ne7fdFtxZ6pKkoXUxmFmIDJ9aeF75WcgDpxZYSb0GNOYEdcNJJrzt1dNgm/ BxR2iualCro02kGGVSO/usTwxf3JRHVFzuV6kSCspJPXbF0V+D80QCGtl68UTAYm 0ypAB9K7PDk/29QjVQolME0NkLYR2YXNeFuQw4Ti9rriZwThY21FR8Nn851ott+M tmA7tgOAYTDBUd4LvzMgd+Kto+tRqsW5ZyhPdRJrh+gYKpqpYQ/0HQ== =eTP/ -----END PGP SIGNATURE----- From jg at softjury.de Fri Mar 15 14:51:48 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Fri, 15 Mar 2013 13:51:48 +0100 Subject: [Dovecot] Panic when indexing virtual folder with solr In-Reply-To: <20130314065415.GA8318@london.s2end.co.uk> References: <20130314065415.GA8318@london.s2end.co.uk> Message-ID: <51431964.2070701@softjury.de> Am 14.03.2013 07:54, schrieb Andre Rodier: > Hello Timo and everyone, > > I am using dovecot 2.1 on debian7 with the fts-solr plugin, and everything is working fine. Dunno about the problem, but i recommend this repository: deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1 main Greetings, Jan From dovecot at lars-uhlmann.de Fri Mar 15 19:29:06 2013 From: dovecot at lars-uhlmann.de (Lars Uhlmann) Date: Fri, 15 Mar 2013 18:29:06 +0100 Subject: [Dovecot] shared folders and "subscriptions = yes" Message-ID: <20130315182906.206a8ce9@achilles.local.net> Example (dovecot 1.2.15): ,-[dovecot.conf] | namespace public { | separator = / | prefix = management | location = maildir:/path/to/management | subscriptions = yes | } | | namespace public { | separator = / | prefix = sales | location = maildir:/path/to/sales | subscriptions = yes | } `----- To have all IMAP-Users automatically updated their shared folder structure I use "subscriptions = yes". This works with the side effect, that all IMAP-Users can see _all_ folders in every namespace even if they do not have "lookup" access. This is of course not wanted. Is it possible to have dovecot check the ACL file in the root of a namespace before it parses the subscrptions file? regards Lars From cryptodan at gmail.com Sat Mar 16 02:47:22 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Sat, 16 Mar 2013 00:47:22 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> <51430772.6030708@Media-Brokers.com> Message-ID: I got the permission issues fixed, so now I am unable to retrieve email via imap or pop3 with either thunderbird, iphone, or webmail application. Is there something I am not doing that is preventing this from working? POP3 and IMAP logins work just fine. On Fri, Mar 15, 2013 at 12:46 PM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > On Fri, 15 Mar 2013, Charles Marcus wrote: > > On 2013-03-15 7:11 AM, Daniel Reinhardt wrote: >> >>> Here are the non-verbose mode of the logs exhibiting the problem: >>> >>> /// >>> Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) >>> from mail_gid setting) failed with euid=1000(cryptodan), >>> gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This >>> binary should probably be called with process group set to 8(mail) >>> instead >>> of 1000(cryptodan)) >>> >> >> Ok, thanks - that should be enough for someone who knows more than me to >> figure out what you have done wrong... >> > > Check out mail_access_groups setting or make LDA setuid. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBUUMYNl3r2wJMiz2NAQIyJg**f/VhNc/**VjhXAMjiDbv9U27IWw9iwabh4/t > c+**SDKxFocvD08pVYc0tejH6t9Q4RwAWX**VukDa7a+**pKBc6oOeDzX7MUA6ylsei4vN > Sqlo3Ne7fdFtxZ6pKkoXUxmFmIDJ9a**eF75WcgDpxZYSb0GNOYEdcNJJrzt1d**Ngm/ > BxR2iualCro02kGGVSO/**usTwxf3JRHVFzuV6kSCspJPXbF0V+**D80QCGtl68UTAYm > 0ypAB9K7PDk/**29QjVQolME0NkLYR2YXNeFuQw4Ti9r**riZwThY21FR8Nn851ott+M > tmA7tgOAYTDBUd4LvzMgd+Kto+**tRqsW5ZyhPdRJrh+gYKpqpYQ/0HQ== > =eTP/ > -----END PGP SIGNATURE----- > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From p.heinlein at heinlein-support.de Sat Mar 16 11:23:31 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Sat, 16 Mar 2013 10:23:31 +0100 Subject: [Dovecot] sieve: seconds-extension for vacation Message-ID: <51443A13.4070704@heinlein-support.de> Hi, looks like Dovecot-Sieve doesn't know the seconds-extension for vacation: main script: line 5: error: unknown tagged argument ':seconds' for the vacation command (reported only once at first occurence). main script: error: validation failed. http://tools.ietf.org/html/rfc6131 Could this be added during the next releases? Regards, Peer -- Treffen Sie uns auf den Chemnitzer Linux-Tagen vom 16. bis 17. M?rz 2013! Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From noel.butler at ausics.net Sat Mar 16 11:46:56 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 16 Mar 2013 19:46:56 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5141B3E6.5000601@Media-Brokers.com> References: <5141B3E6.5000601@Media-Brokers.com> Message-ID: <1363427216.10463.2.camel@tardis> On Thu, 2013-03-14 at 07:26 -0400, Charles Marcus wrote: > > Fyi, dovecot list does not do reply-to-munging - meaning, if you only > click the 'Reply' button in your email program, it will only reply to > the original sender. > That's almost, but not entirely true. If you log in to mailman via web interface, you can set reply-to-list, which by default, is off. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Sat Mar 16 11:53:33 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 16 Mar 2013 19:53:33 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <514310DD.1000705@merit.unu.edu> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> Message-ID: <1363427613.10463.6.camel@tardis> On Fri, 2013-03-15 at 13:15 +0100, mourik jan heupink wrote: > > dovecot unix - n n - - pipe > > flags=DROhu user=postfix:postfix argv=/usr/libexec/dovecot/dovecot-lda > > -f ${sender} -a ${recipient} -d ${user}@${nexthop} > > And for what it's worth... here is mine: > > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/dovecot-lda -f > ${sender} -d ${recipient} That's the old method, if my hazy memory is serving me half right tonight, that will not permit recipient delimiter processing To accommodate that suggest using - -f ${sender} -d ${user}@${nexthop} FWIW I also use "-e" was nicer for rejecting unknown users. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Sat Mar 16 11:58:08 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 16 Mar 2013 19:58:08 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <5142FECA.1000206@Media-Brokers.com> <51430772.6030708@Media-Brokers.com> Message-ID: <1363427888.10463.11.camel@tardis> On Sat, 2013-03-16 at 00:47 +0000, Daniel Reinhardt wrote: > I got the permission issues fixed, so now I am unable to retrieve email via > imap or pop3 with either thunderbird, iphone, or webmail application. Is > there something I am not doing that is preventing this from working? > > POP3 and IMAP logins work just fine. > Check permissions, and "logs", if dovecot can't give you something its pretty good (most of the time) by logging it, and it can't be working fine if those applications can not "read" mail, since they are front ends talking to pop3 and imap. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Sat Mar 16 12:06:49 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 16 Mar 2013 20:06:49 +1000 Subject: [Dovecot] Dovecot error wuth MySQL In-Reply-To: <5141A752.8010501@sys4.de> References: <1363249703373-40765.post@n4.nabble.com> <5141A752.8010501@sys4.de> Message-ID: <1363428409.10463.14.camel@tardis> On Thu, 2013-03-14 at 11:32 +0100, Robert Schetterer wrote: > Am 14.03.2013 09:28, schrieb Cesar: > > dovecot: auth: Error: mysql: Query failed, retrying: MySQL server has gone > > away: 125 Time(s)(125 Times Wow)For example part of maillog show me:About > > MySQL auth failed:Mar 10 03:55:05 gateway dovecot: auth: Error: mysql: Query > > looks like your mysql server was not reachable > I've seen this before with people who play silly buggers with the timeout values with mysql, if the OP has not done so, enable logging on mysql and see what it is doing, else, undo the changes and leave the mysql timeout values at default. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From andre.rodier at gmail.com Sat Mar 16 14:43:41 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Sat, 16 Mar 2013 12:43:41 +0000 Subject: [Dovecot] Zlib plugin: Compress emails for one folder only Message-ID: <20130316124341.GA21854@london.s2end.co.uk> Hello everyone, Is it possible to configure the zlib plugin to compress the emails in one folder only? I would like to compress the emails when they are stored in my 'Archives' folders and sub folders. Thanks, Andr? Rodier. From tonio at starbridge.org Sat Mar 16 14:51:24 2013 From: tonio at starbridge.org (tonio at starbridge.org) Date: Sat, 16 Mar 2013 13:51:24 +0100 Subject: [Dovecot] crash with dovecot 2.2: Panic: Buffer full Message-ID: <51446ACC.4060900@starbridge.org> Hi Timo, I've got a crash with dovecot 2.2 dovecot --version 2.2.rc2 (69c26a9e3be5) It's occured when accessing with imap on a large mailbox (around 50k messages) imap(clean-quarantine at spamguard.fr): Panic: Buffer full (4254 > 4248, pool ) Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x6089a) [0x7f9d1bcde89a] -> /usr/lib/dovecot/libdovecot.so.0(+0x608de) [0x7f9d1bcde8de] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f9d1bca039b] -> /usr/lib/dovecot/libdovecot.so.0(+0x5d148) [0x7f9d1bcdb148] -> /usr/lib/dovecot/libdovecot.so.0(+0x56ba8) [0x7f9d1bcd4ba8] -> /usr/lib/dovecot/libdovecot.so.0(+0x4fa77) [0x7f9d1bccda77] -> /usr/lib/dovecot/libdovecot.so.0(+0x4faf2) [0x7f9d1bccdaf2] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x69) [0x7f9d1bce6de9] -> /usr/lib/dovecot/libdovecot.so.0(+0x6dcac) [0x7f9d1bcebcac] -> /usr/lib/dovecot/libdovecot.so.0(+0x6de59) [0x7f9d1bcebe59] -> /usr/lib/dovecot/libdovecot.so.0(+0x6df4b) [0x7f9d1bcebf4b] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read+0x69) [0x7f9d1bce6de9] -> /usr/lib/dovecot/libdovecot.so.0(i_stream_read_data+0x3d) [0x7f9d1bce765d] -> /usr/lib/dovecot/libdovecot-storage.so.0(+0x9af84) [0x7f9d1bfd4f84] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_mail_get_binary_stream+0x77) [0x7f9d1bfd5417] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_get_binary_stream+0x60) [0x7f9d1bfae5c0] -> /usr/lib/dovecot/libdovecot-storage.so.0(imap_msgpart_open+0x9f) [0x7f9d1c00a3df] -> dovecot/imap() [0x418f55] -> dovecot/imap() [0x4175fd] -> dovecot/imap(imap_fetch_more+0x34) [0x418554] -> dovecot/imap(cmd_fetch+0x309) [0x40e2c9] -> dovecot/imap(command_exec+0x3c) [0x41623c] -> dovecot/imap() [0x4152a0] -> dovecot/imap() [0x41535a] -> dovecot/imap(client_handle_input+0x115) [0x415615] -> dovecot/imap(client_input+0x72) [0x4159c2] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f9d1bcee086] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f9d1bceeed7] Mar 16 13:37:19 mx2 dovecot: imap(clean-quarantine at spamguard.fr): Fatal: master: service(imap): child 9983 killed with signal 6 (core dumped) backtrace: #0 0x00007f9d1b926475 in raise () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #1 0x00007f9d1b9296f0 in abort () from /lib/x86_64-linux-gnu/libc.so.6 No symbol table info available. #2 0x00007f9d1bcde8a8 in default_fatal_finish (type=, status=status at entry=0) at failures.c:191 backtrace = 0x62d5f0 "/usr/lib/dovecot/libdovecot.so.0(+0x6089a) [0x7f9d1bcde89a] -> /usr/lib/dovecot/libdovecot.so.0(+0x608de) [0x7f9d1bcde8de] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f9d1bca039b] -> /usr/lib/d"... #3 0x00007f9d1bcde8de in i_internal_fatal_handler (ctx=0x7fff68422000, format=, args=) at failures.c:652 status = 0 #4 0x00007f9d1bca039b in i_panic (format=format at entry=0x7f9d1bd0d510 "Buffer full (%lu > %lu, pool %s)") at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fff684220f0, reg_save_area = 0x7fff68422030}} #5 0x00007f9d1bcdb148 in buffer_check_limits (data_size=75, pos=4179, buf=) at buffer.c:65 extra = new_size = 4254 #6 buffer_write (_buf=0x7fff684221b0, pos=4179, data=0x679010, data_size=75) at buffer.c:178 buf = #7 0x00007f9d1bcd4ba8 in quoted_printable_decode_full ( src=src at entry=0x677eb0 "enter\" bgcolor=3D\"#ffffff\" width=3D\"560\">\n \n
\n "..., src_size=5570, src_pos_r=src_pos_r at entry=0x7fff684221a8, dest=dest at entry=0x7fff684221b0, eof=eof at entry=false) at quoted-printable.c:60 hexbuf = "3D" src_pos = pos = next = errors = #8 0x00007f9d1bcd4d38 in quoted_printable_decode ( src=src at entry=0x677eb0 "enter\" bgcolor=3D\"#ffffff\" width=3D\"560\">\n \n
\n "..., src_size=, src_pos_r=src_pos_r at entry=0x7fff684221a8, dest=dest at entry=0x7fff684221b0) at quoted-printable.c:108 No locals. #9 0x00007f9d1bccda77 in i_stream_qp_try_decode_block (bstream=bstream at entry=0x66dd50, eof=eof at entry=false) at istream-qp-decoder.c:63 stream = 0x66dd50 data = 0x677eb0 "enter\" bgcolor=3D\"#ffffff\" width=3D\"560\">\n \n
\n "... size = 6 avail = 4248 buffer_avail = pos = buf = {data = 0x682e38, used = 4179, priv = {0x682e38, 0x0, 0x1098, 0x0, 0x0}} ret = #10 0x00007f9d1bccdaf2 in i_stream_qp_decoder_read (stream=0x66dd50) at istream-qp-decoder.c:103 bstream = 0x66dd50 pre_count = 0 post_count = ret = prev_size = 5570 __FUNCTION__ = "i_stream_qp_decoder_read" #11 0x00007f9d1bce6de9 in i_stream_read (stream=0x66ddb0) at istream.c:135 _stream = 0x66dd50 old_size = 0 ret = __FUNCTION__ = "i_stream_read" #12 0x00007f9d1bcebcac in read_more (sstream=0x66df30) at istream-seekable.c:140 size = ret = #13 0x00007f9d1bcebe59 in read_from_buffer (sstream=sstream at entry=0x66df30, ret_r=ret_r at entry=0x7fff684222c8) at istream-seekable.c:182 stream = 0x66df30 data = size = 0 pos = offset = __FUNCTION__ = "read_from_buffer" #14 0x00007f9d1bcebf4b in i_stream_seekable_read (stream=0x66df30) at istream-seekable.c:240 sstream = 0x66df30 data = size = pos = ret = __FUNCTION__ = "i_stream_seekable_read" #15 0x00007f9d1bce6de9 in i_stream_read (stream=stream at entry=0x66df90) at istream.c:135 _stream = 0x66df30 old_size = 0 ret = __FUNCTION__ = "i_stream_read" #16 0x00007f9d1bce765d in i_stream_read_data (stream=stream at entry=0x66df90, data_r=data_r at entry=0x7fff684223b0, size_r=size_r at entry=0x7fff684223b8, threshold=threshold at entry=0) at istream.c:464 ret = read_more = false __FUNCTION__ = "i_stream_read_data" #17 0x00007f9d1bfd4f84 in blocks_count_lines (full_input=0x66df90, ctx=0x7fff684223c0) at index-mail-binary.c:319 block_idx = 0 p = size = 0 data = 0x0 ret = cur_block = 0x62d410 block_count = 1 cur_offset = 3944 skip = #18 index_mail_read_binary_to_cache (_mail=_mail at entry=0x66fc00, part=part at entry=0x671ed0, include_hdr=include_hdr at entry=false, binary_r=binary_r at entry=0x7fff68422476, converted_r=converted_r at entry=0x7fff68422477) at index-mail-binary.c:393 mail = 0x66fc00 cache = 0x657a20 ctx = {mail = 0x66fc00, input = 0x66d900, has_nuls = false, converted = true, blocks = {arr = {buffer = 0x62d3d8, element_size = 24}, v = 0x62d3d8, v_modifiable = 0x62d3d8}, copy_start_offset = 13762} __FUNCTION__ = "index_mail_read_binary_to_cache" #19 0x00007f9d1bfd5417 in index_mail_get_binary_stream (_mail=0x66fc00, part=0x671ed0, include_hdr=false, size_r=0x7fff68422538, lines_r=, binary_r=0x7fff6842252e, stream_r=0x7fff68422600) at index-mail-binary.c:556 mail = 0x66fc00 cache = 0x657a20 input = binary = converted = __FUNCTION__ = "index_mail_get_binary_stream" #20 0x00007f9d1bfae5c0 in mail_get_binary_stream (mail=mail at entry=0x66fc00, part=part at entry=0x671ed0, include_hdr=include_hdr at entry=false, size_r=size_r at entry=0x7fff68422538, binary_r=binary_r at entry=0x7fff6842252e, stream_r=stream_r at entry=0x7fff68422600) at mail.c:243 _data_stack_cur_id = 5 p = 0x66fc00 ret = #21 0x00007f9d1c00a3df in imap_msgpart_open (mail=mail at entry=0x66fc00, msgpart=0x669920, result_r=result_r at entry=0x7fff68422600) at imap-msgpart.c:644 part = 0x671ed0 part_size = {physical_size = 6681664, virtual_size = 0, lines = 6684952} size = include_hdr = false binary = use_partial_cache = ret = 0 #22 0x0000000000418f55 in fetch_body_msgpart (ctx=0x660118, mail=0x66fc00, body=0x660748) at imap-fetch-body.c:164 result = {input = 0x0, size = 0, size_field = 0, binary_decoded_input_has_nuls = false} str = #23 0x00000000004175fd in imap_fetch_more_int (ctx=ctx at entry=0x660118, cancel=false) at imap-fetch.c:504 h = _data_stack_cur_id = 4 state = 0x660168 client = 0x65f440 handlers = 0x660448 count = 2 ret = __FUNCTION__ = "imap_fetch_more_int" #24 0x0000000000418554 in imap_fetch_more (ctx=0x660118, cmd=cmd at entry=0x660000) at imap-fetch.c:556 ret = __FUNCTION__ = "imap_fetch_more" #25 0x000000000040e2c9 in cmd_fetch (cmd=0x660000) at cmd-fetch.c:279 client = 0x65f440 ctx = 0x660118 args = 0x6388f8 next_arg = list_arg = 0x1bc79e60 search_args = 0x0 qresync_args = {qresync_sample_seqset = 0x638a58, qresync_sample_uidset = 0x0} messageset = 0x638a60 "1186590" send_vanished = ret = #26 0x000000000041623c in command_exec (cmd=cmd at entry=0x660000) at imap-commands.c:156 hook = 0x636d50 ret = #27 0x00000000004152a0 in client_command_input (cmd=0x660000) at imap-client.c:775 client = 0x65f440 command = __FUNCTION__ = "client_command_input" #28 0x000000000041535a in client_command_input (cmd=0x660000) at imap-client.c:836 client = 0x65f440 command = __FUNCTION__ = "client_command_input" #29 0x0000000000415615 in client_handle_next_command (remove_io_r=, client=0x65f440) at imap-client.c:874 No locals. #30 client_handle_input (client=client at entry=0x65f440) at imap-client.c:886 _data_stack_cur_id = 3 ret = 240 remove_io = false handled_commands = false __FUNCTION__ = "client_handle_input" #31 0x00000000004159c2 in client_input (client=0x65f440) at imap-client.c:928 cmd = output = 0x65fe38 bytes = 37 __FUNCTION__ = "client_input" #32 0x00007f9d1bcee086 in io_loop_call_io (io=0x65ff00) at ioloop.c:387 ioloop = 0x6356f0 t_id = 2 #33 0x00007f9d1bceeed7 in io_loop_handler_run (ioloop=ioloop at entry=0x6356f0) at ioloop-epoll.c:215 ctx = 0x635a60 events = 0x0 event = 0x635ad0 list = 0x65ff50 io = tv = {tv_sec = 59, tv_usec = 738409} events_count = msecs = ret = 1 i = call = __FUNCTION__ = "io_loop_handler_run" #34 0x00007f9d1bcedbc8 in io_loop_run (ioloop=0x6356f0) at ioloop.c:406 No locals. #35 0x00007f9d1bca54e3 in master_service_run (service=0x635590, callback=callback at entry=0x41e790 ) at master-service.c:550 No locals. #36 0x000000000040b940 in main (argc=1, argv=0x635390) at main.c:400 set_roots = {0x425ac0, 0x0} login_set = {auth_socket_path = 0x62d040 "\001", postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0x41e600 , failure_callback = 0x41e730 , request_auth_token = 1} service_flags = storage_service_flags = username = 0x0 c = Thanks for your help Tonio From tss at iki.fi Sat Mar 16 15:16:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Sat, 16 Mar 2013 14:16:09 +0100 Subject: [Dovecot] crash with dovecot 2.2: Panic: Buffer full In-Reply-To: <51446ACC.4060900@starbridge.org> References: <51446ACC.4060900@starbridge.org> Message-ID: On 16.3.2013, at 13.51, tonio at starbridge.org wrote: > It's occured when accessing with imap on a large mailbox (around 50k > messages) > > imap(clean-quarantine at spamguard.fr): Panic: Buffer full (4254 > 4248, > pool ) .. > #7 0x00007f9d1bcd4ba8 in quoted_printable_decode_full > ( > > src=src at entry=0x677eb0 "enter\" bgcolor=3D\"#ffffff\" > width=3D\"560\">\n align=3D\"center\" style=3D\"margin: 0=\n auto;\" cellpadding=3D\"0\" > width=3D\"520\">\n
\n > "..., > src_size=5570, src_pos_r=src_pos_r at entry=0x7fff684221a8, > dest=dest at entry=0x7fff684221b0, eof=eof at entry=false) at > quoted-printable.c:60 The problem is with a specific mail and trying to decode its quoted-printable data. I can maybe figure out the bug with this info already, but it would be helpful if you could send the specific mail that causes the crash. You can probably cause the crash easiest by doing: telnet localhost 143 a login user pass b select inbox c search text testing From heupink at merit.unu.edu Sat Mar 16 16:33:31 2013 From: heupink at merit.unu.edu (mourik jan heupink) Date: Sat, 16 Mar 2013 15:33:31 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <1363427613.10463.6.camel@tardis> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> Message-ID: <514482BB.10004@merit.unu.edu> > That's the old method, if my hazy memory is serving me half right > tonight, that will not permit recipient delimiter processing > To accommodate that suggest using - > -f ${sender} -d ${user}@${nexthop} Ah interesting..! Is that perhaps why dovecot_destination_recipient_limit=1 was needed, here..? From lists at wildgooses.com Sat Mar 16 17:35:52 2013 From: lists at wildgooses.com (Ed W) Date: Sat, 16 Mar 2013 15:35:52 +0000 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <514145DB.6030401@gmail.com> References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> <51413DA8.8020409@gmail.com> <514145DB.6030401@gmail.com> Message-ID: <51449158.9050406@wildgooses.com> On 14/03/2013 03:36, Noel wrote: > https://www.rapidsslonline.com/ > less than $20/year, takes literally 15 minutes from start to having > a certificate. Well, maybe 30 minutes the first time when you need > to read everything. > > There are probably dozens of other sites offering similar services; > I've used this one several times. Namecheap reseller: $5/year https://www.cheapssls.com/ (I just buy 5 year SSLs at that price... How can you refuse?) From nicolas at babelouest.org Sat Mar 16 18:00:18 2013 From: nicolas at babelouest.org (Nicolas Mora) Date: Sat, 16 Mar 2013 12:00:18 -0400 Subject: [Dovecot] Authentication failure messages in logs Message-ID: <51449712.6060001@babelouest.org> Hello, I'm currently running dovecot on a debian stable and every day, I see this message dozens of time in my logs : Mar 16 11:27:57 hector dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=nicolas rhost=72.53.129.223 user=nicolas on the list archive, this message for example tells to comment out the pam section. http://www.dovecot.org/list/dovecot/2008-July/031966.html Except that my authentication needs pam... Is there any way to solve this without migrating to virtual users ? Thanks in advance Here is my dovecot -n output : # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 3.2.13-grsec-xxxx-grs-ipv6-64 x86_64 Debian 6.0.7 protocols: imap imaps managesieve sieve ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(managesieve): ssl_cert_file: /etc/ssl/localcerts/dovecot.pem ssl_key_file: /etc/ssl/localcerts/dovecot.key login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve lda: postmaster_address: postmaster at babelouest.org mail_plugins: sieve mail_plugin_dir: /usr/lib/dovecot/modules/lda sieve_dir: ~/ auth default: mechanisms: plain login passdb: driver: pam args: dovecot userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 plugin: sieve: ~/.dovecot.sieve From AxelLuttgens at swing.be Sat Mar 16 19:15:42 2013 From: AxelLuttgens at swing.be (Axel Luttgens) Date: Sat, 16 Mar 2013 18:15:42 +0100 Subject: [Dovecot] sieve: seconds-extension for vacation In-Reply-To: <51443A13.4070704@heinlein-support.de> References: <51443A13.4070704@heinlein-support.de> Message-ID: <42AA153D-D616-467E-9AB7-1F580E6CE49C@swing.be> Le 16 mars 2013 ? 10:23, Peer Heinlein a ?crit : > Hi, > > looks like Dovecot-Sieve doesn't know the seconds-extension for vacation: > > main script: line 5: error: unknown tagged argument ':seconds' for the > vacation command (reported only once at first occurence). > main script: error: validation failed. > > http://tools.ietf.org/html/rfc6131 > > Could this be added during the next releases? Hello Peter, Seems to be available, at least for v2.x: http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/Vacation HTH, Axel From stephan at rename-it.nl Sat Mar 16 22:19:11 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Sat, 16 Mar 2013 21:19:11 +0100 Subject: [Dovecot] sieve: seconds-extension for vacation In-Reply-To: <51443A13.4070704@heinlein-support.de> References: <51443A13.4070704@heinlein-support.de> Message-ID: <5144D3BF.1050203@rename-it.nl> On 3/16/2013 10:23 AM, Peer Heinlein wrote: > > Hi, > > looks like Dovecot-Sieve doesn't know the seconds-extension for vacation: > > main script: line 5: error: unknown tagged argument ':seconds' for the > vacation command (reported only once at first occurence). > main script: error: validation failed. > > > http://tools.ietf.org/html/rfc6131 > > > Could this be added during the next releases? http://pigeonhole.dovecot.org/#status And don't forget to ` require "vacation-seconds"; ` Regards, Stephan. From btj at havleik.no Sat Mar 16 23:36:01 2013 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Sat, 16 Mar 2013 22:36:01 +0100 Subject: [Dovecot] Connection to PGSQL fails? Message-ID: <20130316223601.215a146e@havleik.no> I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the following error appears..: Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) But if I use psql and connects to the same db server with the same username and password, I can successfully connect... What am I missing? Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no ----------------------------------------------------------------------------------------------- Someone wrote: "I understand that if you play a Windows CD backwards you hear strange Satanic messages" To which someone replied: "It's even worse than that; play it forwards and it installs Windows" ----------------------------------------------------------------------------------------------- From h.reindl at thelounge.net Sat Mar 16 23:38:20 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 16 Mar 2013 22:38:20 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <20130316223601.215a146e@havleik.no> References: <20130316223601.215a146e@havleik.no> Message-ID: <5144E64C.7030801@thelounge.net> Am 16.03.2013 22:36, schrieb Bj?rn T Johansen: > I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > following error appears..: > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so > Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > > But if I use psql and connects to the same db server with the same username and password, I can successfully connect... > What am I missing? most likely the difference between TCP and socket-connection -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From pw at wk-serv.de Sat Mar 16 23:39:49 2013 From: pw at wk-serv.de (Patrick Westenberg) Date: Sat, 16 Mar 2013 22:39:49 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <20130316223601.215a146e@havleik.no> References: <20130316223601.215a146e@havleik.no> Message-ID: <5144E6A5.4010500@wk-serv.de> Bj?rn T Johansen schrieb: > I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > following error appears..: > Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > > But if I use psql and connects to the same db server with the same username and password, I can successfully connect... Is your dovecot server allowed to connect to your db server (pg_hba.conf)? Patrick From btj at havleik.no Sat Mar 16 23:50:03 2013 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Sat, 16 Mar 2013 22:50:03 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <5144E64C.7030801@thelounge.net> References: <20130316223601.215a146e@havleik.no> <5144E64C.7030801@thelounge.net> Message-ID: <20130316225003.572b9f62@havleik.no> On Sat, 16 Mar 2013 22:38:20 +0100 Reindl Harald wrote: > > > Am 16.03.2013 22:36, schrieb Bj?rn T Johansen: > > I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > > following error appears..: > > > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so > > Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so > > Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > > Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > > Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > > Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > > > > But if I use psql and connects to the same db server with the same username and password, I can successfully connect... > > What am I missing? > > most likely the difference between TCP and socket-connection > Using tcp for both dovecot and my test with psql... BTJ From btj at havleik.no Sat Mar 16 23:50:34 2013 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Sat, 16 Mar 2013 22:50:34 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <5144E6A5.4010500@wk-serv.de> References: <20130316223601.215a146e@havleik.no> <5144E6A5.4010500@wk-serv.de> Message-ID: <20130316225034.2cbc4bed@havleik.no> On Sat, 16 Mar 2013 22:39:49 +0100 Patrick Westenberg wrote: > Bj?rn T Johansen schrieb: > > I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > > following error appears..: > > Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > > Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > > Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > > Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > > > > But if I use psql and connects to the same db server with the same username and password, I can successfully connect... > > Is your dovecot server allowed to connect to your db server (pg_hba.conf)? > > Patrick Yes, as I said, it is working when using psql from my dovecot server... BTJ From h.reindl at thelounge.net Sun Mar 17 00:00:07 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 16 Mar 2013 23:00:07 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <20130316225003.572b9f62@havleik.no> References: <20130316223601.215a146e@havleik.no> <5144E64C.7030801@thelounge.net> <20130316225003.572b9f62@havleik.no> Message-ID: <5144EB67.2080103@thelounge.net> Am 16.03.2013 22:50, schrieb Bj?rn T Johansen: > On Sat, 16 Mar 2013 22:38:20 +0100 > Reindl Harald wrote: > >> Am 16.03.2013 22:36, schrieb Bj?rn T Johansen: >>> I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the >>> following error appears..: >>> >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so >>> Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) >>> >>> But if I use psql and connects to the same db server with the same username and password, I can successfully connect... >>> What am I missing? >> >> most likely the difference between TCP and socket-connection > > Using tcp for both dovecot and my test with psql... i do not believe it.................. but however, if you do not post config informations and at teast the exact command of "psql" i doubt someone can help you most people do not realize that "localhost" is implicitly a unix-connection and not the same as "127.0.0.1" as example -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From btj at havleik.no Sun Mar 17 00:22:22 2013 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Sat, 16 Mar 2013 23:22:22 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <5144EB67.2080103@thelounge.net> References: <20130316223601.215a146e@havleik.no> <5144E64C.7030801@thelounge.net> <20130316225003.572b9f62@havleik.no> <5144EB67.2080103@thelounge.net> Message-ID: <20130316232222.5a277e01@havleik.no> On Sat, 16 Mar 2013 23:00:07 +0100 Reindl Harald wrote: > > > Am 16.03.2013 22:50, schrieb Bj?rn T Johansen: > > On Sat, 16 Mar 2013 22:38:20 +0100 > > Reindl Harald wrote: > > > >> Am 16.03.2013 22:36, schrieb Bj?rn T Johansen: > >>> I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > >>> following error appears..: > >>> > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > >>> > >>> But if I use psql and connects to the same db server with the same username and password, I can successfully connect... > >>> What am I missing? > >> > >> most likely the difference between TCP and socket-connection > > > > Using tcp for both dovecot and my test with psql... > > i do not believe it.................. > > but however, if you do not post config informations and at teast the > exact command of "psql" i doubt someone can help you > > most people do not realize that "localhost" is implicitly a unix-connection > and not the same as "127.0.0.1" as example > Hmmm... Well, I am not most people... :P ;) psql -h 10.50.150.35 -U serviceadmin -d serviceadmin Password for user serviceadmin: psql (9.1.8, server 9.1.6) Type "help" for help. And my connection string for dovecot, looks like this: connect = host=10.50.150.35 dbname=serviceadmin user=serviceadmin password=xxxxxxxxxx And can not see any difference....? BTJ From btj at havleik.no Sun Mar 17 02:12:44 2013 From: btj at havleik.no (=?UTF-8?B?QmrDuHJu?= T Johansen) Date: Sun, 17 Mar 2013 01:12:44 +0100 Subject: [Dovecot] Connection to PGSQL fails? In-Reply-To: <20130316232222.5a277e01@havleik.no> References: <20130316223601.215a146e@havleik.no> <5144E64C.7030801@thelounge.net> <20130316225003.572b9f62@havleik.no> <5144EB67.2080103@thelounge.net> <20130316232222.5a277e01@havleik.no> Message-ID: <20130317011244.05697129@havleik.no> On Sat, 16 Mar 2013 23:22:22 +0100 Bj?rn T Johansen wrote: > On Sat, 16 Mar 2013 23:00:07 +0100 > Reindl Harald wrote: > > > > > > > Am 16.03.2013 22:50, schrieb Bj?rn T Johansen: > > > On Sat, 16 Mar 2013 22:38:20 +0100 > > > Reindl Harald wrote: > > > > > >> Am 16.03.2013 22:36, schrieb Bj?rn T Johansen: > > >>> I have configured a new server and copied the dovecot-sql.conf file that works a different server to the new server... But when Dovecot tries to connect to the database, the > > >>> following error appears..: > > >>> > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_pgsql.so > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so > > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: pgsql: Connect failed to serviceadmin: could not connect to server: Permission denied > > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011Is the server running on host "10.50.150.35" and accepting > > >>> Mar 16 22:28:25 smtp dovecot: auth: Error: #011TCP/IP connections on port 5432? > > >>> Mar 16 22:28:25 smtp dovecot: auth: Debug: auth client connected (pid=1768) > > >>> > > >>> But if I use psql and connects to the same db server with the same username and password, I can successfully connect... > > >>> What am I missing? > > >> > > >> most likely the difference between TCP and socket-connection > > > > > > Using tcp for both dovecot and my test with psql... > > > > i do not believe it.................. > > > > but however, if you do not post config informations and at teast the > > exact command of "psql" i doubt someone can help you > > > > most people do not realize that "localhost" is implicitly a unix-connection > > and not the same as "127.0.0.1" as example > > > > Hmmm... Well, I am not most people... :P ;) > > psql -h 10.50.150.35 -U serviceadmin -d serviceadmin > Password for user serviceadmin: > psql (9.1.8, server 9.1.6) > Type "help" for help. > > > And my connection string for dovecot, looks like this: > > connect = host=10.50.150.35 dbname=serviceadmin user=serviceadmin password=xxxxxxxxxx > > > And can not see any difference....? > > > BTJ OK, found the guilty one... Just discovered than someone had enabled SELinux and it of course stopped the "suspicous" traffic from dovecot.... :-S BTJ From benkokakao at gmail.com Sun Mar 17 02:20:55 2013 From: benkokakao at gmail.com (Christian Benke) Date: Sun, 17 Mar 2013 01:20:55 +0100 Subject: [Dovecot] Dovecot as LDA with Postfix and virtual users Message-ID: Hello! I've been trying to configure Dovecot to work as LDA for file-based virtual users with Postfix. Some part in the configuration seems to miss though, as mails are received by Postfix, but instead of giving it to Dovecot for delivery, it delivers the mails itself. Postfix drops the mail in /var/mail//mbox, if Dovecot would be called, it should deliver it to /var/vmail///Maildir. I've made sure to add the dovecot-service to postfix/master.cf according to http://wiki2.dovecot.org/LDA/Postfix and tried all kinds of settings and did quadruple checks for errors. I'm using Debian 6.0 with Dovecot 2.1.7(From backports) and Postfix 2.7.1 I've been trying to figure out what's missing for a few hours now and have to give up for today. I hope someone can help me with a hint what's missing or wrong :-/ Here's an excerpt from my mail.log, my postconf -n and dovecot -n: Mar 17 00:02:46 poab postfix/smtpd[15333]: connect from mail-wg0-f47.google.com[74.125.82.47] Mar 17 00:02:46 poab postfix/smtpd[15333]: setting up TLS connection from mail-wg0-f47.google.com[74.125.82.47] Mar 17 00:02:46 poab postfix/smtpd[15333]: Anonymous TLS connection established from mail-wg0-f47.google.com[74.125.82.47]: TLSv1 with cipher RC4-SHA (128/128 bits) Mar 17 00:02:46 poab dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Mar 17 00:02:46 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so Mar 17 00:02:46 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_pgsql.so Mar 17 00:02:46 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_sqlite.so Mar 17 00:02:46 poab dovecot: auth: Debug: passwd-file /etc/dovecot/users: Read 1 users in 0 secs Mar 17 00:02:46 poab dovecot: auth: Debug: auth client connected (pid=0) Mar 17 00:02:46 poab postfix/smtpd[15333]: 66AD04E23EE: client=mail-wg0-f47.google.com[74.125.82.47] Mar 17 00:02:46 poab postfix/cleanup[15340]: 66AD04E23EE: message-id= Mar 17 00:02:46 poab postfix/qmgr[14844]: 66AD04E23EE: from=, size=1611, nrcpt=1 (queue active) Mar 17 00:02:46 poab postfix/smtpd[15333]: disconnect from mail-wg0-f47.google.com[74.125.82.47] Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to=, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to mailbox) Mar 17 00:02:46 poab postfix/qmgr[14844]: 66AD04E23EE: removed # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix debug_peer_level = 3 inet_interfaces = all inet_protocols = all mailbox_size_limit = 5120000000 myhostname = example.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_helo_hostname smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_reject_unlisted_recipient = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem smtpd_tls_key_file = /etc/ssl/private/postfix.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps virtual_mailbox_domains = hash:/etc/postfix/virtual_mailbox_domains virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_maps virtual_transport = dovecot # dovecot -n # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-openvz-amd64 x86_64 Debian 6.0.7 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-master auth_verbose = yes auth_verbose_passwords = sha1 first_valid_gid = 5000 first_valid_uid = 5000 last_valid_gid = 5000 last_valid_uid = 5000 lda_mailbox_autocreate = yes log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_gid = 5000 mail_home = /var/vmail/%d/%n mail_location = maildir:~/Maildir mail_privileged_group = vmail mail_uid = 5000 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = scheme=SHA1 /etc/dovecot/users driver = passwd-file } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 0 } } ssl_cert = References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> Message-ID: <1363480160.3986.14.camel@tardis> On Sat, 2013-03-16 at 15:33 +0100, mourik jan heupink wrote: > destination_recipient_limit Not sure what happened there but evolution did not like all the chars in your post when invoking reply... probably time to update this darn thing, its the last ubuntu POS that hasn't been updated to opensuse yet. " Ah interesting..! Is that perhaps why dovecot_destination_recipient_limit=1 was needed, here..? " No, it was to reduce the possibility of some other little quirks rearing their nasty heads IIRC. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From rob0 at gmx.co.uk Sun Mar 17 03:58:17 2013 From: rob0 at gmx.co.uk (/dev/rob0) Date: Sat, 16 Mar 2013 20:58:17 -0500 Subject: [Dovecot] Dovecot as LDA with Postfix and virtual users In-Reply-To: References: Message-ID: <20130317015817.GB3672@harrier.slackbuilds.org> On Sun, Mar 17, 2013 at 01:20:55AM +0100, Christian Benke wrote: > I've been trying to configure Dovecot to work as LDA for file-based > virtual users with Postfix. > > Some part in the configuration seems to miss though, as mails are > received by Postfix, but instead of giving it to Dovecot for > delivery, it delivers the mails itself. Perhaps surprisingly, this is a Postfix issue, not a Dovecot one. > Postfix drops the mail in /var/mail//mbox, if Dovecot would be > called, it should deliver it to /var/vmail///Maildir. > > I've made sure to add the dovecot-service to postfix/master.cf > according to http://wiki2.dovecot.org/LDA/Postfix and tried all kinds > of settings and did quadruple checks for errors. > > I'm using Debian 6.0 with Dovecot 2.1.7(From backports) and Postfix 2.7.1 > > I've been trying to figure out what's missing for a few hours now and > have to give up for today. I hope someone can help me with a hint > what's missing or wrong :-/ > > Here's an excerpt from my mail.log, my postconf -n and dovecot -n: > [snip] > Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to= example.com>, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, > dsn=2.0.0, status=sent (delivered to mailbox) This is postfix/local, which means it is not being routed to your virtual_transport. It means example.com is in mydestination. > Mar 17 00:02:46 poab postfix/qmgr[14844]: 66AD04E23EE: removed > > # postconf -n > alias_database = hash:/etc/aliases > alias_maps = hash:/etc/aliases > append_dot_mydomain = no > biff = no > broken_sasl_auth_clients = yes > config_directory = /etc/postfix > debug_peer_level = 3 > inet_interfaces = all > inet_protocols = all > mailbox_size_limit = 5120000000 > myhostname = example.com ... You did not even set mydestination, thus you get the default. You really should review the Postfix Basic Configuration README: http://www.postfix.org/BASIC_CONFIGURATION_README.html Perhaps you'd be better off without the virtual mailboxes anyway? [snip] > Central Asia by bike, starting May 2013 - http://poab.org Wow, a great adventure, good luck! -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From cryptodan at gmail.com Sun Mar 17 12:20:05 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Sun, 17 Mar 2013 10:20:05 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <1363480160.3986.14.camel@tardis> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> Message-ID: I really find the lack of error logging, and the virtual lack of documentation for Dovecot very disturbing. I am so close to dropping this side project of being able to support multiple domains on a mail server. It is in my utmost respectful opinion to have multiple files to edit just to get this working in basic mode. Why cant dovecot combine all configuration parameters into one config like that of postfix main.cf for server config, and the master.cf for sockets and listeners? If there are multiple files to be edited then the error logging should mention what file contains the log, and where so you can easily locate the issue. I find this software to be very lack luster and very difficult to use. Dovecot has given me nothing but headache and grief, and as far as I am concerned not a finished product. On Sun, Mar 17, 2013 at 12:29 AM, Noel Butler wrote: > On Sat, 2013-03-16 at 15:33 +0100, mourik jan heupink wrote: > > > destination_recipient_limit > > > Not sure what happened there but evolution did not like all the chars in > your post when invoking reply... probably time to update this darn > thing, its the last ubuntu POS that hasn't been updated to opensuse yet. > > > " Ah interesting..! Is that perhaps why > dovecot_destination_recipient_limit=1 was needed, here..? " > > No, it was to reduce the possibility of some other little quirks rearing > their nasty heads IIRC. > > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From professa at dementianati.com Sun Mar 17 12:25:56 2013 From: professa at dementianati.com (Professa Dementia) Date: Sun, 17 Mar 2013 03:25:56 -0700 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> Message-ID: <51459A34.9030508@dementianati.com> On 3/17/2013 3:20 AM, Daniel Reinhardt wrote: > I really find the lack of error logging, and the virtual lack of > documentation for Dovecot very disturbing. I am so close to dropping this > side project of being able to support multiple domains on a mail server. > It is in my utmost respectful opinion to have multiple files to edit just > to get this working in basic mode. Why cant dovecot combine all > configuration parameters into one config like that of postfix main.cf for > server config, and the master.cf for sockets and listeners? > > If there are multiple files to be edited then the error logging should > mention what file contains the log, and where so you can easily locate the > issue. I find this software to be very lack luster and very difficult to > use. > > Dovecot has given me nothing but headache and grief, and as far as I am > concerned not a finished product. We are very sorry you are not satisfied with the software. Please feel free to return the software for a full refund of all the money you paid. If you do not like the multiple config files, you can always combine them. Documentation is online at http://www.dovecot.org/documentation.html Welcome to the world of open source. Software is provided through the generous contributions of many people, all of whom have regular jobs and do this because they enjoy it. With open source, if there is something you do not like, you can change the software to your liking. Try that with proprietary software. And just a friendly word of advice: change your attitude or you will find your cries fall on deaf ears. Dem From jerry at seibercom.net Sun Mar 17 14:04:06 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 17 Mar 2013 08:04:06 -0400 Subject: [Dovecot] Dovecot SASL & Postfix Message-ID: <20130317080406.41d6f23f@scorpio> This is probably a dumb question, but I'll ask anyway. I am currently using Postfix with Dovecot and Cyrus-SASL. I want to switch over to Dovecot SASL. The regular Dovecot user/password file is not the same as the file used by cyrus-sasl. Usewr names and passwords are different. I created a flat file that dovecot can use for SASL look-ups; however, exactly where in the Dovecot config file to I place the entry. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From h.reindl at thelounge.net Sun Mar 17 14:21:38 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 17 Mar 2013 13:21:38 +0100 Subject: [Dovecot] Dovecot SASL & Postfix In-Reply-To: <20130317080406.41d6f23f@scorpio> References: <20130317080406.41d6f23f@scorpio> Message-ID: <5145B552.2050703@thelounge.net> Am 17.03.2013 13:04, schrieb Jerry: > I am currently using Postfix with Dovecot and Cyrus-SASL. I want to > switch over to Dovecot SASL. The regular Dovecot user/password file is > not the same as the file used by cyrus-sasl > I created a flat file that dovecot can use for SASL look-ups the main benefit of dovecot SASL is that SMTP auth is using exactly the same users/passwords and auth-mechs as imap/pop3 - so i do not understand why you want create anything special -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From jerry at seibercom.net Sun Mar 17 15:08:31 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 17 Mar 2013 09:08:31 -0400 Subject: [Dovecot] Dovecot SASL & Postfix In-Reply-To: <5145B552.2050703@thelounge.net> References: <20130317080406.41d6f23f@scorpio> <5145B552.2050703@thelounge.net> Message-ID: <20130317090831.7c7d18a8@scorpio> On Sun, 17 Mar 2013 13:21:38 +0100 Reindl Harald articulated: > Am 17.03.2013 13:04, schrieb Jerry: > > I am currently using Postfix with Dovecot and Cyrus-SASL. I want to > > switch over to Dovecot SASL. The regular Dovecot user/password file > > is not the same as the file used by cyrus-sasl > > > I created a flat file that dovecot can use for SASL look-ups > > the main benefit of dovecot SASL is that SMTP auth is > using exactly the same users/passwords and auth-mechs > as imap/pop3 - so i do not understand why you want create > anything special Because that is the way the system was originally configured. I had nothing to do with it. The system uses a simple format: user at doman.com password The SASL mechanism presently in use uses: user at hostname.domain.com password Worse, the passwords are not the same in both instances. If I try to implement one system I will have to deal with all of the present users and get them all on the same page. That is not something I really want to invest time in right now. If dovecot could be told to use a specific file then that would simplify things greatly. Besides, the SASL file does not need all of the information contained in the regular Dovecot user/passwd file. Otherwise, I might just give up on this entire endeavor. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From CMarcus at Media-Brokers.com Sun Mar 17 16:08:01 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 17 Mar 2013 10:08:01 -0400 Subject: [Dovecot] Dovecot SASL & Postfix In-Reply-To: <20130317090831.7c7d18a8@scorpio> References: <20130317080406.41d6f23f@scorpio> <5145B552.2050703@thelounge.net> <20130317090831.7c7d18a8@scorpio> Message-ID: <5145CE41.1000408@Media-Brokers.com> On 2013-03-17 9:08 AM, Jerry wrote: > Because that is the way the system was originally configured. I had > nothing to do with it. > > The system uses a simple format: > > user at doman.com password > > The SASL mechanism presently in use uses: > > user at hostname.domain.com password > > Worse, the passwords are not the same in both instances. If I try to > implement one system I will have to deal with all of the present users > and get them all on the same page. That is not something I really want > to invest time in right now. > > If dovecot could be told to use a specific file then that would simplify > things greatly. Besides, the SASL file does not need all of the > information contained in the regular Dovecot user/passwd file. > Otherwise, I might just give up on this entire endeavor. Personally, I would *much* prefer the pain of changing everyone over to a single password backend for both just one time, than to have to continue to maintain a broken system. -- Best regards, Charles From stan at hardwarefreak.com Sun Mar 17 16:13:23 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sun, 17 Mar 2013 09:13:23 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51459A34.9030508@dementianati.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> Message-ID: <5145CF83.20906@hardwarefreak.com> On 3/17/2013 5:25 AM, Professa Dementia wrote: > We are very sorry you are not satisfied with the software. Please feel > free to return the software for a full refund of all the money you paid. You do not speak on behalf of Dovecot, Timo, this list, and certainly not for me. Do not use "we" in this manner. And there's no reason to be a smart ass. > Welcome to the world of open source. Software is provided through the > generous contributions of many people, all of whom have regular jobs and > do this because they enjoy it. With open source, if there is something > you do not like, you can change the software to your liking. Try that > with proprietary software. The OP is fully familiar with the open source model. Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. I absolutely agree with him. While the split config setup may make sense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. It should have been made optional, not the default. Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. > And just a friendly word of advice: change your attitude or you will > find your cries fall on deaf ears. The OP's attitude is fine. It is yours that is the problem. Dissent and critique should be cherished, not attacked. We're not a bunch of little Fascists walking in lock step under de Fuhrer Timo, so stop acting like one. -- Stan From benkokakao at gmail.com Sun Mar 17 17:57:36 2013 From: benkokakao at gmail.com (Christian Benke) Date: Sun, 17 Mar 2013 16:57:36 +0100 Subject: [Dovecot] Dovecot as LDA with Postfix and virtual users In-Reply-To: <20130317015817.GB3672@harrier.slackbuilds.org> References: <20130317015817.GB3672@harrier.slackbuilds.org> Message-ID: Hello Rob! Thanks for answering! On 17 March 2013 02:58, /dev/rob0 wrote: > On Sun, Mar 17, 2013 at 01:20:55AM +0100, Christian Benke wrote: >> Some part in the configuration seems to miss though, as mails are >> received by Postfix, but instead of giving it to Dovecot for >> delivery, it delivers the mails itself. > > Perhaps surprisingly, this is a Postfix issue, not a Dovecot one. No, i was expecting it :-) I just wasn't sure where it belongs to. >> Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to=> example.com>, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, >> dsn=2.0.0, status=sent (delivered to mailbox) > > This is postfix/local, which means it is not being routed to your > virtual_transport. It means example.com is in mydestination. > You did not even set mydestination, thus you get the default. You > really should review the Postfix Basic Configuration README: No, i tried a lot yesterday and i started from a working postfix/dovecot-setup with PAM. The config i posted above was merely the last incarnation. Should probably have emphasized that. I commented out mydestination because i received warnings that i shouldn't list them in both mydestination and virtual_mailbox_domains. Still, dovecot LDA has not been called either when the mydestination-parameter was present: Mar 16 21:54:56 poab postfix/smtpd[4197]: connect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: setting up TLS connection from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/smtpd[4197]: Anonymous TLS connection established from mail-we0-f176.google.com[74.125.82.176]: TLSv1 with cipher RC4-SHA (128/128 bits) Mar 16 21:54:56 poab dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_mysql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_pgsql.so Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libdriver_sqlite.so Mar 16 21:54:56 poab dovecot: auth: Debug: passwd-file /etc/dovecot/users: Read 1 users in 0 secs Mar 16 21:54:56 poab dovecot: auth: Debug: auth client connected (pid=0) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains Mar 16 21:54:56 poab postfix/smtpd[4197]: 856034E1FD1: client=mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/cleanup[4203]: 856034E1FD1: message-id= Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: from=, size=1644, nrcpt=1 (queue active) Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains Mar 16 21:54:56 poab postfix/smtpd[4197]: disconnect from mail-we0-f176.google.com[74.125.82.176] Mar 16 21:54:56 poab postfix/local[4204]: 856034E1FD1: to=, relay=local, delay=0.39, delays=0.33/0.01/0/0.06, dsn=2.0.0, status=sent (delivered to mailbox) Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: removed > Perhaps you'd be better off without the virtual mailboxes anyway? Perhaps, and that's where i actually started from. Virtual users are an attractive feature tough and as it didn't seem too intimidating, i thought i could give it a try. 6 hours later, i was wiser. I've gone back to the working PAM-config today and will try to figure out SASL for now, maybe going back to virtual users later. But i'm still interested in comments regarding the mydestination issue, i can go back to the virtual user settings quickly to try. > [snip] >> Central Asia by bike, starting May 2013 - http://poab.org > > Wow, a great adventure, good luck! Thanks! Will (re-)add a RSS-feed soon. Best regards, Christian From h.reindl at thelounge.net Sun Mar 17 18:27:04 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 17 Mar 2013 17:27:04 +0100 Subject: [Dovecot] Dovecot SASL & Postfix In-Reply-To: <20130317090831.7c7d18a8@scorpio> References: <20130317080406.41d6f23f@scorpio> <5145B552.2050703@thelounge.net> <20130317090831.7c7d18a8@scorpio> Message-ID: <5145EED8.6090604@thelounge.net> Am 17.03.2013 14:08, schrieb Jerry: >> the main benefit of dovecot SASL is that SMTP auth is >> using exactly the same users/passwords and auth-mechs >> as imap/pop3 - so i do not understand why you want create >> anything special > > Because that is the way the system was originally configured. I had > nothing to do with it. time to fix it or not touch it at all > The system uses a simple format: > > user at doman.com password > > The SASL mechanism presently in use uses: > > user at hostname.domain.com password pff - sounds funny for the users whoever did set this up -> seek and punish this guy :-) > Worse, the passwords are not the same in both instances. If I try to > implement one system I will have to deal with all of the present users > and get them all on the same page. That is not something I really want > to invest time in right now. so do not touch it at all or do it right for one last time > If dovecot could be told to use a specific file then that would simplify > things greatly. Besides, the SASL file does not need all of the > information contained in the regular Dovecot user/passwd file. > Otherwise, I might just give up on this entire endeavor. how should it be told? dovecot has it's passwords and usernames, they are still used for IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over SASL auth at all and is using it's usernames and passwords -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From CMarcus at Media-Brokers.com Sun Mar 17 18:39:28 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Sun, 17 Mar 2013 12:39:28 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5145CF83.20906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> Message-ID: <5145F1C0.2090004@Media-Brokers.com> On 2013-03-17 10:13 AM, Stan Hoeppner wrote: > On 3/17/2013 5:25 AM, Professa Dementia wrote: > >> We are very sorry you are not satisfied with the software. Please feel >> free to return the software for a full refund of all the money you paid. > You do not speak on behalf of Dovecot, Timo, this list, and certainly > not for me. Do not use "we" in this manner. And there's no reason to > be a smart ass. I'd call it more 'tongue-in-cheek'... But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. > The OP is fully familiar with the open source model. So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. > Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. > The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? > I absolutely agree with him. Then you are free to do one of the above... > While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: http://wiki2.dovecot.org/BasicConfiguration In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. This makes it really easy to manage my settings. I do something similar in postfix - I add a new section at the very end of main.cf: *** Bgn My Custom Settings *** my settings here *** End My Custom Settings This makes it very easy (for me) to manage changes and updates. Of course, what I like may seem silly or confusing to someone else. Isn't freedom cool? :) > It should have been made optional, not the default. This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. > Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. As long as they rtfm - and again, it *is* fairly well documented, although personally I personally think it could be made more prominent. And again - you are free to improve the documentation. Regardless, it certainly isn't 'stupid', and is only likely to confuse and/or infuriate new users who refuse to rtfm. > Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. I would agree in general, but not with respect to dovecot in particular, because I don't see dovecot as having 'lackluster' documentation. >> And just a friendly word of advice: change your attitude or you will >> find your cries fall on deaf ears. Back at ya Stan. Normally you are pretty level-headed, and some of your posts regarding details of enterprise hardware are extremely informative, personally I think this post is way beneath you. > The OP's attitude is fine. It is yours that is the problem. Dissent > and critique should be cherished, not attacked. We're not a bunch of > little Fascists walking in lock step under de Fuhrer Timo, so stop > acting like one. Dissent is ok to a point, as long as it is done politely and without unnecessary flaming, and includes some minimal amount of reasonable argument. Flame-baiting (ie making false claims that dovecot is 'crappy software with lackluster or ), on the other hand, is absolutely *not* ok, and imnsho, this is all the OP - and you - were engaging in. When it boils down to a simple question of personal preference (ie the 'split config' issue), by all means, provide *constructive* criticism (ie, make your argument against making the split config the default) - but just name-calling and outright false-isms is *not* OK, and I for one would appreciate it if you'd re-think your comments. Personally, I think both of you owe Timo an apology. -- Best regards, Charles From bdh at machinehum.com Sun Mar 17 18:46:34 2013 From: bdh at machinehum.com (Brian Hayden) Date: Sun, 17 Mar 2013 11:46:34 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5145F1C0.2090004@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> Message-ID: <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Seriously. Stop it. Carry on your personal vendettas with Stan and others in private, please. - bdh On Mar 17, 2013, at 11:39 AM, Charles Marcus wrote: > On 2013-03-17 10:13 AM, Stan Hoeppner wrote: >> On 3/17/2013 5:25 AM, Professa Dementia wrote: >> >>> We are very sorry you are not satisfied with the software. Please feel >>> free to return the software for a full refund of all the money you paid. >> You do not speak on behalf of Dovecot, Timo, this list, and certainly >> not for me. Do not use "we" in this manner. And there's no reason to >> be a smart ass. > > I'd call it more 'tongue-in-cheek'... > > But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. > > Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. > > Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. > >> The OP is fully familiar with the open source model. > > So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. > >> Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. > > So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? > > The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. > > I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. > >> The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. > > Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. > > It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? > >> I absolutely agree with him. > > Then you are free to do one of the above... > >> While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. > > There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: > > http://wiki2.dovecot.org/BasicConfiguration > > In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. > > This makes it really easy to manage my settings. > > I do something similar in postfix - I add a new section at the very end of main.cf: > > *** Bgn My Custom Settings *** > > my settings here > > *** End My Custom Settings > > This makes it very easy (for me) to manage changes and updates. > > Of course, what I like may seem silly or confusing to someone else. > > Isn't freedom cool? :) > >> It should have been made optional, not the default. > > This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. > >> Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. > > As long as they rtfm - and again, it *is* fairly well documented, although personally I personally think it could be made more prominent. And again - you are free to improve the documentation. > > Regardless, it certainly isn't 'stupid', and is only likely to confuse and/or infuriate new users who refuse to rtfm. > >> Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. > > I would agree in general, but not with respect to dovecot in particular, because I don't see dovecot as having 'lackluster' documentation. > >>> And just a friendly word of advice: change your attitude or you will >>> find your cries fall on deaf ears. > > Back at ya Stan. Normally you are pretty level-headed, and some of your posts regarding details of enterprise hardware are extremely informative, personally I think this post is way beneath you. > >> The OP's attitude is fine. It is yours that is the problem. Dissent >> and critique should be cherished, not attacked. We're not a bunch of >> little Fascists walking in lock step under de Fuhrer Timo, so stop >> acting like one. > > Dissent is ok to a point, as long as it is done politely and without unnecessary flaming, and includes some minimal amount of reasonable argument. > > Flame-baiting (ie making false claims that dovecot is 'crappy software with lackluster or ), on the other hand, is absolutely *not* ok, and imnsho, this is all the OP - and you - were engaging in. > > When it boils down to a simple question of personal preference (ie the 'split config' issue), by all means, provide *constructive* criticism (ie, make your argument against making the split config the default) - but just name-calling and outright false-isms is *not* OK, and I for one would appreciate it if you'd re-think your comments. > > Personally, I think both of you owe Timo an apology. > > -- > > Best regards, > > Charles > > From cryptodan at gmail.com Sun Mar 17 19:11:18 2013 From: cryptodan at gmail.com (Daniel) Date: Sun, 17 Mar 2013 17:11:18 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. Daniel Reinhardt 301-875-7018(c) 410-455-0488(h) On 2013-03-17, at 16:46, Brian Hayden wrote: > Seriously. Stop it. Carry on your personal vendettas with Stan and others in private, please. > > - bdh > > On Mar 17, 2013, at 11:39 AM, Charles Marcus wrote: > >> On 2013-03-17 10:13 AM, Stan Hoeppner wrote: >>> On 3/17/2013 5:25 AM, Professa Dementia wrote: >>> >>>> We are very sorry you are not satisfied with the software. Please feel >>>> free to return the software for a full refund of all the money you paid. >>> You do not speak on behalf of Dovecot, Timo, this list, and certainly >>> not for me. Do not use "we" in this manner. And there's no reason to >>> be a smart ass. >> >> I'd call it more 'tongue-in-cheek'... >> >> But the fact is, while not perfect, Dovecot is pretty well documented, and Timo is very good about fixing it when errors are pointed out. >> >> Also, the documentation link is very prominent on dovecots home page, so the complaint about the 'virtual lack of documentation' is flat out wrong and deserves to be called out. >> >> Also, since it (the docs) is a wiki, and since this is 'free software', there is nothing wrong with some level of expectation that others help out if/when they encounter anything that lacks. >> >>> The OP is fully familiar with the open source model. >> >> So you know him personally? If you don't, then how can you be so sure? I suggest that his false claim of the 'virtual lack of documentation' suggests otherwise. People familiar with the open source model are also familiar with how to look for documentation for open source software. >> >>> Being open source and developed by volunteer effort is NEVER an excuse for crappy software or documentation. >> >> So now *you* falsely claim that dovecot is 'crappy software with crappy documentation? >> >> The nice thing about open source software is you are free to use it, make it better (either through code contributions, documentation efforts, providing support on mail lists, etc), or, don't use it at all. >> >> I suggest that your time would be better spent doing one of the above, rather than just spewing false claims. >> >>> The OP has every right, and *duty* to voice his opinion, whether it be praise or critique. Without critique software doesn't get improved. >> >> Does he have every right to *lie* about it? Opinions vary, but facts are facts, and the fact is, the claim that dovecot has a 'virtual lack of documentation' is an outright lie. >> >> It may not be as good as you or others might like, and there may be certain places where it is a bit lacking, but rather than spewing false claims, maybe your time would be better spent improving it? >> >>> I absolutely agree with him. >> >> Then you are free to do one of the above... >> >>> While the split config setup may makesense to a developer, and it may work better with some automated tools, it is counter intuitive for the majority of UNIX users. >> >> There are those who disagree with you. I happen to *not* be one of them, I was certainly very confused by the split config when I first peeked at it, but again, as has already been pointed out, you are free to put everything in your own single config file. In fact, It is very easy to do, and also (contrary to the false claims presented) well documented: >> >> http://wiki2.dovecot.org/BasicConfiguration >> >> In fact, I now really like doing it this way, because I can just add all of my settings to a file named /etc/dovecot/conf.d/99-mysettings.conf, and know that they will over-ride any settings in any other files. >> >> This makes it really easy to manage my settings. >> >> I do something similar in postfix - I add a new section at the very end of main.cf: >> >> *** Bgn My Custom Settings *** >> >> my settings here >> >> *** End My Custom Settings >> >> This makes it very easy (for me) to manage changes and updates. >> >> Of course, what I like may seem silly or confusing to someone else. >> >> Isn't freedom cool? :) >> >>> It should have been made optional, not the default. >> >> This is a design decision. Timo is the primary dovecot author, so it is his decision. You are free to disagree with it, but his choice doesn't make dovecot 'crappy software'. >> >>> Doing this was pretty stupid and will confuse, possibly infuriate, new users, as in this case, and likely some of those upgrading as well. >> >> As long as they rtfm - and again, it *is* fairly well documented, although personally I personally think it could be made more prominent. And again - you are free to improve the documentation. >> >> Regardless, it certainly isn't 'stupid', and is only likely to confuse and/or infuriate new users who refuse to rtfm. >> >>> Things like this, as well as lackluster documentation, tend to retard adoption, or worse, drive current users to competing solutions. >> >> I would agree in general, but not with respect to dovecot in particular, because I don't see dovecot as having 'lackluster' documentation. >> >>>> And just a friendly word of advice: change your attitude or you will >>>> find your cries fall on deaf ears. >> >> Back at ya Stan. Normally you are pretty level-headed, and some of your posts regarding details of enterprise hardware are extremely informative, personally I think this post is way beneath you. >> >>> The OP's attitude is fine. It is yours that is the problem. Dissent >>> and critique should be cherished, not attacked. We're not a bunch of >>> little Fascists walking in lock step under de Fuhrer Timo, so stop >>> acting like one. >> >> Dissent is ok to a point, as long as it is done politely and without unnecessary flaming, and includes some minimal amount of reasonable argument. >> >> Flame-baiting (ie making false claims that dovecot is 'crappy software with lackluster or ), on the other hand, is absolutely *not* ok, and imnsho, this is all the OP - and you - were engaging in. >> >> When it boils down to a simple question of personal preference (ie the 'split config' issue), by all means, provide *constructive* criticism (ie, make your argument against making the split config the default) - but just name-calling and outright false-isms is *not* OK, and I for one would appreciate it if you'd re-think your comments. >> >> Personally, I think both of you owe Timo an apology. >> >> -- >> >> Best regards, >> >> Charles >> >> From jerry at seibercom.net Sun Mar 17 19:51:16 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 17 Mar 2013 13:51:16 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: <20130317135116.3733a26f@scorpio> On Sun, 17 Mar 2013 17:11:18 +0000 Daniel articulated: > First of all the wiki articles on dovecots site are poorly written > compared to apache and postfix. That is what I mean by lack luster > the error logging is lack luster as it doesn't specify the file or > the line error is on like many very well supported applications like > apache and postfix and that makes dovecot not very user friendly. I > owe no one an apology for stating my opinion and I have over 10 years > of using open source software and dovecot is the application that I > have used that given me such headache and grief to the point I have > given up on this learning experience. First of all, I don't think any sane person would argue that the Dovecot documentation is in a league with Postfix or even Apache. For that matter, I know of no other open source software that has documentation as detailed as Postfix. Try deciphering the OpenSSL documentation sometime. However, I think it is obvious that the poster was simply "venting" his frustrations out on a convenient audience. The logging could be "tightened" up and the documentation does need work. With that said, I think we can put this matter to bed. Nothing is going to come from it so why waste time arguing over it. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From rob0 at gmx.co.uk Sun Mar 17 19:56:36 2013 From: rob0 at gmx.co.uk (/dev/rob0) Date: Sun, 17 Mar 2013 12:56:36 -0500 Subject: [Dovecot] Dovecot as LDA with Postfix and virtual users In-Reply-To: References: <20130317015817.GB3672@harrier.slackbuilds.org> Message-ID: <20130317175636.GC3672@harrier.slackbuilds.org> On Sun, Mar 17, 2013 at 04:57:36PM +0100, Christian Benke wrote: > On 17 March 2013 02:58, /dev/rob0 wrote: > > On Sun, Mar 17, 2013 at 01:20:55AM +0100, Christian Benke wrote: > >> Some part in the configuration seems to miss though, as mails are > >> received by Postfix, but instead of giving it to Dovecot for > >> delivery, it delivers the mails itself. > > > > Perhaps surprisingly, this is a Postfix issue, not a Dovecot one. > > No, i was expecting it :-) I just wasn't sure where it belongs to. > > >> Mar 17 00:02:46 poab postfix/local[15341]: 66AD04E23EE: to= >> example.com>, relay=local, delay=0.35, delays=0.3/0.01/0/0.04, > >> dsn=2.0.0, status=sent (delivered to mailbox) > > > > This is postfix/local, which means it is not being routed to your > > virtual_transport. It means example.com is in mydestination. > > > You did not even set mydestination, thus you get the default. You > > really should review the Postfix Basic Configuration README: > > No, i tried a lot yesterday and i started from a working > postfix/dovecot-setup with PAM. The config i posted above was > merely the last incarnation. Should probably have emphasized that. > > I commented out mydestination because i received warnings that i > shouldn't list them in both mydestination and > virtual_mailbox_domains. With mydestination commented out you get the default, which is not an empty set. $ /usr/sbin/postconf -d mydestination mydestination = $myhostname, localhost.$mydomain, localhost > Still, dovecot LDA has not been called either when the > mydestination-parameter was present: > > Mar 16 21:54:56 poab postfix/smtpd[4197]: connect from > mail-we0-f176.google.com[74.125.82.176] > Mar 16 21:54:56 poab postfix/smtpd[4197]: setting up TLS connection > from mail-we0-f176.google.com[74.125.82.176] > Mar 16 21:54:56 poab postfix/smtpd[4197]: Anonymous TLS connection > established from mail-we0-f176.google.com[74.125.82.176]: TLSv1 with > cipher RC4-SHA (128/128 bits) > Mar 16 21:54:56 poab dovecot: auth: Debug: Loading modules from > directory: /usr/lib/dovecot/modules/auth > Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: > /usr/lib/dovecot/modules/auth/libdriver_mysql.so > Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: > /usr/lib/dovecot/modules/auth/libdriver_pgsql.so > Mar 16 21:54:56 poab dovecot: auth: Debug: Module loaded: > /usr/lib/dovecot/modules/auth/libdriver_sqlite.so > Mar 16 21:54:56 poab dovecot: auth: Debug: passwd-file > /etc/dovecot/users: Read 1 users in 0 secs > Mar 16 21:54:56 poab dovecot: auth: Debug: auth client connected (pid=0) > Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not > list domain example.com in BOTH mydestination and > virtual_mailbox_domains > Mar 16 21:54:56 poab postfix/smtpd[4197]: 856034E1FD1: > client=mail-we0-f176.google.com[74.125.82.176] > Mar 16 21:54:56 poab postfix/cleanup[4203]: 856034E1FD1: > message-id= > Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: from= wheemail.com>, size=1644, nrcpt=1 (queue active) > Mar 16 21:54:56 poab postfix/trivial-rewrite[4202]: warning: do not > list domain example.com in BOTH mydestination and > virtual_mailbox_domains This is undocumented, but when a domain is in some other class in addition to mydestination, mydestination takes priority. Don't count on that: just ensure that each address class definition (see the Address Class README) is unique. > Mar 16 21:54:56 poab postfix/smtpd[4197]: disconnect from > mail-we0-f176.google.com[74.125.82.176] > Mar 16 21:54:56 poab postfix/local[4204]: 856034E1FD1: to= example.com>, relay=local, delay=0.39, delays=0.33/0.01/0/0.06, > dsn=2.0.0, status=sent (delivered to mailbox) Thus we see again, mail is handled by the local_transport, local(8). > Mar 16 21:54:56 poab postfix/qmgr[4195]: 856034E1FD1: removed > > > Perhaps you'd be better off without the virtual mailboxes anyway? > > Perhaps, and that's where i actually started from. Virtual users > are an attractive feature tough and as it didn't seem too > intimidating, i thought i could give it a try. 6 hours later, i > was wiser. Virtual mailboxes have their place, indeed, but more so for large numbers of domains and users. For a small-timer (as it sounds like you are), I wouldn't say they're attractive. Increased complexity, decreased functionality, [usually] security tradeoffs. (System users who own all and ONLY their own mail are not going to endanger others' mail. Virtual mailboxes typically are owned by a shared UID+GID, and a compromise of that UID or GID could threaten all mail.) > I've gone back to the working PAM-config today and will try to > figure out SASL for now, maybe going back to virtual users later. > But i'm still interested in comments regarding the mydestination > issue, i can go back to the virtual user settings quickly to try. If your domain is NOT listed in mydestination, but it IS listed in virtual_mailbox_domains, it will be handled by your virtual_transport. Quite as simple as that. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From jerry at seibercom.net Sun Mar 17 21:08:37 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 17 Mar 2013 15:08:37 -0400 Subject: [Dovecot] Dovecot SASL & Postfix In-Reply-To: <5145EED8.6090604@thelounge.net> References: <20130317080406.41d6f23f@scorpio> <5145B552.2050703@thelounge.net> <20130317090831.7c7d18a8@scorpio> <5145EED8.6090604@thelounge.net> Message-ID: <20130317150837.5a57f230@scorpio> On Sun, 17 Mar 2013 17:27:04 +0100 Reindl Harald articulated: > > Am 17.03.2013 14:08, schrieb Jerry: > >> the main benefit of dovecot SASL is that SMTP auth is > >> using exactly the same users/passwords and auth-mechs > >> as imap/pop3 - so i do not understand why you want create > >> anything special > > > > Because that is the way the system was originally configured. I had > > nothing to do with it. > > time to fix it or not touch it at all > > > The system uses a simple format: > > > > user at doman.com password > > > > The SASL mechanism presently in use uses: > > > > user at hostname.domain.com password > > pff - sounds funny for the users > whoever did set this up -> seek and punish this guy :-) > > > Worse, the passwords are not the same in both instances. If I try to > > implement one system I will have to deal with all of the present > > users and get them all on the same page. That is not something I > > really want to invest time in right now. > > so do not touch it at all or do it right for one last time > > > If dovecot could be told to use a specific file then that would > > simplify things greatly. Besides, the SASL file does not need all > > of the information contained in the regular Dovecot user/passwd > > file. Otherwise, I might just give up on this entire endeavor. > > how should it be told? > > dovecot has it's passwords and usernames, they are still used for > IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over > SASL auth at all and is using it's usernames and passwords From what I was told, it was originally set up so that if a user's mailbox password was compromised, it would not also compromise their SASL password. Actually, it does seem to make a somewhat more secure system. Having an optional file for use strictly with SASL in Dovecot would seem like something that could be quite useful under the right circumstances. In any case, I will revisit this problem when I feel inclined to fight with the current users of the system. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From stan at hardwarefreak.com Sun Mar 17 21:36:17 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sun, 17 Mar 2013 14:36:17 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5145F1C0.2090004@Media-Brokers.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> Message-ID: <51461B31.2040906@hardwarefreak.com> On 3/17/2013 11:39 AM, Charles Marcus wrote: > On 2013-03-17 10:13 AM, Stan Hoeppner wrote: >> On 3/17/2013 5:25 AM, Professa Dementia wrote: >>> And just a friendly word of advice: change your attitude or you will >>> find your cries fall on deaf ears. > > Back at ya Stan. Normally you are pretty level-headed, and some of your > posts regarding details of enterprise hardware are extremely > informative, personally I think this post is way beneath you. Follow the threading Charles. The comment above belongs to Dementia, not me. >> The OP's attitude is fine. It is yours that is the problem. Dissent >> and critique should be cherished, not attacked. We're not a bunch of >> little Fascists walking in lock step under de Fuhrer Timo, so stop >> acting like one. > > Dissent is ok to a point, as long as it is done politely and without > unnecessary flaming, and includes some minimal amount of reasonable > argument. The only flaming here was done by Dementia. Note that Daniel stated in his complaint: "in my utmost respectful opinion" > Flame-baiting (ie making false claims that dovecot is 'crappy software > with lackluster or ), on the other hand, is absolutely *not* ok, and > imnsho, this is all the OP - and you - were engaging in. You perceived an attack and picked up sword and shield to defend Dovecot and Timo. Unfortunately your adrenaline got the best of you. Neither Daniel nor I engaged in flame baiting. You would do well to drop the sword and shield and re-read both of our posts dispassionately. I did not call Dovecot crappy software as you accuse me of here. If that were my opinion I certainly would not be using it and I wouldn't be participating on this mailing list. Dementia made the case that users are responsible for fixing anything they don't like about open source software, suggesting it's ok to publish crappy software and make it the users' responsibility to fix it. > When it boils down to a simple question of personal preference (ie the > 'split config' issue), by all means, provide *constructive* criticism > (ie, make your argument against making the split config the default) - We both did. > but just name-calling and outright false-isms is *not* OK, and I for one > would appreciate it if you'd re-think your comments. Neither of us engaged in name calling nor made false claims. We did both express frustration. And yes I did use the word stupid. And Linus told nVidia "Fuck you!" on camera. I'd say "stupid" is very tame, blunt, and to the point. Anyone who is so thin skinned as to take offense to "stupid" isn't tough enough to participate on the interwebs. > Personally, I think both of you owe Timo an apology. Personally I would prefer you let the air out of your chest Charles, drop the sword and the shield, and re-read the email exchange dispassionately. ;) I think you know me well enough through our extensive interaction that I would not make ad hominem attacks or make baseless accusation against Dovecot or Timo. I think Timo's skin is sufficiently thick to take a little criticism and not lose sleep over it. Apologies are for personal attacks. I made no personal attacks. -- Stan From lstone19 at stonejongleux.com Sun Mar 17 22:12:31 2013 From: lstone19 at stonejongleux.com (Larry Stone) Date: Sun, 17 Mar 2013 15:12:31 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51461B31.2040906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <51461B31.2040906@hardwarefreak.com> Message-ID: All of this said (and much of it not worth repeating), one problem that seems to affect all software as it grows is that as documentation is "patched" to describe new features, it becomes too complex for the new user who just wants to do something simple to figure how to do that simple stuff. For the user who has been along for the long ride since the software started, it makes sense but the new user is overwhelmed. Rewriting documentation is no easy task but it can help for someone to take a look at it the way a new user might who knows nothing about the software. I don't know the history of Dovecot but my guess would be the Dovecot LDA was added after the Dovecot POP/IMAP server component. Why? Because the www.dovecot.org Overview says "Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems" without any mention of the Dovecot LDA anywhere on that front page. Longtime users know about the Dovecot LDA but they rarely read that first page and it's harder to notice something is missing than it is to notice something is wrong. I recently replaced UW-IMAP with Dovecot. Once I set down to do it, it was fairly easy. But getting there was tough thanks to misinformation including a failed attempt a few years back using a package that tried to do too much (including forcing a conversion to Maildir - it may be the preferred way and it might be a good goal to get there but why force it when Dovecot was perfectly content to work with the existing mbox mailboxes). Coupled with that is the problem of people who like to give complex answers to simple questions. A poster wants to know how to do A and gets an answer that instead of doing A (which would require a simple configuration change), they're better off doing B which requires new software and/or a complicated conversion (I was just reading something in an archive where someone asked about locking of mbox files and instead of answering the question about how to configure that was told they're better off using Maildir. Perhaps true in the long run but a config change takes a few seconds; converting to Maildir can be a multi-hour or day project). Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. -- Larry Stone lstone19 at stonejongleux.com http://www.stonejongleux.com/ From tss at iki.fi Sun Mar 17 22:50:34 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 17 Mar 2013 21:50:34 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: On 17.3.2013, at 18.11, Daniel wrote: > First of all the wiki articles on dovecots site are poorly written compared to apache and postfix. It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. > That is what I mean by lack luster the error logging is lack luster as it doesn't specify the file or the line error is on like many very well supported applications like apache and postfix and that makes dovecot not very user friendly. If there is a syntax error, Dovecot shows the file and line number. After that it should always mention the setting name that is causing trouble, which I'd think should be easy to grep from the configs.. I guess it could be useful to show the file+line for it, but that's quite a lot of code to add just to avoid a grep. It's also a bit tricky to do without wasting more memory (wasting memory in config / doveconf process is fine, but not elsewhere, and some settings won't get processed until later). > I owe no one an apology for stating my opinion and I have over 10 years of using open source software and dovecot is the application that I have used that given me such headache and grief to the point I have given up on this learning experience. Quickly browsing through this thread, I guess this is the main problem? : Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) from mail_gid setting) failed with euid=1000(cryptodan), gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This binary should probably be called with process group set to 8(mail) instead of 1000(cryptodan)) Yes, this is something I've been annoyed at for a long time. But it's also not easy to make that error any better, except maybe by creating a wiki page explaining the whole thing and linking to it. (There are a ton of mails about this exact thing in Dovecot list archies.) There's also no setting that is specifically related to this (the problem is a mismatch between Dovecot/Postfix configuration). There is a super easy solution though: use LMTP instead of LDA, and there are no permission troubles. Maybe that's what the LDA wiki page should say.. Done: http://wiki2.dovecot.org/LDA From benkokakao at gmail.com Sun Mar 17 23:38:14 2013 From: benkokakao at gmail.com (Christian Benke) Date: Sun, 17 Mar 2013 22:38:14 +0100 Subject: [Dovecot] Dovecot as LDA with Postfix and virtual users In-Reply-To: <20130317175636.GC3672@harrier.slackbuilds.org> References: <20130317015817.GB3672@harrier.slackbuilds.org> <20130317175636.GC3672@harrier.slackbuilds.org> Message-ID: >> > Perhaps you'd be better off without the virtual mailboxes anyway? >> >> Perhaps, and that's where i actually started from. Virtual users >> are an attractive feature tough and as it didn't seem too >> intimidating, i thought i could give it a try. 6 hours later, i >> was wiser. > > Virtual mailboxes have their place, indeed, but more so for large > numbers of domains and users. For a small-timer (as it sounds like > you are), I wouldn't say they're attractive. Increased complexity, > decreased functionality, [usually] security tradeoffs. (System users > who own all and ONLY their own mail are not going to endanger others' > mail. Virtual mailboxes typically are owned by a shared UID+GID, and > a compromise of that UID or GID could threaten all mail.) Rob, thank you for your comments! I'll just stay with system users then, i only need a few accounts as you guessed correctly. Virtual users appeared nice due to the separation from the system. But probably not worth the effort, as you argumented. Cheers, Christian From rs at sys4.de Sun Mar 17 23:50:38 2013 From: rs at sys4.de (Robert Schetterer) Date: Sun, 17 Mar 2013 22:50:38 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <51461B31.2040906@hardwarefreak.com> Message-ID: <51463AAE.2080903@sys4.de> Am 17.03.2013 21:12, schrieb Larry Stone: > Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. "mail" isnt simple in general, if you wanna help getting better or more easy documentation at whatever feel free to write it, your welcome Actions speak louder than words. Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dbenfell at gmail.com Mon Mar 18 00:10:40 2013 From: dbenfell at gmail.com (David Benfell) Date: Sun, 17 Mar 2013 15:10:40 -0700 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5145CF83.20906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> Message-ID: <51463F60.5070409@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/17/2013 07:13 AM, Stan Hoeppner wrote: > On 3/17/2013 5:25 AM, Professa Dementia wrote: > >> We are very sorry you are not satisfied with the software. Please >> feel free to return the software for a full refund of all the >> money you paid. This is a formulaic response. > > You do not speak on behalf of Dovecot, Timo, this list, and > certainly not for me. Do not use "we" in this manner. And > there's no reason to be a smart ass. Right. > >> Welcome to the world of open source. Software is provided >> through the generous contributions of many people, all of whom >> have regular jobs and do this because they enjoy it. With open >> source, if there is something you do not like, you can change >> the software to your liking. Try that with proprietary >> software. More formulaic response. > > The OP is fully familiar with the open source model. Being open > source and developed by volunteer effort is NEVER an excuse for > crappy software or documentation. The OP has every right, and > *duty* to voice his opinion, whether it be praise or critique. > Without critique software doesn't get improved. I don't know if the "[original poster] is fully familiar with the open source model" or not, but I would save the rest of this response as a gem. The formulaic response, which I have seen again and again in the over ten years I've been working with open source software, really assumes that all users are programmers--or should be programmers--and are responsible for submitting fixes when something is wrong. Because what it really says is, if you don't like it, fix it yourself. Too many times, I've heard this referred to as "freedom." And like some other notions of freedom advanced in our society, it is only freedom for a limited class of people. There are lots of these kinds of assumptions throughout our society. But the fact is that not all of our talents align in the same directions. That's why we have specialization of labor. The next logical step in this assumption is that a dissatisfied user should, having become a programmer, fork the project, maintain and develop that fork, and integrate it at least with whatever distribution/variety of UNIX-like operating system s/he is using. Not all of us have time to do this. Again, that's why we have specialization of labor. > > The OP's attitude is fine. It is yours that is the problem. > Dissent and critique should be cherished, not attacked. We're not > a bunch of little Fascists walking in lock step under de Fuhrer > Timo, so stop acting like one. > More words to treasure. (Not that Timo envisions himself any kind of Fuehrer.) This reaches to a certain deification of certain individuals and organizations in the community--whether they themselves would be deified or not; I know examples of both--that really ought to be looked at more critically. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRRj9gAAoJELJhbl/uPb4SWtoQAJm1/aHlmQQu20o/8EvOiB9I a04lh7aLDD2DDq/09M0wj4Rjd02g1PP9AYpaHkPbnIPGm6TsiMy9d6uN7VHlPMN8 2ylc4aVUSpu564LvuMolLQxuWszdt2VHA4T2DYxdTBEYOpZKI2Yn8oBniP1MA3VW 7OP1Jr0BYtn2tffU6RHguRT+/ApSDKv/owI0aJorL0ql0QA9WlXKlKz4A5SvvRHU siZT7CyoxtaVn2SDIZRMrV4T/5gSZyxUatiIw8brNkhyaJb7TptLfusxgueUHEgT ZR84qyK2uenVP9LiFG7Ur8tsSU1ANmNSnGJyQLL8FJefsX4a1s0fhTb0U6ZenJsh u1OtOIF3KVtIvIb0tlBdX2n3nDDlXanvQW6Wg5qIBI0Fpk3BupDrxnKYicKCpaMc rj5tgAR5xNOpvGVRlaIspMw6+64xD53rMxWur3U7QUHqNBr/IodDc7ySJzbx9IJi /pG2ll+2TtT2fj+zIT5nLiPyl3R7hs4SE5JM52adQBtLmmS6vZwWEeMSTT6iBokn eXytWgY1+hdE8ldZdWropPd3tu0kfiPZSHE+bc9/Yj09P53FbrHD7QxE8j3HeG+v PtjKvdSmC2dDzuRp44tUoMkS6u3Y3NjT8ZYRrYHFlXLURLcKqkfziXEXjYEYYsIG YNbYpbWeIg5/z1yXnQI4 =I801 -----END PGP SIGNATURE----- From jerry at seibercom.net Mon Mar 18 00:40:03 2013 From: jerry at seibercom.net (Jerry) Date: Sun, 17 Mar 2013 18:40:03 -0400 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: <20130317184003.3004f585@scorpio> On Sun, 17 Mar 2013 21:50:34 +0100 Timo Sirainen articulated: > It's the best I can do myself. I have no idea how they could be > improved in any major way. They say that the software developer > himself is the worst possible person to write its documentation, > because he can't understand what others find difficult.. So very true Timo. That is why many fortune 500 companies use private authors to write the documentation for their products. Someone who knows nothing about it is usually the best one to write the instructions. Of course, they are guided along by competent instructors (hopefully). Unfortunately, the actual inventor or writer of an item usually takes everything for granted. That is why I have enjoyed the "Dummies" series of books. They break things down for the beginner as well as being (in most cases) detailed enough for the more experienced user. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From list_dovecot at bluerosetech.com Mon Mar 18 01:22:03 2013 From: list_dovecot at bluerosetech.com (Darren Pilgrim) Date: Sun, 17 Mar 2013 16:22:03 -0700 Subject: [Dovecot] Dovecot not obeying disable_plaintext_auth = yes and how to force/disable encryption Message-ID: <5146501B.9060502@bluerosetech.com> I'm using Dovecot 2.1.15. I need to require encryption and only secure auth on public addresses, but allow plaintext auth over an unencrypted connection on localhost. I have so far (excerpts from `doveconf -a`): auth_mechanisms = cram-md5 plain disable_plaintext_auth = yes listen = service imap-login { inet_listener imap-local { address = ::1 port = 143 ssl = no } inet_listener imap-pub { address = 2001:db8::1 port = 993 ssl = yes } } service managesieve-login { inet_listener sieve-local { address = ::1 port = 4190 ssl = no } inet_listener sieve-pub { address = 2001:db8::1 port = 4190 ssl = no } } The ssl option only seems to switch the inet_listener between using a secure socket and using STARTTLS. How do I tell a given inet_listener to do neither? How do I tell a given inet_listener to require STARTTLS before allowing AUTH/SASL? I would prefer to offer only CRAM-MD5 on the UGA/public ports, and only PLAIN or at least also PLAIN on localhost. I tried adding auth_mechanisms lines to each inet_listener block, but got parse errors. How do I do this? Dovecot seems to ignore disable_plaintext_auth = yes: # telnet 2001:db8::1 4190 Trying 2001:db8::1... Connected to host.example.com. Escape character is '^]'. "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave" "NOTIFY" "mailto" "SASL" "CRAM-MD5 PLAIN" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready." -- Please reply on list. From cryptodan at gmail.com Mon Mar 18 01:27:22 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Sun, 17 Mar 2013 23:27:22 +0000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: Timo, First thank you for taking the time to reply to this, but I tried using various LDA Command line suggestions from various places on the net, and Postfix is not even seeing that dovecot is listed in the master.cf file as a unix socket. I have tried using LMTP and again it is not seeing that postfix is configured to use dovecot-lmtp as a mail delivery agent for postfix. The way postfix works with dovecot is via mail-stack-delivery and use of mailbox_command that is set up within main.cf If I comment that out postfix sends to default mode which is Maildir in the users /home directory. I have configured SQL Lookups successfully for authentication within postfix and dovecot, its just the mail delivery agent that is not working. I even tried the sudo method, and that also failed. Don't get me wrong Dovecot is a nice piece of software, but maybe getting rid of the multiple files could make things easier, and a couple of sample configs could then be included in the source. And I am here trying to learn something new that I could put to use in a future job if I were ever told to setup an email server to replace an exchange system to handle multiple domains for various people. So thanks for allowing me to learn another process of setting up a server with email. Sincerely, Daniel Reinhardt On Sun, Mar 17, 2013 at 8:50 PM, Timo Sirainen wrote: > On 17.3.2013, at 18.11, Daniel wrote: > > > First of all the wiki articles on dovecots site are poorly written > compared to apache and postfix. > > It's the best I can do myself. I have no idea how they could be improved > in any major way. They say that the software developer himself is the worst > possible person to write its documentation, because he can't understand > what others find difficult.. > > > That is what I mean by lack luster the error logging is lack luster as > it doesn't specify the file or the line error is on like many very well > supported applications like apache and postfix and that makes dovecot not > very user friendly. > > If there is a syntax error, Dovecot shows the file and line number. After > that it should always mention the setting name that is causing trouble, > which I'd think should be easy to grep from the configs.. I guess it could > be useful to show the file+line for it, but that's quite a lot of code to > add just to avoid a grep. It's also a bit tricky to do without wasting more > memory (wasting memory in config / doveconf process is fine, but not > elsewhere, and some settings won't get processed until later). > > > I owe no one an apology for stating my opinion and I have over 10 years > of using open source software and dovecot is the application that I have > used that given me such headache and grief to the point I have given up on > this learning experience. > > Quickly browsing through this thread, I guess this is the main problem? : > > Mar 15 06:56:37 andromeda dovecot: lda(cryptodan): Fatal: setgid(8(mail) > from mail_gid setting) failed with euid=1000(cryptodan), > gid=1000(cryptodan), egid=1000(cryptodan): Operation not permitted (This > binary should probably be called with process group set to 8(mail) instead > of 1000(cryptodan)) > > Yes, this is something I've been annoyed at for a long time. But it's also > not easy to make that error any better, except maybe by creating a wiki > page explaining the whole thing and linking to it. (There are a ton of > mails about this exact thing in Dovecot list archies.) There's also no > setting that is specifically related to this (the problem is a mismatch > between Dovecot/Postfix configuration). There is a super easy solution > though: use LMTP instead of LDA, and there are no permission troubles. > Maybe that's what the LDA wiki page should say.. Done: > http://wiki2.dovecot.org/LDA > > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From h.reindl at thelounge.net Mon Mar 18 01:44:38 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 18 Mar 2013 00:44:38 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: <51465566.1000902@thelounge.net> Am 18.03.2013 00:27, schrieb Daniel Reinhardt: > First thank you for taking the time to reply to this, but I tried using > various LDA Command line suggestions from various places on the net, and > Postfix is not even seeing that dovecot is listed in the master.cf file as > a unix socket. > > I have tried using LMTP and again it is not seeing that postfix is > configured to use dovecot-lmtp as a mail delivery agent for postfix YOU ARE RESPONSIBLE TO CONFIGURE POSTFIX MASTER.CF NOT DOVECOT NOT ANYBODY ELSE YOU ARE RESPONSIBLE TO SET POSTFIX-TRANSPORTS TO USE LMTP NOT DOVECOT NOT ANYBODY ELSE RTFM - NOT THE DOVECOT THE POSTFIX ONES -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From noel.butler at ausics.net Mon Mar 18 01:45:54 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 18 Mar 2013 09:45:54 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> Message-ID: <1363563954.4078.20.camel@tardis> On Sun, 2013-03-17 at 10:20 +0000, Daniel Reinhardt wrote: > I really find the lack of error logging, and the virtual lack of > documentation for Dovecot very disturbing. I am so close to dropping this > side project of being able to support multiple domains on a mail server. I know I came in late having been away for a bit, but I did not note any reference to this guide you mentioned you used, perhaps show us a URL for it, maybe it is borked, and you'll chase your tail forever... > It is in my utmost respectful opinion to have multiple files to edit just > to get this working in basic mode. Why cant dovecot combine all > configuration parameters into one config like that of postfix main.cf for > server config, and the master.cf for sockets and listeners? > It used to, I strongly disagreed with the conf.d/blah blah blah splitting, its messy, cluttery, clumsy, and not time-management efficient, but, Timo's choice to do it. I use one single file, its about or less than 4K in size, and you can too, simple copy any million changes of other cruddy confs into dovecot.conf and comment out any includes, even delete them. The only separate file I have, is dovecot-sql.conf > > Dovecot has given me nothing but headache and grief, and as far as I am > concerned not a finished product. > it runs on some pretty big networks, handling millions of users, granted 2.x was, well, I always considered 2.0 to be beta, and 2.1 up until recently, it is not a good sign when there is patches every second other week, but, its been really good for a few months now, sad I know, 1.2 was like a tank, couldn't break it no mater what you through at it, infact I still have two servers using 1.2 as a fail safe. But, that said, you need to show us this guide you have followed, if you posted it, my bad for not seeing it, if not, your bad for not linking to it ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: face-wink.png Type: image/png Size: 876 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Mon Mar 18 01:47:47 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 18 Mar 2013 09:47:47 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51459A34.9030508@dementianati.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> Message-ID: <1363564067.4078.21.camel@tardis> On Sun, 2013-03-17 at 03:25 -0700, Professa Dementia wrote: > > And just a friendly word of advice: change your attitude or you will > find your cries fall on deaf ears. > > Dem > and that shit is helpful how? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Mon Mar 18 01:48:27 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 18 Mar 2013 09:48:27 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5145CF83.20906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> Message-ID: <1363564107.4078.22.camel@tardis> On Sun, 2013-03-17 at 09:13 -0500, Stan Hoeppner wrote: > On 3/17/2013 5:25 AM, Professa Dementia wrote: > > > We are very sorry you are not satisfied with the software. Please feel > > free to return the software for a full refund of all the money you paid. > > You do not speak on behalf of Dovecot, Timo, this list, and certainly > not for me. Do not use "we" in this manner. And there's no reason to > be a smart ass. I never ever in my wildest dreams thought I'd be saying this, but I wholeheartedly agree with Stan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From lstone19 at stonejongleux.com Mon Mar 18 02:02:53 2013 From: lstone19 at stonejongleux.com (Larry Stone) Date: Sun, 17 Mar 2013 19:02:53 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51463AAE.2080903@sys4.de> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <51461B31.2040906@hardwarefreak.com> <51463AAE.2080903@sys4.de> Message-ID: <785F9578-D5ED-4BAF-808C-5DBD23420CF6@stonejongleux.com> On Mar 17, 2013, at 4:50 PM, Robert Schetterer wrote: > Am 17.03.2013 21:12, schrieb Larry Stone: >> Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. > > "mail" isnt simple in general, True. But your needs aren't my needs. And while some systems may need a complex solution, not every one does. My mail server is at home serving four users, all family members. Daily mail volume is in the hundreds. Have I incorporated every high-performance trick I can? Heck, no because I don't need it. My server sits idle most of the day. It would be a waste of my time to optimize it. To the extent I have a bottle-neck, it's the Internet connection (not all that fast but fast enough). So for now I keep it simple. Can I do something more complex later? Maybe. If I have time, if I think it's worthwhile. Meanwhile, I would never go suggesting that the server environment I have with my four users and hundreds of messages per day is appropriate for an environment with thousands of users and millions of messages per day. -- Larry Stone lstone19 at stonejongleux.com http://www.stonejongleux.com/ From professa at dementianati.com Mon Mar 18 03:08:00 2013 From: professa at dementianati.com (Professa Dementia) Date: Sun, 17 Mar 2013 18:08:00 -0700 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51463F60.5070409@gmail.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <51463F60.5070409@gmail.com> Message-ID: <514668F0.7090108@dementianati.com> On 3/17/2013 3:10 PM, David Benfell wrote: > I don't know if the "[original poster] is fully familiar with the open > source model" or not, but I would save the rest of this response as a > gem. The formulaic response, which I have seen again and again in the > over ten years I've been working with open source software, really > assumes that all users are programmers--or should be programmers--and > are responsible for submitting fixes when something is wrong. > > Because what it really says is, if you don't like it, fix it yourself. > Too many times, I've heard this referred to as "freedom." And like > some other notions of freedom advanced in our society, it is only > freedom for a limited class of people. Imagine this: You live near a mechanic. He has an extra car that he got from the junk yard and fixed up. It works fairly well and you need a car so he generously gives it to you for free. After a time, something breaks. What do you do? If you are mechanically inclined you can fix it yourself - that is, if you are part of that limited class of people known as mechanics. If not, you can go back to the original mechanic or maybe a completely different mechanic. However, if you scream at him, call him names, tell him the car is total garbage that was never fixed right in the first place, then demand he fix it, how do you think he would respond? It is much better to ask politely. Everything you say above is perfectly valid. However, I have been part of quite a few open source projects and this list has much more than its share of trolls and flame wars. Why is that? A little civility goes a long way, especially if you are not part of the "limited class of people" and are asking for their help with something that you were given for free to begin with. Dem From list_dovecot at bluerosetech.com Mon Mar 18 03:24:26 2013 From: list_dovecot at bluerosetech.com (Darren Pilgrim) Date: Sun, 17 Mar 2013 18:24:26 -0700 Subject: [Dovecot] [solved] Dovecot not obeying disable_plaintext_auth = yes and how to force/disable encryption In-Reply-To: <5146501B.9060502@bluerosetech.com> References: <5146501B.9060502@bluerosetech.com> Message-ID: <51466CCA.3060402@bluerosetech.com> I figured this out. I was testing Dovecot from the machine running Dovecot. I didn't know that when the client address is a local address (even if it's a public one), that Dovecot treats the connection as if it was localhost. I also did not know that Dovecot automatically ignores ssl = required and disable_plaintext_auth = yes for localhost connections. As this renders pretty much my entire email moot, we can call this one solved. :) -- Please reply on list. From larryrtx at gmail.com Mon Mar 18 04:11:02 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Sun, 17 Mar 2013 21:11:02 -0500 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: References: Message-ID: Anyone? On Mon, Mar 4, 2013 at 12:50 AM, Larry Rosenman wrote: > I've just started using Dovecot, and can't seem to get the LDA to work. > > I get the following error: > Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > Initialization failed: namespace configuration error: Duplicate namespace > prefix: "" > Mar 4 00:47:19 thebighonker dovecot: lda(ler): Fatal: Invalid user > settings. Refer to server log for more information. > Mar 4 00:47:19 thebighonker exim[76281]: 1UCPB8-000JqI-L7 == > /home/ler/clamav-rules R=userforward > T=address_file_dovecot defer (0): Child process of address_file_dovecot > transport returned 75 (could mean temporary error) from command: > /usr/local/libexec/dovecot/dovecot-lda > > > dovecot -n attached. > > the invocation from my exim config for other than inbox: > > address_file_dovecot: > driver = pipe > > # Use /usr/lib/dovecot/dovecot-lda if using Debian's package. > # You may or may not want to add -d $local_part@$domain depending on if > you ne > ed a userdb lookup done. > command = /usr/local/libexec/dovecot/dovecot-lda -f $sender_address -m > ~/mail/ > ${sg{$address_file}{$home}{}} > > message_prefix = > message_suffix = > log_output > delivery_date_add > envelope_to_add > return_path_add > #group = mail > #mode = 0660 > temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78 > > > What am I doing wrong? > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From mysqlstudent at gmail.com Mon Mar 18 05:10:11 2013 From: mysqlstudent at gmail.com (Alex) Date: Sun, 17 Mar 2013 23:10:11 -0400 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <51449158.9050406@wildgooses.com> References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> <51413DA8.8020409@gmail.com> <514145DB.6030401@gmail.com> <51449158.9050406@wildgooses.com> Message-ID: >> https://www.rapidsslonline.com/ >> less than $20/year, takes literally 15 minutes from start to having >> a certificate. Well, maybe 30 minutes the first time when you need >> to read everything. >> >> There are probably dozens of other sites offering similar services; >> I've used this one several times. > > Namecheap reseller: $5/year > > https://www.cheapssls.com/ I ended up buying one from rapidsslonline, after I learned they require authorization from only the subdomain, not the top-level. I'll check out cheapssls.com as well. I'm not quite sure yet, but it seems these are only supported with the most current browsers? If a customer visits with, say, IE8 or IE6, are they going to have an issue? (not that they ever should be, or that it would probably affect my purchasing choice; I was just curious because I'm seeing some old browsers and fielding some support issues now.) Thanks, Alex From dbenfell at gmail.com Mon Mar 18 06:30:06 2013 From: dbenfell at gmail.com (David Benfell) Date: Sun, 17 Mar 2013 21:30:06 -0700 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <514668F0.7090108@dementianati.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <51463F60.5070409@gmail.com> <514668F0.7090108@dementianati.com> Message-ID: <5146984E.3070606@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/17/2013 06:08 PM, Professa Dementia wrote: > > If not, you can go back to the original mechanic or maybe a > completely different mechanic. However, if you scream at him, > call him names, tell him the car is total garbage that was never > fixed right in the first place, then demand he fix it, how do you > think he would respond? > > It is much better to ask politely. > As I was looking for the response that I wanted to reply to, I noticed there had in fact been quite a number of messages as the original poster had attempted to resolve his problem. Yes, he got frustrated. Yes, he lost his temper. But this summation takes a short cut in ignoring all that happened before. It also ignores--and if I read (and remember) Timo correctly, he doesn't like this either--that all too often, error messages are too vague to be helpful. The standard response is also borne of frustration--a frustration that seemingly expects people to worship the ground that developers walk on. So what we have here is frustration meeting frustration. It pushes my buttons because I've been watching this in a number of venues for years and I've occasionally been that frustrated user who couldn't get something working. One of the things I came across in studying indigenous ways of knowing that may be applicable here is a caution against displaying knowledge. The point of that is that some people answer not so much to be helpful as to show off their own prowess and expertise. That gets ego involved. The standard response follows from this, making the situation worse by conveying an arrogance that undermines any claim to have been sincerely helpful before. We all want good software. That requires more of a partnership than we often see. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRRphOAAoJELJhbl/uPb4SThcQAI8ipyEw8OVyVhzZLkrpU5fv 2X4uz6WAJQMgkAOCG8M5RX/FDdm0b4puxcwalYsx4V0Pv2mZa49vJPHwooFjHM/s h6x34zeip5pd+nq519pCav+et0MLD5c49iUrPL4IEID2eEiPrBKq5LCK79q7HoJ4 lwPwqRpyyQUqznScq1seLzgMBFs/isNs2+uCj5i9DjHGON7mFURP+lHwcDhEvAKC F4y1rh54vuxTChGGROYBKHgzISJwcomuS3OROjQU7nPnhb05SDMrcn3j2Zz2xAhC +rFP5Gp3mvIAJLL7jybgFph8DgeBx2RaN5VW41HKvGC159bBwIDXIY34rWEh8mk+ KoBYQUIH2YbCBBFWOAAArKr3JUCq8cb/lb+3wblSbyAeOXYhrQWOLSGC7AU+KKxZ g+x5O8fzBwibHE3i7l+NQFJLlLyXJbdHgL1ZEO128xl5cTEewXE0u/xzPyNdPqmH S1vIe2uo8qPaoodGqUOEwQIhcCfSPLVmFjdn9kOI4VqjFa7sRqL6O0VFXnUcGhju FFw1+vctHDjPnZmuNKAiddZh1gwF5l/tGPQ/5T8rwxuleAuMesefV8R2vYTzocQV mTejoxGQe3GOzRqB9gHX19Gk8aJChHR2TXwqkdo/9IGFrYa3ZTYzsrpuwx6CcCOr Z5GGtVgZ9YedSzPIcP/g =OOy+ -----END PGP SIGNATURE----- From noel.butler at ausics.net Mon Mar 18 07:24:33 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 18 Mar 2013 15:24:33 +1000 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <5146984E.3070606@gmail.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <51463F60.5070409@gmail.com> <514668F0.7090108@dementianati.com> <5146984E.3070606@gmail.com> Message-ID: <1363584273.10384.11.camel@tardis> On Sun, 2013-03-17 at 21:30 -0700, David Benfell wrote: > > The standard response is also borne of frustration--a frustration that > seemingly expects people to worship the ground that developers walk on. > One thing that shows a good developer, is one who listens, to the negatives as well as positives, Timo thus far has mostly done this (still waiting on the mysql failover change talked about nearly 2 yrs ago ;) ). A good developer knows that without users feedback, both good and bad, their project can die a swift and painful death. > We all want good software. That requires more of a partnership than we > often see. True -------------- next part -------------- A non-text attachment was scrubbed... Name: face-wink.png Type: image/png Size: 876 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From rs at sys4.de Mon Mar 18 10:03:17 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 18 Mar 2013 09:03:17 +0100 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <785F9578-D5ED-4BAF-808C-5DBD23420CF6@stonejongleux.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <51461B31.2040906@hardwarefreak.com> <51463AAE.2080903@sys4.de> <785F9578-D5ED-4BAF-808C-5DBD23420CF6@stonejongleux.com> Message-ID: <5146CA45.80404@sys4.de> Am 18.03.2013 01:02, schrieb Larry Stone: > > On Mar 17, 2013, at 4:50 PM, Robert Schetterer wrote: > >> Am 17.03.2013 21:12, schrieb Larry Stone: >>> Giving complex answers to simple questions creates the impression that the Dovecot is far more complex than it needs to be. >> >> "mail" isnt simple in general, > > True. But your needs aren't my needs. And while some systems may need a complex solution, not every one does. > > My mail server is at home serving four users, all family members. Daily mail volume is in the hundreds. Have I incorporated every high-performance trick I can? Heck, no because I don't need it. My server sits idle most of the day. It would be a waste of my time to optimize it. To the extent I have a bottle-neck, it's the Internet connection (not all that fast but fast enough). > > So for now I keep it simple. Can I do something more complex later? Maybe. If I have time, if I think it's worthwhile. Meanwhile, I would never go suggesting that the server environment I have with my four users and hundreds of messages per day is appropriate for an environment with thousands of users and millions of messages per day. > > Larry , this isnt a whatever software related question, it a questions of what default first setup settings are choosen, to make things work quick. There maybe tons of meanings about that, you will never find the ultimate answer to that, its a more or less senseless disput. I.e good example using default chroot for postfix in debian ( which gives newbies a hard time at first configure), so at last the orginal hacker of code has less to to do what linux distro releases use as default settings. And however your are using only small setup you have to understand and learn the whole "mail" procedures ,to some "minimum stage", cause i.e you are able to send trillions of spam mails configure an open relay etc which may hurt lots of other users worldwide. Open software mostly does not focus on promising you an easy live with i.e clicking on guis and wizards as most comercial products, it gives you the chance to learn about how things are working, and invites you making things better which you may find could be made better. Share what you have found and do constructive questions etc. Its not only a tec question, its a way of social knowledge sharing. Dovecot itself may run in very different "modes", what should the choosen as prime default easy mode, compare i.e with samba and modes acting as member server or printer spooler and so on. Samba parameters are filling books, same in postfix etc, and there is intensive coding work at all this stuff, solving users real live problems always end in complex stuff, by needs which you and the orig coder never thinked of as starting time of the project. So again, if you find something bad , youre able to make things better investing time and work on it, dont waste time in "bark at the moon". . Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From lists at wildgooses.com Mon Mar 18 10:35:55 2013 From: lists at wildgooses.com (Ed W) Date: Mon, 18 Mar 2013 08:35:55 +0000 Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> <5140789E.7010408@turmel.org> <5141195C.7060003@hardwarefreak.com> <51413DA8.8020409@gmail.com> <514145DB.6030401@gmail.com> <51449158.9050406@wildgooses.com> Message-ID: <5146D1EB.8020005@wildgooses.com> On 18/03/2013 03:10, Alex wrote: >>> https://www.rapidsslonline.com/ >>> less than $20/year, takes literally 15 minutes from start to having >>> a certificate. Well, maybe 30 minutes the first time when you need >>> to read everything. >>> >>> There are probably dozens of other sites offering similar services; >>> I've used this one several times. >> Namecheap reseller: $5/year >> >> https://www.cheapssls.com/ > I ended up buying one from rapidsslonline, after I learned they > require authorization from only the subdomain, not the top-level. I'll > check out cheapssls.com as well. > > I'm not quite sure yet, but it seems these are only supported with the > most current browsers? If a customer visits with, say, IE8 or IE6, are > they going to have an issue? (not that they ever should be, or that it > would probably affect my purchasing choice; I was just curious because > I'm seeing some old browsers and fielding some support issues now.) > It's not clear if you mean cheapssls.com by the above? However, I just tried Win XP 32bit with IE8 on one of my certs from cheapssls and saw no problems... Cheapssl appears to be a reseller for the cheapo positive positivessl and rapidssl certs. There is a couple of $ difference in price between the two cert types. The other cheap end cert seller is godaddy who also offer extremely cheap certs, and in particular they are the only sensibly priced offering that I'm aware of for certs with multiple domains on them (alternative SAN certs), ie for moderate money they will give you a cert for domain abcd.com *and* defg.com on the same cert - this can be useful for mail/web servers which need to answer to multiple domain names (not just wildcard). Of course there is an amount of backlash against godaddy, so choose your politics Oh, I did also manage to get through the bureaucracy of startcom.org and of course if you are happy with their quirky infrastructure then they offer very inexpensive certs, especially for the more unusual types such as wildcards and multiple SAN. I haven't yet taken a cert from them, but it seems workable now that I got my account created. Good luck Ed W From pvsuja at gmail.com Mon Mar 18 11:36:55 2013 From: pvsuja at gmail.com (pvsuja) Date: Mon, 18 Mar 2013 02:36:55 -0700 (PDT) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <51419530.8040004@softjury.de> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> Message-ID: <1363599415174-40862.post@n4.nabble.com> Yes, proxy log says that its over TLS. but the server is receiving username and password in plain text. I verified it in wireshark. I am using squirrelmail web client n had configured it for STARTTLS. *My dovecot settings for Server:* suja at mailserver:/etc/dovecot# dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 log_timestamp: %Y-%m-%d %H:%M:%S ssl: required ssl_cert_file: /etc/postfix/certs/public_cert.pem ssl_key_file: /etc/postfix/certs/private_key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:/email/%n:INBOX=/email/%n/INBOX mbox_write_locks: fcntl dotlock auth default: mechanisms: plain login passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: ldap args: /etc/dovecot/dovecot-ldap-userdb.conf *My dovecot settings for Proxy:* suja at mailproxy:/usr/local/etc/dovecot# dovecot -n # 2.1.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS auth_mechanisms = plain login imapc_host = 10.131.1.16 mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc mail_uid = imapproxy passdb { args = host=10.131.1.16 default_fields = userdb_imapc_user=%u userdb_imapc_password=%w driver = imap } protocols = imap service auth { inet_listener { port = 12345 } } ssl = required ssl_ca = Hello, I'm trying to install dovecot as LDA, IMAP server and Sieve functions, all of this with a Postfix, Spamassassin and a MySQL Auth. When I use a Sieve script, it 's loaded but actions are not respect with this logs : Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): Debug: sieve: using sieve path for user's script: /vmail/sieve/info.xx.com/info.sieve Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): Debug: sieve: opening script /vmail/sieve/info.xx.com/info.sieve Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): Debug: sieve: script binary /vmail/sieve/info.xx.com/info.svbin successfully loaded Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): Debug: sieve: binary save: not saving binary /vmail/sieve/info.xx.com/info.svbin, because it is already stored Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): Debug: sieve: executing script from /vmail/sieve/info.xx.com/info.svbin Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): sieve: msgid=<20130318093119.7EAAEC063D at nflda02.xx.lan>: stored mail into mailbox 'INBOX' Mar 18 10:31:19 localhost postfix/pipe[25000]: 7EAAEC063D: to=, relay=dovecot, delay=0.54, delays=0.15/0.03/0/0.37, dsn=2.0.0, status=sent (delivered via dovecot service) The sieve script just trying to redirect to INBOX.Test folder but doesn't works.. Bellow my dovecot and postfix configuration : # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.0.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) ext4 mail_debug = yes mail_gid = 5000 mail_location = maildir:/vmail/%d/%n:INDEX=/vmail/index/%d/%n mail_privileged_group = vmail mail_uid = 5000 mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = . subscriptions = yes type = private } passdb { driver = pam } passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { sieve = /vmail/sieve/%d/%n.sieve sieve_dir = /vmail/sieve/%d } service auth { unix_listener auth-userdb { group = vmail mode = 0600 user = vmail } } ssl_cert = References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> <1363599415174-40862.post@n4.nabble.com> Message-ID: <5146E9AB.20806@softjury.de> Am 18.03.2013 10:36, schrieb pvsuja: > passdb { > args = host=10.131.1.16 > default_fields = userdb_imapc_user=%u userdb_imapc_password=%w > driver = imap > } Well, I dunno where you listened with wireshark, but as far as I see you communicate between your proxy and the other server with IMAP without SSL/TLS or STARTTLS, see http://wiki2.dovecot.org/PasswordDatabase/IMAP for more. Can't say anything specific about squirrelmail to dovecot-proxy, is that the full doveconf -n? Please add the full one, if possible from both dovecot servers. Greetings, Jan From patrickdk at patrickdk.com Mon Mar 18 13:11:22 2013 From: patrickdk at patrickdk.com (Patrick Domack) Date: Mon, 18 Mar 2013 07:11:22 -0400 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1363599415174-40862.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> <1363599415174-40862.post@n4.nabble.com> Message-ID: <20130318071122.Horde.bk06oetBxz5NtmHfn4jRDQ1@mail.patrickdk.com> Are you sure you wheren't looking at the ldap communication for the username+password instead of imap? Is ldap configured to use ssl? Quoting pvsuja : > Yes, > proxy log says that its over TLS. > but the server is receiving username and password in plain text. I verified > it in wireshark. > I am using squirrelmail web client n had configured it for STARTTLS. > > > *My dovecot settings for Server:* > > suja at mailserver:/etc/dovecot# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6 ext3 > log_timestamp: %Y-%m-%d %H:%M:%S > ssl: required > ssl_cert_file: /etc/postfix/certs/public_cert.pem > ssl_key_file: /etc/postfix/certs/private_key.pem > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_privileged_group: mail > mail_location: maildir:/email/%n:INBOX=/email/%n/INBOX > mbox_write_locks: fcntl dotlock > auth default: > mechanisms: plain login > passdb: > driver: ldap > args: /etc/dovecot/dovecot-ldap.conf > userdb: > driver: ldap > args: /etc/dovecot/dovecot-ldap-userdb.conf > > > > > *My dovecot settings for Proxy:* > > suja at mailproxy:/usr/local/etc/dovecot# dovecot -n > # 2.1.15: /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS > auth_mechanisms = plain login > imapc_host = 10.131.1.16 > mail_gid = imapproxy > mail_home = /home/imapproxy/%u > mail_location = imapc:~/imapc > mail_uid = imapproxy > passdb { > args = host=10.131.1.16 > default_fields = userdb_imapc_user=%u userdb_imapc_password=%w > driver = imap > } > protocols = imap > service auth { > inet_listener { > port = 12345 > } > } > ssl = required > ssl_ca = ssl_cert = ssl_key = userdb { > driver = prefetch > } > > > Thanks & regards, > > Suja > > > > > -- > View this message in context: > http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40862.html > Sent from the Dovecot mailing list archive at Nabble.com. From benkokakao at gmail.com Mon Mar 18 14:08:18 2013 From: benkokakao at gmail.com (Christian Benke) Date: Mon, 18 Mar 2013 13:08:18 +0100 Subject: [Dovecot] SMTP Client authentication to remote Postfix/Dovecot Message-ID: Hello! This is probably another basic question and i'm not even sure if it's something where Dovecot is involved, but i'll give it a shot. So i've setup Postfix with Dovecot and system-auth on my remote server. So far it looks like everything is working fine and dandy via SASL(PLAIN) and TLS. I'm just not happy about my local SMTP client settings. I'm going to try to work with mutt in the future, so i need a local MTA - i've decided to try it with Postfix. This works so far and i can send mails with mutt. However - my setup relies on smtp_sasl_password_maps for authentication. I'm not too happy to have plaintext-passwords of remote systems lying around on my local filesystem. It doesn't really ease my mind that the file is readable by root only, this doesn't help if my laptop's harddisk gets mounted elsewhere. Are there alternatives or better ways to do SMTP authentication? http://www.postfix.org/SASL_README.html#server_cyrus_comm says: > saslauthd can verify the SMTP client credentials by using them to log into an IMAP server So i have my mutt-client which is logged in to the remote Dovecot IMAP. Mutt uses the local MTA to send the mail. Is there some way to tell the local postfix or a local dovecot to authenticate the SMTP-Session via the existing IMAP-login? Or some other way where i at least don't rely on plaintext passwords but secure, encrypted hashes? Sorry if this is a redundant thread, "smtp client" authentication site:dovecot.org/list' and the likes are not exactly the most rewarding or unique search terms unfortunately. Thanks, Christian -- Central Asia by bike, starting May 2013 - http://poab.org From skdovecot at smail.inf.fh-brs.de Mon Mar 18 14:23:33 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 18 Mar 2013 13:23:33 +0100 (CET) Subject: [Dovecot] Dovecot - Sieve script loaded but filtering doesn't works ? In-Reply-To: <818371cc7bd8514608057d935bb61d03@lmaccess.net> References: <818371cc7bd8514608057d935bb61d03@lmaccess.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Mar 2013, Clement PAULET wrote: > When I use a Sieve script, it 's loaded but actions are not respect with this > logs : > > The sieve script just trying to redirect to INBOX.Test folder but doesn't > works.. First of all, how does your script looks like? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUcHRl3r2wJMiz2NAQKoswf/WczI0q9k0WqWzRPr7lwuBEeiQQlYBDaq Lap8YNnbxDsczxgYZ/i0gDrq7f612A0nKWHBC806DxH4dHNyUwBPYVqFAT7edvk4 ns99f4bNh6GsufC1CY5tY/1DjT5ykEzkTmaV443YH50jQ4iPnDohOMsBBRlhoWN4 8KCLCNafCYXf48QjnAfoLt4TjaxyYb//7otYJN2CqLOGbvWoJwrpNgmuhvST+PNm RQXLG1lpxzt7QMP++fTMXa6A/SwVsglhAUS6xFdAuoOBsx1jPtvA+mot9gqpi02I j2WquMsycviWprYD2FsET903TWU/5+boxg2UBOettsTqhfwABkIcvQ== =ygun -----END PGP SIGNATURE----- From stan at hardwarefreak.com Mon Mar 18 14:42:25 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 18 Mar 2013 07:42:25 -0500 Subject: [Dovecot] Question regarding Postfix and Dovecot In-Reply-To: <51463F60.5070409@gmail.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <51463F60.5070409@gmail.com> Message-ID: <51470BB1.6060102@hardwarefreak.com> On 3/17/2013 5:10 PM, David Benfell wrote: > More words to treasure. (Not that Timo envisions himself any kind of > Fuehrer.) This reaches to a certain deification of certain individuals > and organizations in the community--whether they themselves would be > deified or not; I know examples of both--that really ought to be > looked at more critically. To be crystal clear, since some people tend to take things out of context, I am in no way likening Timo to Adolf Hitler for Pete's sake. Anyone who could perceive such has personal issues to work out. This was quickest analogy I could come up with to describe the situation, as it seemed anyone criticizing "the party" or it's "leader" was being treated as "the enemy", which is indeed what the Nazi party did to dissenters. It ties in well with my "sword and shield" comment, and the "militarization" of some users in response to a perceived "attack" in this thread. It's actually quite silly how this thread devolved so quickly simply because two users expressed frustration with the software and documentation. I'd expect something like this on a political forum, but not a technical mailing list. -- Stan From jerry at seibercom.net Mon Mar 18 14:48:59 2013 From: jerry at seibercom.net (Jerry) Date: Mon, 18 Mar 2013 08:48:59 -0400 Subject: [Dovecot] SASL + Postfix woes Message-ID: <20130318084859.442e790c@scorpio> Okay, I wasn't going to try and fix up the messed up mail server I was given; however, I decided that I might as well try. Situation: The system has a Postfix MTA and uses Dovecot for LDA and Cyrus-SASL for SASL. That works fine. I decided that I wanted to switch over to Dovecot for SASL. dovecot is presently using MySQL for its database. I make the (I thought) necessary changes in Postfix and restarted it. Big problem. SASL is now broken. I turned on logging in Dovecot to see what was happening, but apparently nothing is happening. There are no entries regarding Postfix attempting to negotiate an SASL request with Dovecot. This is the "dovecot -n" outout (yes, I know it is an old version) # 1.2.17: /usr/local/etc/dovecot.conf # OS: FreeBSD 8.3-STABLE amd64 ufs log_path: /var/log/dovecot.log login_dir: /var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:/var/mail/vhost/seibercom.net/gerard mail_plugins: expire imap_client_workarounds: delay-newmail netscape-eoh tb-extra-mailbox-sep lda: postmaster_address: postmaster at seibercom.net mail_plugins: sieve sieve_global_path: /usr/local/etc/dovecot/sieve/gerard.sieve sendmail_path: /usr/sbin/sendmail auth default: mechanisms: plain login digest-md5 cram-md5 username_format: %Lu verbose: yes debug: yes debug_passwords: yes passdb: driver: sql args: /usr/local/etc/dovecot-sql.conf userdb: driver: sql args: /usr/local/etc/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: expire: Trash 2 Spam/* 2 expire_dict: proxy::expire dict: expire: mysql:/usr/local/etc/dovecot-dict-expire.conf This is the "dovecot-sql.conf" file: driver = mysql connect = host=localhost dbname=Dovecot user=root password=xxxxxxxx password_query = SELECT concat(userid, '@', domain) AS user, password \ FROM users WHERE userid = '%n' AND domain = '%d' user_query = SELECT uid, gid, home FROM users WHERE userid = '%n' AND domain = '%d' This is the pertinent part of the postconf -fn output: broken_sasl_auth_clients = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_password_maps smtp_sasl_security_options = noanonymous smtp_sasl_type = dovecot smtpd_client_restrictions = reject_unauth_pipelining permit_sasl_authenticated smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous I have tried using "dovecot" in place of "private/auth", but it doesn't make any difference. This is the only output from the postfix maillog: Mar 18 08:13:02 scorpio postfix/smtpd[65217]: connect from localhost[127.0.0.1] Mar 18 08:13:02 scorpio postfix/smtpd[65217]: warning: localhost[127.0.0.1]: SASL CRAM-MD5 authentication failed: authentication failure Mar 18 08:13:02 scorpio postfix/smtpd[65217]: lost connection after AUTH from localhost[127.0.0.1] Again, it doesn't appear that Postfix ever actually makes contact with Dovecot. I am probably doing something extremely stupid, but I just cannot figure out what it is. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From list.it at lmaccess.net Mon Mar 18 15:00:31 2013 From: list.it at lmaccess.net (Clement PAULET) Date: Mon, 18 Mar 2013 14:00:31 +0100 Subject: [Dovecot] =?utf-8?q?Dovecot_-_Sieve_script_loaded_but_filtering_d?= =?utf-8?q?oesn=27t_works_=3F?= Message-ID: Hello Steffen, Thanks for your reply, This is my script (using for my test) : require "fileinto"; if address "To" "info at info.xx.com" { fileinto "Test"; } Clement ------------------------------ Message: 7 Date: Mon, 18 Mar 2013 13:23:33 +0100 (CET) From: Steffen Kaiser To: Dovecot Mailing List Subject: Re: [Dovecot] Dovecot - Sieve script loaded but filtering doesn't works ? Message-ID: Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Mar 2013, Clement PAULET wrote: When I use a Sieve script, it 's loaded but actions are not respect with this logs : The sieve script just trying to redirect to INBOX.Test folder but doesn't works.. First of all, how does your script looks like? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUcHRl3r2wJMiz2NAQKoswf/WczI0q9k0WqWzRPr7lwuBEeiQQlYBDaq Lap8YNnbxDsczxgYZ/i0gDrq7f612A0nKWHBC806DxH4dHNyUwBPYVqFAT7edvk4 ns99f4bNh6GsufC1CY5tY/1DjT5ykEzkTmaV443YH50jQ4iPnDohOMsBBRlhoWN4 8KCLCNafCYXf48QjnAfoLt4TjaxyYb//7otYJN2CqLOGbvWoJwrpNgmuhvST+PNm RQXLG1lpxzt7QMP++fTMXa6A/SwVsglhAUS6xFdAuoOBsx1jPtvA+mot9gqpi02I j2WquMsycviWprYD2FsET903TWU/5+boxg2UBOettsTqhfwABkIcvQ== =ygun -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Mar 18 15:28:17 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 18 Mar 2013 14:28:17 +0100 (CET) Subject: [Dovecot] Dovecot - Sieve script loaded but filtering doesn't works ? In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Mar 2013, Clement PAULET wrote: Dear Clement, > This is my script (using for my test) : > > require "fileinto"; > if address "To" "info at info.xx.com" > { > fileinto "Test"; > } Works for me in v2.2. Did you verified that the header "To" really exists in the message and that "info at info.xx.com" is part of it? The log you've posted displays the envelope information, which is not necessary the same as the header information. Also, remove the precompiled Sieve script, in order to ensure that the pre-compiled one is really one from the script. You could also decompile it to make sure, it has been created from your test script. You'll find sieve-dump in src/sieve-tools/, if you compile from sources, or maybe in /usr/local/bin. > ------------------------------ > > Message: 7 > Date: Mon, 18 Mar 2013 13:23:33 +0100 (CET) > From: Steffen Kaiser > To: Dovecot Mailing List > Subject: Re: [Dovecot] Dovecot - Sieve script loaded but filtering > doesn't works ? > Message-ID: > > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 18 Mar 2013, Clement PAULET wrote: > > When I use a Sieve script, it 's loaded but actions are not respect with this > logs : > > The sieve script just trying to redirect to INBOX.Test folder but doesn't > works.. > > First of all, how does your script looks like? > > - -- > Steffen Kaiser - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUcWcV3r2wJMiz2NAQJJzgf/aoOk3Wr3EJ2j+f9RZETz11Jy1RJuHxgj KON6bi7XrQ9kP1Qyh52kWxX2lwYeM1mW8sMxtI97kym0nP2O6jMMUX99BRXGWcCc U/40chqbYdEv15nvAzBx44ZP6sgy+GySgIFCfnGeUBeGaSalo/26oYGK/BqsUP+M v7qjDyyZpI/SaA/k4AwlwGIMM3L6STVjG2rmiAeJbFeAZn6PtXgnV9qq6Dx7TWEI cQiAdAti2GTL/98vjpwvY4RX1yt4tpsjtjoDo9rQTyW4SyuvzZRON1vnP48JJ+I6 GlhR5kkrSV88UYsLbXZ06jY/3HyfmXnq+EYB2Cr0eCuubtcNkH+O3g== =9T5c -----END PGP SIGNATURE----- From tss at iki.fi Mon Mar 18 15:47:54 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Mar 2013 15:47:54 +0200 Subject: [Dovecot] crash with dovecot 2.2: Panic: Buffer full In-Reply-To: <51446ACC.4060900@starbridge.org> References: <51446ACC.4060900@starbridge.org> Message-ID: <1363614474.10326.173.camel@innu> On Sat, 2013-03-16 at 13:51 +0100, tonio at starbridge.org wrote: > Hi Timo, > I've got a crash with dovecot 2.2 > > dovecot --version > 2.2.rc2 (69c26a9e3be5) > > It's occured when accessing with imap on a large mailbox (around 50k > messages) > > imap(clean-quarantine at spamguard.fr): Panic: Buffer full (4254 > 4248, > pool ) These should fix it: http://hg.dovecot.org/dovecot-2.2/rev/689dbeadf168 http://hg.dovecot.org/dovecot-2.2/rev/ee7352f46d1e From skdovecot at smail.inf.fh-brs.de Mon Mar 18 16:13:53 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 18 Mar 2013 15:13:53 +0100 (CET) Subject: [Dovecot] Authentication failure messages in logs In-Reply-To: <51449712.6060001@babelouest.org> References: <51449712.6060001@babelouest.org> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 16 Mar 2013, Nicolas Mora wrote: > I'm currently running dovecot on a debian stable and every day, I see this > message dozens of time in my logs : > Mar 16 11:27:57 hector dovecot-auth: pam_unix(dovecot:auth): authentication > failure; logname= uid=0 euid=0 tty=dovecot ruser=nicolas rhost=72.53.129.223 > user=nicolas > on the list archive, this message for example tells to comment out the pam > section. > http://www.dovecot.org/list/dovecot/2008-July/031966.html > Except that my authentication needs pam... > > Is there any way to solve this without migrating to virtual users ? > passdb: > driver: pam > args: dovecot Well, you seem to use just one passdb. The article you are referring to says "the first try is always empty username and password so it slows down terribly every action.". So to clarify your situation a bit: 1) Did you enabled auth_debug? If not, do so for a day or two. 2) Do you see in the logs, if more than one database is queried for one login process. If not, the article does not match your situation. 3) Is "nicolas" a valid user? Are all users with authentication failure valid ones? 4) When you login _yourself_ manually (not with a cached password in Thunderbird), do you see that log message, too? If you are unsure, if you can login without a cached password, try to ssh to your server, then telnet localhost 143 1 login "username" "password" 2 logout 5) Did you considered, your server is under (slow) attack? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUchIl3r2wJMiz2NAQKDWAgAgLLfmE6vbhIHoIYUv9xDhTG5ZdoqsQZk 8KKxmxXJ+XvHWAGzZ2hucIXMIfcUduZTPePCcXlz4CcjY4oklSx7z3H/hWleaWF4 v5WWxy8rismYeBwnGULWnUbWmO/XcbZ5EBdraLteL3eXQfSapwsp6EY8sgqSag44 yyrLWBHCPha2+7TSkgon7VOjRxnMoVhaQTSUi7S+rhsqjDA8NUMRf9aXZ32XeZzF L7t4W86qxMO+oUwo2dCLXyQ8w8NsuBxWcjsLFdyoB1u9pnCuAIZ905wN5Qcam4fm egTZfY08tCUFln4B7FzWi4cRp4x2aAwbBNOhOpfElMEKrB6yv3V6pw== =0oaK -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Mar 18 16:22:11 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 18 Mar 2013 15:22:11 +0100 (CET) Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: <514013E3.8070803@hardwarefreak.com> References: <514013E3.8070803@hardwarefreak.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 13 Mar 2013, Stan Hoeppner wrote: > You simply can't do account auto > configuration with a self signed cert, at least not with a vanilla TB > setup. The only possible solution I can think of would be to preload > the user profile with the certificate. I don't know how you'd do this. > I think you have some research ahead of you. I create a profile manually, import our self-signed root CA cert,& copy the cert8.db to \defaults\profile\cert8.db . For notebooks and workstations, that are not administrated centrally, there is are install scripts that do this. Now profiles are initialized with the settings of "default". That seems to fail now and then, if the user's profile is located on a network share in Windows. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUcjFF3r2wJMiz2NAQInmAf/ek40TL2xvQtMZ4n05c+DNi5zbgaFbW78 +gvmusQAskbWoirASeHxmtFZnvilobLdZBbtwPVcz1k/YBB3Ummu0hKRT3YNpt9x XJmZ8YupYxiV/hNgCxRL06hM8qi8kDMpDRnXT91CcOAt7Emqla3sm0d8j4lX74dX 19wz53X8e9P0ReRgxmqHZbiF307C1JPv+bnGPrD+jQqG6oVoMIdg0BChkFvDkrgQ Hv0sI9+rKpVTxM50cKikKW3A273rL23Q1TRSQhr4wnHDLWV6xwAOnjIYguNEmeur J1r7tPzzasYp7XA/ua9ZxdN989zAQGmHELWYy3YzCe/WeUNuP22i/w== =3IaC -----END PGP SIGNATURE----- From skdovecot at smail.inf.fh-brs.de Mon Mar 18 16:27:36 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Mon, 18 Mar 2013 15:27:36 +0100 (CET) Subject: [Dovecot] Dovecot with sasl/imaps/postfix and thunderbird In-Reply-To: References: <514013E3.8070803@hardwarefreak.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Mar 2013, Steffen Kaiser wrote: > I create a profile manually, import our self-signed root CA cert,& copy > the cert8.db to \defaults\profile\cert8.db . For > notebooks and workstations, that are not administrated centrally, there is > are install scripts that do this. > > Now profiles are initialized with the settings of "default". ^ New profiles are ... > That seems to fail now and then, if the user's profile is located on a > network share in Windows. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUckWF3r2wJMiz2NAQKRVggAwpoKTLrELvTl3ua3nb8f2a6tx6WOfHim cG6MEEtIRvhcox53pij1SUa8jBFe9+qOV9qu4dCYSIuJz2I9JIO7WIWkT8pT5vHt O5JPwkKQ+ACrRKpDw/lukl8bhk9TfgfjwlDRXCO+yrBAY4wV6oLRGEfuwN3nf2J+ z0KC2q/Q7A40dV+pciv9BA58tGB1vWu0o60heY/4+7wkwcvnI0wqE1JiH3nuBX5v npCccGs98N5Dm7kAorS8HjNqS+7hspzxxSqG7vXNXeZXHW9ll4/Q+Sxgybhiy++K AdjdrQ0wlvw9EYQjOzcFe6sejD/wYkPce0m+iotnUyCvgNhqG6k8qA== =1cGd -----END PGP SIGNATURE----- From stan at hardwarefreak.com Mon Mar 18 17:33:16 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 18 Mar 2013 10:33:16 -0500 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> Message-ID: <514733BC.5080602@hardwarefreak.com> On 3/17/2013 3:50 PM, Timo Sirainen wrote: > It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. I don't know who "they" is. Wietse writes all the Postfix documentation himself. It comes naturally when one performs formal software development, not ad hoc, because documentation precedes coding. I would assume you do ad hoc development like most 20 somethings, coding on the fly when you get an idea, no formal definitions, no flow charting, no pseudo code, etc. Correct? If so this is 99% of the reason the documentation suffers, and this is typical of today's crop of young developers, unfortunately. For highly technical material the author is the only person qualified to write the docs. Having a 3rd party do it has a prerequisite of a Vulcan mind meld. Otherwise you talk and they type, which is slower than you doing it yourself. A few things could improve the current docs in a major way. 1. Create man(ual) documentation, preferably with 2. A man page like postconf (5) which contains every single Dovecot configuration parameter and text explaining it 3. This man page published online 4. Publish sample conf file(s) online 5. Make these things accessible from the main Dovecot page, not buried down in the index hierarchy I've always perceived the dovecot wiki docs with the hierarchical book, chapter, verse, mini how-to layout as a dessert you assemble from the buffet--a little cake, some pudding, a dab of whipped cream, chopped nuts, and a cherry on top. You end up with a dessert, empty calories, not a complete meal. You can't get full and keep going back, assembling another dessert each time. Typical UNIX documentation is steak and potatoes, veggies, and a dinner roll. You sit down, eat, and you're full. No running around collecting your food as you've got everything you need on one plate, and it's a complete meal. -- Stan From lstone19 at stonejongleux.com Mon Mar 18 18:32:58 2013 From: lstone19 at stonejongleux.com (Larry Stone) Date: Mon, 18 Mar 2013 11:32:58 -0500 (CDT) Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <514733BC.5080602@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> Message-ID: On Mon, 18 Mar 2013, Stan Hoeppner wrote: > On 3/17/2013 3:50 PM, Timo Sirainen wrote: > >> It's the best I can do myself. I have no idea how they could be >> improved in any major way. They say that the software developer himself >> is the worst possible person to write its documentation, because he >> can't understand what others find difficult.. > > I don't know who "they" is. Wietse writes all the Postfix documentation > himself. It comes naturally when one performs formal software > development, not ad hoc, because documentation precedes coding. I would > assume you do ad hoc development like most 20 somethings, coding on the > fly when you get an idea, no formal definitions, no flow charting, no > pseudo code, etc. Correct? If so this is 99% of the reason the > documentation suffers, and this is typical of today's crop of young > developers, unfortunately. > > For highly technical material the author is the only person qualified to > write the docs. Having a 3rd party do it has a prerequisite of a Vulcan > mind meld. Otherwise you talk and they type, which is slower than you > doing it yourself. Software needs two types of documentation. It needs overview type documentation that describes what it is. This is for the person who is looking for a product and has no idea if this specific product can meet the need. Second, it needs reference documentation that provides syntax for commands, config files, and the like. This is for the person who is or will be using the product and needs the details to use it properly for the need. Somewhere in between is documentation that point the user to the right reference section. Providing detailed documentation of a command is worthless if nothing tells me that that command is what I should use for my need. The reference documentation may well best be written by the software author who knows exactly what syntax, etc. is needed. It's also relatively (and I emphasize "relatively") easy since it can be done as you go. But the overview documentation may well best be written by someone who knows nothing about it. The expert writing overview documentation may assume the reader knows things he doesn't. It can make sense to the author but leaves the reader without a clue as to what is being discussed. When the author is someone unfamiliar with the product, he asks questions until it makes sense and there is less tendancy for the documentation to assume knowledge by the reader that is not there. Overview documentation is a lot tougher to write well and it needs someone with good writing skills (not good programming skills). Particularly in the open-source world where enhancements can come quickly, it can be out of date as soon as it's written. -- Larry Stone lstone19 at stonejongleux.com From tss at iki.fi Mon Mar 18 18:37:06 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Mar 2013 18:37:06 +0200 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <514733BC.5080602@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> Message-ID: <1363624626.10326.197.camel@innu> On Mon, 2013-03-18 at 10:33 -0500, Stan Hoeppner wrote: > On 3/17/2013 3:50 PM, Timo Sirainen wrote: > > > It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. > > I don't know who "they" is. Wietse writes all the Postfix documentation > himself. It comes naturally when one performs formal software > development, not ad hoc, because documentation precedes coding. I would > assume you do ad hoc development like most 20 somethings, coding on the > fly when you get an idea, no formal definitions, no flow charting, no > pseudo code, etc. Correct? If so this is 99% of the reason the > documentation suffers, and this is typical of today's crop of young > developers, unfortunately. Because it significantly increases development times, and when you're basically doing everything yourself there's nobody else reading those anyway. The more complex a feature is, the more I think about it, do pseudo code and testing. For example the redesigned dsync in v2.2 required months of thinking, pseudo coding and testing. Few features in Dovecot are that complex though. Mostly coding is the easy part, while figuring out how the configuration should be done is the difficult part. Anyway, the plan is to hire more Dovecot developers and the development process is likely to change then. But now? I'm way too busy implementing things that were supposed to be finished half a year ago. > A few things could improve the current docs in a major way. > > 1. Create man(ual) documentation, preferably with > 2. A man page like postconf (5) which contains every single > Dovecot configuration parameter and text explaining it > 3. This man page published online > 4. Publish sample conf file(s) online > 5. Make these things accessible from the main Dovecot page, > not buried down in the index hierarchy So basically you're saying that the major documentation improvement = an index listing/describing all settings. Sure, would be useful, but I don't see having time to write that anytime soon. From aajaxx at gmail.com Mon Mar 18 18:38:45 2013 From: aajaxx at gmail.com (Ajax) Date: Mon, 18 Mar 2013 12:38:45 -0400 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <514733BC.5080602@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> Message-ID: On Mon, Mar 18, 2013 at 11:33 AM, Stan Hoeppner wrote: > A few things could improve the current docs in a major way. FWIW I've found the exemplary postconf(1) almost indispensable both for exploring the Postfix configuration and for applying impromptu changes. From tss at iki.fi Mon Mar 18 18:57:34 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 18 Mar 2013 18:57:34 +0200 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <1363624626.10326.197.camel@innu> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> Message-ID: <1363625854.10326.204.camel@innu> On Mon, 2013-03-18 at 18:37 +0200, Timo Sirainen wrote: > > > I don't know who "they" is. Wietse writes all the Postfix documentation > > himself. It comes naturally when one performs formal software > > development, not ad hoc, because documentation precedes coding. I would > > assume you do ad hoc development like most 20 somethings, coding on the > > fly when you get an idea, no formal definitions, no flow charting, no > > pseudo code, etc. Correct? If so this is 99% of the reason the > > documentation suffers, and this is typical of today's crop of young > > developers, unfortunately. > > Because it significantly increases development times, and when you're > basically doing everything yourself there's nobody else reading those > anyway. Or actually for the larger changes I do write design docs and usually send them to this mailing list, e.g.: http://www.dovecot.org/list/dovecot/2012-February/064114.html http://www.dovecot.org/list/dovecot/2012-February/063665.html http://www.dovecot.org/list/dovecot/2010-November/055196.html http://www.dovecot.org/list/dovecot/2010-July/050832.html http://www.dovecot.org/list/dovecot/2010-January/046148.html So it's not all ad hoc.. From me at junc.eu Mon Mar 18 20:43:49 2013 From: me at junc.eu (Benny Pedersen) Date: Mon, 18 Mar 2013 19:43:49 +0100 Subject: [Dovecot] SASL + Postfix woes In-Reply-To: <20130318084859.442e790c@scorpio> References: <20130318084859.442e790c@scorpio> Message-ID: <2b3af9266aa209e2006ef16329e0d25d@junc.eu> Jerry skrev den 2013-03-18 13:48: > smtp_sasl_type = dovecot smtpd_ vs smtp_ :) From CMarcus at Media-Brokers.com Mon Mar 18 20:58:26 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 18 Mar 2013 14:58:26 -0400 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <514733BC.5080602@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> Message-ID: <514763D2.1080301@Media-Brokers.com> I was going to just bite my tongue, but couldn't let this go... On 2013-03-18 11:33 AM, Stan Hoeppner wrote: > On 3/17/2013 3:50 PM, Timo Sirainen wrote: >> It's the best I can do myself. I have no idea how they could be improved in any major way. They say that the software developer himself is the worst possible person to write its documentation, because he can't understand what others find difficult.. > I don't know who "they" is. I think it was pretty obvious that he meant 'the documentation'... talk about being a smart ass. > Wietse writes all the Postfix documentation himself. It comes naturally when one performs formal software development, not ad hoc, because documentation precedes coding. Really nice Stan. You just proved the old axiom of what happens when you 'ass-u-me'. Writing good docs may come easy to some people (I can't speak for Wietse as to whether or not this is true for him), but I'd argue that it may not be as easy as you seem to think. Too bad the rest of your decent suggestions got clobbered by the condescending attitude. And I wonder how much time you have spent helping Timo get the documentation in order... From CMarcus at Media-Brokers.com Mon Mar 18 20:59:44 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Mon, 18 Mar 2013 14:59:44 -0400 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> Message-ID: <51476420.8010204@Media-Brokers.com> On 2013-03-18 12:38 PM, Ajax wrote: > FWIW I've found the exemplary postconf(1) almost indispensable both > for exploring the Postfix configuration and for applying impromptu > changes. I think most everyone would agree that postfix is in a class by itself when it comes to code quality and documentation... From jerry at seibercom.net Mon Mar 18 22:05:15 2013 From: jerry at seibercom.net (Jerry) Date: Mon, 18 Mar 2013 16:05:15 -0400 Subject: [Dovecot] SASL + Postfix woes In-Reply-To: <2b3af9266aa209e2006ef16329e0d25d@junc.eu> References: <20130318084859.442e790c@scorpio> <2b3af9266aa209e2006ef16329e0d25d@junc.eu> Message-ID: <20130318160515.623faa46@scorpio> On Mon, 18 Mar 2013 19:43:49 +0100 Benny Pedersen articulated: > Jerry skrev den 2013-03-18 13:48: > > > smtp_sasl_type = dovecot > > smtpd_ vs smtp_ :) Crap, I looked at the settings for hours and never picked up on that. I knew it was something exceedingly stupid on my part. Thanks! -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From trashcan at odo.in-berlin.de Mon Mar 18 23:20:50 2013 From: trashcan at odo.in-berlin.de (Michael Grimm) Date: Mon, 18 Mar 2013 22:20:50 +0100 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <1363624626.10326.197.camel@innu> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> Message-ID: <2B14CE0E-5EFA-4AF5-9E2B-A5936C5DA2F0@odo.in-berlin.de> On 18.03.2013, at 17:37, Timo Sirainen wrote: > Because it significantly increases development times, and when you're > basically doing everything yourself there's nobody else reading those > anyway. From my point of view: do continue the very same way every since writing your first code regarding dovecot! I don't see that skilled admins won't be able to config dovecot with all that available information accessible by skilled admins. I honestly couldn't care less regarding all those unskilled admins, though. > The more complex a feature is, the more I think about it, do pseudo code > and testing. For example the redesigned dsync in v2.2 required months of > thinking, pseudo coding and testing. From my point of view: no need for "excuses"! And, coming back to dovecot's documentation: it can't be that worse because dovecot is running at quite some numerous sites ;-) From my point of view: just continue to push dovecot the way you did and do, please, don't become distracted by discussions like that one, sigh. With kind regards, Michael From gizmo at giz-works.com Tue Mar 19 05:07:15 2013 From: gizmo at giz-works.com (Chris Richards) Date: Mon, 18 Mar 2013 22:07:15 -0500 Subject: [Dovecot] Random LDA failure to access auth socket In-Reply-To: <20130303221332.GA11783@daniel.localdomain> References: <352e9821bb419c51742939d3b8863bee.squirrel@www.giz-works.com> <20130302171558.GA5031@daniel.localdomain> <20130303221332.GA11783@daniel.localdomain> Message-ID: <9a745e25ad240051bf62e69c2ea1434b.squirrel@www.giz-works.com> Daniel, Just wanted to respond back and let you know that changing permissions to dovecot:dovecot as you suggested seems to have resolved the issue; I've not seen any more occurrences of this error. Thanks again for your assistance! Chris On Sun, March 3, 2013 5:13 pm, Daniel Parthey wrote: > Hi Chris, > > Chris Richards wrote: >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> group = postfix >> mode = 0666 >> user = postfix >> } >> unix_listener auth-userdb { >> group = vmail >> mode = 0600 >> user = vmail >> } >> user = $default_internal_user >> } > > In order for dovecot-lda to work, default internal user "dovecot" > seems to need permission for the user listing. This should work, > but you should try to narrow the permissions down: > > service auth { > unix_listener auth-userdb { > group = dovecot > mode = 0666 > user = dovecot > } > } > > Documentation http://wiki2.dovecot.org/LDA says: > > The auth-userdb socket can be used to do userdb lookups for given > usernames or > get a list of all users. Typically the result will contain the user's UID, > GID > and home directory, but depending on your configuration it may return > other > information as well. So the information is similar to what can be found > from > eg. /etc/passwd for system users. This means that it's probably not a > problem > to use mode=0666 for the socket, but you should try to restrict it more > just to > be safe. > >> hermes conf.d # stat /usr/libexec/dovecot/deliver >> File: '/usr/libexec/dovecot/deliver' -> 'dovecot-lda' >> Size: 11 Blocks: 0 IO Block: 4096 symbolic >> link >> Device: 805h/2053d Inode: 267375 Links: 1 >> Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) >> Access: 2012-11-24 17:44:04.440976879 +0000 >> Modify: 2012-11-24 17:44:04.440976879 +0000 >> Change: 2012-11-24 17:44:04.440976879 +0000 >> Birth: - > > deliver is a symbolic link to dovecot-lda, so its basically the same. > >> hermes conf.d # stat /usr/libexec/dovecot/dovecot-lda >> File: '/usr/libexec/dovecot/dovecot-lda' >> Size: 22432 Blocks: 48 IO Block: 4096 regular file >> Device: 805h/2053d Inode: 849010 Links: 1 >> Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) >> Access: 2012-11-24 17:43:57.124794021 +0000 >> Modify: 2012-11-24 17:44:02.204920992 +0000 >> Change: 2012-11-24 17:44:04.444976978 +0000 >> Birth: - > > No setuid/setgid flags set. > >> >> In Postfix master.cf, I have the following: >> >> dovecot unix - n n - - pipe >> >> flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f >> >> ${sender} -d ${user}@${nexthop} > > I'm wondering why user=vmail:users does not have the desired effect > and dovecot-lda uses the effective uid "dovecot" and effective gid > "dovecot" > to do the user lookups. > > Regards > Daniel From stan at hardwarefreak.com Tue Mar 19 06:15:56 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Mon, 18 Mar 2013 23:15:56 -0500 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <1363624626.10326.197.camel@innu> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> Message-ID: <5147E67C.4060906@hardwarefreak.com> On 3/18/2013 11:37 AM, Timo Sirainen wrote: > So basically you're saying that the major documentation improvement = an > index listing/describing all settings. Sure, would be useful, but I > don't see having time to write that anytime soon. The time issue is perfectly understandable Timo. My suggestion may not be the gold or platinum improvement to the docs, but I think it would help a lot of people, especially since most using Dovecot are also using Postfix, and since man is the standard UNIX documentation format/interface. I think some similarity/consistency would help quite a bit as many people are so used to this format. Do you have a way to simply dump all the current conf file parameter names from 2.x into a single column text file? I'll sort it and start adding the legal parameter values and writing the parameter definitions from information currently available in source and wiki pages. When I hit the point I can't find reference material for the rest of the parameters, we can dump it to a wiki page or similar so others with the knowledge can jump in and help finish it. Once it's done, myself, or someone else if they already have the experience, can create the man page from this to be included in the source. And you can create an update mechanism/batch process so that updating the 'master' document automatically updates the source man page and other published versions, making documentation updates simple when you add/change parameters. We could do the wiki bazaar style editing from the beginning, but I'd rather not. I'd like to get it started with a framework/layout and style of prose typical of UNIX documentation, for other editors to follow. The definition text prose needs to be consistent all the way through, or readers may be confused by the different writing styles of ~50 different people who may speak different 'dialects' of English or have different writing styles. This consistency is one of the hallmarks of good technical writing. Like I said previously, the one thing I'm able to contribute more than anything at this point is time. And my writing skills aren't completely horrible--I have been published, FWIW, but not recently. But my knowledge of the parameters, and a lot of Dovecot features in general is lacking. So if others are willing to contribute where I fall short, I'd be glad to give this a go and get it started, and hopefully put a decent sized dent in it so there's not so much left for others to do. Obviously you have final review/edit authority, and if you have a particular preference on writing style, etc, I'll certainly honor that. If this is acceptable to you Timo, let me know. If so send me the aforementioned file, any preferences/thoughts you have, and I'll get started on the first draft. -- Stan From pvsuja at gmail.com Tue Mar 19 07:56:36 2013 From: pvsuja at gmail.com (pvsuja) Date: Mon, 18 Mar 2013 22:56:36 -0700 (PDT) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <20130318071122.Horde.bk06oetBxz5NtmHfn4jRDQ1@mail.patrickdk.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> <1363599415174-40862.post@n4.nabble.com> <20130318071122.Horde.bk06oetBxz5NtmHfn4jRDQ1@mail.patrickdk.com> Message-ID: <1363672596302-40888.post@n4.nabble.com> I am using imap passwd driver for proxy and ldap for server. proxy will contact mail server for authentication which in turn will contact ldap server. the server auth with ldap is already tested and its working fine. now i guess i got the auth working properly; but not the mail retrieval through imapc from the logs: Mar 19 09:33:16 mailspace dovecot: imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [127.0.0.1] Mar 19 09:33:16 mailspace dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=26029, TLS, session= Mar 19 09:33:16 mailspace dovecot: imap(suja): Invalid certificate: self signed certificate in certificate chain: /C=IN/ST=Karnataka/O=xxx/OU=YYY CA/CN=mailserver.domain.com/emailAddress=sysadm at domain.com Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc(10.131.1.16:143): Received invalid SSL certificate Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc(10.131.1.16:143): Authentication failed: Disconnected from server Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: imapc: Command failed: Disconnected from server Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: user suja: Initialization failed: Initializing mail storage from mail_location setting failed: imapc: LIST failed: Internal error occurred. Refer to server log for more information. [2013-03-19 09:33:16] Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: Invalid user settings. Refer to server log for more information. Mar 19 09:33:16 mailspace dovecot: imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [127.0.0.1] with the following dovecot conf: root at mailspace:/usr/local/etc/dovecot# dovecot -n # 2.1.15: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-35-generic-pae i686 Ubuntu 12.04.1 LTS auth_mechanisms = plain login imapc_host = 10.131.1.16 imapc_ssl = starttls imapc_ssl_ca_dir = /usr/local/etc/dovecot/certs mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc mail_uid = imapproxy passdb { args = host=10.131.1.16 ssl=starttls ssl_ca_dir=/usr/local/etc/dovecot/certs default_fields = userdb_imapc_user=%u userdb_imapc_password=%w ssl=starttls driver = imap } protocols = imap service auth { inet_listener { port = 12345 } } ssl = required ssl_ca = References: <51446ACC.4060900@starbridge.org> <1363614474.10326.173.camel@innu> Message-ID: <6E5E2CD1-FD6F-4374-8D64-585E49128EC0@starbridge.org> Le 18 mars 2013 ? 14:47, Timo Sirainen a ?crit : > On Sat, 2013-03-16 at 13:51 +0100, tonio at starbridge.org wrote: >> Hi Timo, >> I've got a crash with dovecot 2.2 >> >> dovecot --version >> 2.2.rc2 (69c26a9e3be5) >> >> It's occured when accessing with imap on a large mailbox (around 50k >> messages) >> >> imap(clean-quarantine at spamguard.fr): Panic: Buffer full (4254 > 4248, >> pool ) > > These should fix it: http://hg.dovecot.org/dovecot-2.2/rev/689dbeadf168 > http://hg.dovecot.org/dovecot-2.2/rev/ee7352f46d1e > > > Thx Timo It's ok now Regards Tonio From noel.butler at ausics.net Tue Mar 19 08:54:07 2013 From: noel.butler at ausics.net (Noel Butler) Date: Tue, 19 Mar 2013 16:54:07 +1000 Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1363672596302-40888.post@n4.nabble.com> References: <1362547151954-40634.post@n4.nabble.com> <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> <1363599415174-40862.post@n4.nabble.com> <20130318071122.Horde.bk06oetBxz5NtmHfn4jRDQ1@mail.patrickdk.com> <1363672596302-40888.post@n4.nabble.com> Message-ID: <1363676047.12003.16.camel@tardis> On Mon, 2013-03-18 at 22:56 -0700, pvsuja wrote: > Mar 19 09:33:16 mailspace dovecot: imap(suja): Invalid certificate: self > signed certificate in certificate chain: /C=IN/ST=Karnataka/O=xxx/OU=YYY > CA/CN=mailserver.domain.com/emailAddress=sysadm at domain.com > Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: > ssl = required to ensure things are working, change this to "no", if you can get mail then, change it to "yes", dont absolute force until you have everything fixed. > ssl_ca = ssl_cert = ssl_key = > I guess my SSL certificate configuration is not done properly. How did you generate this? is it really self signed, or is it a CA signed (you can get free certs) If it's CA signed, ensure you created it like this (the order *is* important): cat mail.crt sub.crt ca.crt > dovecot.pem *remove ssl_ca = ....stuff* ssl_cert_file = From info at stos.se Tue Mar 19 09:48:36 2013 From: info at stos.se (Tobias) Date: Tue, 19 Mar 2013 08:48:36 +0100 Subject: [Dovecot] Integrating with Drupal SQL db SOLVED In-Reply-To: <165856345e36d2e24681cdacdb686d3e@localhost> References: <165856345e36d2e24681cdacdb686d3e@localhost> Message-ID: <51481854.5010907@stos.se> Hi again I have now solved this with a workaround. In short, it involves a Drupal 7 module called HTPasswdSync that intercepts password creation and changes in Drupal, and writes the password in SHA-1 hash format to a file (/etc/apache2/dovecot). I then point Dovecot to use this file as userdb and passdb source. I have written an more in detail explanation that is available at http://www.stos.se/?q=node/12 . The question remains; Will Dovecot ever be compatible with Drupal 7 password hashes? Regards Tobias R?denholt info at stos.se wrote 2013-03-11 17:57: > Hi > > I'm trying to get Dovecot to use Drupal users password for authenticating > IMAP users. But I just cant figure out how to make Dovecot understand the > password hash type that Drupal 7 is using. > > My example user with password Teacher1 looks like this in Drupal database: > $S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU > > Dovecot retrieves this hash but complains that its not a recognized hash > type, or that the hash is wrong, depending on if I change the default hash > type in Dovecot config. > > Any help appreciated. > > > root at SSiS:/etc/postfix# dovecot --version > 1.2.15 > root at SSiS:/etc/postfix# dovecot -n > # 1.2.15: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs > log_timestamp: %Y-%m-%d %H:%M:%S > login_dir: /var/run/dovecot/login > login_executable: /usr/lib/dovecot/imap-login > mail_privileged_group: mail > mail_location: maildir:/home/vmail/ > mbox_write_locks: fcntl dotlock > auth default: > verbose: yes > debug: yes > debug_passwords: yes > passdb: > driver: pam > passdb: > driver: sql > args: /etc/dovecot/dovecot-sql.conf > userdb: > driver: passwd > root at SSiS:/etc/postfix# > root at SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$' > /etc/dovecot/dovecot-sql.conf > driver = mysql > connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu > default_pass_scheme = CRYPT > password_query = SELECT name AS user, pass AS password FROM users WHERE > name='%n' > user_query = SELECT > CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') AS > mail FROM users WHERE name='%n' > root at SSiS:/etc/postfix# tail /var/log/mail.log > Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: pid=8593 > Mar 11 16:17:51 SSiS dovecot: auth(default): client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): lookup service=dovecot > Mar 11 16:17:51 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password: > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication failure > (password mismatch?) (given password: Teacher1) > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password FROM > users WHERE name='Teacher1' > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): Password mismatch > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1): > Not a valid MD5-CRYPT or PLAIN-MD5 password > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in > passdb > Mar 11 16:17:54 SSiS dovecot: auth-worker(default): > sql(Teacher1,127.0.0.1): CRYPT(Teacher1) != > '$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU' > Mar 11 16:17:56 SSiS dovecot: auth(default): client out: > FAIL#0111#011user=Teacher1 > Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (auth failed, 1 attempts): user=, method=PLAIN, > rip=127.0.0.1, lip=127.0.0.1, secured > Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: pid=9075 > Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid > commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured > root at SSiS:/etc/postfix# > From benkokakao at gmail.com Tue Mar 19 11:47:56 2013 From: benkokakao at gmail.com (Christian Benke) Date: Tue, 19 Mar 2013 10:47:56 +0100 Subject: [Dovecot] SMTP Client authentication to remote Postfix/Dovecot In-Reply-To: References: Message-ID: Follow up - Looks like a private VPN is the best solution to tackle this: http://article.gmane.org/gmane.mail.postfix.user/235903 On 18 March 2013 13:08, Christian Benke wrote: > Hello! > > This is probably another basic question and i'm not even sure if it's > something where Dovecot is involved, but i'll give it a shot. > > So i've setup Postfix with Dovecot and system-auth on my remote > server. So far it looks like everything is working fine and dandy via > SASL(PLAIN) and TLS. > > I'm just not happy about my local SMTP client settings. I'm going to > try to work with mutt in the future, so i need a local MTA - i've > decided to try it with Postfix. > This works so far and i can send mails with mutt. However - my setup > relies on smtp_sasl_password_maps for authentication. > > I'm not too happy to have plaintext-passwords of remote systems lying > around on my local filesystem. It doesn't really ease my mind that the > file is readable by root only, this doesn't help if my laptop's > harddisk gets mounted elsewhere. > > Are there alternatives or better ways to do SMTP authentication? > > http://www.postfix.org/SASL_README.html#server_cyrus_comm says: >> saslauthd can verify the SMTP client credentials by using them to log into an IMAP server > > So i have my mutt-client which is logged in to the remote Dovecot > IMAP. Mutt uses the local MTA to send the mail. Is there some way to > tell the local postfix or a local dovecot to authenticate the > SMTP-Session via the existing IMAP-login? Or some other way where i at > least don't rely on plaintext passwords but secure, encrypted hashes? > > Sorry if this is a redundant thread, "smtp client" authentication > site:dovecot.org/list' and the likes are not exactly the most > rewarding or unique search terms unfortunately. > > Thanks, > Christian > > > -- > Central Asia by bike, starting May 2013 - http://poab.org From joseba.torre at ehu.es Tue Mar 19 14:36:53 2013 From: joseba.torre at ehu.es (Joseba Torre) Date: Tue, 19 Mar 2013 13:36:53 +0100 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <5147E67C.4060906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> <5147E67C.4060906@hardwarefreak.com> Message-ID: <51485BE5.1090405@ehu.es> El 19/03/13 05:15, Stan Hoeppner escribi?: > On 3/18/2013 11:37 AM, Timo Sirainen wrote: > >> So basically you're saying that the major documentation improvement = an >> index listing/describing all settings. Sure, would be useful, but I >> don't see having time to write that anytime soon. > > The time issue is perfectly understandable Timo. > > My suggestion may not be the gold or platinum improvement to the docs, > but I think it would help a lot of people, especially since most using > Dovecot are also using Postfix, and since man is the standard UNIX > documentation format/interface. I think some similarity/consistency > would help quite a bit as many people are so used to this format. > > Do you have a way to simply dump all the current conf file parameter > names from 2.x into a single column text file? I'll sort it and start > adding the legal parameter values and writing the parameter definitions > from information currently available in source and wiki pages. When I > hit the point I can't find reference material for the rest of the > parameters, we can dump it to a wiki page or similar so others with the > knowledge can jump in and help finish it. Once it's done, myself, or > someone else if they already have the experience, can create the man > page from this to be included in the source. And you can create an > update mechanism/batch process so that updating the 'master' document > automatically updates the source man page and other published versions, > making documentation updates simple when you add/change parameters. > > We could do the wiki bazaar style editing from the beginning, but I'd > rather not. I'd like to get it started with a framework/layout and > style of prose typical of UNIX documentation, for other editors to > follow. The definition text prose needs to be consistent all the way > through, or readers may be confused by the different writing styles of > ~50 different people who may speak different 'dialects' of English or > have different writing styles. This consistency is one of the hallmarks > of good technical writing. > > Like I said previously, the one thing I'm able to contribute more than > anything at this point is time. And my writing skills aren't completely > horrible--I have been published, FWIW, but not recently. But my > knowledge of the parameters, and a lot of Dovecot features in general is > lacking. So if others are willing to contribute where I fall short, I'd > be glad to give this a go and get it started, and hopefully put a decent > sized dent in it so there's not so much left for others to do. > Obviously you have final review/edit authority, and if you have a > particular preference on writing style, etc, I'll certainly honor that. > > If this is acceptable to you Timo, let me know. If so send me the > aforementioned file, any preferences/thoughts you have, and I'll get > started on the first draft. Definitely, something like man 5 postconf would be really useful. I would like to collaborate with that, but I think that my English writing skill are not good enough. > From list.it at lmaccess.net Tue Mar 19 16:13:06 2013 From: list.it at lmaccess.net (Clement PAULET) Date: Tue, 19 Mar 2013 15:13:06 +0100 Subject: [Dovecot] =?utf-8?q?Dovecot_-_Sieve_script_loaded_but_filtering_?= =?utf-8?q?=09doesn=27t_works_=3F?= Message-ID: <5a6252055542d4d40e75b05668395c89@lmaccess.net> Hello Steffen, Thanks for your help, your message has reminds me that I forget the header specification. This new sieve script works for me : require ["fileinto"]; if allof (header :contains "To" "abuse at info.xx.com") { fileinto "INBOX.Test"; redirect "clement.xx at xx.net"; stop; } Thanks, Clement ----- Date: Mon, 18 Mar 2013 14:28:17 +0100 (CET) From: Steffen Kaiser To: Dovecot Mailing List Subject: Re: [Dovecot] Dovecot - Sieve script loaded but filtering doesn't works ? Message-ID: Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 18 Mar 2013, Clement PAULET wrote: Dear Clement, This is my script (using for my test) : require "fileinto"; if address "To" "info at info.xx.com" { fileinto "Test"; } Works for me in v2.2. Did you verified that the header "To" really exists in the message and that "info at info.xx.com" is part of it? The log you've posted displays the envelope information, which is not necessary the same as the header information. Also, remove the precompiled Sieve script, in order to ensure that the pre-compiled one is really one from the script. You could also decompile it to make sure, it has been created from your test script. You'll find sieve-dump in src/sieve-tools/, if you compile from sources, or maybe in /usr/local/bin. From jerry at seibercom.net Tue Mar 19 16:20:55 2013 From: jerry at seibercom.net (Jerry) Date: Tue, 19 Mar 2013 10:20:55 -0400 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <51485BE5.1090405@ehu.es> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> <5147E67C.4060906@hardwarefreak.com> <51485BE5.1090405@ehu.es> Message-ID: <20130319102055.37753ac2@scorpio> On Tue, 19 Mar 2013 13:36:53 +0100 Joseba Torre articulated: {snip} > Definitely, something like man 5 postconf would be really useful. I > would like to collaborate with that, but I think that my English > writing skill are not good enough. I would be willing to assist in a project like that. If we could get a few knowledgeable people -- including Timo -- I think it would be a truly worthwhile project. -- Jerry ? Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ From simon.buongiorno at gmail.com Tue Mar 19 16:25:23 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Tue, 19 Mar 2013 15:25:23 +0100 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <20130319102055.37753ac2@scorpio> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> <5147E67C.4060906@hardwarefreak.com> <51485BE5.1090405@ehu.es> <20130319102055.37753ac2@scorpio> Message-ID: On 19 March 2013 15:20, Jerry wrote: > On Tue, 19 Mar 2013 13:36:53 +0100 > Joseba Torre articulated: > > {snip} > >> Definitely, something like man 5 postconf would be really useful. I >> would like to collaborate with that, but I think that my English >> writing skill are not good enough. > > I would be willing to assist in a project like that. If we could get a > few knowledgeable people -- including Timo -- I think it would be a > truly worthwhile project. I can't code, but I can proof-read/write. And if *I* understand the instructions/config examples you have winning documentation - the ultimate dummy test, so to speak. So, this could be my opportunity to contribute to FOSS. Simon From david at cryptix.de Tue Mar 19 18:43:35 2013 From: david at cryptix.de (David Obando) Date: Tue, 19 Mar 2013 17:43:35 +0100 Subject: [Dovecot] dovecot: auth-worker: order of authentication types Message-ID: <514895B7.8040606@cryptix.de> Hi all, I'm setting a mailserver using dovecot version: 2.1.7. On the server I have a couple of system users using PAM authentication and a lot of virtual users using SQL authentication. When a virtual user (e.g. david at virtdomain.de) logs in dovecot tries to authenticate the user via PAM and after failing it uses SQL: Mar 19 11:39:42 orange dovecot: auth-worker(7815): pam(david at virtdomain.de,): pam_authenticate() failed: Authentication failure (password mismatch?) Mar 19 11:39:42 orange dovecot: auth: passwd(david at virtdomain.de,,): unknown user Mar 19 11:39:42 orange dovecot: imap-login: Login: user=, method=PLAIN, rip=<...>, lip=<...>, mpid=7816, TLS Could I set up dovecot authentication so *users that authenticate with only their username (i.e. system users) always and only use PAM authentication *users that authenticate with their e-mail-address always and only use SQL authentication ??? Thanks, david -- The day microsoft makes something that doesn't suck is the day they start making vacuum cleaners. gpg --keyserver pgp.mit.edu --recv-keys 1920BD87 Key fingerprint = 3326 32CE 888B DFF1 DED3 B8D2 105F 29CB 1920 BD87 From tss at iki.fi Tue Mar 19 19:25:20 2013 From: tss at iki.fi (Timo Sirainen) Date: Tue, 19 Mar 2013 19:25:20 +0200 Subject: [Dovecot] Dovecot documentation WAS: Re: Question regarding Postfix and Dovecot In-Reply-To: <5147E67C.4060906@hardwarefreak.com> References: <5141AE4E.70005@merit.unu.edu> <5141B5DC.6040107@Media-Brokers.com> <514303F0.8090707@Media-Brokers.com> <514310DD.1000705@merit.unu.edu> <1363427613.10463.6.camel@tardis> <514482BB.10004@merit.unu.edu> <1363480160.3986.14.camel@tardis> <51459A34.9030508@dementianati.com> <5145CF83.20906@hardwarefreak.com> <5145F1C0.2090004@Media-Brokers.com> <2AA6B39B-A75F-4D93-909D-D846CDA8C99F@machinehum.com> <514733BC.5080602@hardwarefreak.com> <1363624626.10326.197.camel@innu> <5147E67C.4060906@hardwarefreak.com> Message-ID: <1363713920.10326.220.camel@innu> On Mon, 2013-03-18 at 23:15 -0500, Stan Hoeppner wrote: > Do you have a way to simply dump all the current conf file parameter > names from 2.x into a single column text file? With "doveconf -d" you get all the settings and also the defaults. The docs probably should mention the defaults also. > I'll sort it and start > adding the legal parameter values and writing the parameter definitions > from information currently available in source and wiki pages. When I > hit the point I can't find reference material for the rest of the > parameters, we can dump it to a wiki page or similar so others with the > knowledge can jump in and help finish it. Once it's done, myself, or > someone else if they already have the experience, can create the man > page from this to be included in the source. And you can create an > update mechanism/batch process so that updating the 'master' document > automatically updates the source man page and other published versions, > making documentation updates simple when you add/change parameters. Yes, definitely something that generates all the docs from a single source. There is of course still going to be some duplication with a) example config files and b) the more context-specific wiki pages. I guess once that reference doc is done, the example config could be put to web with all the settings as links to the reference. I think the reference should also have pointers to the more generic wiki pages about the subject, such as ssl_* settings having a pointer to the "SSL" wiki page. That pointer could be a generic small icon in the HTML/wiki version, not sure about the man version. > If this is acceptable to you Timo, let me know. If so send me the > aforementioned file, any preferences/thoughts you have, and I'll get > started on the first draft. OK. From tss at iki.fi Tue Mar 19 19:45:01 2013 From: tss at iki.fi (Timo Sirainen) Date: Tue, 19 Mar 2013 19:45:01 +0200 Subject: [Dovecot] v2.2 status update Message-ID: <1363715101.10326.234.camel@innu> So, I'm still planning on getting v2.2.0 out Really Soon now. Unfortunately I've had to quickly develop some rather large features still at this stage. I was initially planning on leaving them for v2.3, but they were a requirement for one project and implementing them now to v2.2 was the least amount of trouble for me. (And yes, I'm aware I haven't replied to a lot of emails in this list. There are about 60 unread ones. Hopefully I'll have time to go through them this week.) So, what we have now: * dsync can sync ACLs * dsync can sync Sieve scripts - Slightly unfinished patch for Pigeonhole at http://dovecot.org/patches/2.2/doveadm-sieve-plugin.diff * dsync does the ACL/Sieve syncing by having implemented generic mailbox attribute syncing. (The ACLs/Sieve scripts are transparently mapped into the attribute hierarchy.) ACL plugin also supports now restricting attribute set/get/iteration. IMAP METADATA extension can be implemented using mailbox attributes. The dsync/ACL support was the main reason why I had planned on delaying native IMAP METADATA support until v2.3, but there's really no reason for that anymore. So expect IMAP METADATA support also early in v2.2.x (disabled by default). I'll still need to figure out how to do quota for it. * LDAP values can now have DN pointers to other entries that are queried. (Support for LDAP URLs could probably also be added with little trouble.) The configuration becomes a bit more complex again, but until the whole LDAP configuration is redesigned this will work. Example: user_attrs = \ =user=%{ldap:uid}, \ @mail=%{ldap:mailDN}, \ =uid=%{ldap:uidNumber at mail}, \ =gid=%{ldap:gidNumber at mail}, \ =home=%{ldap:rootPath at mail}/%d/%n From pvsuja at gmail.com Wed Mar 20 08:55:44 2013 From: pvsuja at gmail.com (pvsuja) Date: Tue, 19 Mar 2013 23:55:44 -0700 (PDT) Subject: [Dovecot] dovecot 2 in ubuntu 12.04 or Debian Squeeze In-Reply-To: <1363676047.12003.16.camel@tardis> References: <1362556867785-40640.post@n4.nabble.com> <51372E00.8000702@softjury.de> <1362630378275-40664.post@n4.nabble.com> <51399992.1020401@softjury.de> <1363239710512-40763.post@n4.nabble.com> <51419530.8040004@softjury.de> <1363599415174-40862.post@n4.nabble.com> <20130318071122.Horde.bk06oetBxz5NtmHfn4jRDQ1@mail.patrickdk.com> <1363672596302-40888.post@n4.nabble.com> <1363676047.12003.16.camel@tardis> Message-ID: <1363762544709-40900.post@n4.nabble.com> I got it working with the configuration i sent in last mail (without ssl_ca setting) And i had to give the hostname in place of ip address of server since the ssl certificates were having the host name. Thanks to all of you for your time and support.. Thanks a bunch -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-2-in-ubuntu-12-04-or-Debian-Squeeze-tp40634p40900.html Sent from the Dovecot mailing list archive at Nabble.com. From p.heinlein at heinlein-support.de Wed Mar 20 11:39:40 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 20 Mar 2013 10:39:40 +0100 Subject: [Dovecot] ulimit -n in start-script Message-ID: <514983DC.8070806@heinlein-support.de> Hi! Even on midrange-systems it's necessary to set "ulimit -n" to a higher value then the system default of 1024. I'd prefer having this already prepared: In /etc/defaults/dovecot we should add: # Set amount of "open files" / ulimit -n ULIMIT_OPEN_FILES=16884 In /etc/init.d/dovecot we should add: # Set amount of open files / ulimit -n [ -n "$ULIMIT_OPEN_FILES" ] && ulimit -n $ULIMIT_OPEN_FILES Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From damoxc at gmail.com Wed Mar 20 12:29:13 2013 From: damoxc at gmail.com (Damien Churchill) Date: Wed, 20 Mar 2013 10:29:13 +0000 Subject: [Dovecot] Mongo backend for userdb and passdb In-Reply-To: References: Message-ID: On 28 February 2013 14:47, Damien Churchill wrote: > On 28 February 2013 14:40, Timo Sirainen wrote: >> On 28.2.2013, at 15.13, Damien Churchill wrote: >> >>> On 28 February 2013 14:01, Timo Sirainen wrote: >>>> On 28.2.2013, at 12.28, Damien Churchill wrote: >>>> >>>>> I was wondering if any work had been made (out of tree) or has been >>>>> planned for a mongo driver? If not is it something that would be of >>>>> any interest for being included? >>>> >>>> Have you noticed the memcached and redis backends for lib-dict, and the passdb/userdb dict? So you'd only need to implement dict-mongodb.c for Dovecot v2.2. Feel free to start developing. :) v2.2 also has its own lib-http if that's needed. >>>> >>> >>> I hadn't no! That makes things far easier :) Do you have any >>> preference on which driver to use? I was thinking of selecting >>> libmongo-client[0] as its made its way into repositories unlike the >>> official mongo C driver. >>> >>> [0] https://github.com/algernon/libmongo-client >> >> Any external library actually makes things more difficult, because they can easily only be loaded by the dict server, which means every lookup have to be proxied through it (similar problem with dict-sql). Although in v2.2 there's some new code for how to load SSL library dynamically only when needed, and the same could be done for your dict-mongodb at least in theory.. >> > > Okay I'll have a look at doing it that way. Is the ssl code in > lib-ssl-iostream or somewhere else? Hi, I've been messing about with this and I think a similar configuration format to the sql dict driver would be handy, although I imagine the same could also be achieved with just lots of uri arguments. Mongo isn't really a key/value store so you'd want to be able to specify fields within the document to query upon/fetch. I'm still getting to grips with the architecture of things so not entirely sure what the best course of action would be here. If using the map style config would be desirable then creating some shared parser that sql and mongodb can use would be good. From tlx at leuxner.net Wed Mar 20 12:31:40 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 20 Mar 2013 11:31:40 +0100 Subject: [Dovecot] v2.2 status update In-Reply-To: <1363715101.10326.234.camel@innu> References: <1363715101.10326.234.camel@innu> Message-ID: <20130320103140.GA20746@nihlus.leuxner.net> * Timo Sirainen 2013.03.19 18:45: > * dsync can sync ACLs +1 doveadm -o plugin/quota= backup -u tlx at leuxner.net mdbox:/home/backups/tlx/mdbox Works great now. Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From tss at iki.fi Wed Mar 20 12:37:47 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 12:37:47 +0200 Subject: [Dovecot] v2.2 status update In-Reply-To: <20130320103140.GA20746@nihlus.leuxner.net> References: <1363715101.10326.234.camel@innu> <20130320103140.GA20746@nihlus.leuxner.net> Message-ID: <1363775867.10326.238.camel@innu> On Wed, 2013-03-20 at 11:31 +0100, Thomas Leuxner wrote: > * Timo Sirainen 2013.03.19 18:45: > > > * dsync can sync ACLs > > +1 > > doveadm -o plugin/quota= backup -u tlx at leuxner.net mdbox:/home/backups/tlx/mdbox > > Works great now. Thanks. I don't think you need the -o plugin/quota= here. dsync should ignore quota limits. From tss at iki.fi Wed Mar 20 12:39:50 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 12:39:50 +0200 Subject: [Dovecot] Mongo backend for userdb and passdb In-Reply-To: References: Message-ID: <1363775990.10326.240.camel@innu> On Wed, 2013-03-20 at 10:29 +0000, Damien Churchill wrote: > I've been messing about with this and I think a similar configuration > format to the sql dict driver would be handy, although I imagine the > same could also be achieved with just lots of uri arguments. Mongo > isn't really a key/value store so you'd want to be able to specify > fields within the document to query upon/fetch. > > I'm still getting to grips with the architecture of things so not > entirely sure what the best course of action would be here. If using > the map style config would be desirable then creating some shared > parser that sql and mongodb can use would be good. I've been planning on having one generic dict sql-like configuration for all dict backends, so you could map different dict paths to different backends. So the idea is good, but probably quite a lot of work. From damoxc at gmail.com Wed Mar 20 12:40:59 2013 From: damoxc at gmail.com (Damien Churchill) Date: Wed, 20 Mar 2013 10:40:59 +0000 Subject: [Dovecot] Mongo backend for userdb and passdb In-Reply-To: <1363775990.10326.240.camel@innu> References: <1363775990.10326.240.camel@innu> Message-ID: On 20 March 2013 10:39, Timo Sirainen wrote: > On Wed, 2013-03-20 at 10:29 +0000, Damien Churchill wrote: > >> I've been messing about with this and I think a similar configuration >> format to the sql dict driver would be handy, although I imagine the >> same could also be achieved with just lots of uri arguments. Mongo >> isn't really a key/value store so you'd want to be able to specify >> fields within the document to query upon/fetch. >> >> I'm still getting to grips with the architecture of things so not >> entirely sure what the best course of action would be here. If using >> the map style config would be desirable then creating some shared >> parser that sql and mongodb can use would be good. > > I've been planning on having one generic dict sql-like configuration for > all dict backends, so you could map different dict paths to different > backends. So the idea is good, but probably quite a lot of work. > Would it not be just some bastardised version of dict-sql-settings? From tss at iki.fi Wed Mar 20 12:54:12 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 12:54:12 +0200 Subject: [Dovecot] Mongo backend for userdb and passdb In-Reply-To: References: <1363775990.10326.240.camel@innu> Message-ID: <1363776852.10326.243.camel@innu> On Wed, 2013-03-20 at 10:40 +0000, Damien Churchill wrote: > On 20 March 2013 10:39, Timo Sirainen wrote: > > On Wed, 2013-03-20 at 10:29 +0000, Damien Churchill wrote: > > > >> I've been messing about with this and I think a similar configuration > >> format to the sql dict driver would be handy, although I imagine the > >> same could also be achieved with just lots of uri arguments. Mongo > >> isn't really a key/value store so you'd want to be able to specify > >> fields within the document to query upon/fetch. > >> > >> I'm still getting to grips with the architecture of things so not > >> entirely sure what the best course of action would be here. If using > >> the map style config would be desirable then creating some shared > >> parser that sql and mongodb can use would be good. > > > > I've been planning on having one generic dict sql-like configuration for > > all dict backends, so you could map different dict paths to different > > backends. So the idea is good, but probably quite a lot of work. > > > > Would it not be just some bastardised version of dict-sql-settings? I guess you could do that for now. The grand plans of how to put everything nicely together can wait. :) From damoxc at gmail.com Wed Mar 20 12:59:50 2013 From: damoxc at gmail.com (Damien Churchill) Date: Wed, 20 Mar 2013 10:59:50 +0000 Subject: [Dovecot] Mongo backend for userdb and passdb In-Reply-To: <1363776852.10326.243.camel@innu> References: <1363775990.10326.240.camel@innu> <1363776852.10326.243.camel@innu> Message-ID: On 20 March 2013 10:54, Timo Sirainen wrote: > On Wed, 2013-03-20 at 10:40 +0000, Damien Churchill wrote: >> On 20 March 2013 10:39, Timo Sirainen wrote: >> > On Wed, 2013-03-20 at 10:29 +0000, Damien Churchill wrote: >> > >> >> I've been messing about with this and I think a similar configuration >> >> format to the sql dict driver would be handy, although I imagine the >> >> same could also be achieved with just lots of uri arguments. Mongo >> >> isn't really a key/value store so you'd want to be able to specify >> >> fields within the document to query upon/fetch. >> >> >> >> I'm still getting to grips with the architecture of things so not >> >> entirely sure what the best course of action would be here. If using >> >> the map style config would be desirable then creating some shared >> >> parser that sql and mongodb can use would be good. >> > >> > I've been planning on having one generic dict sql-like configuration for >> > all dict backends, so you could map different dict paths to different >> > backends. So the idea is good, but probably quite a lot of work. >> > >> >> Would it not be just some bastardised version of dict-sql-settings? > > I guess you could do that for now. The grand plans of how to put > everything nicely together can wait. :) > For now I think I can get away with just tacking on uri arguments. Seems silly duplicating effort, although if you'd like me to give it a shot I'm happy to do so! From pw at wk-serv.de Wed Mar 20 14:12:04 2013 From: pw at wk-serv.de (Patrick Westenberg) Date: Wed, 20 Mar 2013 13:12:04 +0100 Subject: [Dovecot] ulimit -n in start-script In-Reply-To: <514983DC.8070806@heinlein-support.de> References: <514983DC.8070806@heinlein-support.de> Message-ID: <5149A794.5000307@wk-serv.de> Peer Heinlein schrieb: > Even on midrange-systems it's necessary to set "ulimit -n" to a higher > value then the system default of 1024. Could this lead to this problem? Error: file_dotlock_create(/var/mail/example.com/john.doe/Maildir/.Sent/dovecot-uidlist) failed: No space left on device Patrick From dormitionskete at hotmail.com Wed Mar 20 14:39:59 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 06:39:59 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages Message-ID: I'd like to use Dovecot as our IMAP server when our users are within our LAN, but I'd also like to give them the ability to access their emails via POP3 when they are outside the LAN. I know most POP3 clients will give their users the option of not deleting the messages from the server after they are downloaded, but is there any way to restrict them from being able to do so at the server level? In other words, I want to disallow the server from accepting the DELE command from POP3 clients. Is that possible? We have some accounts that multiple users need simultaneous access to. I don't want a user to decide to set up a POP3 account on his own on his iPad or something, and inadvertently blow the Inbox away for everybody else. We have a satellite connection, so our upload speeds are real slow. I think POP3 would give a lot better user experience than IMAP when they are outside the LAN. Any help or advice will be greatly appreciated. Peter, hieromonk ---- Dormition Skete Monastery Website: http://www.DormitionSkete.org Convent Website: http://www.HolyApostlesConvent.org ---- From tlx at leuxner.net Wed Mar 20 14:40:31 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 20 Mar 2013 13:40:31 +0100 Subject: [Dovecot] v2.2 status update In-Reply-To: <1363775867.10326.238.camel@innu> References: <1363715101.10326.234.camel@innu> <20130320103140.GA20746@nihlus.leuxner.net> <1363775867.10326.238.camel@innu> Message-ID: <20130320124031.GB20746@nihlus.leuxner.net> * Timo Sirainen 2013.03.20 11:37: > I don't think you need the -o plugin/quota= here. dsync should ignore > quota limits. Just tried without and it adds the backup to the quota, forcing you to run recalc afterwards. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From tss at iki.fi Wed Mar 20 14:43:30 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 14:43:30 +0200 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: Message-ID: <1363783410.10326.245.camel@innu> On Wed, 2013-03-20 at 06:39 -0600, DormitionSkete at hotmail.com wrote: > I'd like to use Dovecot as our IMAP server when our users are within our LAN, but I'd also like to give them the ability to access their emails via POP3 when they are outside the LAN. I know most POP3 clients will give their users the option of not deleting the messages from the server after they are downloaded, but is there any way to restrict them from being able to do so at the server level? > > In other words, I want to disallow the server from accepting the DELE command from POP3 clients. > > Is that possible? You could create a (global) ACL to not allow user to delete own mails. But some clients will probably keep redownloading the same mails over and over again then. From tss at iki.fi Wed Mar 20 14:44:49 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 14:44:49 +0200 Subject: [Dovecot] v2.2 status update In-Reply-To: <20130320124031.GB20746@nihlus.leuxner.net> References: <1363715101.10326.234.camel@innu> <20130320103140.GA20746@nihlus.leuxner.net> <1363775867.10326.238.camel@innu> <20130320124031.GB20746@nihlus.leuxner.net> Message-ID: <1363783489.10326.246.camel@innu> On Wed, 2013-03-20 at 13:40 +0100, Thomas Leuxner wrote: > * Timo Sirainen 2013.03.20 11:37: > > > I don't think you need the -o plugin/quota= here. dsync should ignore > > quota limits. > > Just tried without and it adds the backup to the quota, forcing you to run recalc afterwards. Oh, right, that it does. Difficult to fix it, since it should do that one some quota backends/configs, but not others. From rs at sys4.de Wed Mar 20 14:55:04 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 20 Mar 2013 13:55:04 +0100 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: Message-ID: <5149B1A8.1050807@sys4.de> Am 20.03.2013 13:39, schrieb DormitionSkete at hotmail.com: > I'd like to use Dovecot as our IMAP server when our users are within our LAN, but I'd also like to give them the ability to access their emails via POP3 when they are outside the LAN. I know most POP3 clients will give their users the option of not deleting the messages from the server after they are downloaded, but is there any way to restrict them from being able to do so at the server level? > > In other words, I want to disallow the server from accepting the DELE command from POP3 clients. > > Is that possible? > > We have some accounts that multiple users need simultaneous access to. I don't want a user to decide to set up a POP3 account on his own on his iPad or something, and inadvertently blow the Inbox away for everybody else. > > We have a satellite connection, so our upload speeds are real slow. I think POP3 would give a lot better user experience than IMAP when they are outside the LAN. > > Any help or advice will be greatly appreciated. > > Peter, hieromonk > > ---- > Dormition Skete > Monastery Website: http://www.DormitionSkete.org > Convent Website: http://www.HolyApostlesConvent.org > ---- > > > dont think this is possible, but you may redirect mails to subfolder ( filter for big mails ) with i.e. sieve and exclude the subfolder from pop3 sight i blogged some example with virtual plugin, sorry german and not exactly what you asked for, its for auto sort spam mail , but perhaps it gives you an idea how solve your problem for the whole situation , why not simple allow only imap , and perhaps use folder acl etc , downloading only subjects first or some special folders etc to save bandwith should be possible with most mobile clients http://sys4.de/de/blog/2013/02/11/dovecot-virtual-setup-mit-globaler-sieve-spamfilter-regel-fur-pop3-nutzer/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dormitionskete at hotmail.com Wed Mar 20 15:17:03 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 07:17:03 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <1363783410.10326.245.camel@innu> References: <1363783410.10326.245.camel@innu> Message-ID: On Mar 20, 2013, at 6:43 AM, Timo Sirainen wrote: > On Wed, 2013-03-20 at 06:39 -0600, DormitionSkete at hotmail.com wrote: >> I'd like to use Dovecot as our IMAP server when our users are within our LAN, but I'd also like to give them the ability to access their emails via POP3 when they are outside the LAN. I know most POP3 clients will give their users the option of not deleting the messages from the server after they are downloaded, but is there any way to restrict them from being able to do so at the server level? >> >> In other words, I want to disallow the server from accepting the DELE command from POP3 clients. >> >> Is that possible? > > You could create a (global) ACL to not allow user to delete own mails. > But some clients will probably keep redownloading the same mails over > and over again then. > Thank you for the speedy reply! Is there any chance you might consider implementing this as an option sometime? I assume the POP3 delivery code is separate from the IMAP code. You wouldn't necessarily need to return an error code to the email client. Most clients probably wouldn't know how to interpret it anyway. Just quietly ignore the DELE command. Or would that leave us in the same position, where some clients may keep redownloading the same messages? Also, how would I create a global ACL like you said, so I could test how our clients would react? Everybody here uses Macs, iPads or iPhones. We would not necessarily have to support a wide variety of clients. We're using sendmail. I assume this is done in sendmail, not Dovecot? Or should I go to the sendmail group for that, if I can't find anything on the net about it with Google? From tlx at leuxner.net Wed Mar 20 15:22:11 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 20 Mar 2013 14:22:11 +0100 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> Message-ID: <20130320132211.GC20746@nihlus.leuxner.net> * DormitionSkete at hotmail.com 2013.03.20 14:17: > Everybody here uses Macs, iPads or iPhones. We would not necessarily have to support a wide variety of clients. Their Mail Clients natively support IMAP, so not sure why you would want to go with POP3 in this scenario. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From dormitionskete at hotmail.com Wed Mar 20 15:34:29 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 07:34:29 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <5149B1A8.1050807@sys4.de> References: <5149B1A8.1050807@sys4.de> Message-ID: > for the whole situation , why not simple allow only imap , and perhaps > use folder acl etc , downloading only subjects first or some special > folders etc to save bandwith should be possible with most mobile clients This would be the best, but this has to be done on the clients, right? I don't see this as an option on either my MacBook Pro, or iPad. I'll give your other suggestion some thought, too, though. Thank you. I really appreciate it. From dormitionskete at hotmail.com Wed Mar 20 15:35:34 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 07:35:34 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <20130320132211.GC20746@nihlus.leuxner.net> References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> Message-ID: On Mar 20, 2013, at 7:22 AM, Thomas Leuxner wrote: > * DormitionSkete at hotmail.com 2013.03.20 14:17: > >> Everybody here uses Macs, iPads or iPhones. We would not necessarily have to support a wide variety of clients. > > Their Mail Clients natively support IMAP, so not sure why you would want to go with POP3 in this scenario. Well, like I said, we have real slow upload speeds. I think POP3 would give a better user experience. From hannohirschberger at googlemail.com Wed Mar 20 15:25:55 2013 From: hannohirschberger at googlemail.com (Hanno Hirschberger) Date: Wed, 20 Mar 2013 14:25:55 +0100 Subject: [Dovecot] Override quota settings with LDAP Message-ID: <5149B8E3.7040402@googlemail.com> Hi all, my current Dovecot setup is fetching both the imap quota limit and the mail location settings from LDAP entries. user_attrs = [...] UDBmailQuota=quota_rule=*:bytes=%$, mailLocation=mail That is because we have 3 users who wants to fetch their mail from /var/mail/. All the other users have maildir with maildir quota. The LDAP entry for /var/mail user looks like this: mailLocation: mbox:/var/empty:INBOX=/var/mail/:INDEX=MEMORY Works fine with one exception: the mail quota for /var/mail users. The dovecot log gets spammed with: Mar 20 13:37:04 lmtp(2494, username): Warning: quota: Namespace '' is not Maildir, skipping for Maildir++ quota Mar 20 13:37:04 lmtp(2494, username): Error: opendir(/var/empty/.imap) failed: No such file or directory ... which is only logical, because there's no maildir for that user. I want to get rid of these error messages and like to ask you if there's a way to override the "quota = maildir:User quota" setting in my Dovecot configuration for the 3 /var/mail users. For example with an extra LDAP field? Sadly I don't really know how to realize this. Or is there any other / better way? You can look at my doveconf -n output here: http://pastebin.com/mJZ2CXbg Best regards, Hanno From tlx at leuxner.net Wed Mar 20 15:51:45 2013 From: tlx at leuxner.net (Thomas Leuxner) Date: Wed, 20 Mar 2013 14:51:45 +0100 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> Message-ID: <20130320135145.GD20746@nihlus.leuxner.net> * DormitionSkete at hotmail.com 2013.03.20 14:35: > > Their Mail Clients natively support IMAP, so not sure why you would want to go with POP3 in this scenario. > > > Well, like I said, we have real slow upload speeds. I think POP3 would give a better user experience. The clients mentioned will cache the messages locally. They will download headers first while they will retrieve the rest in the background. iOS Devices will even apply thresholds on larger messages downloading them partly and completing the rest upon request. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: From dormitionskete at hotmail.com Wed Mar 20 16:15:11 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 08:15:11 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <20130320135145.GD20746@nihlus.leuxner.net> References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> Message-ID: On Mar 20, 2013, at 7:51 AM, Thomas Leuxner wrote: > * DormitionSkete at hotmail.com 2013.03.20 14:35: > >>> Their Mail Clients natively support IMAP, so not sure why you would want to go with POP3 in this scenario. >> >> >> Well, like I said, we have real slow upload speeds. I think POP3 would give a better user experience. > > The clients mentioned will cache the messages locally. They will download headers first while they will retrieve the rest in the background. iOS Devices will even apply thresholds on larger messages downloading them partly and completing the rest upon request. > > Regards > Thomas Really? Interesting. Thank you. My experience with IMAP over the internet with a couple of servers outside our monastery (while I was in it, and we have considerably better download speeds than upload) has always been that IMAP has always been incredibly slow. So, I've always just allowed users to connect to the IMAP server via webmail. It's slow, but usable. I guess it's time to open a port in our firewall and do some testing with a couple of clients from outside. Maybe they'll work better than I've always assumed. I appreciate the input, everybody. Thank you. fp From david at cryptix.de Wed Mar 20 16:42:14 2013 From: david at cryptix.de (David Obando) Date: Wed, 20 Mar 2013 15:42:14 +0100 Subject: [Dovecot] dovecot: auth-worker: order of authentication types In-Reply-To: <514895B7.8040606@cryptix.de> References: <514895B7.8040606@cryptix.de> Message-ID: <5149CAC6.9050508@cryptix.de> I found out myself how to control the order: http://wiki2.dovecot.org/Authentication/MultipleDatabases. still asking how to set up dovecot authentication so *users that authenticate with only their username (i.e. system users) always and only use PAM authentication *users that authenticate with their e-mail-address always and only use SQL authentication thanks, david David Obando schrieb am 19.03.2013 17:43: > Hi all, > > I'm setting a mailserver using dovecot version: 2.1.7. On the server I > have a couple of system users using PAM authentication and a lot of > virtual users using SQL authentication. > > When a virtual user (e.g. david at virtdomain.de) logs in dovecot tries to > authenticate the user via PAM and after failing it uses SQL: > > Mar 19 11:39:42 orange dovecot: auth-worker(7815): > pam(david at virtdomain.de,): pam_authenticate() failed: > Authentication failure (password mismatch?) > Mar 19 11:39:42 orange dovecot: auth: passwd(david at virtdomain.de, address>,): unknown user > Mar 19 11:39:42 orange dovecot: imap-login: Login: > user=, method=PLAIN, rip=<...>, lip=<...>, > mpid=7816, TLS > > > Could I set up dovecot authentication so > *users that authenticate with only their username (i.e. system users) > always and only use PAM authentication > *users that authenticate with their e-mail-address always and only use > SQL authentication > ??? > > > Thanks, > david > -- The day microsoft makes something that doesn't suck is the day they start making vacuum cleaners. gpg --keyserver pgp.mit.edu --recv-keys 1920BD87 Key fingerprint = 3326 32CE 888B DFF1 DED3 B8D2 105F 29CB 1920 BD87 From tss at iki.fi Wed Mar 20 16:59:04 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 16:59:04 +0200 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> Message-ID: <1363791544.10326.251.camel@innu> On Wed, 2013-03-20 at 08:15 -0600, DormitionSkete at hotmail.com wrote: > My experience with IMAP over the internet with a couple of servers outside our monastery (while I was in it, and we have considerably better download speeds than upload) has always been that IMAP has always been incredibly slow. So, I've always just allowed users to connect to the IMAP server via webmail. It's slow, but usable. Another idea: Get some cheap server from outside, use dsync replication to keep it synced with your internal one, and set up DNS so that users get directed to the fastest server. http://wiki2.dovecot.org/Replication From tss at iki.fi Wed Mar 20 18:27:26 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 18:27:26 +0200 Subject: [Dovecot] %{session} does not work with deliver_log_format In-Reply-To: <20130225213442.GA10452@daniel.localdomain> References: <20130224225349.GA7429@daniel.localdomain> <20130225213442.GA10452@daniel.localdomain> Message-ID: <5884A78A-BCBA-4BAC-84F4-2F66BBB69BCE@iki.fi> On 25.2.2013, at 23.34, Daniel Parthey wrote: >> LMTP has a completely different session ID currently, which gets reset for each mail delivery and is written to the Received: header that it writes. >> It doesn't traverse through proxies, because each delivery gets a different ID anyway. >> >> So .. Why is it that you want this? For matching a log line with a Received: >> header? I guess that could be done, but the name should probably be different >> from %{session} so it won't get mixed up with what IMAP/POP3 uses it for. > > I simply run an LMTP director/proxy to prevent NFS locking issues > and in error cases I want to investigate where the mail has gone > (through the director lmtp to the mailbox lmtp). I thought this > is what "session IDs" were intended for. The SMTP server should log the delivery ID that the backend generates, and you should be able to grep for it, right? > Obviously, the generated ID is a different one for director and mailbox, > looking at the Received: lines of a single message: > > Received: from mail01.example.org ([10.129.3.193]) > by mail01.example.org (Dovecot) with LMTP id vdSeD+CrK1HXZQAAiWCYmA > ; Mon, 25 Feb 2013 19:25:02 +0100 > Received: from mx01.example.org ([127.0.0.1]) > by mail01.example.org (Dovecot) with LMTP id fu7aIn6sK1EMaQAAiWCYmA > ; Mon, 25 Feb 2013 19:25:02 +0100 > > What would you suggest how to track an LMTP delivery through a > director proxy? Should one use the MessageID to correlate the > lmtp log entries in dovecot-director.log and dovecot.log? I was first thinking about having LMTP proxy log the delivery ID, until I noticed that LMTP proxy doesn't log anything about delivered mails currently. I'm not really sure if that would be of any actual help?.. From tss at iki.fi Wed Mar 20 18:41:21 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 18:41:21 +0200 Subject: [Dovecot] Imaptest: Fatal: opendir(/usr/local/lib/dovecot) failed: No such file or directory In-Reply-To: References: <8ECC935D-358E-4204-8C4E-D7AC615BC1DA@iki.fi> Message-ID: On 28.2.2013, at 16.36, Steffen Kaiser wrote: >>> When I build imaptest with an installed v2.2 instance, libssl_iostream_openssl.so is loaded from /usr/local/lib/dovecot . >> >> Don't usee SSL connections, so it won't load it? :) > > OK, I needed two tries to understand :-) > > imaptest does not use SSL itself, its connections are clear text, but the dovecot library is loading the library nonetheless. Fixed: http://hg.dovecot.org/imaptest/rev/06c24f17871b From tss at iki.fi Wed Mar 20 18:52:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 18:52:09 +0200 Subject: [Dovecot] Exposing masteruser info to cllients via lmtp-proxy connections In-Reply-To: <55D76B5A78B24C42B3AEC8148D487AA7426A0B55@EX-5.nro.netregistry.net> References: <55D76B5A78B24C42B3AEC8148D487AA7426A0B55@EX-5.nro.netregistry.net> Message-ID: <1FC46804-58E5-4843-96B2-EAECACFC21F7@iki.fi> On 4.3.2013, at 0.54, Alexandr Sabitov wrote: > Please somebody suggest me how to remove the "*masteruser" appendix from the dovecot director database while using masteruser authentication. Not sure about how to fix that, but maybe you can get rid of the *masteruser completely? Instead of using that, just return "master=masteruser" field. http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy#Master_password From tss at iki.fi Wed Mar 20 18:54:48 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 18:54:48 +0200 Subject: [Dovecot] Stability of extraction of attachment In-Reply-To: <5134791B.8020101@um.es> References: <5134791B.8020101@um.es> Message-ID: <28B51183-BB1A-459A-B598-AEB7F43ED2B9@iki.fi> On 4.3.2013, at 12.36, Angel L. Mateo wrote: > Hello, > > We are migrating our dovecot servers from 2.1.9 to 2.1.15 (or 2.2 if there is a stable version soon) and maildir format to mdbox. > > Looking for mdbox options I have found options: > > * mail_attachment_dir > * mail_attachement_min_size > * mail_attachment_fs > * mail_attachment_hash > > but this options are described with the message: > > # WARNING: This feature hasn't been tested much yet. Use at your own risk. > > What is the state of these options? Could I use it in a production environment? I just forgot to remove that warning. Removed now in v2.2 (not in v2.1, because people complain if I do unnecessary changes to example-config). > In case of yes, what is the best deduplicating option? Let it to the FS? Or configuring with "sis posix" or "sis-queue posix"? If FS supports it then let it do it. If it doesn't, sis is easier than sis-queue since it doesn't need a cronjob. Also I'm not sure if sis-queue makes the performance better or not (the idea being that it delays the slowness until night when it's more quiet). From tss at iki.fi Wed Mar 20 19:01:18 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:01:18 +0200 Subject: [Dovecot] Maildir or Mdbox and expunge messages. In-Reply-To: <5135C0F5.9060709@yandex.ru> References: <5135C0F5.9060709@yandex.ru> Message-ID: <80EF6266-11F9-42EB-90A0-1F3F8481D84A@iki.fi> On 5.3.2013, at 11.55, Evgeny Basov wrote: > I tested dovecot's work with expunge messages on Mdbox over strace (see > at tail of message). As I can see dovecot process opens old storage m.* > file, reads it content, opens new temporary file, writes in this one > content and rename this new one to m.(*+1). You're talking about doveadm purge, right? Not expunge. > How fast this algorithm works on system with about 10000 users and 5Tb > data? I will use mdbox_rotate_interval for delayed expunge but I think > that simple delete file in Maildir must be faster than expunge from Mdbox. Yes, Maildir/sdbox is faster when freeing up disk space for mails. Read and save operations should be faster in mdbox though. And if the purge is run at a time when there is less disk IO, it shouldn't be that bad. From tss at iki.fi Wed Mar 20 19:04:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:04:09 +0200 Subject: [Dovecot] Lot of dovecot process writes In-Reply-To: <51373A15.4070800@um.es> References: <51373346.6010708@um.es> <513734F2.60902@sys4.de> <51373A15.4070800@um.es> Message-ID: <971EAAC9-31AB-4F04-8E2B-CD027D2DBC2C@iki.fi> On 6.3.2013, at 14.44, Angel L. Mateo wrote: >>> While monitoring my servers' behaviour (ubuntu 12.04 with dovecot >>> 2.1.9, with about 70000 users) I have found that lots of disk usage is >>> done by dovecot process (the parent process). Since lmtp, imap and pop3 >>> connections are handle by their own process, what could be the reason of >>> this? > > In any case, I don't understand why dovecot parent process has these huge amount of IO, since, I guess, IO should be done by user's processes (lmtp, imap or pop), not dovecot parent. Right. > My only hypothesis is related with log messages, but then IO should be done by rsyslog process, not dovecot, shouldn't it? Master process doesn't even log messages, log process does that. There is no reason why dovecot master process would be doing any disk IO. Maybe whatever you're looking at is counting the child processes' disk IO as well? From tss at iki.fi Wed Mar 20 19:18:26 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:18:26 +0200 Subject: [Dovecot] Core dump in 2.2.rc2 with FETCH 1 BODY.PEEK[ALL] In-Reply-To: References: Message-ID: <893EF1B7-3D5D-4821-AE70-E73CFE3708F4@iki.fi> On 7.3.2013, at 10.30, Steffen Kaiser wrote: > 2 FETCH 1 BODY.PEEK[ALL] > > dumps core, bt full is: Thanks, fixed: http://hg.dovecot.org/dovecot-2.2/rev/ab434891f2af From tss at iki.fi Wed Mar 20 19:20:07 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:20:07 +0200 Subject: [Dovecot] [dovecot-2.1.15] mdbox corruption, doveadm force-resync can't repair it (throws segfault) In-Reply-To: <51388444.2090900@mejor.pl> References: <51387E12.5050100@mejor.pl> <51388444.2090900@mejor.pl> Message-ID: <31E4195B-E490-47FE-94EC-EDFADDD3A8E9@iki.fi> On 7.3.2013, at 14.12, Marcin Miros?aw wrote: > Here is backtrace from doveadm force-resync: > > #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, > rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at > mdbox-storage-rebuild.c:433 > 433 map_uid = rec->map_uid; Yeah, I fixed this immediately after 2.1.15: http://hg.dovecot.org/dovecot-2.1/rev/2def25f07ca6 I guess it's soon time for 2.1.16. From tss at iki.fi Wed Mar 20 19:25:04 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:25:04 +0200 Subject: [Dovecot] ACL to make mailboxes populated by master account Read Only for regular users. In-Reply-To: References: Message-ID: <525806BF-99D4-4964-B289-8C425D4FF050@iki.fi> On 7.3.2013, at 19.10, Alex Cherniak wrote: > We have a solution using Dovecot as a secondary mail archive. All mailboxes > are populated/groomed by master account and the actual users have only read > access. > This is achieved by a simple ACL approach. > dovecot.conf has > protocol imap { mail_plugins = acl quota imap_quota zlib } > plugin { acl = vfile:/etc/dovecot/acls:cache_secs=300 } > > /etc/dovecot/acls/.DEFAULT file is trivial: > user=master lrwstipekxa > owner lr > > It used to work with Dovecot 2.0.4 for years, but after upgrade to 2.0.18 > users now have full access to folders created by master account and can > delete, add and move mails. > > Should it behave this way? How can I "secure" mailboxes again? Any help > is appreciated. I don't remember how it used to work, but it was never intended to work the way you use it. It probably didn't even fully work the way you thought it did. The .DEFAULT name is also misleading. Dovecot unfortunately still doesn't support "default ACLs". From tss at iki.fi Wed Mar 20 19:27:40 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:27:40 +0200 Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> In-Reply-To: <1362722925153-40684.post@n4.nabble.com> References: <1362722925153-40684.post@n4.nabble.com> Message-ID: <2DABADF0-5AE3-4749-A754-3996273C5E4D@iki.fi> On 8.3.2013, at 8.08, pvsuja wrote: > Through wireshark, I found the username and password is going in plain text > only to the server. > How will I enable starttls in ImapcProxy before any communication starts? imapc_ssl = starttls See also other related settings in http://wiki2.dovecot.org/Migration/Dsync I guess imapc should have its own wiki page some day. From tss at iki.fi Wed Mar 20 19:35:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:35:09 +0200 Subject: [Dovecot] Logon with Client Certificate and OTP fallback In-Reply-To: References: Message-ID: <208A32C9-8ED0-4089-8B8E-D588539FDC15@iki.fi> On 10.3.2013, at 12.28, dovecot.pkoch at dfgh.net wrote: > For 10 years we are using a very simple POP3-server where > I replaced the authentication routines with my own functions > and these function are doing the following: > > 1) if the connection was made without SSL refuse to connect > 2) if the client was using a client certificate extract the username > from the certificate. Since we cannot stop Thunderbird from > sending a username/passowrd-combination we compare the > username from the certificate with the username Thunderbird has > sent. If the usernames matches we allow access and ignore > the password. > 3) if the client did not sent a client certificate we calculate the > current OneTimePassword of the users OTP-token and compare > that with the password Thunderbird has sent. If the passwords matches > we allow access. If a OTP-password was validated it can be used > for 24 hours so our OTP-users must use their tokens only once a day. > > Now we would like to switch from POP3 to IMAP, so here are my > questions: > > - can Dovecot be CONFIGURED to do the above. I compiled it yesterday > and SSL client authentication works as expected. OTP seems to be > supported via PAM and I can write a PAM-modul for our OTP-tokens, > so OTP would be possible too. But how do I tell Dovecot to do > OTP-auth as a fallback for ClientCert-auth. Create a passdb that succeeds if user has a valid SSL client cert. http://wiki2.dovecot.org/Variables has %k which is "valid" if client has it set. There are several ways you can do this .. for example with sqlite do a SELECT that checks for %k. Another possibility is a checkpassword script. The secondary passdb would then be the OTP. > - I already looked into the sourcecode of Dovecot. Seems like all the > authentication routines were built as pluggable modules. Is there any > documentation out there on how how to built my own auth-module. > Integrating the OTP-auth directly into Dovecot would be a lot > easier (for me) than creating a PAM-module, so I would prefer that. > If there was interest from other people I would add some configuration > options to Dovecot (for example the location of the OTP-token list). > Otherwise I would just hardcode everything into the source. See how the auth process already can build an ldap plugin. For outside sources you can build auth plugins the same way as any other plugins. http://dovecot.org/patches/ has many such example plugins. Or see how Pigeonhole does it with autotools. From tss at iki.fi Wed Mar 20 19:39:49 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:39:49 +0200 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: <20130311140034.GA513329@zedat.fu-berlin.de> References: <20130311140034.GA513329@zedat.fu-berlin.de> Message-ID: <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> On 11.3.2013, at 16.00, Heiko Schlichting wrote: > using dovecot 2.2rc2 I got core dumps during IMAP subscription change if > the CONTROL directory (specified in mail_location) does not exists. > > userdb_mail: mbox:~/Test:INBOX=~/Test/heiko:INDEX=~/.imap/index:CONTROL=~/.imap/control > > If ~/.imap/control does not exists, dovecot crashes. See below for log msg, > full backtrace and configuration. I can't reproduce this with latest hg, so I think it's fixed? From tss at iki.fi Wed Mar 20 19:46:34 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:46:34 +0200 Subject: [Dovecot] dsync migration questions In-Reply-To: References: Message-ID: <95D57F11-34D6-4843-BD10-8488B85DA1B7@iki.fi> On 14.3.2013, at 21.07, Michael Smith (DF) wrote: > dsync -D -v -R -u anakin at domain.com backup mbox:/mnt/mail/mail_spool/.migrate/ .. > dsync(anakin): Error: Trying to open a non-listed mailbox with guid=814b6332541c425169490000a72406a4 > dsync(anakin): Error: msg iteration failed: Couldn't open mailbox 814b6332541c425169490000a72406a4 > dsync(anakin): Error: Trying to open a non-listed mailbox with guid=814b6332541c425169490000a72406a4 > > Nothing was migrated. In some other combinations, trying to reproduce them again, it does migrate the old mail, but first destroys the existing mail in the new mailbox. Use doveadm sync (= dsync mirror) instead of backup. > Our goal is to cut mail delivery over to the new dovecot system (which will result in existing emails before migration), and then migrate the old mail *while* maintaining message UIDs. This is the easiest way to ensure no "lost" email with the migration. > > What are we doing wrong, and how do we achieve our goals? Looks like a dsync bug. v2.2 has much better dsync with clearer errors. From tss at iki.fi Wed Mar 20 19:51:35 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:51:35 +0200 Subject: [Dovecot] v2.2 dsync In-Reply-To: <20130314100529.GA18113@uran.iai.uni-bonn.de> References: <20130226154031.GH6073@uran.iai.uni-bonn.de> <1361968244.27458.30.camel@hurina> <20130227132749.GC28069@uran.iai.uni-bonn.de> <20130314100529.GA18113@uran.iai.uni-bonn.de> Message-ID: <265F0ADB-759E-4ACA-BDD3-C570D090F247@iki.fi> On 14.3.2013, at 12.05, Walter Steiner wrote: >>>> #0 0x00000000004578cc in dsync_ibc_send_mail_request (ibc=0x4a9f20, request=0x5441c0) at dsync-ibc.c:38 >>>> 38 return ibc->v.is_send_queue_full(ibc) ? If it crashes there, is_send_queue_full must be NULL or some other invalid pointer, but.. >> is_send_queue_full = 0x45c855 , It's not. So gdb is probably showing wrong place for the crash (the alternative would be some kind of a compiler bug). > is there a chance that the crash I have reported two weeks ago can be > fixed? Or any thoughts about what triggers it / what I better try to > avoid / I do wrong? Any help is appreciated! Try compiling Dovecot without any optimization flags (e.g.: CFLAGS=-g ./configure) Or if you're using Sun CC, try with GCC. With those hopefully you'll get a crash in a different location that can be fixed? (Anyway, dsync v2.2 + imapc is something I haven't tested much yet. But I think it should work at least in theory..) From tss at iki.fi Wed Mar 20 19:54:28 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:54:28 +0200 Subject: [Dovecot] shared folders and "subscriptions = yes" In-Reply-To: <20130315182906.206a8ce9@achilles.local.net> References: <20130315182906.206a8ce9@achilles.local.net> Message-ID: On 15.3.2013, at 19.29, Lars Uhlmann wrote: > To have all IMAP-Users automatically updated their shared folder > structure I use "subscriptions = yes". > This works with the side effect, that all IMAP-Users can see _all_ > folders in every namespace even if they do not have "lookup" access. > This is of course not wanted. > > Is it possible to have dovecot check the ACL file in the root of a > namespace before it parses the subscrptions file? I guess it could be checking ACLs for subscriptions when they're coming from a public namespace with subscriptions=yes. See if you can implement it. :) From tss at iki.fi Wed Mar 20 19:58:33 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 19:58:33 +0200 Subject: [Dovecot] Zlib plugin: Compress emails for one folder only In-Reply-To: <20130316124341.GA21854@london.s2end.co.uk> References: <20130316124341.GA21854@london.s2end.co.uk> Message-ID: On 16.3.2013, at 14.43, Andre Rodier wrote: > Hello everyone, > > Is it possible to configure the zlib plugin to compress the emails in one folder only? > > I would like to compress the emails when they are stored in my 'Archives' folders and sub folders. Nope. With hardcoding it would be a simple one line of code addition. Some day in future there will be namespace-specific settings. Then you could create Archive namespace and enable zlib compression only for that namespace. From tss at iki.fi Wed Mar 20 20:00:44 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:00:44 +0200 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: References: Message-ID: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> On 4.3.2013, at 8.50, Larry Rosenman wrote: > I've just started using Dovecot, and can't seem to get the LDA to work. > > I get the following error: > Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > Initialization failed: namespace configuration error: Duplicate namespace > prefix: "" Something's broken. It's complaining about duplicate namespace { prefix= } but your config has only one such namespace. My guess is that it's related to the snarf plugin. Does it work without it? Also you could see if LMTP works instead of LDA. From larryrtx at gmail.com Wed Mar 20 20:02:50 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 20 Mar 2013 13:02:50 -0500 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> Message-ID: I really need the snarf plugin to work, also, I don't think LMTP will let me redirect to files using the Exim Filters. What can you tell me to help debug this? On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: > On 4.3.2013, at 8.50, Larry Rosenman wrote: > > > I've just started using Dovecot, and can't seem to get the LDA to work. > > > > I get the following error: > > Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > > Initialization failed: namespace configuration error: Duplicate namespace > > prefix: "" > > Something's broken. It's complaining about duplicate namespace { prefix= } > but your config has only one such namespace. My guess is that it's related > to the snarf plugin. Does it work without it? Also you could see if LMTP > works instead of LDA. > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From tss at iki.fi Wed Mar 20 20:04:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:04:23 +0200 Subject: [Dovecot] Override quota settings with LDAP In-Reply-To: <5149B8E3.7040402@googlemail.com> References: <5149B8E3.7040402@googlemail.com> Message-ID: On 20.3.2013, at 15.25, Hanno Hirschberger wrote: > Mar 20 13:37:04 lmtp(2494, username): Warning: quota: Namespace '' is not Maildir, skipping for Maildir++ quota > > Mar 20 13:37:04 lmtp(2494, username): Error: opendir(/var/empty/.imap) failed: No such file or directory > > ... which is only logical, because there's no maildir for that user. I want to get rid of these error messages and like to ask you if there's a way to override the "quota = maildir:User quota" setting in my Dovecot configuration for the 3 /var/mail users. For example with an extra LDAP field? > > Sadly I don't really know how to realize this. Or is there any other / better way? Yes, you can override either mail_plugins setting or (probably better) the "quota" setting. If the LDAP value doesn't exist the default is used, if it's empty it overrides the default with an empty setting. From tss at iki.fi Wed Mar 20 20:05:27 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:05:27 +0200 Subject: [Dovecot] dovecot: auth-worker: order of authentication types In-Reply-To: <5149CAC6.9050508@cryptix.de> References: <514895B7.8040606@cryptix.de> <5149CAC6.9050508@cryptix.de> Message-ID: <6079C87A-171A-44C3-BFBB-4AAE86D3BA3C@iki.fi> On 20.3.2013, at 16.42, David Obando wrote: > still asking how to set up dovecot authentication so > *users that authenticate with only their username (i.e. system users) > always and only use PAM authentication > *users that authenticate with their e-mail-address always and only use > SQL authentication You can't. Just make it do the SQL auth first and system auth second. From tss at iki.fi Wed Mar 20 20:06:04 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:06:04 +0200 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> Message-ID: <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> Test first if it's because of the snarf plugin? I'm not sure that it is. On 20.3.2013, at 20.02, Larry Rosenman wrote: > I really need the snarf plugin to work, also, I don't think LMTP will let > me redirect to files using the Exim Filters. > > What can you tell me to help debug this? > > > > > On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: > >> On 4.3.2013, at 8.50, Larry Rosenman wrote: >> >>> I've just started using Dovecot, and can't seem to get the LDA to work. >>> >>> I get the following error: >>> Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: >>> Initialization failed: namespace configuration error: Duplicate namespace >>> prefix: "" >> >> Something's broken. It's complaining about duplicate namespace { prefix= } >> but your config has only one such namespace. My guess is that it's related >> to the snarf plugin. Does it work without it? Also you could see if LMTP >> works instead of LDA. >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From larryrtx at gmail.com Wed Mar 20 20:18:22 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 20 Mar 2013 13:18:22 -0500 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> Message-ID: The issue is this is my production box, and I've gotten around this by NOT using the LDA, and just having Exim writing the mbox files. Is there any easy way to test just the LDA? Or trace this? On Wed, Mar 20, 2013 at 1:06 PM, Timo Sirainen wrote: > Test first if it's because of the snarf plugin? I'm not sure that it is. > > On 20.3.2013, at 20.02, Larry Rosenman wrote: > > > I really need the snarf plugin to work, also, I don't think LMTP will let > > me redirect to files using the Exim Filters. > > > > What can you tell me to help debug this? > > > > > > > > > > On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: > > > >> On 4.3.2013, at 8.50, Larry Rosenman wrote: > >> > >>> I've just started using Dovecot, and can't seem to get the LDA to work. > >>> > >>> I get the following error: > >>> Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > >>> Initialization failed: namespace configuration error: Duplicate > namespace > >>> prefix: "" > >> > >> Something's broken. It's complaining about duplicate namespace { > prefix= } > >> but your config has only one such namespace. My guess is that it's > related > >> to the snarf plugin. Does it work without it? Also you could see if LMTP > >> works instead of LDA. > >> > >> > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From tss at iki.fi Wed Mar 20 20:26:03 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:26:03 +0200 Subject: [Dovecot] v2.2 dsync In-Reply-To: <265F0ADB-759E-4ACA-BDD3-C570D090F247@iki.fi> References: <20130226154031.GH6073@uran.iai.uni-bonn.de> <1361968244.27458.30.camel@hurina> <20130227132749.GC28069@uran.iai.uni-bonn.de> <20130314100529.GA18113@uran.iai.uni-bonn.de> <265F0ADB-759E-4ACA-BDD3-C570D090F247@iki.fi> Message-ID: <98F7A42B-A5E9-46A8-BE58-B5AB1ADBCC85@iki.fi> On 20.3.2013, at 19.51, Timo Sirainen wrote: > On 14.3.2013, at 12.05, Walter Steiner wrote: > >>>>> #0 0x00000000004578cc in dsync_ibc_send_mail_request (ibc=0x4a9f20, request=0x5441c0) at dsync-ibc.c:38 >>>>> 38 return ibc->v.is_send_queue_full(ibc) ? > > If it crashes there, is_send_queue_full must be NULL or some other invalid pointer, but.. Oh, the function is correct but the line number is wrong. This fixes the crash: http://hg.dovecot.org/dovecot-2.2/rev/19ce7403114f But I see there are other problems .. I'll continue debugging them. From dovecot-l at fu-berlin.de Wed Mar 20 20:26:58 2013 From: dovecot-l at fu-berlin.de (Heiko Schlichting) Date: Wed, 20 Mar 2013 19:26:58 +0100 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> References: <20130311140034.GA513329@zedat.fu-berlin.de> <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> Message-ID: <20130320182658.GA885035@zedat.fu-berlin.de> Timo Sirainen wrote: > On 11.3.2013, at 16.00, Heiko Schlichting wrote: > > > using dovecot 2.2rc2 I got core dumps during IMAP subscription change if > > the CONTROL directory (specified in mail_location) does not exists. > > > > userdb_mail: mbox:~/Test:INBOX=~/Test/heiko:INDEX=~/.imap/index:CONTROL=~/.imap/control > > > > If ~/.imap/control does not exists, dovecot crashes. See below for log msg, > > full backtrace and configuration. > > I can't reproduce this with latest hg, so I think it's fixed? Latest hg is not so easy as you commit every few minutes. Testing with one hour old changeset 16065 ab434891f2af failed during compilation: gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -DMODULE_DIR=\""/home/dovecot/server/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT fs-test.o -MD -MP -MF .deps/fs-test.Tpo -c -o fs-test.o fs-test.c fs-test.c:7:26: error: iostream-ssl.h: No such file or directory fs-test.c:12: error: variable 'ssl_set' has initializer but incomplete type fs-test.c:13: error: unknown field 'ca_dir' specified in initializer fs-test.c:14: warning: excess elements in struct initializer fs-test.c:14: warning: (near initialization for 'ssl_set') make[3]: *** [fs-test.o] Error 1 So I reverted changeset 16040 70dd78cd89ab and run into the next problem: make[4]: Entering directory `/home/dovecot/src/dovecot/src/replication/replicator' make[4]: *** No rule to make target `doveadm-connection.c', needed by `doveadm-connection.o'. Stop. Maybe I should wait until tomorrow and check when your are finished with your currect coding activities. Heiko Heiko Schlichting Freie Universit?t Berlin heiko.schlichting at fu-berlin.de Zentraleinrichtung f?r Datenverarbeitung Telefon +49 30 838-54327 Fabeckstra?e 32 Telefax +49 30 838454327 14195 Berlin From tss at iki.fi Wed Mar 20 20:30:49 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 20:30:49 +0200 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: <20130320182658.GA885035@zedat.fu-berlin.de> References: <20130311140034.GA513329@zedat.fu-berlin.de> <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> <20130320182658.GA885035@zedat.fu-berlin.de> Message-ID: <88C64F76-C9A7-44F2-AEB6-064CCFA82776@iki.fi> On 20.3.2013, at 20.26, Heiko Schlichting wrote: > Testing with one hour old changeset 16065 ab434891f2af failed during > compilation: > > gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -DMODULE_DIR=\""/home/dovecot/server/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT fs-test.o -MD -MP -MF .deps/fs-test.Tpo -c -o fs-test.o fs-test.c > fs-test.c:7:26: error: iostream-ssl.h: No such file or directory The Makefile is out of date. You need to run autogen.sh and configure again. Or use configure --enable-maintainer-mode so you don't have to remember to do that. From larryrtx at gmail.com Wed Mar 20 20:41:04 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 20 Mar 2013 13:41:04 -0500 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> Message-ID: Also, I *CAN* give SSH access to the box if you need/want it. On Wed, Mar 20, 2013 at 1:18 PM, Larry Rosenman wrote: > The issue is this is my production box, and I've gotten around this by NOT > using the LDA, and just having Exim writing the mbox files. > > Is there any easy way to test just the LDA? Or trace this? > > > > On Wed, Mar 20, 2013 at 1:06 PM, Timo Sirainen wrote: > >> Test first if it's because of the snarf plugin? I'm not sure that it is. >> >> On 20.3.2013, at 20.02, Larry Rosenman wrote: >> >> > I really need the snarf plugin to work, also, I don't think LMTP will >> let >> > me redirect to files using the Exim Filters. >> > >> > What can you tell me to help debug this? >> > >> > >> > >> > >> > On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: >> > >> >> On 4.3.2013, at 8.50, Larry Rosenman wrote: >> >> >> >>> I've just started using Dovecot, and can't seem to get the LDA to >> work. >> >>> >> >>> I get the following error: >> >>> Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: >> >>> Initialization failed: namespace configuration error: Duplicate >> namespace >> >>> prefix: "" >> >> >> >> Something's broken. It's complaining about duplicate namespace { >> prefix= } >> >> but your config has only one such namespace. My guess is that it's >> related >> >> to the snarf plugin. Does it work without it? Also you could see if >> LMTP >> >> works instead of LDA. >> >> >> >> >> > >> > >> > -- >> > Larry Rosenman http://www.lerctr.org/~ler >> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com >> > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 >> >> > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From dovecot-l at fu-berlin.de Wed Mar 20 20:42:49 2013 From: dovecot-l at fu-berlin.de (Heiko Schlichting) Date: Wed, 20 Mar 2013 19:42:49 +0100 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: <88C64F76-C9A7-44F2-AEB6-064CCFA82776@iki.fi> References: <20130311140034.GA513329@zedat.fu-berlin.de> <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> <20130320182658.GA885035@zedat.fu-berlin.de> <88C64F76-C9A7-44F2-AEB6-064CCFA82776@iki.fi> Message-ID: <20130320184249.GB885035@zedat.fu-berlin.de> > On 20.3.2013, at 20.26, Heiko Schlichting wrote: > > > Testing with one hour old changeset 16065 ab434891f2af failed during > > compilation: > > > > gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -DMODULE_DIR=\""/home/dovecot/server/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT fs-test.o -MD -MP -MF .deps/fs-test.Tpo -c -o fs-test.o fs-test.c > > fs-test.c:7:26: error: iostream-ssl.h: No such file or directory > > The Makefile is out of date. You need to run autogen.sh and configure again. Or use configure --enable-maintainer-mode so you don't have to remember to do that. Yes, sorry. But it still crashes if I subscribe and the CONTROL=... directory does not exists: Mar 20 19:38:58 13:island dovecot: imap(heiko): Error: Raw backtrace: /home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x6131a) [0x7f011db8d31a] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(+0x61366) [0x7f011db8d366] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(i_error+0) [0x7f011db4e1df] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_try_mkdir_root+0x573) [0x7f011de68fc3] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_mkdir_root+0x12) [0x7f011de69012] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(subsfile_set_subscribed+0x346) [0x7f011de7b486] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(mailbox_list_set_subscribed+0x1b) [0x7f011de6633b] -> /home/dovecot/server/lib/dovecot/libdovecot-storage.so.0(index_storage_set_subscribed+0x48) [0x7f011de8a9f8] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE](cmd_subscribe_full+0xd8) [0x412a18] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE](command_exec+0x3d) [0x41609d] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE]() [0x4151f0] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE]() [0x4152dd] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE](client_handle_input+0x11d) [0x41555d] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE](client_input+0x6f) [0x4158df] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f011db9c076] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xaf) [0x7f011db9d0ef] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f011db9c018] -> /home/dovecot/server/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f011db52ea3] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE](main+0x2a7) [0x41eb57] -> /lib/libc.so.6(__libc_start_main+0xfd) [0x7f011d7e8c8d] -> dovecot/imap [heiko 130.133.5.5 SUBSCRIBE]() [0x40b5c9] After creating the CONTROL=... directory manually with mkdir it works without problems. Heiko Heiko Schlichting Freie Universit?t Berlin heiko.schlichting at fu-berlin.de Zentraleinrichtung f?r Datenverarbeitung Telefon +49 30 838-54327 Fabeckstra?e 32 Telefax +49 30 838454327 14195 Berlin From tss at iki.fi Wed Mar 20 21:05:26 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 21:05:26 +0200 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: <20130320184249.GB885035@zedat.fu-berlin.de> References: <20130311140034.GA513329@zedat.fu-berlin.de> <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> <20130320182658.GA885035@zedat.fu-berlin.de> <88C64F76-C9A7-44F2-AEB6-064CCFA82776@iki.fi> <20130320184249.GB885035@zedat.fu-berlin.de> Message-ID: On 20.3.2013, at 20.42, Heiko Schlichting wrote: >> On 20.3.2013, at 20.26, Heiko Schlichting wrote: >> >>> Testing with one hour old changeset 16065 ab434891f2af failed during >>> compilation: >>> >>> gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -DMODULE_DIR=\""/home/dovecot/server/lib/dovecot"\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT fs-test.o -MD -MP -MF .deps/fs-test.Tpo -c -o fs-test.o fs-test.c >>> fs-test.c:7:26: error: iostream-ssl.h: No such file or directory >> >> The Makefile is out of date. You need to run autogen.sh and configure again. Or use configure --enable-maintainer-mode so you don't have to remember to do that. > > Yes, sorry. > > But it still crashes if I subscribe and the CONTROL=... directory does not exists: Not sure why I couldn't reproduce it earlier, but I could now. These fix it: http://hg.dovecot.org/dovecot-2.2/rev/f39c649057ea http://hg.dovecot.org/dovecot-2.2/rev/9a913c803608 From tss at iki.fi Wed Mar 20 21:34:11 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 21:34:11 +0200 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> Message-ID: <1363808051.13923.9.camel@innu> Looks like I can reproduce this with v2.1.15, but it works with v2.2. Probably too much trouble to debug&fix it for v2.1. So I suggest v2.2. (I'll release v2.2.rc3 probably today.) On Wed, 2013-03-20 at 13:41 -0500, Larry Rosenman wrote: > Also, I *CAN* give SSH access to the box if you need/want it. > > > > On Wed, Mar 20, 2013 at 1:18 PM, Larry Rosenman wrote: > > > The issue is this is my production box, and I've gotten around this by NOT > > using the LDA, and just having Exim writing the mbox files. > > > > Is there any easy way to test just the LDA? Or trace this? > > > > > > > > On Wed, Mar 20, 2013 at 1:06 PM, Timo Sirainen wrote: > > > >> Test first if it's because of the snarf plugin? I'm not sure that it is. > >> > >> On 20.3.2013, at 20.02, Larry Rosenman wrote: > >> > >> > I really need the snarf plugin to work, also, I don't think LMTP will > >> let > >> > me redirect to files using the Exim Filters. > >> > > >> > What can you tell me to help debug this? > >> > > >> > > >> > > >> > > >> > On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: > >> > > >> >> On 4.3.2013, at 8.50, Larry Rosenman wrote: > >> >> > >> >>> I've just started using Dovecot, and can't seem to get the LDA to > >> work. > >> >>> > >> >>> I get the following error: > >> >>> Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > >> >>> Initialization failed: namespace configuration error: Duplicate > >> namespace > >> >>> prefix: "" > >> >> > >> >> Something's broken. It's complaining about duplicate namespace { > >> prefix= } > >> >> but your config has only one such namespace. My guess is that it's > >> related > >> >> to the snarf plugin. Does it work without it? Also you could see if > >> LMTP > >> >> works instead of LDA. > >> >> > >> >> > >> > > >> > > >> > -- > >> > Larry Rosenman http://www.lerctr.org/~ler > >> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > >> > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > >> > >> > > > > > > -- > > Larry Rosenman http://www.lerctr.org/~ler > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > > > > > From larryrtx at gmail.com Wed Mar 20 21:53:06 2013 From: larryrtx at gmail.com (Larry Rosenman) Date: Wed, 20 Mar 2013 14:53:06 -0500 Subject: [Dovecot] lda: duplicate prefix? In-Reply-To: <1363808051.13923.9.camel@innu> References: <28755E7A-F711-4282-A627-7CB0D10955DC@iki.fi> <374FC8DC-B861-48C7-AE44-E2CB63EC76CD@iki.fi> <1363808051.13923.9.camel@innu> Message-ID: Ok. I'll wait for 2.2 to hit the FreeBSD ports tree. Thanks! On Wed, Mar 20, 2013 at 2:34 PM, Timo Sirainen wrote: > Looks like I can reproduce this with v2.1.15, but it works with v2.2. > Probably too much trouble to debug&fix it for v2.1. So I suggest v2.2. > (I'll release v2.2.rc3 probably today.) > > On Wed, 2013-03-20 at 13:41 -0500, Larry Rosenman wrote: > > Also, I *CAN* give SSH access to the box if you need/want it. > > > > > > > > On Wed, Mar 20, 2013 at 1:18 PM, Larry Rosenman > wrote: > > > > > The issue is this is my production box, and I've gotten around this by > NOT > > > using the LDA, and just having Exim writing the mbox files. > > > > > > Is there any easy way to test just the LDA? Or trace this? > > > > > > > > > > > > On Wed, Mar 20, 2013 at 1:06 PM, Timo Sirainen wrote: > > > > > >> Test first if it's because of the snarf plugin? I'm not sure that it > is. > > >> > > >> On 20.3.2013, at 20.02, Larry Rosenman wrote: > > >> > > >> > I really need the snarf plugin to work, also, I don't think LMTP > will > > >> let > > >> > me redirect to files using the Exim Filters. > > >> > > > >> > What can you tell me to help debug this? > > >> > > > >> > > > >> > > > >> > > > >> > On Wed, Mar 20, 2013 at 1:00 PM, Timo Sirainen wrote: > > >> > > > >> >> On 4.3.2013, at 8.50, Larry Rosenman wrote: > > >> >> > > >> >>> I've just started using Dovecot, and can't seem to get the LDA to > > >> work. > > >> >>> > > >> >>> I get the following error: > > >> >>> Mar 4 00:47:19 thebighonker dovecot: lda(ler): Error: user ler: > > >> >>> Initialization failed: namespace configuration error: Duplicate > > >> namespace > > >> >>> prefix: "" > > >> >> > > >> >> Something's broken. It's complaining about duplicate namespace { > > >> prefix= } > > >> >> but your config has only one such namespace. My guess is that it's > > >> related > > >> >> to the snarf plugin. Does it work without it? Also you could see if > > >> LMTP > > >> >> works instead of LDA. > > >> >> > > >> >> > > >> > > > >> > > > >> > -- > > >> > Larry Rosenman http://www.lerctr.org/~ler > > >> > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > >> > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > > >> > > >> > > > > > > > > > -- > > > Larry Rosenman http://www.lerctr.org/~ler > > > Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com > > > US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 > > > > > > > > > > > > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx at gmail.com US Mail: 430 Valona Loop, Round Rock, TX 78681-3893 From tss at iki.fi Wed Mar 20 22:08:24 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 20 Mar 2013 22:08:24 +0200 Subject: [Dovecot] v2.2.rc3 released Message-ID: <1363810104.13923.15.camel@innu> http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc3.tar.gz http://dovecot.org/releases/2.2/rc/dovecot-2.2.rc3.tar.gz.sig As mentioned in http://dovecot.org/list/dovecot/2013-March/089044.html there are some new rather large features. Also various mostly rather small bugfixes. + dsync: Support syncing ACLs (and Sieve scripts with Pigeonhole) + ldap: Support subqueries and value pointers, see http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb + postmaster_address setting: Expand %d to recipient's domain - Fixed a crash when decoding quoted-printable content. - dsync: Various bugfixes From dovecot at r.paypc.com Wed Mar 20 23:11:46 2013 From: dovecot at r.paypc.com (Robin) Date: Wed, 20 Mar 2013 14:11:46 -0700 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> Message-ID: <514A2612.40708@r.paypc.com> On 3/20/2013 6:35 AM, DormitionSkete at hotmail.com wrote: > Well, like I said, we have real slow upload speeds. I think POP3 would give a better user experience. About the only connectivity situation where POP3 might make for a better "user experience" is one of intermittent bursty sort that's prone to reliability issues. IMAP provides for header-only enumations as well as partial body fetches on demand, as opposed to "all or nothing" POP3 access. With a suitable modern caching client, it will not re-download emails already viewed. I've never used any of the devices you mentioned, so I can't speak to how their mail clients are implemented. > We're using sendmail. I assume this is done in sendmail, not Dovecot? No, sendmail is a Mail Transport Agent (MTA), which is akin to the Postal Service. All it does is convey emails from one endpoint to another as reliably as possible. What is done with the mail once it's at that endpoint is left to the "consumer" of the mail, in this case, the Mail User Agent (MUA). It can be automatically processed/filed like via procmail or LMTP, or managed via the client through POP3 or IMAP4. Your main concern sounds like performance from users who connect from outside of your enterprise network, which may happen even when your mobile devices are on site, due to the way they obtain their connectivity? Timo's replication idea is sensible to address that problem. Good luck! =R= From dovecot-l at fu-berlin.de Thu Mar 21 00:15:34 2013 From: dovecot-l at fu-berlin.de (Heiko Schlichting) Date: Wed, 20 Mar 2013 23:15:34 +0100 Subject: [Dovecot] 2.2rc2 core dump In-Reply-To: References: <20130311140034.GA513329@zedat.fu-berlin.de> <4848F466-7257-4530-9A7C-D7484AC78AFD@iki.fi> <20130320182658.GA885035@zedat.fu-berlin.de> <88C64F76-C9A7-44F2-AEB6-064CCFA82776@iki.fi> <20130320184249.GB885035@zedat.fu-berlin.de> Message-ID: <20130320221534.GB61128@zedat.fu-berlin.de> > > But it still crashes if I subscribe and the CONTROL=... directory does not exists: > > Not sure why I couldn't reproduce it earlier, but I could now. These fix it: > > http://hg.dovecot.org/dovecot-2.2/rev/f39c649057ea > http://hg.dovecot.org/dovecot-2.2/rev/9a913c803608 Thanks. I can confirm that it is fixed in v2.2.rc3. Heiko Heiko Schlichting Freie Universit?t Berlin heiko.schlichting at fu-berlin.de Zentraleinrichtung f?r Datenverarbeitung Telefon +49 30 838-54327 Fabeckstra?e 32 Telefax +49 30 838454327 14195 Berlin From dormitionskete at hotmail.com Thu Mar 21 01:40:46 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Wed, 20 Mar 2013 17:40:46 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <1363791544.10326.251.camel@innu> References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> <1363791544.10326.251.camel@innu> Message-ID: On Mar 20, 2013, at 8:59 AM, Timo Sirainen wrote: > On Wed, 2013-03-20 at 08:15 -0600, DormitionSkete at hotmail.com wrote: > >> My experience with IMAP over the internet with a couple of servers outside our monastery (while I was in it, and we have considerably better download speeds than upload) has always been that IMAP has always been incredibly slow. So, I've always just allowed users to connect to the IMAP server via webmail. It's slow, but usable. > > Another idea: Get some cheap server from outside, use dsync replication > to keep it synced with your internal one, and set up DNS so that users > get directed to the fastest server. http://wiki2.dovecot.org/Replication > > I LIKE this idea, but I have a few questions about it to see if it would be appropriate for our situation. There are a few other things to consider that I didn't mention before because they did not seem relevant earlier. First off, I'd just like to say that we have a web server set up at a location outside of our monastery that hosts all of our websites. I'm currently in the process of building new servers to replace both it and our current email server. So, assuming this is both plausible for our situation, and within my capabilities, I should be able to work on this at my leisure, and get the initial sync of our emails done while on the same LAN. So, the additional info and questions are the following: 1.) Our download speeds are decent enough, but in addition to having poor upload speeds, we also have very strict limits on how much we are able to download. And we use almost every bit of it every day. We cannot get more, either. We have unlimited downloads for four hours at night, however. 2.) We have very large message archives. We basically have 95% of the emails we've received for the past 16 years. So, the sync *must* only update items that have been changed. Is this how it it would work? 3.) We are currently using uw-imap with mbox. If we switch to Dovecot, using Maildir format, will the sync only update the new messages and the header files for any folders that have been changed? 4.) I thought I read somewhere in Dovecot's documentation last night that it has a 50 mb limit on folders. It can't write anything larger than that. Does this sound familiar? (Now I can't find it!) If so, is that for mbox? We currently have some mbox folders whose files are significantly larger than that. If we convert to Maildir format, where the individual messages are in their own files, could a folder contain messages totaling more than 50 MB using Dovecot? 4a. -- Oops. I just noticed this: "NOTE2: sdbox/mdbox mailbox formats are recommended for replication. Maildir still has some issues (although probably not noticeable in normal use)." Should I consider this a show-stopper for syncing like this? 5.) In the http://wiki2.dovecot.org/Replication page, would this be continuously synced each time a user sends, receives, deletes, or moves messages, etc.? Or would it be periodically synced? 6.) Also, that page does not make it clear if one server is like the "master" and the other the "slave". Do I do the same changes to both servers? If, given the above additional information, it would not be an appropriate solution for us, this suggestion about syncing the two servers gave me another idea. I was thinking, "Well, I wonder if I could just sync the Inboxes? We don't really need the folders synced. In the highly unlikely event a person would ever need something from one of his folders, he could always just log into the (slow) monastery server through web mail and get it that way." (When we are on the road, we are generally working real hard, and we don't answer any more emails or do any other computer work than we absolutely have to.) So, that led me to the idea to simply set up some message rules in procmail in our (slow) monastery server to copy any incoming messages to the server offsite in addition to delivering them locally. For the most part, that would be sufficient for us -- and considerably easier. The only downsides to this are that when we reply to messages, they would not be marked as having been replied to, and we wouldn't have copies of our replies on our main server. The not being marked as replied to is not a big deal. I know we could manually copy any sent messages from one server to the other when we returned to the monastery, if we really wanted to, but does anyone know of a better way to do it? On Mar 20, 2013, at 3:11 PM, Robin wrote: > Your main concern sounds like performance from users who connect from outside of your enterprise network, which may happen even when your mobile devices are on site, due to the way they obtain their connectivity? We are located deep in the Colorado Rocky Mountains. There are only a few places a person can stand in our monastery and get cell phone reception, so I don' think that is really an issue for us. I'd greatly appreciate any advice or information about this. Both of these servers we're replacing are quite old. One is 10 1/2 years old... As I'm building the new ones, I'm trying to make things better. Email is one of the areas I think we should be able to make big improvements on. So, any help will be greatly appreciated! From ben at morrow.me.uk Thu Mar 21 03:01:53 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Thu, 21 Mar 2013 01:01:53 +0000 Subject: [Dovecot] ulimit -n in start-script In-Reply-To: <5149A794.5000307@wk-serv.de> References: <514983DC.8070806@heinlein-support.de> <5149A794.5000307@wk-serv.de> Message-ID: <20130321010152.GC2351@anubis.morrow.me.uk> At 1PM +0100 on 20/03/13 you (Patrick Westenberg) wrote: > Peer Heinlein schrieb: > > > Even on midrange-systems it's necessary to set "ulimit -n" to a higher > > value then the system default of 1024. > > Could this lead to this problem? > > Error: > file_dotlock_create(/var/mail/example.com/john.doe/Maildir/.Sent/dovecot-uidlist) > failed: No space left on device Not on most systems. Reaching a ulimit -n limit usually causes open(2) to fail with EMFILE (Too many open files) rather than ENOSPC (No space left on device). ENOSPC is only supposed to be returned if the filesystem has either run out of space altogether, or has run out of inodes. (Incidentally, going over quota on a filesystem also has its own errno, EDQUOT (Quota exceeded).) However, check your system documentation, because some systems do strange things. Ben From stephan at rename-it.nl Thu Mar 21 09:39:30 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Thu, 21 Mar 2013 08:39:30 +0100 Subject: [Dovecot] sieve-filter ignoring separator In-Reply-To: References: Message-ID: <514AB932.7060808@rename-it.nl> On 3/4/2013 9:21 PM, Isak Rubin wrote: > It seems like running sieve-filter from the console ignores the separator > setting, thus not letting me filter into folder names containing dots. > > Normal delivery using lda handles it just fine, but not when using the > sieve-filter command. > > Character not allowed in mailbox name: '.' > > Is there anyway to override this or is patching and recompiling the source > my only option? > > # dovecot --version > 2.1.9 This Dovecot is very old, so is probably your Pigeonhole version. Recent versions should work fine in this regard. Regards, Stephan. From marcin at mejor.pl Thu Mar 21 11:41:41 2013 From: marcin at mejor.pl (=?UTF-8?B?TWFyY2luIE1pcm9zxYJhdw==?=) Date: Thu, 21 Mar 2013 10:41:41 +0100 Subject: [Dovecot] [dovecot-2.1.15] mdbox corruption, doveadm force-resync can't repair it (throws segfault) In-Reply-To: <31E4195B-E490-47FE-94EC-EDFADDD3A8E9@iki.fi> References: <51387E12.5050100@mejor.pl> <51388444.2090900@mejor.pl> <31E4195B-E490-47FE-94EC-EDFADDD3A8E9@iki.fi> Message-ID: <514AD5D5.5040305@mejor.pl> W dniu 20.03.2013 18:20, Timo Sirainen pisze: > On 7.3.2013, at 14.12, Marcin Miros?aw wrote: > >> Here is backtrace from doveadm force-resync: >> >> #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, >> rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at >> mdbox-storage-rebuild.c:433 >> 433 map_uid = rec->map_uid; > > Yeah, I fixed this immediately after 2.1.15: http://hg.dovecot.org/dovecot-2.1/rev/2def25f07ca6 > > I guess it's soon time for 2.1.16. Hi! I've aplied patch and force-resync finished work without problem.Thanks! I asked one more question: `doveadm force-resync -A "*"` doesn't do resync inside namespace. Is it feature or bug? Thanks. Marcin From amateo at um.es Thu Mar 21 12:30:16 2013 From: amateo at um.es (Angel L. Mateo) Date: Thu, 21 Mar 2013 11:30:16 +0100 Subject: [Dovecot] director's imap/pop3 login timeout Message-ID: <514AE138.3030602@um.es> Hello, We have two (load balanced) director servers in front of 4 dovecot backend servers. Yesterday we had a problem at backend servers for some users (our SSO was down, so IMAP users couldn't authenticate) and this triggered a problem in director servers where almost nobody could open a new session. In our director's logs I could see errors like this: Mar 20 20:52:47 myotis41 dovecot: imap-login: proxy(): Login failed to 155.54.211.162:143: [UNAVAILABLE] Temporary authentication failure. [myotis32:2013-03-20 19:52:47] So, it seems it was trying to authenticate for 1 hour, after that it timed out the login. But this timeout is too long. Is this a director timeout? Or a backend timeout? How can I reduce it? -- Angel L. Mateo Mart?nez Secci?n de Telem?tica ?rea de Tecnolog?as de la Informaci?n y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 868888337 -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.19um1 x86_64 Ubuntu 12.04.2 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_verbose = yes default_process_limit = 1024 disable_plaintext_auth = no log_timestamp = %Y-%m-%d %H:%M:%S login_trusted_networks = 155.54.211.176/28 mail_access_groups = vmail mail_gid = vmail mail_location = maildir:~/Maildir:INDEX=/var/indexes/%2Ln/%Ln mail_plugins = quota zlib lazy_expunge acl mail_privileged_group = mail maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_size = 20 M namespace { inbox = yes location = prefix = separator = . } namespace { hidden = yes list = no location = maildir:~/Maildir/expunged prefix = BORRADOS. separator = . } namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = session=yes cache_key=%Ln dovecot driver = pam } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=3600 lazy_expunge = BORRADOS. quota = dict:User quota::file:%h/Maildir/dovecot.quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+1G sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 15 zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster at um.es protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0777 } } service doveadm { inet_listener { port = 24245 } } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = } -------------- next part -------------- # 2.1.9: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04.2 LTS auth_cache_size = 20 M auth_cache_ttl = 1 days auth_master_user_separator = * auth_username_format = %Ln auth_verbose = yes default_process_limit = 1024 director_mail_servers = 155.54.211.161-155.54.211.164 director_servers = 155.54.211.185 155.54.211.186 director_username_hash = %Ln disable_plaintext_auth = no doveadm_proxy_port = 24245 lmtp_proxy = yes log_timestamp = %Y-%m-%d %H:%M:%S mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext default_fields = proxy=y nopassword=y proxy_timeout=600 driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_redirects = 15 } protocols = imap pop3 lmtp sieve service anvil { client_limit = 3075 } service auth { client_limit = 4096 unix_listener auth-userdb { mode = 0777 } } service director { fifo_listener login/proxy-notify { mode = 0666 } inet_listener { port = 9090 } unix_listener director-userdb { mode = 0600 } unix_listener login/director { mode = 0666 } } service doveadm { inet_listener { port = 24245 } } service imap-login { client_limit = 2206 executable = imap-login director process_limit = 6 process_min_avail = 6 service_count = 0 } service imap { process_limit = 5120 process_min_avail = 6 vsz_limit = 512 M } service ipc { unix_listener ipc { user = dovecot } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 10 vsz_limit = 512 M } service managesieve-login { executable = managesieve-login director } service pop3-login { client_limit = 833 executable = pop3-login director process_limit = 6 process_min_avail = 6 service_count = 0 } service pop3 { process_min_avail = 6 } ssl = no ssl_cert = } From andre.rodier at gmail.com Thu Mar 21 12:59:05 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Thu, 21 Mar 2013 10:59:05 +0000 Subject: [Dovecot] Zlib plugin: Compress emails for one folder only In-Reply-To: References: <20130316124341.GA21854@london.s2end.co.uk> Message-ID: Thanks Timo, I will see. If I have some time, I may have a look at the source code. Kind regards, Andr?. On 20 March 2013 17:58, Timo Sirainen wrote: > On 16.3.2013, at 14.43, Andre Rodier wrote: > >> Hello everyone, >> >> Is it possible to configure the zlib plugin to compress the emails in one folder only? >> >> I would like to compress the emails when they are stored in my 'Archives' folders and sub folders. > > Nope. With hardcoding it would be a simple one line of code addition. > > Some day in future there will be namespace-specific settings. Then you could create Archive namespace and enable zlib compression only for that namespace. > -- Andr? Rodier From daniel.parthey at informatik.tu-chemnitz.de Thu Mar 21 14:30:58 2013 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Thu, 21 Mar 2013 13:30:58 +0100 Subject: [Dovecot] Dovecot - Sieve script loaded but filtering doesn't works ? In-Reply-To: <818371cc7bd8514608057d935bb61d03@lmaccess.net> References: <818371cc7bd8514608057d935bb61d03@lmaccess.net> Message-ID: <20130321123058.GA20454@daniel.localdomain> Hi Clement, Clement PAULET wrote: > When I use a Sieve script, it is loaded but actions are not respected > Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): sieve: msgid=<20130318093119.7EAAEC063D at nflda02.xx.lan>: stored mail into mailbox 'INBOX' If the mailbox "INBOX.Test" does not exist, the message will be delivered to mailbox "INBOX": http://wiki2.dovecot.org/LDA Try to set the global dovecot configuration directive lda_mailbox_autocreate = yes This will always autocreate folders if they do not exist yet. Alternatively you can use fileinto :create "INBOX.Test"; to autocreate the folder in your Sieve script. Regards Daniel -- https://plus.google.com/103021802792276734820 From david at cryptix.de Thu Mar 21 16:10:22 2013 From: david at cryptix.de (David Obando) Date: Thu, 21 Mar 2013 15:10:22 +0100 Subject: [Dovecot] Postfix/Dovecot/lmtp with virtual and local users Message-ID: <514B14CE.5040409@cryptix.de> Hi all, I'm about to change my Debian mailserver setup from Postfix/dovecot1/procmail to Postfix/dovecot2/sieve with lmtp enabled. After enabling lmtp the virtual users can receive e-mails but not the local users: Mar 21 14:21:40 orange postfix/lmtp[4119]: DE62226216: to=, relay=orange.domain.de[private/dovecot-lmtp], delay=7627, delays=7627/0/0/0.02, dsn=5.1.1, status=bounced (host orange.domain.de[private/dovecot-lmtp] said: 550 5.1.1 User doesn't exist: user at orange.domain.de (in reply to RCPT TO command)) In 10-auth.conf I have the setting "auth_username_format = %Lu". When changing it to "auth_username_format = %n" the local users can be found but not the virtual users anymore. Is there a way to define "if is local then auth_username_format = %n else auth_username_format = %Lu"? Thanks and best regards, David -- The day microsoft makes something that doesn't suck is the day they start making vacuum cleaners. gpg --keyserver pgp.mit.edu --recv-keys 1920BD87 Key fingerprint = 3326 32CE 888B DFF1 DED3 B8D2 105F 29CB 1920 BD87 From anmeyer at anup.de Thu Mar 21 16:55:46 2013 From: anmeyer at anup.de (Andreas Meyer) Date: Thu, 21 Mar 2013 15:55:46 +0100 Subject: [Dovecot] loop when I enable Message-ID: <20130321155546.1a57a4c5@itxnew.bitcorner.intern> Hello! I have a nasty problem with a loop when I enable quota_warning. The mailbox fills up with thousands of email within seconds. This happens only with mbox'es retrieved with POP3. From MAILER-DAEMON Thu Mar 21 13:54:07 2013 From: support at anup.de Subject: Mailbox Quota-Warnung X-UID: 8036 Status: X-Keywords: Content-Length: 41 Ihre Mailbox ist jetzt zu below% belegt. # doveconf -n # 2.1.7: /usr/etc/dovecot/dovecot.conf auth_mechanisms = plain cram-md5 auth_verbose = yes disable_plaintext_auth = no hostname = delta.bitcorner.eu log_path = /var/log/dovecot1 mail_home = /var/spool/vhosts/%d/%n mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave vacation-seconds namespace inbox { inbox = yes location = prefix = } passdb { args = /etc/dovecot/passwd driver = passwd-file } plugin { autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent quota = maildir:User quota quota_rule = *:storage=500MB quota_rule2 = Trash:storage=+10%% sieve = ~/.dovecot.sieve sieve_dir = ~/.sieve sieve_extensions = +vacation-seconds sieve_vacation_default_period = 10d sieve_vacation_max_period = 30d sieve_vacation_min_period = 1h } postmaster_address = postmaster at bitcorner.de protocols = imap pop3 lmtp sieve quota_full_tempfail = yes service auth { unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } } service managesieve-login { inet_listener sieve { port = 4190 } } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { mode = 0666 user = vmail } user = vmail } ssl_cert = References: <818371cc7bd8514608057d935bb61d03@lmaccess.net> <20130321123058.GA20454@daniel.localdomain> Message-ID: <642663854892f54c2765146aa5866db4@lmaccess.net> Hi Daniel, Thanks for your help. In fact my problem was due to my sieve script (missing header search). #Sieve script with missing header settings if address "To" "info at info.xx.com" { fileinto "Test"; } #Sieve script replace with header settings if allof (header :contains "To" "info at info.xx.com") { fileinto "INBOX.Test"; stop; } As a precautionary measure I also add the autocreate directive. I must yet to define a specific folder for the message marked as SPAM (not a simple folder). I believe that is possible directly in dovecot configuration Have a nice day Clement Le 2013-03-21 13:30, Daniel Parthey a ?crit?: > Hi Clement, > > Clement PAULET wrote: >> When I use a Sieve script, it is loaded but actions are not respected >> Mar 18 10:31:19 localhost dovecot: lda(info at info.xx.com): sieve: >> msgid=<20130318093119.7EAAEC063D at nflda02.xx.lan>: stored mail into >> mailbox 'INBOX' > > If the mailbox "INBOX.Test" does not exist, the message > will be delivered to mailbox "INBOX": > http://wiki2.dovecot.org/LDA > > Try to set the global dovecot configuration directive > lda_mailbox_autocreate = yes > This will always autocreate folders if they do not exist yet. > > Alternatively you can use > fileinto :create "INBOX.Test"; > to autocreate the folder in your Sieve script. > > Regards > Daniel From megodin at inboxalias.com Thu Mar 21 17:57:01 2013 From: megodin at inboxalias.com (megodin at inboxalias.com) Date: 21 Mar 2013 11:57:01 -0400 Subject: [Dovecot] Problem with Prefetch User Database Message-ID: Hi there Community, I am currently setting up a Dovecot Mailserver, which works fine with some basic configuration (Dovecot + Sendmail). Sending and receiving Mails is just fine. For improving timings, I wanted to activate the prefetch user database - but apparently it doesn't seem to work correctly - I hope you can help me out! When I activate the prefetch user database, every time I get a "passdb didn't return userdb entries" from my mail.debug logs. Here's my config: passdb { driver = pam } # (I authenticate via PAM which is itself configured to ask ldap server, ldap returns it back to PAM - so Dovecot only sees the PAM-authentication part) userdb { driver = prefetch } userdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } # My userdb is going over ldap. Relevant parts of /etc/dovecot/dovecot-ldap.conf.ext: . .. user_attrs = uidNumber=50014,gidNumber=2084,modem-quota=quota_rule=*:storage=%$ user_filter = (&(objectClass=posixAccount)(uid=%u)) pass_attrs = uidNumber==50014,gidNumber=2084 I'm not sure.... maybe it's because of the PAMLDAPPAM? Or am I missing out something other fundamental? Thanks for any insights, Megodin --- Alle Postf??cher an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/produkte/basic/index.html _________________________________________________________________ Send and receive anonymous emails to your inbox with InboxAlias. http://www.inboxalias.com From megodin at inboxalias.com Thu Mar 21 18:10:21 2013 From: megodin at inboxalias.com (megodin at inboxalias.com) Date: 21 Mar 2013 12:10:21 -0400 Subject: [Dovecot] Problem with Prefetch User Database - additional infos Message-ID: Hey there, sorry, sent the mail too fast. Obviously you need more information: I'm using Dovecot 2.0.9 dovecot -n # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.22.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) ext3 auth_cache_size = 10 M auth_debug = yes auth_username_format = %n auth_verbose = yes listen = * mail_debug = yes mail_gid = vmail mail_home = /dovecot/mailnfs/vmails/%u mail_location = sdbox:/dovecot/mailnfs/vmails/%u/mailstore mail_plugins = " quota" mail_privileged_group = mail mail_uid = vmail mbox_write_locks = fcntl passdb { driver = pam } plugin { quota = dict:User quota::file:%h/dovecot-quota quota_rule = *:storage=100M quota_rule2 = Trash:storage=+50M quota_warning = storage=95%% quota-warning 95 %u } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = root } ssl_cert = Hi there Community, > > I am currently setting up a Dovecot Mailserver, which works fine with some basic configuration (Dovecot + Sendmail). Sending > and receiving Mails is just fine. For improving timings, I wanted to activate the prefetch user database - but apparently it doesn't > seem to work correctly - I hope you can help me out! > > When I activate the prefetch user database, every time I get a "passdb didn't return userdb entries" from my mail.debug logs. > > Here's my config: > > passdb { > driver = pam > } > > # (I authenticate via PAM which is itself configured to ask ldap server, ldap returns it back to PAM - so Dovecot only sees the > > PAM-authentication part) > > userdb { > driver = prefetch > } > > userdb { > driver = ldap > args = /etc/dovecot/dovecot-ldap.conf.ext > } > > # My userdb is going over ldap. > > Relevant parts of /etc/dovecot/dovecot-ldap.conf.ext: > > ... > user_attrs = uidNumber=50014,gidNumber=2084,modem-quota=quota_rule=*:storage=%$ > > user_filter = (&(objectClass=posixAccount)(uid=%u)) > > pass_attrs = uidNumber==50014,gidNumber=2084 > > > I'm not sure.... maybe it's because of the PAMLDAPPAM? Or do I miss something other fundamental? > Thanks for any insights, > Megodin --- Alle Postf??cher an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/produkte/basic/index.html _________________________________________________________________ Send and receive anonymous emails to your inbox with InboxAlias. http://www.inboxalias.com From skdovecot at smail.inf.fh-brs.de Thu Mar 21 18:18:17 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Thu, 21 Mar 2013 17:18:17 +0100 (CET) Subject: [Dovecot] Problem with Prefetch User Database In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 21 Mar 2013, megodin at inboxalias.com wrote: > passdb { > driver = pam > } > > # (I authenticate via PAM which is itself configured to ask ldap server, ldap returns it back to PAM - so Dovecot only sees the PAM-authentication part) PAM does not return userdb-relevant information. You cannot use userdb prefetch. You could switch to first ask a ldap passdb and then, for users that have another password in LDAP, pam. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUsyyV3r2wJMiz2NAQKa/Qf9EmmXcC7mTg7Azmj1Ew7HT2wSoKVQF2k5 5kPQPKKrVKToTJtTmFIeSF1saXQ2f5wE+ZGo2y0u9DlFipH4pc6mP4F9uEr4WbSF lB8TBfyAg5wqvepOl/jUkkXnLxI6lDBzVN6nfRYfVz34Lk4Amz70+6GVDtEE6azK +j/5GWwl2dAJ93Z+uNl4z8ABffvWxv8m0UECIxvIIYW2647+oT6PyNvaRM6dEgUp RZlMMic990TzDn30APTghcxiiu2eeiwHc2q0rAXLqAsOHNzV8Aie4DcOS1Nhib1+ FJHloYG8aWPfK0rnqcSwj6caXKYysWsQgzoPueRrQCrXbSykMMyXaQ== =yFtv -----END PGP SIGNATURE----- From megodin at inboxalias.com Thu Mar 21 18:46:27 2013 From: megodin at inboxalias.com (megodin at inboxalias.com) Date: 21 Mar 2013 12:46:27 -0400 Subject: [Dovecot] Problem with Prefetch User Database Message-ID: > Dovecot only sees the PAM-authentication part) > > > PAM does not return userdb-relevant information. You cannot use > userdb > prefetch. > > You could switch to first ask a ldap passdb and then, for users that > have > another password in LDAP, pam. I use PAM because of the easyness of blocking specific validated users - you can just add/remove them in a plain text file. Easy administration will be necessary because of the planned huge amount of users on the system (28.000), and sometimes blocking a user is highly time-dependent (e.g. if one answers to a phising mail and sending out his credentials which are then abused for sending spam). I would go over LDAP if there is an equivalent easy way to solve this over LDAP (easy blocking out users by e.g editing a plain text file) - is there any? Thanks, Megodin --- Alle Postf??cher an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/produkte/basic/index.html _________________________________________________________________ Send and receive anonymous emails to your inbox with InboxAlias. http://www.inboxalias.com From lst_hoe02 at kwsoft.de Thu Mar 21 18:51:19 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Thu, 21 Mar 2013 17:51:19 +0100 Subject: [Dovecot] Migarting password scheme Message-ID: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> Hello, by the move to Dovecot we try to alter the password encryption stored in the database from MD5 to CRYPT-SHA256 along the Guide at http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly working but i still have not found out how to pass the cleartext password to the re-encrypting script. According to the HowTo it should be enough to add "'%w' AS userdb_plain_pass" to the passdb query, to get a environment variable $PLAIN_PASS in the post-login script to pass along. This does not work eg. PLAIN_PASS is always empty. This is Dovecot 2.0.19 from Ubuntu 12.04 LTS. Thanks for any help Regards Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From juan at inti.gob.ar Thu Mar 21 18:55:40 2013 From: juan at inti.gob.ar (Juan Bernhard) Date: Thu, 21 Mar 2013 13:55:40 -0300 Subject: [Dovecot] Log DNS revese IP address Message-ID: <514B3B8C.5050907@inti.gob.ar> Hi list. Is it possible to log the DNS reverse address of every login? I didnt find a variable *%{hostname}* but the wiki say it only works on *deliver_log_format* and not on *login_log_format_elements* Something like this: Mar 21 13:49:33 mailserver dovecot: pop3-login: Login: user=, method=PLAIN, rip=10.10.10.15, lip=10.10.10.1, mpid=18712, *host=client02.example.com* Thanks! Regards. Juan From pvsuja at gmail.com Thu Mar 21 19:52:15 2013 From: pvsuja at gmail.com (pvsuja) Date: Thu, 21 Mar 2013 10:52:15 -0700 (PDT) Subject: [Dovecot] dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB> In-Reply-To: <2DABADF0-5AE3-4749-A754-3996273C5E4D@iki.fi> References: <1362722925153-40684.post@n4.nabble.com> <2DABADF0-5AE3-4749-A754-3996273C5E4D@iki.fi> Message-ID: Thanks a lot! I got it done with imapc_ssl and imapc_ssl_ca_dir settings. I was not aware of those settings. Thanks a bunch! On Wed, Mar 20, 2013 at 10:58 PM, Timo Sirainen [via Dovecot] < ml-node+s2317879n40933h39 at n4.nabble.com> wrote: > On 8.3.2013, at 8.08, pvsuja <[hidden email]> > wrote: > > > Through wireshark, I found the username and password is going in plain > text > > only to the server. > > How will I enable starttls in ImapcProxy before any communication > starts? > > imapc_ssl = starttls > > See also other related settings in > http://wiki2.dovecot.org/Migration/Dsync > > I guess imapc should have its own wiki page some day. > > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > > http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40933.html > To unsubscribe from dovecot: imap-login: Aborted login (auth failed, 1 > attempts in 2 secs): user=, method=PLAIN, rip=127.0.0.1, > lip=127.0.0.1, TLS, session=<1pBG/03XogB/AAAB>, click here > . > NAML > -- View this message in context: http://dovecot.2317879.n4.nabble.com/dovecot-imap-login-Aborted-login-auth-failed-1-attempts-in-2-secs-user-xxx-method-PLAIN-rip-127-0-0--tp40684p40973.html Sent from the Dovecot mailing list archive at Nabble.com. From daryl at isletech.net Thu Mar 21 21:56:53 2013 From: daryl at isletech.net (Daryl Richards) Date: Thu, 21 Mar 2013 15:56:53 -0400 Subject: [Dovecot] Migarting password scheme In-Reply-To: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> Message-ID: <514B6605.7030907@isletech.net> On 13-03-21 12:51 PM, lst_hoe02 at kwsoft.de wrote: > by the move to Dovecot we try to alter the password encryption stored > in the database from MD5 to CRYPT-SHA256 along the Guide at > http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly > working but i still have not found out how to pass the cleartext > password to the re-encrypting script. According to the HowTo it should > be enough to add "'%w' AS userdb_plain_pass" to the passdb query, to > get a environment variable $PLAIN_PASS in the post-login script to > pass along. > This does not work eg. PLAIN_PASS is always empty. This is Dovecot > 2.0.19 from Ubuntu 12.04 LTS. It seems to depends on how you are doing your userdb, not passdb.. I use a static userdb, so I have: userdb { args = uid=xx gid=xx home=/xx/xx/%d/%n plain_pass=%w driver = static } -- Daryl Richards Isle Technical Services Inc. From brenoavm at gmail.com Thu Mar 21 21:58:26 2013 From: brenoavm at gmail.com (Breno Moreira) Date: Thu, 21 Mar 2013 16:58:26 -0300 Subject: [Dovecot] Altmove doesn't working after a dsync. Message-ID: Hi guys, I'm having a problem with the altmove command after a mailbox migration using dsync. What I'm trying to do is move some users from a datacenter to another and, for that, I'm using the dsync feature. First thing I do is run the dsync mirror command, and this is working properly, but all mails are moved to the main path, ignoring the ALT statement in the mail location. So, what I tried to do was run the doveadm altmove to move the old mails to the new alternate storage, but it simply doesn't work or sometimes moves only few messages. After the user receives new messages, these new files are correctly moved. It can be problem with my search parameter in the altmove command? Or this is a normal result? Best Regards, Breno Moreira -- --------------------------------------------------------------------- Breno Moreira From lst_hoe02 at kwsoft.de Thu Mar 21 22:02:05 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Thu, 21 Mar 2013 21:02:05 +0100 Subject: [Dovecot] Migrating password scheme In-Reply-To: <514B6605.7030907@isletech.net> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> <514B6605.7030907@isletech.net> Message-ID: <20130321210205.Horde.uYeFLU6jTahRS2c9Lfm15gA@webmail.kwsoft.de> Zitat von Daryl Richards : > On 13-03-21 12:51 PM, lst_hoe02 at kwsoft.de wrote: >> by the move to Dovecot we try to alter the password encryption >> stored in the database from MD5 to CRYPT-SHA256 along the Guide at >> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly >> working but i still have not found out how to pass the cleartext >> password to the re-encrypting script. According to the HowTo it >> should be enough to add "'%w' AS userdb_plain_pass" to the passdb >> query, to get a environment variable $PLAIN_PASS in the post-login >> script to pass along. >> This does not work eg. PLAIN_PASS is always empty. This is Dovecot >> 2.0.19 from Ubuntu 12.04 LTS. > It seems to depends on how you are doing your userdb, not passdb.. > > I use a static userdb, so I have: > > userdb { > args = uid=xx gid=xx home=/xx/xx/%d/%n plain_pass=%w > driver = static > } > > > -- > Daryl Richards > Isle Technical Services Inc. Will try that, thanks. Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From lst_hoe02 at kwsoft.de Thu Mar 21 22:29:05 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Thu, 21 Mar 2013 21:29:05 +0100 Subject: [Dovecot] Migrating password scheme In-Reply-To: <20130321210205.Horde.uYeFLU6jTahRS2c9Lfm15gA@webmail.kwsoft.de> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> <514B6605.7030907@isletech.net> <20130321210205.Horde.uYeFLU6jTahRS2c9Lfm15gA@webmail.kwsoft.de> Message-ID: <20130321212905.Horde.1dQtfE6jTahRS22RzwQl3gA@webmail.kwsoft.de> Zitat von lst_hoe02 at kwsoft.de: > Zitat von Daryl Richards : > >> On 13-03-21 12:51 PM, lst_hoe02 at kwsoft.de wrote: >>> by the move to Dovecot we try to alter the password encryption >>> stored in the database from MD5 to CRYPT-SHA256 along the Guide at >>> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly >>> working but i still have not found out how to pass the cleartext >>> password to the re-encrypting script. According to the HowTo it >>> should be enough to add "'%w' AS userdb_plain_pass" to the passdb >>> query, to get a environment variable $PLAIN_PASS in the post-login >>> script to pass along. >>> This does not work eg. PLAIN_PASS is always empty. This is Dovecot >>> 2.0.19 from Ubuntu 12.04 LTS. >> It seems to depends on how you are doing your userdb, not passdb.. >> >> I use a static userdb, so I have: >> >> userdb { >> args = uid=xx gid=xx home=/xx/xx/%d/%n plain_pass=%w >> driver = static >> } >> >> >> -- >> Daryl Richards >> Isle Technical Services Inc. > > Will try that, thanks. > > Andreas Hm, no. Same result. The username works fine but the plaintext password is not available eg. $PLAIN_PASS is always empty when invoking the script. Settings from 10-master.conf: service imap { # TEMP fuer Password Hashes executable = imap imap-postlogin # Most of the memory goes to mmap()ing files. You may need to increase this # limit if you have huge mailboxes. #vsz_limit = 256M # Max. number of IMAP processes (connections) #process_limit = 1024 process_limit = 100 } service imap-postlogin { executable = script-login /etc/dovecot/convert.sh # user = $default_internal_user unix_listener imap-postlogin { } } from 10-auth.conf: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf.ext } userdb { driver = static args = uid=dovemail gid=dovemail home=/var/dovecot/home/%n mail=sdbox:/var/dovecot/mail/%n:LAYOUT=fs plainpass=%w } and the script invoked: #!/bin/sh echo $USER >> /etc/dovecot/test.log echo $PLAINPASS >> /etc/dovecot/test.log echo $HOME >> /etc/dovecot/test.log /etc/dovecot/pwd-sha.php $USER $PLAINPASS exec "$@" The test with echo variable to file show that $PLAINPASS is always missing whil the others are there as expected. Can anyone confirm that it actually works this way?? Regards Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From CMarcus at Media-Brokers.com Thu Mar 21 22:33:24 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Thu, 21 Mar 2013 16:33:24 -0400 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: References: Message-ID: <514B6E94.50402@Media-Brokers.com> Please always try to provide some basic system info when asking for help. dovecot version? doveconf -n output? actual commands you are typing? logs of the events? Also remember, dsync has been completely rewritten for the upcoming 2.2 (at rc3 now), and has always been a little problematic in earlier versions (which I guess was the reason for the rewrite)... On 2013-03-21 3:58 PM, Breno Moreira wrote: > Hi guys, > > I'm having a problem with the altmove command after a mailbox migration > using dsync. > > What I'm trying to do is move some users from a datacenter to another and, > for that, I'm using the dsync feature. First thing I do is run the dsync > mirror command, and this is working properly, but all mails are moved to > the main path, ignoring the ALT statement in the mail location. > > So, what I tried to do was run the doveadm altmove to move the old mails to > the new alternate storage, but it simply doesn't work or sometimes moves > only few messages. > > After the user receives new messages, these new files are correctly moved. > > It can be problem with my search parameter in the altmove command? Or this > is a normal result? > > Best Regards, > Breno Moreira > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax From brenoavm at gmail.com Thu Mar 21 22:53:05 2013 From: brenoavm at gmail.com (Breno Moreira) Date: Thu, 21 Mar 2013 17:53:05 -0300 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: <514B6E94.50402@Media-Brokers.com> References: <514B6E94.50402@Media-Brokers.com> Message-ID: Hi Charles, Sorry for not providing this kind of info. I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is below: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 auth_mechanisms = plain login auth_socket_path = /var/run/dovecot/auth-userdb disable_plaintext_auth = no lmtp_proxy = yes mail_fsync = always mail_gid = vmail mail_location = maildir:~/.maildir mail_plugins = " quota" mail_uid = vmail mmap_disable = yes passdb { driver = pam } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir:Quota sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap pop3 lmtp service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = root } service imap-login { service_count = 0 } service lmtp { inet_listener lmtp { address = localhost mail0.supramail.com.br port = 7025 } } service pop3-login { service_count = 0 } ssl_cert = wrote: > Please always try to provide some basic system info when asking for help. > > dovecot version? doveconf -n output? actual commands you are typing? logs > of the events? > > Also remember, dsync has been completely rewritten for the upcoming 2.2 > (at rc3 now), and has always been a little problematic in earlier versions > (which I guess was the reason for the rewrite)... > > > On 2013-03-21 3:58 PM, Breno Moreira wrote: > >> Hi guys, >> >> I'm having a problem with the altmove command after a mailbox migration >> using dsync. >> >> What I'm trying to do is move some users from a datacenter to another and, >> for that, I'm using the dsync feature. First thing I do is run the dsync >> mirror command, and this is working properly, but all mails are moved to >> the main path, ignoring the ALT statement in the mail location. >> >> So, what I tried to do was run the doveadm altmove to move the old mails >> to >> the new alternate storage, but it simply doesn't work or sometimes moves >> only few messages. >> >> After the user receives new messages, these new files are correctly moved. >> >> It can be problem with my search parameter in the altmove command? Or this >> is a normal result? >> >> Best Regards, >> Breno Moreira >> >> > > -- > > Best regards, > > Charles Marcus > I.T. Director > Media Brokers International, Inc. > 678.514.6224 | 678.514.6299 fax > > > -- --------------------------------------------------------------------- Breno Moreira ?O ?xito na vida n?o se mede pelo que voc? conquistou, mas sim pelas dificuldades que superou no caminho.? * Abraham Lincoln* From brenoavm at gmail.com Thu Mar 21 22:59:24 2013 From: brenoavm at gmail.com (Breno Moreira) Date: Thu, 21 Mar 2013 17:59:24 -0300 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: References: <514B6E94.50402@Media-Brokers.com> Message-ID: My email was sent before I finish it. The other command I'm using is for move the old mails to the alternate storage, and it is: - doveadm -Dv altmove -u user seen savedbefore 2w In the logs all seems to be ok, without errors or warnings. I'm really thinking in test the new version to find out if the problem still occurs. Thanks to all. Breno Moreira On Thu, Mar 21, 2013 at 5:53 PM, Breno Moreira wrote: > Hi Charles, > > Sorry for not providing this kind of info. > > I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is below: > > # 2.1.7: /etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 > auth_mechanisms = plain login > auth_socket_path = /var/run/dovecot/auth-userdb > disable_plaintext_auth = no > lmtp_proxy = yes > mail_fsync = always > mail_gid = vmail > mail_location = maildir:~/.maildir > mail_plugins = " quota" > mail_uid = vmail > mmap_disable = yes > passdb { > driver = pam > } > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > plugin { > quota = maildir:Quota > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > protocols = imap pop3 lmtp > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > unix_listener auth-userdb { > group = vmail > mode = 0666 > user = vmail > } > user = root > } > service imap-login { > service_count = 0 > } > service lmtp { > inet_listener lmtp { > address = localhost mail0.supramail.com.br > port = 7025 > } > } > service pop3-login { > service_count = 0 > } > ssl_cert = ssl_key = userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > protocol lmtp { > mail_plugins = " quota sieve" > postmaster_address = postmaster at mail0.supramail.com.br > } > protocol imap { > mail_plugins = " quota imap_quota" > } > protocol pop3 { > pop3_uidl_format = %v-%u > } > > The commands that I'm using are: > > - dsync -Dv -u user mirror sdbox:~/sdbox:ALT=alternatestoragepath > > - > > > On Thu, Mar 21, 2013 at 5:33 PM, Charles Marcus > wrote: > >> Please always try to provide some basic system info when asking for help. >> >> dovecot version? doveconf -n output? actual commands you are typing? logs >> of the events? >> >> Also remember, dsync has been completely rewritten for the upcoming 2.2 >> (at rc3 now), and has always been a little problematic in earlier versions >> (which I guess was the reason for the rewrite)... >> >> >> On 2013-03-21 3:58 PM, Breno Moreira wrote: >> >>> Hi guys, >>> >>> I'm having a problem with the altmove command after a mailbox migration >>> using dsync. >>> >>> What I'm trying to do is move some users from a datacenter to another >>> and, >>> for that, I'm using the dsync feature. First thing I do is run the dsync >>> mirror command, and this is working properly, but all mails are moved to >>> the main path, ignoring the ALT statement in the mail location. >>> >>> So, what I tried to do was run the doveadm altmove to move the old mails >>> to >>> the new alternate storage, but it simply doesn't work or sometimes moves >>> only few messages. >>> >>> After the user receives new messages, these new files are correctly >>> moved. >>> >>> It can be problem with my search parameter in the altmove command? Or >>> this >>> is a normal result? >>> >>> Best Regards, >>> Breno Moreira >>> >>> >> >> -- >> >> Best regards, >> >> Charles Marcus >> I.T. Director >> Media Brokers International, Inc. >> 678.514.6224 | 678.514.6299 fax >> >> >> > > > -- > --------------------------------------------------------------------- > Breno Moreira > > ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > mas sim pelas dificuldades que superou no caminho.? > > * Abraham Lincoln* > > -- --------------------------------------------------------------------- Breno Moreira ?O ?xito na vida n?o se mede pelo que voc? conquistou, mas sim pelas dificuldades que superou no caminho.? * Abraham Lincoln* From daryl at isletech.net Thu Mar 21 23:07:32 2013 From: daryl at isletech.net (Daryl Richards) Date: Thu, 21 Mar 2013 17:07:32 -0400 Subject: [Dovecot] Migrating password scheme In-Reply-To: <20130321212905.Horde.1dQtfE6jTahRS22RzwQl3gA@webmail.kwsoft.de> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> <514B6605.7030907@isletech.net> <20130321210205.Horde.uYeFLU6jTahRS2c9Lfm15gA@webmail.kwsoft.de> <20130321212905.Horde.1dQtfE6jTahRS22RzwQl3gA@webmail.kwsoft.de> Message-ID: <514B7694.7030804@isletech.net> On 13-03-21 4:29 PM, lst_hoe02 at kwsoft.de wrote: > userdb { > driver = static > args = uid=dovemail gid=dovemail home=/var/dovecot/home/%n > mail=sdbox:/var/dovecot/mail/%n:LAYOUT=fs plainpass=%w > } > > and the script invoked: > > #!/bin/sh > echo $USER >> /etc/dovecot/test.log > echo $PLAINPASS >> /etc/dovecot/test.log > echo $HOME >> /etc/dovecot/test.log I can confirm it works... The variable is actually plain_pass, and $PLAIN_PASS, with the underscore. -- Daryl Richards Isle Technical Services Inc. From lst_hoe02 at kwsoft.de Thu Mar 21 23:18:46 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Thu, 21 Mar 2013 22:18:46 +0100 Subject: [Dovecot] Migrating password scheme In-Reply-To: <514B7694.7030804@isletech.net> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> <514B6605.7030907@isletech.net> <20130321210205.Horde.uYeFLU6jTahRS2c9Lfm15gA@webmail.kwsoft.de> <20130321212905.Horde.1dQtfE6jTahRS22RzwQl3gA@webmail.kwsoft.de> <514B7694.7030804@isletech.net> Message-ID: <20130321221846.Horde.QeskFE6jTahRS3k2tg0l6mA@webmail.kwsoft.de> Zitat von Daryl Richards : > On 13-03-21 4:29 PM, lst_hoe02 at kwsoft.de wrote: >> userdb { >> driver = static >> args = uid=dovemail gid=dovemail home=/var/dovecot/home/%n >> mail=sdbox:/var/dovecot/mail/%n:LAYOUT=fs plainpass=%w >> } >> >> and the script invoked: >> >> #!/bin/sh >> echo $USER >> /etc/dovecot/test.log >> echo $PLAINPASS >> /etc/dovecot/test.log >> echo $HOME >> /etc/dovecot/test.log > I can confirm it works... The variable is actually plain_pass, and > $PLAIN_PASS, with the underscore. If have first used also plain_pass without success. The plainpass was used as test to see if there is some problem with the "_". What Dovecot version do you use? Regards Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From tss at iki.fi Thu Mar 21 23:39:42 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Mar 2013 23:39:42 +0200 Subject: [Dovecot] Migarting password scheme In-Reply-To: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> Message-ID: On 21.3.2013, at 18.51, lst_hoe02 at kwsoft.de wrote: > Hello, > > by the move to Dovecot we try to alter the password encryption stored in the database from MD5 to CRYPT-SHA256 along the Guide at http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly working but i still have not found out how to pass the cleartext password to the re-encrypting script. According to the HowTo it should be enough to add "'%w' AS userdb_plain_pass" to the passdb query, to get a environment variable $PLAIN_PASS in the post-login script to pass along. > This does not work eg. PLAIN_PASS is always empty. This is Dovecot 2.0.19 from Ubuntu 12.04 LTS. userdb_plain_pass method requires that you use userdb prefetch. And Daryl's method of using %w in regular userdb .. I'm not really sure how well that works. Could easily be that different Dovecot versions behave differently. From tss at iki.fi Thu Mar 21 23:41:22 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Mar 2013 23:41:22 +0200 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: References: <514B6E94.50402@Media-Brokers.com> Message-ID: <5F3FBE0D-E803-4BC5-8935-F25DAB8921D6@iki.fi> I guess the save date gets reset. You can verify that with e.g.: doveadm fetch date.saved mailbox inbox all dsync is supposed to preserve the save date though. Might be broken in your version. On 21.3.2013, at 22.59, Breno Moreira wrote: > My email was sent before I finish it. > > The other command I'm using is for move the old mails to the alternate > storage, and it is: > - doveadm -Dv altmove -u user seen savedbefore 2w > > In the logs all seems to be ok, without errors or warnings. > I'm really thinking in test the new version to find out if the problem > still occurs. > > Thanks to all. > > Breno Moreira > > > On Thu, Mar 21, 2013 at 5:53 PM, Breno Moreira wrote: > >> Hi Charles, >> >> Sorry for not providing this kind of info. >> >> I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is below: >> >> # 2.1.7: /etc/dovecot/dovecot.conf >> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 >> auth_mechanisms = plain login >> auth_socket_path = /var/run/dovecot/auth-userdb >> disable_plaintext_auth = no >> lmtp_proxy = yes >> mail_fsync = always >> mail_gid = vmail >> mail_location = maildir:~/.maildir >> mail_plugins = " quota" >> mail_uid = vmail >> mmap_disable = yes >> passdb { >> driver = pam >> } >> passdb { >> args = /etc/dovecot/dovecot-sql.conf.ext >> driver = sql >> } >> plugin { >> quota = maildir:Quota >> sieve = ~/.dovecot.sieve >> sieve_dir = ~/sieve >> } >> protocols = imap pop3 lmtp >> service auth { >> unix_listener /var/spool/postfix/private/auth { >> mode = 0666 >> } >> unix_listener auth-userdb { >> group = vmail >> mode = 0666 >> user = vmail >> } >> user = root >> } >> service imap-login { >> service_count = 0 >> } >> service lmtp { >> inet_listener lmtp { >> address = localhost mail0.supramail.com.br >> port = 7025 >> } >> } >> service pop3-login { >> service_count = 0 >> } >> ssl_cert = > ssl_key = > userdb { >> driver = passwd >> } >> userdb { >> args = /etc/dovecot/dovecot-sql.conf.ext >> driver = sql >> } >> protocol lmtp { >> mail_plugins = " quota sieve" >> postmaster_address = postmaster at mail0.supramail.com.br >> } >> protocol imap { >> mail_plugins = " quota imap_quota" >> } >> protocol pop3 { >> pop3_uidl_format = %v-%u >> } >> >> The commands that I'm using are: >> >> - dsync -Dv -u user mirror sdbox:~/sdbox:ALT=alternatestoragepath >> >> - >> >> >> On Thu, Mar 21, 2013 at 5:33 PM, Charles Marcus >> wrote: >> >>> Please always try to provide some basic system info when asking for help. >>> >>> dovecot version? doveconf -n output? actual commands you are typing? logs >>> of the events? >>> >>> Also remember, dsync has been completely rewritten for the upcoming 2.2 >>> (at rc3 now), and has always been a little problematic in earlier versions >>> (which I guess was the reason for the rewrite)... >>> >>> >>> On 2013-03-21 3:58 PM, Breno Moreira wrote: >>> >>>> Hi guys, >>>> >>>> I'm having a problem with the altmove command after a mailbox migration >>>> using dsync. >>>> >>>> What I'm trying to do is move some users from a datacenter to another >>>> and, >>>> for that, I'm using the dsync feature. First thing I do is run the dsync >>>> mirror command, and this is working properly, but all mails are moved to >>>> the main path, ignoring the ALT statement in the mail location. >>>> >>>> So, what I tried to do was run the doveadm altmove to move the old mails >>>> to >>>> the new alternate storage, but it simply doesn't work or sometimes moves >>>> only few messages. >>>> >>>> After the user receives new messages, these new files are correctly >>>> moved. >>>> >>>> It can be problem with my search parameter in the altmove command? Or >>>> this >>>> is a normal result? >>>> >>>> Best Regards, >>>> Breno Moreira >>>> >>>> >>> >>> -- >>> >>> Best regards, >>> >>> Charles Marcus >>> I.T. Director >>> Media Brokers International, Inc. >>> 678.514.6224 | 678.514.6299 fax >>> >>> >>> >> >> >> -- >> --------------------------------------------------------------------- >> Breno Moreira >> >> ?O ?xito na vida n?o se mede pelo que voc? conquistou, >> >> mas sim pelas dificuldades que superou no caminho.? >> >> * Abraham Lincoln* >> >> > > > -- > --------------------------------------------------------------------- > Breno Moreira > > ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > mas sim pelas dificuldades que superou no caminho.? > > * Abraham Lincoln* From tss at iki.fi Thu Mar 21 23:42:16 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Mar 2013 23:42:16 +0200 Subject: [Dovecot] Log DNS revese IP address In-Reply-To: <514B3B8C.5050907@inti.gob.ar> References: <514B3B8C.5050907@inti.gob.ar> Message-ID: <29337902-1311-4B3D-8C54-BD32067CDD67@iki.fi> On 21.3.2013, at 18.55, Juan Bernhard wrote: > Hi list. Is it possible to log the DNS reverse address of every login? > I didnt find a variable *%{hostname}* but the wiki say it only works on *deliver_log_format* and not on *login_log_format_elements* > > Something like this: > Mar 21 13:49:33 mailserver dovecot: pop3-login: Login: user=, method=PLAIN, rip=10.10.10.15, lip=10.10.10.1, mpid=18712, *host=client02.example.com* Nope. Just a waste of time to wait on DNS. From tss at iki.fi Thu Mar 21 23:52:41 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 21 Mar 2013 23:52:41 +0200 Subject: [Dovecot] director's imap/pop3 login timeout In-Reply-To: <514AE138.3030602@um.es> References: <514AE138.3030602@um.es> Message-ID: On 21.3.2013, at 12.30, Angel L. Mateo wrote: > Mar 20 20:52:47 myotis41 dovecot: imap-login: proxy(): Login failed to 155.54.211.162:143: [UNAVAILABLE] Temporary authentication failure. [myotis32:2013-03-20 19:52:47] > > So, it seems it was trying to authenticate for 1 hour, after that it timed out the login. > > But this timeout is too long. Is this a director timeout? Or a backend timeout? How can I reduce it? Hmm. This is a behavior change, so I'm not really sure if I should put this to v2.1. But it's in v2.2 now anyway: http://hg.dovecot.org/dovecot-2.2/rev/a4ea6946c621 Also that requires proxy_timeout to be returned by passdb and there wasn't a default. I guess there should be, added to v2.2 also: http://hg.dovecot.org/dovecot-2.2/rev/9439a43bd645 From ka at pacific.net Fri Mar 22 00:31:34 2013 From: ka at pacific.net (Ken A) Date: Thu, 21 Mar 2013 17:31:34 -0500 Subject: [Dovecot] dsync mirror to convert from mbox (1.2x) to mdbox (2.2) Message-ID: <514B8A46.4040309@pacific.net> I'm converting mail from mbox to mdbox. I've copied mail over to a new system, and now I'm running dsync like this: dsync -u username mirror mbox:/folder_location/username:INBOX=/inbox_location/username That seemed to work, with a couple minor errors: > dsync(username): Warning: Our dotlock file /mail_location/username.lock was deleted (locked 20 secs ago, touched 20 secs ago) > dsync(username): Error: file_dotlock_delete() failed with mbox file /mail_location/username: No such file or directory Do I also need to specify where dovecot's indexes are for the old mbox files, or is this not needed for mbox conversions (when they are the source)? Thanks, Ken A. From dovecot at noboost.org Fri Mar 22 06:23:01 2013 From: dovecot at noboost.org (dovecot at noboost.org) Date: Fri, 22 Mar 2013 15:23:01 +1100 Subject: [Dovecot] discarding vacation response for message implicitly delivered Message-ID: <20130322042301.GA25358@noboost.org> Hi All, Spec: * Centos 6.3x64 * postfix-2.6.6-2.2.el6_1.x86_64 * dovecot-pigeonhole-2.0.9-5.el6.x86_64 * dovecot-2.0.9-5.el6.x86_64 Challenge: Does anyone have an explination regarding this message? ------------------------------------------------------------------- "Mar 22 12:15:22 chtvm dovecot: lmtp(7004, cht): C+EZBuObS1FcGwAAlnPEfg: sieve: msgid=<20130322011522.6D55D40389 at chtvm.noboost.org>: discarding vacation response for message implicitly delivered to " ------------------------------------------------------------------- I'm getting it when passing traffic through to the Dovecot sieve vacation extension from a virtual domain. Regards, Craig From tss at iki.fi Fri Mar 22 10:29:35 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 10:29:35 +0200 Subject: [Dovecot] 2.2.rc2: problem with acl_shared_dict In-Reply-To: References: Message-ID: <1363940975.13923.32.camel@innu> On Tue, 2013-02-26 at 12:16 +0100, Lutz Pre?ler wrote: > Hello, > > 2.2.rc2, configuration as before: > > acl_shared_dict=file:... > The contents of this file is used for e.g. LISTing shared mailboxes. > But even with file and directory beeing world writable, it's not written > into on SETACL commands. > Instead, at least sometimes (it seems to make a difference if GETACL is > used before in the session) the imap process crashes on SETACL or DELETEACL. > > Feb 26 00:31:52 host dovecot: imap(13373, user) K64y8ZTWOgB/AAAB: Fatal: master: service(imap): child 13373 killed with signal 11 (core dumps disabled) > Anything to do for further debugging? Working correctly with 2.1.15. Fixed finally: http://hg.dovecot.org/dovecot-2.2/rev/d211174a2392 From tss at iki.fi Fri Mar 22 10:31:57 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 10:31:57 +0200 Subject: [Dovecot] [dovecot-2.1.15] mdbox corruption, doveadm force-resync can't repair it (throws segfault) In-Reply-To: <514AD5D5.5040305@mejor.pl> References: <51387E12.5050100@mejor.pl> <51388444.2090900@mejor.pl> <31E4195B-E490-47FE-94EC-EDFADDD3A8E9@iki.fi> <514AD5D5.5040305@mejor.pl> Message-ID: <1363941117.13923.34.camel@innu> On Thu, 2013-03-21 at 10:41 +0100, Marcin Miros?aw wrote: > W dniu 20.03.2013 18:20, Timo Sirainen pisze: > > On 7.3.2013, at 14.12, Marcin Miros?aw wrote: > > > >> Here is backtrace from doveadm force-resync: > >> > >> #0 rebuild_mailbox_multi (trans=0x428b58d090, view=, > >> rebuild_ctx=0x428b5a0690, ctx=0x428b57a9a0, mbox=) at > >> mdbox-storage-rebuild.c:433 > >> 433 map_uid = rec->map_uid; > > > > Yeah, I fixed this immediately after 2.1.15: http://hg.dovecot.org/dovecot-2.1/rev/2def25f07ca6 > > > > I guess it's soon time for 2.1.16. > > Hi! I've aplied patch and force-resync finished work without problem.Thanks! > I asked one more question: `doveadm force-resync -A "*"` doesn't do > resync inside namespace. Is it feature or bug? What exactly do you mean? I think it should only resync the mailboxes in the prefix="" namespace, or at least that's the intended behavior with other commands where "*" is used. Is -A relevant here (= does it happen the same with -u username)? From ws+dovecot at iai.uni-bonn.de Fri Mar 22 10:47:21 2013 From: ws+dovecot at iai.uni-bonn.de (Walter Steiner) Date: Fri, 22 Mar 2013 09:47:21 +0100 Subject: [Dovecot] v2.2 dsync In-Reply-To: <98F7A42B-A5E9-46A8-BE58-B5AB1ADBCC85@iki.fi> References: <20130226154031.GH6073@uran.iai.uni-bonn.de> <1361968244.27458.30.camel@hurina> <20130227132749.GC28069@uran.iai.uni-bonn.de> <20130314100529.GA18113@uran.iai.uni-bonn.de> <265F0ADB-759E-4ACA-BDD3-C570D090F247@iki.fi> <98F7A42B-A5E9-46A8-BE58-B5AB1ADBCC85@iki.fi> Message-ID: <20130322084721.GA21212@uran.iai.uni-bonn.de> On Wed, Mar 20, 2013 at 20:26:03 +0200, Timo Sirainen wrote: > On 20.3.2013, at 19.51, Timo Sirainen wrote: > > > On 14.3.2013, at 12.05, Walter Steiner wrote: > > > >>>>> #0 0x00000000004578cc in dsync_ibc_send_mail_request (ibc=0x4a9f20, request=0x5441c0) at dsync-ibc.c:38 > >>>>> 38 return ibc->v.is_send_queue_full(ibc) ? > > > > If it crashes there, is_send_queue_full must be NULL or some other invalid pointer, but.. > > Oh, the function is correct but the line number is wrong. This fixes the crash: http://hg.dovecot.org/dovecot-2.2/rev/19ce7403114f > > But I see there are other problems .. I'll continue debugging them. Timo, good to hear from you! With nightly 20130321 no more crashes at this point! Thanks a lot! (misconfigured imapc password at first try => there was another crash) doveadm backup -R -u ... imapc: => mailboxes are created and some/many messages but not all messages are copied from the origin cyrus mailbox to the dovecot box. (i.e. the first consecutive 233 out of 523 are okay) All of the missing messages are logged: => dsync(...): Error: Mailbox ...: Remote didn't send mail UID=... (references to this error seen on the list in Jan. with older versions) I do not see the reason in the cyrus protocol log. (No "NO", only "OK") Maybe it has nothing to do with the messages itself? They are all "real-life" messages - i.e. there is a mailbox with 5 messages and only the first one is okay! I have deleted this first message on the cyrus box, stopped dovecot, removed dovecot mailbox, restarted dovecot. The "same" doveadm backup results in the new first (formerly second) message backed up to the dovecot mailbox (which was not before). If more detail / logs / cyrus IMAP protocol logs would be helpful please let me know and I'll try to setup a mailbox with meaningful testmails. Thank you very much again, Walter From tss at iki.fi Fri Mar 22 10:47:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 10:47:23 +0200 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> <1363791544.10326.251.camel@innu> Message-ID: <1363942043.13923.47.camel@innu> On Wed, 2013-03-20 at 17:40 -0600, DormitionSkete at hotmail.com wrote: > On Mar 20, 2013, at 8:59 AM, Timo Sirainen wrote: > > > On Wed, 2013-03-20 at 08:15 -0600, DormitionSkete at hotmail.com wrote: > > > >> My experience with IMAP over the internet with a couple of servers outside our monastery (while I was in it, and we have considerably better download speeds than upload) has always been that IMAP has always been incredibly slow. So, I've always just allowed users to connect to the IMAP server via webmail. It's slow, but usable. > > > > Another idea: Get some cheap server from outside, use dsync replication > > to keep it synced with your internal one, and set up DNS so that users > > get directed to the fastest server. http://wiki2.dovecot.org/Replication > > > > > > I LIKE this idea, but I have a few questions about it to see if it > would be appropriate for our situation. There are a few other things > to consider that I didn't mention before because they did not seem > relevant earlier. > > First off, I'd just like to say that we have a web server set up at a > location outside of our monastery that hosts all of our websites. I'm > currently in the process of building new servers to replace both it > and our current email server. So, assuming this is both plausible for > our situation, and within my capabilities, I should be able to work on > this at my leisure, and get the initial sync of our emails done while > on the same LAN. > > So, the additional info and questions are the following: > > 1.) Our download speeds are decent enough, but in addition to having > poor upload speeds, we also have very strict limits on how much we are > able to download. And we use almost every bit of it every day. We > cannot get more, either. We have unlimited downloads for four hours > at night, however. If a delayed sync isn't a problem, you could do it only once at nights. You wouldn't need to use the replicator service at all, just run "doveadm sync -f -A -d" in a cronjob. > 2.) We have very large message archives. We basically have 95% of > the emails we've received for the past 16 years. So, the sync *must* > only update items that have been changed. Is this how it it would > work? dsync can do full sync (= all messages' metadata is sent + new messages' contents), "changed sync" (= same as full sync, but only for changed folders) or incremental sync (= only new messages' metadata + contents are sent). The incremental sync is what replicator service does while it's running, but it's still currently doing a full sync at startup. A nightly cronjob could do incremental syncing also, but it would have to run dsync separately for each user and store the sync state to some file. The "changed sync" works well enough usually, but it has a problem if both replicas have had exactly the same amount of changes it doesn't realize that there may be differences between them and skip it. > 3.) We are currently using uw-imap with mbox. If we switch to > Dovecot, using Maildir format, will the sync only update the new > messages and the header files for any folders that have been changed? It works the same with all mailbox formats. Headers and bodies aren't synced separately, but metadata (= ~100 bytes/msg maybe) is. > 4.) I thought I read somewhere in Dovecot's documentation last night > that it has a 50 mb limit on folders. It can't write anything larger > than that. Does this sound familiar? (Now I can't find it!) If so, > is that for mbox? We currently have some mbox folders whose files are > significantly larger than that. If we convert to Maildir format, > where the individual messages are in their own files, could a folder > contain messages totaling more than 50 MB using Dovecot? Dovecot has no such limit. Postfix by default has set a file size limit for 50 MB, which effectively limits mbox sizes to 50 MB, but it can be removed with Postfix mailbox_size_limit setting. > 4a. -- Oops. I just noticed this: "NOTE2: sdbox/mdbox mailbox > formats are recommended for replication. Maildir still has some issues > (although probably not noticeable in normal use)." Should I consider > this a show-stopper for syncing like this? With v2.2 I don't think there's much of a difference anymore. > 5.) In the http://wiki2.dovecot.org/Replication page, would this be > continuously synced each time a user sends, receives, deletes, or > moves messages, etc.? Or would it be periodically synced? With replicator it syncs immediately when something changes. > 6.) Also, that page does not make it clear if one server is like the > "master" and the other the "slave". Do I do the same changes to both > servers? Both servers are equal. Setup both servers exactly the same. > If, given the above additional information, it would not be an > appropriate solution for us, this suggestion about syncing the two > servers gave me another idea. > > I was thinking, "Well, I wonder if I could just sync the Inboxes? We > don't really need the folders synced. In the highly unlikely event a > person would ever need something from one of his folders, he could > always just log into the (slow) monastery server through web mail and > get it that way." If you're syncing via ssh, you can give "-m inbox" parameter to dsync_remote_cmd setting and it syncs only INBOX. But it's still unnecessarily running dsync whenever anything changes. With some hardcoding it would be easy to change that though. > (When we are on the road, we are generally working real hard, and we > don't answer any more emails or do any other computer work than we > absolutely have to.) > > So, that led me to the idea to simply set up some message rules in > procmail in our (slow) monastery server to copy any incoming messages > to the server offsite in addition to delivering them locally. For the > most part, that would be sufficient for us -- and considerably > easier. > > The only downsides to this are that when we reply to messages, they > would not be marked as having been replied to, and we wouldn't have > copies of our replies on our main server. > > The not being marked as replied to is not a big deal. I know we could > manually copy any sent messages from one server to the other when we > returned to the monastery, if we really wanted to, but does anyone > know of a better way to do it? The users would then need to have two accounts I think, one for internal and one for outside mail. Otherwise whenever they switch between servers they need a full resync. From tss at iki.fi Fri Mar 22 10:48:56 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 10:48:56 +0200 Subject: [Dovecot] Postfix/Dovecot/lmtp with virtual and local users In-Reply-To: <514B14CE.5040409@cryptix.de> References: <514B14CE.5040409@cryptix.de> Message-ID: <1363942136.13923.48.camel@innu> On Thu, 2013-03-21 at 15:10 +0100, David Obando wrote: > Is there a way to define "if is local then auth_username_format = > %n else auth_username_format = %Lu"? Maybe. Depends on your Dovecot version and passdb/userdb configuration. So, doveconf -n output? From david at cryptix.de Fri Mar 22 11:53:02 2013 From: david at cryptix.de (David Obando) Date: Fri, 22 Mar 2013 10:53:02 +0100 Subject: [Dovecot] Postfix/Dovecot/lmtp with virtual and local users In-Reply-To: <1363942136.13923.48.camel@innu> References: <514B14CE.5040409@cryptix.de> <1363942136.13923.48.camel@innu> Message-ID: <514C29FD.9060300@cryptix.de> Timo Sirainen schrieb am 22.03.2013 09:48: > Maybe. Depends on your Dovecot version and passdb/userdb > configuration. So, doveconf -n output? I use version 2.1.7 from the backports repo on Debian Squeeze. My doveconf -n: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-686-bigmem i686 Debian 6.0.7 auth_cache_size = 10 M auth_debug = yes auth_mechanisms = plain login digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 105 listen = * log_timestamp = "%Y-%m-%d %H:%M:%S " login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } passdb { driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = } protocols = " imap lmtp sieve pop3" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } service imap-login { inet_listener imap { address = localhost port = 999 } inet_listener imaps { port = 993 ssl = yes } service_count = 1 } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } ssl_ca = Hello, On Oracle Solaris 11.1 (Solaris gcc-45 package set) core libraries do not provide flock() anymore. in file: src/doveadm/dsync/dsync-brain.c in function: dsync_brain_lock() around line: 234 is a (maybe unintentional) fix reference to FLOCK locks. if (file_wait_lock(brain->lock_fd, brain->lock_path, F_WRLCK, FILE_LOCK_METHOD_FLOCK, brain->lock_timeout, &brain->lock) <= 0) { resulting in a runtime error about unsupported flock() locks. (HAVE_FLOCK is not set by configure script) Personally, I have just changed "FLOCK" to "FCNTL". [ I have tried brain->lock->lock_method but this seems not to be the correct way => compile time error: dereferencing pointer to incomplete type ] Walter From skdovecot at smail.inf.fh-brs.de Fri Mar 22 12:32:26 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Fri, 22 Mar 2013 11:32:26 +0100 (CET) Subject: [Dovecot] Problem with Prefetch User Database In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 21 Mar 2013, megodin at inboxalias.com wrote: > > Dovecot only sees the PAM-authentication part) >> >> >> PAM does not return userdb-relevant information. You cannot use >> userdb >> prefetch. >> >> You could switch to first ask a ldap passdb and then, for users that >> have >> another password in LDAP, pam. > > I use PAM because of the easyness of blocking specific validated users - you can just add/remove them in a plain text file. Easy administration will be necessary because of the planned huge amount of users on the system (28.000), and sometimes blocking a user is highly time-dependent (e.g. if one answers to a phising mail and sending out his credentials which are then abused for sending spam). > > I would go over LDAP if there is an equivalent easy way to solve this over LDAP (easy blocking out users by e.g editing a plain text file) - is there any? Ah: http://wiki2.dovecot.org/Authentication/RestrictAccess?highlight=(deny) check out section about passwd-file Other alternative: Add into your passdb LDAP filter: (&(..)(!(dovecotUserDenied=*))) Then add the attribute dovecotUserDenied with any content to deny that user. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUUwzOl3r2wJMiz2NAQJdeggAhxDhio9AUqDomoyjnRg6F2akRq26tFvL 4bG2O4qASIWEyAv232vU5zUX7/EmKWoGbBw6T/Ep3NVrzLNCPzxXi6aMjcd18ZsH z65bk/cgrwFzMjWXacQ+L//clmXSb7buZp6DiMTMfVWMWv5TkJa0u6fio9PQlTGT Fmi4RBnCozwK8SaiEZmXW6fd+Tdjy60NUk80huIngwviwaAnC3EFrv2IO6nCFbOJ PmFbxRDMD0j9+5Vbudea2ZmzYSpLOPzk1kCVFNrGVzAT2dtrishmnc2kv90FkbDt jJN/MUyCIL//zELDY3N73vjaDzpb+RQrp3eUfovS6xApbaGN1rtWqA== =2a5e -----END PGP SIGNATURE----- From tss at iki.fi Fri Mar 22 12:49:10 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 12:49:10 +0200 Subject: [Dovecot] v2.2 dsync_brain_lock() FLOCK compatibility issue on Solaris 11.1 In-Reply-To: <20130322100211.GA2407@uran.iai.uni-bonn.de> References: <20130322100211.GA2407@uran.iai.uni-bonn.de> Message-ID: <8F86B712-9F6C-4019-B5B8-07C6434CF127@iki.fi> On 22.3.2013, at 12.02, Walter Steiner wrote: > is a (maybe unintentional) fix reference to FLOCK locks. > > > if (file_wait_lock(brain->lock_fd, brain->lock_path, F_WRLCK, > FILE_LOCK_METHOD_FLOCK, brain->lock_timeout, > &brain->lock) <= 0) { I'm not sure why I used flock instead of fcntl lock. Maybe by accident. Switched: http://hg.dovecot.org/dovecot-2.2/rev/b436c1f6bd06 From dovecot at lists.wgwh.ch Fri Mar 22 13:04:46 2013 From: dovecot at lists.wgwh.ch (Oli Schacher) Date: Fri, 22 Mar 2013 12:04:46 +0100 Subject: [Dovecot] How do I enable dsync sieve script replication? Message-ID: <20130322120446.045ba3e6@lists.wgwh.ch> Hi all, Thank you Timo for adding sieve script replication to dsync, much appreciated! Should this run out of the box with 2.2.rc3 and latest pigeonhole+patch or does this have to be enabled in the configuration somehow? I upgraded my dsync replication test setup, but it doesn't sync sieve so far, so I'm not sure if this is a config issue or if I maybe made a mistake while upgrading/patching. btw: not sure if you saw this bugreport, dsync over tcp still produces "no command given" errors randomly (http://www.dovecot.org/list/dovecot/2013-March/088751.html) Thanks Oli #dovecot -n: # 2.2.rc3: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.22.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) auth_master_user_separator = * auth_mechanisms = plain login dict { acl = mysql:/etc/dovecot/dovecot-dict-shares.conf quotadict = mysql:/etc/dovecot/dovecot-dict-quota.conf } disable_plaintext_auth = no doveadm_password = listen = * login_greeting = Dovecot ready. mail_max_userip_connections = 50 mail_plugins = " quota notify replication" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = / type = private } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { acl = vfile:/etc/dovecot/acls acl_shared_dict = proxy::acl mail_replica = tcp::1337 quota = dict:::proxy::quotadict quota_rule = *:storage=10M:messages=1000 quota_rule2 = Spam:ignore quota_rule3 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=75%% quota-warning 75 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = pop3 imap lmtp sieve service aggregator { fifo_listener replication-notify-fifo { user = fumail } unix_listener replication-notify { user = fumail } } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = fumail mode = 0660 user = fumail } user = root } service dict { unix_listener dict { mode = 0600 user = fumail } } service doveadm { inet_listener { port = 1337 } } service imap { vsz_limit = 2 G } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } process_min_avail = 5 unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service managesieve { vsz_limit = 2 G } service pop3 { vsz_limit = 2 G } service quota-warning { executable = script /usr/local/bin/quotawarning.py unix_listener quota-warning { mode = 0666 user = fumail } user = fumail } service replicator { process_min_avail = 1 } ssl_cert = .crt ssl_key = .key userdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } protocol imap { imap_client_workarounds = mail_plugins = " quota notify replication acl imap_acl quota imap_quota" } protocol pop3 { mail_plugins = " quota notify replication quota" pop3_uidl_format = %08Xu%08Xv } protocol sieve { managesieve_logout_format = bytes ( in=%i : out=%o ) } protocol lmtp { deliver_log_format = from=<%f> msgid=%m action=<%$> subject=%s mail_plugins = " quota notify replication sieve quota" postmaster_address = postmaster@ quota_full_tempfail = yes } -- message transmitted on 100% recycled electrons From lst_hoe02 at kwsoft.de Fri Mar 22 13:59:53 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Fri, 22 Mar 2013 11:59:53 +0000 Subject: [Dovecot] Migarting password scheme In-Reply-To: References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> Message-ID: <20130322115953.Horde.Y7ZjbkYT0pCd3Q9alJHsEA1@horde4.hq.kwsoft.de> Zitat von Timo Sirainen : > On 21.3.2013, at 18.51, lst_hoe02 at kwsoft.de wrote: > >> Hello, >> >> by the move to Dovecot we try to alter the password encryption >> stored in the database from MD5 to CRYPT-SHA256 along the Guide at >> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. It's mostly >> working but i still have not found out how to pass the cleartext >> password to the re-encrypting script. According to the HowTo it >> should be enough to add "'%w' AS userdb_plain_pass" to the passdb >> query, to get a environment variable $PLAIN_PASS in the post-login >> script to pass along. >> This does not work eg. PLAIN_PASS is always empty. This is Dovecot >> 2.0.19 from Ubuntu 12.04 LTS. > > userdb_plain_pass method requires that you use userdb prefetch. > > And Daryl's method of using %w in regular userdb .. I'm not really > sure how well that works. Could easily be that different Dovecot > versions behave differently. Hello, with "userdb prefetch" it works. Sorry it was not clear to me that userdb prefetch *must* be used to get *this* userdb setting to work. Maybe it should be listed at http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes. Furthermore the example listed there does a migration from CRYPT to SHA256 (salted) but not CRYPT-SHA256 which is recommended, no? Regards Andreas From dot5productions at gmail.com Fri Mar 22 16:17:42 2013 From: dot5productions at gmail.com (isakrubin) Date: Fri, 22 Mar 2013 07:17:42 -0700 (PDT) Subject: [Dovecot] sieve-filter ignoring separator In-Reply-To: <514AB932.7060808@rename-it.nl> References: <514AB932.7060808@rename-it.nl> Message-ID: <1363961862597-41000.post@n4.nabble.com> Stephan Bosch-2 wrote > On 3/4/2013 9:21 PM, Isak Rubin wrote: >> >> # dovecot --version >> 2.1.9 > > This Dovecot is very old, so is probably your Pigeonhole version. Recent > versions should work fine in this regard. > > Regards, > > Stephan. Upgraded to # dovecot --version 2.2.rc3 still same issue :/ -- View this message in context: http://dovecot.2317879.n4.nabble.com/sieve-filter-ignoring-separator-tp40612p41000.html Sent from the Dovecot mailing list archive at Nabble.com. From ws+dovecot at iai.uni-bonn.de Fri Mar 22 16:35:10 2013 From: ws+dovecot at iai.uni-bonn.de (Walter Steiner) Date: Fri, 22 Mar 2013 15:35:10 +0100 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? Message-ID: <20130322143510.GA28803@uran.iai.uni-bonn.de> I stumbled over another segmentation fault: # /m/sw/dc/a/libexec/dovecot/imap -u cyrtest1 Debug: Loading modules from directory: /m/sw/dc/2.2-20130322/lib/dovecot Debug: Module loaded: /m/sw/dc/2.2-20130322/lib/dovecot/lib15_notify_plugin.so Debug: Module loaded: /m/sw/dc/2.2-20130322/lib/dovecot/lib20_mail_log_plugin.so Debug: auth input: cyrtest1 at iai.uni-bonn.de uid=13004 gid=13004 home=/m/d/user/cyrtest1 Debug: changed username to cyrtest1 at iai.uni-bonn.de Debug: Effective uid=13004, gid=13004, home=/m/d/user/cyrtest1 Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=sdbox:/m/d/imap/mbox/m/cyrtest1 Debug: fs: root=/m/d/imap/mbox/m/cyrtest1, index=, indexpvt=, control=, inbox=, alt= Debug: Namespace user: type=shared, prefix=user/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=sdbox:/m/d/imap/mbox/m/%n Debug: shared: root=/var/run/dovecot/, index=, indexpvt=, control=, inbox=, alt= * PREAUTH [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE] Logged in as cyrtest1 at iai.uni-bonn.de . namespace * NAMESPACE (("" "/")) (("user/" "/")) NIL . OK Namespace completed. . lsub "" * Segmentation fault (core dumped) I'm not familiar with gdb / debugging. gdb bt full is following but I'm afraid line numbers are not yet correct, are they? Compiler is gcc 4.5.2 output of make command while building dovecot does not show "-O"... (also tried "-O0" before ... as mentioned on some web pages) file src/lib-storage/mailbox-tree.c function mailbox_tree_traverse() line number 103: for (name = path;; path++) { if (*path != tree->separator && *path != '\0') ^^^^^^^^^^^^^^^ and tree is 0x0 #0 0xffff80ffb73d91cb in mailbox_tree_traverse (tree=0x0, path=0x472830 "user", create=false, created_r=0xffff80ffbffff187) at mailbox-tree.c:41 41 i_assert(mailbox_node_size >= sizeof(struct mailbox_node)); (gdb) bt full #0 0xffff80ffb73d91cb in mailbox_tree_traverse (tree=0x0, path=0x472830 "user", create=false, created_r=0xffff80ffbffff187) at mailbox-tree.c:41 node = (struct mailbox_node **) 0x10 parent = (struct mailbox_node *) 0x0 name = 0x472830 "user" str = (string_t *) 0x44d658 #1 0xffff80ffb73d9417 in mailbox_tree_lookup (tree=0x0, path=0x472830 "user") at mailbox-tree.c:41 _data_stack_cur_id = 5 node = (struct mailbox_node *) 0x0 created = false #2 0xffff80ffb73f01c6 in mailbox_list_set_subscription_flags (list=0x46c4d0, vname=0x472830 "user", flags=0x4725e8) at mailbox-list-subscriptions.c:47 node = (struct mailbox_node *) 0xffff80ffbf760030 #3 0xffff80ffb73eb4bc in mailbox_list_ns_prefix_return (ctx=0x472540, ns=0x46c400, has_children=false) at mailbox-list-iter.c:98 subs_ns = (struct mail_namespace *) 0x46c400 box = (struct mailbox *) 0xffff80ffb73ecae8 existence = 4294934783 ret = 0 __FUNCTION__ = "mailbox_list_ns_prefix_return" #4 0xffff80ffb73eb9d8 in mailbox_list_ns_iter_try_next (_ctx=0x472540, info_r=0xffff80ffbffff2c8) at mailbox-list-iter.c:98 ctx = (struct ns_list_iterate_context *) 0x472540 ns = (struct mail_namespace *) 0x3 info = (const struct mailbox_info *) 0x0 error = MAIL_ERROR_NONE errstr = 0x472540 "(&G" has_children = false __FUNCTION__ = "mailbox_list_ns_iter_try_next" #5 0xffff80ffb73ebb8d in mailbox_list_ns_iter_next (_ctx=0x472540) at mailbox-list-iter.c:98 info = (const struct mailbox_info *) 0x0 #6 0xffff80ffb73ec7f7 in mailbox_list_iter_next_call (ctx=0x472540) at mailbox-list-iter.c:98 info = (const struct mailbox_info *) 0x63207361206e6920 set = (const struct mailbox_settings *) 0x646567676f4c205d #7 0xffff80ffb73ecad8 in mailbox_list_iter_next (ctx=0x472540) at mailbox-list-iter.c:98 _data_stack_cur_id = 4 info = (const struct mailbox_info *) 0xffff80ffbf770030 #8 0x000000000041ac70 in cmd_list_continue (cmd=0x46d900) at ../../src/lib/array.h:197 ctx = (struct cmd_list_context *) 0x46d9f8 info = (const struct mailbox_info *) 0x41ae1a flags = 0 str = (string_t *) 0x44d410 mutf7_name = (string_t *) 0x44d560 name = 0xffff80ffbffff3a0 "0????\200??!?A" ret = 0 #9 0x000000000041b521 in cmd_list_full (cmd=0x46d900, lsub=true) at ../../src/lib/array.h:197 client = (struct client *) 0x46d0f0 args = (const struct imap_arg *) 0x4721c8 list_args = (const struct imap_arg *) 0xffff80ffbc1f8e79 arg_count = 4294934783 ctx = (struct cmd_list_context *) 0x46d9f8 patterns = {arr = {buffer = 0x46da38, element_size = 8}, v = 0x46da38, v_modifiable = 0x46da38} ref = 0x46da28 "" pattern = 0x46da30 "*" patterns_strarr = (const char * const *) 0x46da70 str = (string_t *) 0x44d2b8 #10 0x000000000041b61d in cmd_lsub (cmd=0x46d900) at cmd-lsub.c:8 No locals. #11 0x0000000000424697 in command_exec (cmd=0x46d900) at imap-commands.c:99 hook = (const struct command_hook *) 0x457ec0 ret = false #12 0x00000000004235fb in client_command_input (cmd=0x46d900) at imap-client.c:119 client = (struct client *) 0x46d0f0 command = (struct command *) 0xffff80ffbffff4d0 __FUNCTION__ = "client_command_input" #13 0x00000000004238fb in client_command_input (cmd=0x46d900) at imap-client.c:119 client = (struct client *) 0x46d0f0 command = (struct command *) 0x45ce58 __FUNCTION__ = "client_command_input" #14 0x0000000000423a1b in client_handle_next_command (client=0x46d0f0, remove_io_r=0xffff80ffbffff55d) at imap-client.c:119 No locals. #15 0x0000000000423a9b in client_handle_input (client=0x46d0f0) at imap-client.c:119 _data_stack_cur_id = 3 ret = false remove_io = false handled_commands = false __FUNCTION__ = "client_handle_input" #16 0x0000000000423c2e in client_input (client=0x46d0f0) at imap-client.c:119 cmd = (struct client_command_context *) 0x4663e8 output = (struct ostream *) 0x467968 bytes = 12 __FUNCTION__ = "client_input" #17 0xffff80ffb753c1de in io_loop_call_io (io=0x458690) at ioloop.c:26 ioloop = (struct ioloop *) 0x457d00 t_id = 2 #18 0xffff80ffb753d851 in io_loop_handler_run (ioloop=0x457d00) at ioloop-poll.c:96 ctx = (struct ioloop_handler_context *) 0x455420 pollfd = (struct pollfd *) 0x45c6a8 tv = {tv_sec = 57, tv_usec = 597544} io = (struct io_file *) 0x458690 msecs = 57598 ret = 0 call = true #19 0xffff80ffb753c281 in io_loop_run (ioloop=0x457d00) at ioloop.c:26 No locals. #20 0xffff80ffb74d40c2 in master_service_run (service=0x457bd0, callback=0x430806 ) at master-service.c:75 No locals. #21 0x0000000000430b1f in main (argc=3, argv=0xffff80ffbffff718) at main.c:70 set_roots = {0x439ce0, 0x0} login_set = {auth_socket_path = 0x0, postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0, failure_callback = 0, request_auth_token = 1} service_flags = 3 storage_service_flags = MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP username = 0xffff80ffbffff9cb "cyrtest1" c = -1 And without the shared namespace "user" no such crash! # 20130322: /m/sw/dc/2.2-20130322/etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc zfs auth_debug = yes auth_debug_passwords = yes auth_default_realm = iai.uni-bonn.de auth_master_user_separator = * auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = sha1 base_dir = /var/run/dovecot/ debug_log_path = /tmp/dcd imapc_features = rfc822.size imapc_host = mailbox.iai.uni-bonn.de imapc_list_prefix = INBOX imapc_master_user = ... imapc_password = ... imapc_port = 993 imapc_ssl = imaps imapc_ssl_verify = no imapc_user = %n log_path = /tmp/dce mail_debug = yes mail_gid = dovemail mail_location = sdbox:/m/d/imap/mbox/m/%n mail_plugins = notify mail_log mail_uid = dovemail namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } namespace user { hidden = no list = children location = sdbox:/m/d/imap/mbox/m/%%n prefix = user/%%u/ separator = / type = shared } passdb { args = scheme=CRYPT username_format=%u /m/d/etc/user/pw driver = passwd-file } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-giat driver = passwd-file master = yes pass = yes } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-top driver = passwd-file master = yes pass = yes } passdb { args = username_format=%n /m/d/etc/user/global/pw-master-top driver = passwd-file } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mailbox_create save flag_change mail_log_fields = uid box msgid size } protocols = imap pop3 service auth-worker { user = doveauth } service auth { user = doveauth } service imap-login { process_min_avail = 4 service_count = 1 } service imap { executable = imap process_limit = 1024 } service pop3 { executable = pop3 process_limit = 64 } ssl_cert = References: <514B6E94.50402@Media-Brokers.com> <5F3FBE0D-E803-4BC5-8935-F25DAB8921D6@iki.fi> Message-ID: Timo, The most strange thing is that even if I use the filter ALL, the emails are not moved. Just for example, using my test user I get the following logs: root at mail0:~/# doveadm -Dv altmove -u teste at supramail.com.br all doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(teste at supramail.com.br): Debug: Added userdb setting: mail=sdbox:~/:ALT=/mnt/hd/dovecot/supramail.com.br/teste doveadm(teste at supramail.com.br): Debug: Effective uid=5000, gid=5000, home=/mnt/ssd/dovecot/supramail.com.br/teste doveadm(teste at supramail.com.br): Debug: Quota root: name=Quota backend=maildir args= doveadm(teste at supramail.com.br): Debug: fs: root=/mnt/ssd/dovecot/ supramail.com.br/teste, index=, control=, inbox=, alt=/mnt/hd/dovecot/ supramail.com.br/teste doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=1 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=2 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=3 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=4 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=5 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=6 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=7 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=8 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=9 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=10 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=11 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=12 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=13 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=14 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=15 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=16 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=17 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=18 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=19 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=20 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=21 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=22 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=23 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=24 doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=25 doveadm(teste at supramail.com.br): Debug: altmove: box=Sent uid=1 And the fetch of the saved date is: root at mail0:~/# doveadm -Dv fetch -u teste at supramail.com.br date.saved mailbox inbox all date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:35 date.saved: 2012-10-31 23:53:36 date.saved: 2012-10-31 23:53:37 date.saved: 2012-10-31 23:53:37 date.saved: 2012-10-31 23:53:38 date.saved: 2012-10-31 23:53:39 date.saved: 2012-10-31 23:53:39 date.saved: 2012-10-31 23:53:39 date.saved: 2012-10-31 23:53:39 date.saved: 2012-10-31 23:53:40 date.saved: 2012-10-31 23:53:40 date.saved: 2012-10-31 23:53:40 date.saved: 2012-10-31 23:53:40 date.saved: 2012-10-31 23:53:41 date.saved: 2013-01-04 11:28:02 date.saved: 2013-01-17 15:38:39 date.saved: 2013-03-07 11:44:18 Thanks for your help, Breno Moreira On Thu, Mar 21, 2013 at 6:41 PM, Timo Sirainen wrote: > I guess the save date gets reset. You can verify that with e.g.: > > doveadm fetch date.saved mailbox inbox all > > dsync is supposed to preserve the save date though. Might be broken in > your version. > > On 21.3.2013, at 22.59, Breno Moreira wrote: > > > My email was sent before I finish it. > > > > The other command I'm using is for move the old mails to the alternate > > storage, and it is: > > - doveadm -Dv altmove -u user seen savedbefore 2w > > > > In the logs all seems to be ok, without errors or warnings. > > I'm really thinking in test the new version to find out if the problem > > still occurs. > > > > Thanks to all. > > > > Breno Moreira > > > > > > On Thu, Mar 21, 2013 at 5:53 PM, Breno Moreira > wrote: > > > >> Hi Charles, > >> > >> Sorry for not providing this kind of info. > >> > >> I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is > below: > >> > >> # 2.1.7: /etc/dovecot/dovecot.conf > >> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 > >> auth_mechanisms = plain login > >> auth_socket_path = /var/run/dovecot/auth-userdb > >> disable_plaintext_auth = no > >> lmtp_proxy = yes > >> mail_fsync = always > >> mail_gid = vmail > >> mail_location = maildir:~/.maildir > >> mail_plugins = " quota" > >> mail_uid = vmail > >> mmap_disable = yes > >> passdb { > >> driver = pam > >> } > >> passdb { > >> args = /etc/dovecot/dovecot-sql.conf.ext > >> driver = sql > >> } > >> plugin { > >> quota = maildir:Quota > >> sieve = ~/.dovecot.sieve > >> sieve_dir = ~/sieve > >> } > >> protocols = imap pop3 lmtp > >> service auth { > >> unix_listener /var/spool/postfix/private/auth { > >> mode = 0666 > >> } > >> unix_listener auth-userdb { > >> group = vmail > >> mode = 0666 > >> user = vmail > >> } > >> user = root > >> } > >> service imap-login { > >> service_count = 0 > >> } > >> service lmtp { > >> inet_listener lmtp { > >> address = localhost mail0.supramail.com.br > >> port = 7025 > >> } > >> } > >> service pop3-login { > >> service_count = 0 > >> } > >> ssl_cert = >> ssl_key = >> userdb { > >> driver = passwd > >> } > >> userdb { > >> args = /etc/dovecot/dovecot-sql.conf.ext > >> driver = sql > >> } > >> protocol lmtp { > >> mail_plugins = " quota sieve" > >> postmaster_address = postmaster at mail0.supramail.com.br > >> } > >> protocol imap { > >> mail_plugins = " quota imap_quota" > >> } > >> protocol pop3 { > >> pop3_uidl_format = %v-%u > >> } > >> > >> The commands that I'm using are: > >> > >> - dsync -Dv -u user mirror sdbox:~/sdbox:ALT=alternatestoragepath > >> > >> - > >> > >> > >> On Thu, Mar 21, 2013 at 5:33 PM, Charles Marcus < > CMarcus at media-brokers.com > >>> wrote: > >> > >>> Please always try to provide some basic system info when asking for > help. > >>> > >>> dovecot version? doveconf -n output? actual commands you are typing? > logs > >>> of the events? > >>> > >>> Also remember, dsync has been completely rewritten for the upcoming 2.2 > >>> (at rc3 now), and has always been a little problematic in earlier > versions > >>> (which I guess was the reason for the rewrite)... > >>> > >>> > >>> On 2013-03-21 3:58 PM, Breno Moreira wrote: > >>> > >>>> Hi guys, > >>>> > >>>> I'm having a problem with the altmove command after a mailbox > migration > >>>> using dsync. > >>>> > >>>> What I'm trying to do is move some users from a datacenter to another > >>>> and, > >>>> for that, I'm using the dsync feature. First thing I do is run the > dsync > >>>> mirror command, and this is working properly, but all mails are moved > to > >>>> the main path, ignoring the ALT statement in the mail location. > >>>> > >>>> So, what I tried to do was run the doveadm altmove to move the old > mails > >>>> to > >>>> the new alternate storage, but it simply doesn't work or sometimes > moves > >>>> only few messages. > >>>> > >>>> After the user receives new messages, these new files are correctly > >>>> moved. > >>>> > >>>> It can be problem with my search parameter in the altmove command? Or > >>>> this > >>>> is a normal result? > >>>> > >>>> Best Regards, > >>>> Breno Moreira > >>>> > >>>> > >>> > >>> -- > >>> > >>> Best regards, > >>> > >>> Charles Marcus > >>> I.T. Director > >>> Media Brokers International, Inc. > >>> 678.514.6224 | 678.514.6299 fax > >>> > >>> > >>> > >> > >> > >> -- > >> --------------------------------------------------------------------- > >> Breno Moreira > >> > >> ?O ?xito na vida n?o se mede pelo que voc? conquistou, > >> > >> mas sim pelas dificuldades que superou no caminho.? > >> > >> * Abraham Lincoln* > >> > >> > > > > > > -- > > --------------------------------------------------------------------- > > Breno Moreira > > > > ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > > > mas sim pelas dificuldades que superou no caminho.? > > > > * Abraham Lincoln* > > -- --------------------------------------------------------------------- Breno Moreira ?O ?xito na vida n?o se mede pelo que voc? conquistou, mas sim pelas dificuldades que superou no caminho.? * Abraham Lincoln* From tss at iki.fi Fri Mar 22 16:43:33 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 16:43:33 +0200 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: References: <514B6E94.50402@Media-Brokers.com> <5F3FBE0D-E803-4BC5-8935-F25DAB8921D6@iki.fi> Message-ID: <1363963413.13923.54.camel@innu> On Fri, 2013-03-22 at 11:36 -0300, Breno Moreira wrote: > The most strange thing is that even if I use the filter ALL, the emails are > not moved. Sounds like a bug. Before wondering about it further, try upgrading to v2.1.15. I remember some versions having bugs related to altmoving. > Just for example, using my test user I get the following logs: > > root at mail0:~/# doveadm -Dv altmove -u teste at supramail.com.br all > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/modules > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/modules/lib10_quota_plugin.so > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/modules/doveadm > doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() > failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: > undefined symbol: acl_user_module (this is usually intentional, so just > ignore this message) > doveadm(root): Debug: Skipping module doveadm_expire_plugin, because > dlopen() failed: > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined > symbol: expire_set_deinit (this is usually intentional, so just ignore this > message) > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so > doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() > failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: > undefined symbol: i_stream_create_deflate (this is usually intentional, so > just ignore this message) > doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() > failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: > undefined symbol: fts_backend_rescan (this is usually intentional, so just > ignore this message) > doveadm(teste at supramail.com.br): Debug: Added userdb setting: > mail=sdbox:~/:ALT=/mnt/hd/dovecot/supramail.com.br/teste > doveadm(teste at supramail.com.br): Debug: Effective uid=5000, gid=5000, > home=/mnt/ssd/dovecot/supramail.com.br/teste > doveadm(teste at supramail.com.br): Debug: Quota root: name=Quota > backend=maildir args= > doveadm(teste at supramail.com.br): Debug: fs: root=/mnt/ssd/dovecot/ > supramail.com.br/teste, index=, control=, inbox=, alt=/mnt/hd/dovecot/ > supramail.com.br/teste > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=1 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=2 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=3 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=4 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=5 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=6 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=7 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=8 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=9 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=10 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=11 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=12 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=13 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=14 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=15 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=16 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=17 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=18 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=19 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=20 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=21 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=22 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=23 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=24 > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=25 > doveadm(teste at supramail.com.br): Debug: altmove: box=Sent uid=1 > > And the fetch of the saved date is: > > root at mail0:~/# doveadm -Dv fetch -u teste at supramail.com.br date.saved > mailbox inbox all > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:35 > date.saved: 2012-10-31 23:53:36 > date.saved: 2012-10-31 23:53:37 > date.saved: 2012-10-31 23:53:37 > date.saved: 2012-10-31 23:53:38 > date.saved: 2012-10-31 23:53:39 > date.saved: 2012-10-31 23:53:39 > date.saved: 2012-10-31 23:53:39 > date.saved: 2012-10-31 23:53:39 > date.saved: 2012-10-31 23:53:40 > date.saved: 2012-10-31 23:53:40 > date.saved: 2012-10-31 23:53:40 > date.saved: 2012-10-31 23:53:40 > date.saved: 2012-10-31 23:53:41 > date.saved: 2013-01-04 11:28:02 > date.saved: 2013-01-17 15:38:39 > date.saved: 2013-03-07 11:44:18 > > Thanks for your help, > Breno Moreira > > > On Thu, Mar 21, 2013 at 6:41 PM, Timo Sirainen wrote: > > > I guess the save date gets reset. You can verify that with e.g.: > > > > doveadm fetch date.saved mailbox inbox all > > > > dsync is supposed to preserve the save date though. Might be broken in > > your version. > > > > On 21.3.2013, at 22.59, Breno Moreira wrote: > > > > > My email was sent before I finish it. > > > > > > The other command I'm using is for move the old mails to the alternate > > > storage, and it is: > > > - doveadm -Dv altmove -u user seen savedbefore 2w > > > > > > In the logs all seems to be ok, without errors or warnings. > > > I'm really thinking in test the new version to find out if the problem > > > still occurs. > > > > > > Thanks to all. > > > > > > Breno Moreira > > > > > > > > > On Thu, Mar 21, 2013 at 5:53 PM, Breno Moreira > > wrote: > > > > > >> Hi Charles, > > >> > > >> Sorry for not providing this kind of info. > > >> > > >> I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is > > below: > > >> > > >> # 2.1.7: /etc/dovecot/dovecot.conf > > >> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 > > >> auth_mechanisms = plain login > > >> auth_socket_path = /var/run/dovecot/auth-userdb > > >> disable_plaintext_auth = no > > >> lmtp_proxy = yes > > >> mail_fsync = always > > >> mail_gid = vmail > > >> mail_location = maildir:~/.maildir > > >> mail_plugins = " quota" > > >> mail_uid = vmail > > >> mmap_disable = yes > > >> passdb { > > >> driver = pam > > >> } > > >> passdb { > > >> args = /etc/dovecot/dovecot-sql.conf.ext > > >> driver = sql > > >> } > > >> plugin { > > >> quota = maildir:Quota > > >> sieve = ~/.dovecot.sieve > > >> sieve_dir = ~/sieve > > >> } > > >> protocols = imap pop3 lmtp > > >> service auth { > > >> unix_listener /var/spool/postfix/private/auth { > > >> mode = 0666 > > >> } > > >> unix_listener auth-userdb { > > >> group = vmail > > >> mode = 0666 > > >> user = vmail > > >> } > > >> user = root > > >> } > > >> service imap-login { > > >> service_count = 0 > > >> } > > >> service lmtp { > > >> inet_listener lmtp { > > >> address = localhost mail0.supramail.com.br > > >> port = 7025 > > >> } > > >> } > > >> service pop3-login { > > >> service_count = 0 > > >> } > > >> ssl_cert = > >> ssl_key = > >> userdb { > > >> driver = passwd > > >> } > > >> userdb { > > >> args = /etc/dovecot/dovecot-sql.conf.ext > > >> driver = sql > > >> } > > >> protocol lmtp { > > >> mail_plugins = " quota sieve" > > >> postmaster_address = postmaster at mail0.supramail.com.br > > >> } > > >> protocol imap { > > >> mail_plugins = " quota imap_quota" > > >> } > > >> protocol pop3 { > > >> pop3_uidl_format = %v-%u > > >> } > > >> > > >> The commands that I'm using are: > > >> > > >> - dsync -Dv -u user mirror sdbox:~/sdbox:ALT=alternatestoragepath > > >> > > >> - > > >> > > >> > > >> On Thu, Mar 21, 2013 at 5:33 PM, Charles Marcus < > > CMarcus at media-brokers.com > > >>> wrote: > > >> > > >>> Please always try to provide some basic system info when asking for > > help. > > >>> > > >>> dovecot version? doveconf -n output? actual commands you are typing? > > logs > > >>> of the events? > > >>> > > >>> Also remember, dsync has been completely rewritten for the upcoming 2.2 > > >>> (at rc3 now), and has always been a little problematic in earlier > > versions > > >>> (which I guess was the reason for the rewrite)... > > >>> > > >>> > > >>> On 2013-03-21 3:58 PM, Breno Moreira wrote: > > >>> > > >>>> Hi guys, > > >>>> > > >>>> I'm having a problem with the altmove command after a mailbox > > migration > > >>>> using dsync. > > >>>> > > >>>> What I'm trying to do is move some users from a datacenter to another > > >>>> and, > > >>>> for that, I'm using the dsync feature. First thing I do is run the > > dsync > > >>>> mirror command, and this is working properly, but all mails are moved > > to > > >>>> the main path, ignoring the ALT statement in the mail location. > > >>>> > > >>>> So, what I tried to do was run the doveadm altmove to move the old > > mails > > >>>> to > > >>>> the new alternate storage, but it simply doesn't work or sometimes > > moves > > >>>> only few messages. > > >>>> > > >>>> After the user receives new messages, these new files are correctly > > >>>> moved. > > >>>> > > >>>> It can be problem with my search parameter in the altmove command? Or > > >>>> this > > >>>> is a normal result? > > >>>> > > >>>> Best Regards, > > >>>> Breno Moreira > > >>>> > > >>>> > > >>> > > >>> -- > > >>> > > >>> Best regards, > > >>> > > >>> Charles Marcus > > >>> I.T. Director > > >>> Media Brokers International, Inc. > > >>> 678.514.6224 | 678.514.6299 fax > > >>> > > >>> > > >>> > > >> > > >> > > >> -- > > >> --------------------------------------------------------------------- > > >> Breno Moreira > > >> > > >> ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > >> > > >> mas sim pelas dificuldades que superou no caminho.? > > >> > > >> * Abraham Lincoln* > > >> > > >> > > > > > > > > > -- > > > --------------------------------------------------------------------- > > > Breno Moreira > > > > > > ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > > > > > mas sim pelas dificuldades que superou no caminho.? > > > > > > * Abraham Lincoln* > > > > > > From tss at iki.fi Fri Mar 22 17:03:02 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 17:03:02 +0200 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? In-Reply-To: <20130322143510.GA28803@uran.iai.uni-bonn.de> References: <20130322143510.GA28803@uran.iai.uni-bonn.de> Message-ID: <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> On 22.3.2013, at 16.35, Walter Steiner wrote: > I stumbled over another segmentation fault: .. > . lsub "" * > Segmentation fault (core dumped) I can't seem to be able to reproduce this. What's in the user's subscriptions file? > I'm not familiar with gdb / debugging. gdb bt full is following but I'm > afraid line numbers are not yet correct, are they? Yeah, for some reason they're wrong. From ws+dovecot at iai.uni-bonn.de Fri Mar 22 17:29:54 2013 From: ws+dovecot at iai.uni-bonn.de (Walter Steiner) Date: Fri, 22 Mar 2013 16:29:54 +0100 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? In-Reply-To: <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> References: <20130322143510.GA28803@uran.iai.uni-bonn.de> <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> Message-ID: <20130322152953.GB3485@uran.iai.uni-bonn.de> > I can't seem to be able to reproduce this. What's in the user's subscriptions file? Did some doveadm mailbox (un)subscribe -u ... If the file subscriptions in the mailbox of this user is a) empty => crash b) user.otherexistinguser.existingfolder => crash c) user.other... INBOX => okay d) INBOX => okay d) test => okay It seems that with an active shared namespace one needs to have at least one folder in the private namespace in this file. With no shared namespace the list may be empty. (the client did not automatically subscribe to mailboxes (before the lsub)) From tss at iki.fi Fri Mar 22 17:44:42 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 22 Mar 2013 17:44:42 +0200 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? In-Reply-To: <20130322152953.GB3485@uran.iai.uni-bonn.de> References: <20130322143510.GA28803@uran.iai.uni-bonn.de> <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> <20130322152953.GB3485@uran.iai.uni-bonn.de> Message-ID: <34BEEEBD-DA8C-45CC-A9A4-6E676F6A9D56@iki.fi> On 22.3.2013, at 17.29, Walter Steiner wrote: >> I can't seem to be able to reproduce this. What's in the user's subscriptions file? > > Did some doveadm mailbox (un)subscribe -u ... > > If the file subscriptions in the mailbox of this user is > > a) > empty > => crash Oh, figured out the crash: http://hg.dovecot.org/dovecot-2.2/rev/6f5b14d4ad56 You most likely want to have subscriptions=no for your shared namespace. Also you most likely want to enable ACL plugin. > b) > user.otherexistinguser.existingfolder > => crash Note that this should be user/otherexistinguser/existingfolder From ws+dovecot at iai.uni-bonn.de Fri Mar 22 19:34:50 2013 From: ws+dovecot at iai.uni-bonn.de (Walter Steiner) Date: Fri, 22 Mar 2013 18:34:50 +0100 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? In-Reply-To: <34BEEEBD-DA8C-45CC-A9A4-6E676F6A9D56@iki.fi> References: <20130322143510.GA28803@uran.iai.uni-bonn.de> <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> <20130322152953.GB3485@uran.iai.uni-bonn.de> <34BEEEBD-DA8C-45CC-A9A4-6E676F6A9D56@iki.fi> Message-ID: <20130322173450.GA623@uran.iai.uni-bonn.de> > You most likely want to have subscriptions=no for your shared namespace. Also you most likely want to enable ACL plugin. Yes - thank you for your comment! The ACLs I had configured before are not enabled in this minimalistic configuration because of crashes when running doveadm backup -R ... imapc: with ACLs enabled. You wrote that you are continuing debugging "my problem". Regardless of this, should I investigate / file this ACL (related) bug? With todays nightly: dsync(wsunpriv at iai.uni-bonn.de): Debug: acl: initializing backend with data: vfile:/m/d/etc/acl:cache_secs=300 dsync(wsunpriv at iai.uni-bonn.de): Debug: acl: acl username = wsunpriv at iai.uni-bonn.de dsync(wsunpriv at iai.uni-bonn.de): Debug: acl: owner = 0 dsync(wsunpriv at iai.uni-bonn.de): Debug: acl vfile: Global ACL directory: /m/d/etc/acl dsync(wsunpriv at iai.uni-bonn.de): Debug: brain M: in state=recv_handshake dsync(wsunpriv at iai.uni-bonn.de): Debug: brain M: out state=send_mailbox_tree_deletes changed=1 dsync(wsunpriv at iai.uni-bonn.de): Panic: file imapc-list.c: line 199 (imapc_list_get_vname): assertion failed: (strncmp(prefix, storage_name, prefix_len) == 0 && storage_name[prefix_len] == list->sep) dsync(wsunpriv at iai.uni-bonn.de): Error: Raw backtrace: /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot.so.0.0.0'default_fatal_finish+0x26 [0xffff80ffb60c4d34] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot.so.0.0.0'default_error_handler+0x0 [0xffff80ffb60c4dc3] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot.so.0.0.0'i_fatal+0x0 [0xffff80ffb60c50a4] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot-storage.so.0.0.0'imapc_list_get_vname+0xdb [0xffff80ffb5f4c4ce] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot-storage.so.0.0.0'mailbox_list_get_vname+0x28 [0xffff80ffb5f75ebb] -> /m/sw/dc/2.2-20130322/lib/dovecot/lib01_acl_plugin.so'acl_backend_vfile_object_init+0x92 [0xffff80ffb5e3d0fa] -> /m/sw/dc/2.2-20130322/lib/dovecot/lib01_acl_plugin.so'acl_object_init_from_name+0x2b [0xffff80ffb5e3ad88] -> /m/sw/dc/2.2-20130322/lib/dovecot/lib01_acl_plugin.so'acl_backend_get_default_rights+0x30 [0xffff80ffb5e3c9b4] -> /m/sw/dc/2.2-20130322/lib/dovecot/lib01_acl_plugin.so'acl_mailbox_try_list_fast+0xb2 [0xffff80ffb5e44b77] -> /m/sw/dc/2.2-20130322/lib/dovecot/lib01_acl_plugin.so'acl_mailbox_list_iter_init+0x188 [0xffff80ffb5e44efa] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot-storage.so.0.0.0'mailbox_list_iter_init_multiple+0x91 [0xffff80ffb5f8aa20] -> /m/sw/dc/2.2-20130322/lib/dovecot/libdovecot-storage.so.0.0.0'mailbox_list_iter_init+0x39 [0xffff80ffb5f8a596] -> /m/sw/dc/2.2-20130322/bin/doveadm'dsync_mailbox_tree_fill+0x103 [0x456acf] -> /m/sw/dc/2.2-20130322/bin/doveadm'dsync_brain_mailbox_trees_init+0x114 [0x449f74] -> /m/sw/dc/2.2-20130322/bin/doveadm'dsync_brain_slave_recv_handshake+0x18d [0x447703] -> /m/sw/dc/2.2-20130322/bin/doveadm'dsync_brain_run_real+0xe7 [0x447a4c] -> /m/sw/dc/2.2-20130322/bin/doveadm'dsync_brain_run+0x61 [0x447bf6] -> /m/sw/dc/2.2-20130322/bin/doveadm'cmd_dsync_run_local+0x325 [0x444b1e] -> /m/sw/dc/2.2-20130322/bin/doveadm'cmd_dsync_run+0x272 [0x445156] -> /m/sw/dc/2.2-20130322/bin/doveadm'doveadm_mail_next_user+0x189 [0x4294ba] -> /m/sw/dc/2.2-20130322/bin/doveadm'doveadm_mail_single_user+0x157 [0x429680] -> /m/sw/dc/2.2-20130322/bin/doveadm'doveadm_mail_cmd+0x3bc [0x429f24] -> /m/sw/dc/2.2-20130322/bin/doveadm'doveadm_mail_try_run+0xac [0x42a19b] -> /m/sw/dc/2.2-20130322/bin/doveadm'main+0x286 [0x4342b7] -> /m/sw/dc/2.2-20130322/bin/doveadm'_start+0x6c [0x428a8c] Abort (core dumped) From brenoavm at gmail.com Fri Mar 22 20:08:22 2013 From: brenoavm at gmail.com (Breno Moreira) Date: Fri, 22 Mar 2013 15:08:22 -0300 Subject: [Dovecot] Altmove doesn't working after a dsync. In-Reply-To: <1363963413.13923.54.camel@innu> References: <514B6E94.50402@Media-Brokers.com> <5F3FBE0D-E803-4BC5-8935-F25DAB8921D6@iki.fi> <1363963413.13923.54.camel@innu> Message-ID: Timo, I updated my dovecot to 2.2.rc3 (b436c1f6bd06) but the problem still happens. There is some info that I can send you to clarify the problem? Thanks, On Fri, Mar 22, 2013 at 11:43 AM, Timo Sirainen wrote: > On Fri, 2013-03-22 at 11:36 -0300, Breno Moreira wrote: > > > The most strange thing is that even if I use the filter ALL, the emails > are > > not moved. > > Sounds like a bug. Before wondering about it further, try upgrading to > v2.1.15. I remember some versions having bugs related to altmoving. > > > Just for example, using my test user I get the following logs: > > > > root at mail0:~/# doveadm -Dv altmove -u teste at supramail.com.br all > > doveadm(root): Debug: Loading modules from directory: > > /usr/lib/dovecot/modules > > doveadm(root): Debug: Module loaded: > > /usr/lib/dovecot/modules/lib10_quota_plugin.so > > doveadm(root): Debug: Loading modules from directory: > > /usr/lib/dovecot/modules/doveadm > > doveadm(root): Debug: Skipping module doveadm_acl_plugin, because > dlopen() > > failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: > > undefined symbol: acl_user_module (this is usually intentional, so just > > ignore this message) > > doveadm(root): Debug: Skipping module doveadm_expire_plugin, because > > dlopen() failed: > > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: > undefined > > symbol: expire_set_deinit (this is usually intentional, so just ignore > this > > message) > > doveadm(root): Debug: Module loaded: > > /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so > > doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because > dlopen() > > failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: > > undefined symbol: i_stream_create_deflate (this is usually intentional, > so > > just ignore this message) > > doveadm(root): Debug: Skipping module doveadm_fts_plugin, because > dlopen() > > failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: > > undefined symbol: fts_backend_rescan (this is usually intentional, so > just > > ignore this message) > > doveadm(teste at supramail.com.br): Debug: Added userdb setting: > > mail=sdbox:~/:ALT=/mnt/hd/dovecot/supramail.com.br/teste > > doveadm(teste at supramail.com.br): Debug: Effective uid=5000, gid=5000, > > home=/mnt/ssd/dovecot/supramail.com.br/teste > > doveadm(teste at supramail.com.br): Debug: Quota root: name=Quota > > backend=maildir args= > > doveadm(teste at supramail.com.br): Debug: fs: root=/mnt/ssd/dovecot/ > > supramail.com.br/teste, index=, control=, inbox=, alt=/mnt/hd/dovecot/ > > supramail.com.br/teste > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=1 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=2 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=3 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=4 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=5 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=6 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=7 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=8 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=9 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=10 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=11 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=12 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=13 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=14 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=15 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=16 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=17 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=18 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=19 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=20 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=21 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=22 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=23 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=24 > > doveadm(teste at supramail.com.br): Debug: altmove: box=INBOX uid=25 > > doveadm(teste at supramail.com.br): Debug: altmove: box=Sent uid=1 > > > > And the fetch of the saved date is: > > > > root at mail0:~/# doveadm -Dv fetch -u teste at supramail.com.br date.saved > > mailbox inbox all > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:35 > > date.saved: 2012-10-31 23:53:36 > > date.saved: 2012-10-31 23:53:37 > > date.saved: 2012-10-31 23:53:37 > > date.saved: 2012-10-31 23:53:38 > > date.saved: 2012-10-31 23:53:39 > > date.saved: 2012-10-31 23:53:39 > > date.saved: 2012-10-31 23:53:39 > > date.saved: 2012-10-31 23:53:39 > > date.saved: 2012-10-31 23:53:40 > > date.saved: 2012-10-31 23:53:40 > > date.saved: 2012-10-31 23:53:40 > > date.saved: 2012-10-31 23:53:40 > > date.saved: 2012-10-31 23:53:41 > > date.saved: 2013-01-04 11:28:02 > > date.saved: 2013-01-17 15:38:39 > > date.saved: 2013-03-07 11:44:18 > > > > Thanks for your help, > > Breno Moreira > > > > > > On Thu, Mar 21, 2013 at 6:41 PM, Timo Sirainen wrote: > > > > > I guess the save date gets reset. You can verify that with e.g.: > > > > > > doveadm fetch date.saved mailbox inbox all > > > > > > dsync is supposed to preserve the save date though. Might be broken in > > > your version. > > > > > > On 21.3.2013, at 22.59, Breno Moreira wrote: > > > > > > > My email was sent before I finish it. > > > > > > > > The other command I'm using is for move the old mails to the > alternate > > > > storage, and it is: > > > > - doveadm -Dv altmove -u user seen savedbefore 2w > > > > > > > > In the logs all seems to be ok, without errors or warnings. > > > > I'm really thinking in test the new version to find out if the > problem > > > > still occurs. > > > > > > > > Thanks to all. > > > > > > > > Breno Moreira > > > > > > > > > > > > On Thu, Mar 21, 2013 at 5:53 PM, Breno Moreira > > > wrote: > > > > > > > >> Hi Charles, > > > >> > > > >> Sorry for not providing this kind of info. > > > >> > > > >> I'm using Dovecot 2.1.7 in a Debian Wheezy. The dovecot -n output is > > > below: > > > >> > > > >> # 2.1.7: /etc/dovecot/dovecot.conf > > > >> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 > > > >> auth_mechanisms = plain login > > > >> auth_socket_path = /var/run/dovecot/auth-userdb > > > >> disable_plaintext_auth = no > > > >> lmtp_proxy = yes > > > >> mail_fsync = always > > > >> mail_gid = vmail > > > >> mail_location = maildir:~/.maildir > > > >> mail_plugins = " quota" > > > >> mail_uid = vmail > > > >> mmap_disable = yes > > > >> passdb { > > > >> driver = pam > > > >> } > > > >> passdb { > > > >> args = /etc/dovecot/dovecot-sql.conf.ext > > > >> driver = sql > > > >> } > > > >> plugin { > > > >> quota = maildir:Quota > > > >> sieve = ~/.dovecot.sieve > > > >> sieve_dir = ~/sieve > > > >> } > > > >> protocols = imap pop3 lmtp > > > >> service auth { > > > >> unix_listener /var/spool/postfix/private/auth { > > > >> mode = 0666 > > > >> } > > > >> unix_listener auth-userdb { > > > >> group = vmail > > > >> mode = 0666 > > > >> user = vmail > > > >> } > > > >> user = root > > > >> } > > > >> service imap-login { > > > >> service_count = 0 > > > >> } > > > >> service lmtp { > > > >> inet_listener lmtp { > > > >> address = localhost mail0.supramail.com.br > > > >> port = 7025 > > > >> } > > > >> } > > > >> service pop3-login { > > > >> service_count = 0 > > > >> } > > > >> ssl_cert = > > >> ssl_key = > > >> userdb { > > > >> driver = passwd > > > >> } > > > >> userdb { > > > >> args = /etc/dovecot/dovecot-sql.conf.ext > > > >> driver = sql > > > >> } > > > >> protocol lmtp { > > > >> mail_plugins = " quota sieve" > > > >> postmaster_address = postmaster at mail0.supramail.com.br > > > >> } > > > >> protocol imap { > > > >> mail_plugins = " quota imap_quota" > > > >> } > > > >> protocol pop3 { > > > >> pop3_uidl_format = %v-%u > > > >> } > > > >> > > > >> The commands that I'm using are: > > > >> > > > >> - dsync -Dv -u user mirror sdbox:~/sdbox:ALT=alternatestoragepath > > > >> > > > >> - > > > >> > > > >> > > > >> On Thu, Mar 21, 2013 at 5:33 PM, Charles Marcus < > > > CMarcus at media-brokers.com > > > >>> wrote: > > > >> > > > >>> Please always try to provide some basic system info when asking for > > > help. > > > >>> > > > >>> dovecot version? doveconf -n output? actual commands you are > typing? > > > logs > > > >>> of the events? > > > >>> > > > >>> Also remember, dsync has been completely rewritten for the > upcoming 2.2 > > > >>> (at rc3 now), and has always been a little problematic in earlier > > > versions > > > >>> (which I guess was the reason for the rewrite)... > > > >>> > > > >>> > > > >>> On 2013-03-21 3:58 PM, Breno Moreira wrote: > > > >>> > > > >>>> Hi guys, > > > >>>> > > > >>>> I'm having a problem with the altmove command after a mailbox > > > migration > > > >>>> using dsync. > > > >>>> > > > >>>> What I'm trying to do is move some users from a datacenter to > another > > > >>>> and, > > > >>>> for that, I'm using the dsync feature. First thing I do is run the > > > dsync > > > >>>> mirror command, and this is working properly, but all mails are > moved > > > to > > > >>>> the main path, ignoring the ALT statement in the mail location. > > > >>>> > > > >>>> So, what I tried to do was run the doveadm altmove to move the old > > > mails > > > >>>> to > > > >>>> the new alternate storage, but it simply doesn't work or sometimes > > > moves > > > >>>> only few messages. > > > >>>> > > > >>>> After the user receives new messages, these new files are > correctly > > > >>>> moved. > > > >>>> > > > >>>> It can be problem with my search parameter in the altmove > command? Or > > > >>>> this > > > >>>> is a normal result? > > > >>>> > > > >>>> Best Regards, > > > >>>> Breno Moreira > > > >>>> > > > >>>> > > > >>> > > > >>> -- > > > >>> > > > >>> Best regards, > > > >>> > > > >>> Charles Marcus > > > >>> I.T. Director > > > >>> Media Brokers International, Inc. > > > >>> 678.514.6224 | 678.514.6299 fax > > > >>> > > > >>> > > > >>> > > > >> > > > >> > > > >> -- > > > >> > --------------------------------------------------------------------- > > > >> Breno Moreira > > > >> > > > >> ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > > >> > > > >> mas sim pelas dificuldades que superou no caminho.? > > > >> > > > >> * Abraham Lincoln* > > > >> > > > >> > > > > > > > > > > > > -- > > > > --------------------------------------------------------------------- > > > > Breno Moreira > > > > > > > > ?O ?xito na vida n?o se mede pelo que voc? conquistou, > > > > > > > > mas sim pelas dificuldades que superou no caminho.? > > > > > > > > * Abraham Lincoln* > > > > > > > > > > > > > -- --------------------------------------------------------------------- Breno Moreira ?O ?xito na vida n?o se mede pelo que voc? conquistou, mas sim pelas dificuldades que superou no caminho.? * Abraham Lincoln* From daryl at isletech.net Fri Mar 22 20:13:14 2013 From: daryl at isletech.net (Daryl Richards) Date: Fri, 22 Mar 2013 14:13:14 -0400 Subject: [Dovecot] Migarting password scheme In-Reply-To: References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> Message-ID: <514C9F3A.30303@isletech.net> On 21/03/2013 17:39, Timo Sirainen wrote: > userdb_plain_pass method requires that you use userdb prefetch. And > Daryl's method of using %w in regular userdb .. I'm not really sure > how well that works. Could easily be that different Dovecot versions > behave differently. So, basically what I am doing may fail at any time? Guess it's time to go play with config. BTW, I'm using 2.1.15 so it still works there... From hostmaster at taunusstein.net Fri Mar 22 20:37:28 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Fri, 22 Mar 2013 19:37:28 +0100 Subject: [Dovecot] Dovecot 2.2, Thunderbird And Client Certificates -> Login fails Message-ID: <514CA4E8.3090209@taunusstein.net> Hello, I stucked in Thunderbird authentication with X.509 client certs. This is my config (dovecot -n): $ /opt/dovecot/sbin/dovecot -n # 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 auth_debug = yes auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes auth_verbose = yes base_dir = /home/dovecot/ hostname = mail.ip6.li instance_name = dovecot-01 lda_mailbox_autocreate = yes mail_gid = dovecot mail_uid = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = scheme=CRYPT username_format=%u /opt/dovecot/etc/dovecot/mailusers.993 driver = passwd-file } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/home/dovecot/shared-mailboxes sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at ip6.li protocols = imap pop3 lmtp sieve quota_full_tempfail = yes sendmail_path = /usr/lib/sendmail service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_ca = , rip=192.168.200.6, lip=192.168.200.22, TLS, session= seems client cert is ok, but Dovecot does not like Thunderbirds method to handle TLS-Cert login w/o username and password. Hint http://dovecot.org/list/dovecot/2012-December/069771.html does not seem to be valid for Dovecot 2.2 On the other hand I think it is not a suitable method to include CRLs into CA file. Certificate should include a link to CRL or - better - an URL to OCSP. Does Dovecot support OCSP? best regards Christian From metro_domain_admin at fastmail.fm Fri Mar 22 21:56:45 2013 From: metro_domain_admin at fastmail.fm (Metro Domain Admin) Date: Fri, 22 Mar 2013 15:56:45 -0400 Subject: [Dovecot] discarding vacation response for message implicitly delivered In-Reply-To: <20130322042301.GA25358@noboost.org> References: <20130322042301.GA25358@noboost.org> Message-ID: <514CB77D.20800@fastmail.fm> On 3/22/13 12:23 AM, dovecot at noboost.org wrote: > Challenge: > Does anyone have an explination regarding this message? > > > ------------------------------------------------------------------- > "Mar 22 12:15:22 chtvm dovecot: lmtp(7004, cht): C+EZBuObS1FcGwAAlnPEfg: > sieve: msgid=<20130322011522.6D55D40389 at chtvm.noboost.org>: > discarding vacation response for message implicitly delivered to > " > ------------------------------------------------------------------- > It seems like Postfix is stripping the domain from the destination address. The envelope address (reduced to just "cht" as LMTP receives it), needs to be among the recipients in the headers. it's not, so Dovecot assumes "cht" was a BCC recipient and suppresses the vacation response. From nick.z.edwards at gmail.com Sat Mar 23 03:31:30 2013 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Sat, 23 Mar 2013 11:31:30 +1000 Subject: [Dovecot] Reduce logging auth-worker Message-ID: Hello Timo We would like to reduce the logging by increasing severity, we don't use syslog since we use log_path = /var/log/dovecot/pop3.log Is there a way auth-worker can be made to log warn|error instead of info? Constantly 1/5th of the log file is filled with auth-work info connecting to mysql socket, which we do not need to see unless, well, we need to see it either via debug, or if there is a problem, I know this can be done from syslog, but we prefer not to use syslog, and the wiki does not indicate it can be done? Niki From h.reindl at thelounge.net Sat Mar 23 03:34:22 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Mar 2013 02:34:22 +0100 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: References: Message-ID: <514D069E.9040605@thelounge.net> Am 23.03.2013 02:31, schrieb Nick Edwards: > Hello Timo > > We would like to reduce the logging by increasing severity, we don't > use syslog since we use > > log_path = /var/log/dovecot/pop3.log why? > Is there a way auth-worker can be made to log warn|error instead of info? > > Constantly 1/5th of the log file is filled with auth-work info > connecting to mysql socket, which we do not need to see unless, well, > we need to see it either via debug, or if there is a problem, I know > this can be done from syslog, but we prefer not to use syslog, and the > wiki does not indicate it can be done? but that is exactly why syslog exists instead re-invent the wheel [root at mail:~]$ cat /etc/rsyslog.conf | grep database :msg, contains, "Connected to database dbmail" ~ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From nick.z.edwards at gmail.com Sat Mar 23 03:58:38 2013 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Sat, 23 Mar 2013 11:58:38 +1000 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D069E.9040605@thelounge.net> References: <514D069E.9040605@thelounge.net> Message-ID: As usual you post with nothing helpful to say, I wont dignify your regular trolling by commenting any further On 3/23/13, Reindl Harald wrote: > > > Am 23.03.2013 02:31, schrieb Nick Edwards: >> Hello Timo >> >> We would like to reduce the logging by increasing severity, we don't >> use syslog since we use >> >> log_path = /var/log/dovecot/pop3.log > > why? > >> Is there a way auth-worker can be made to log warn|error instead of >> info? >> >> Constantly 1/5th of the log file is filled with auth-work info >> connecting to mysql socket, which we do not need to see unless, well, >> we need to see it either via debug, or if there is a problem, I know >> this can be done from syslog, but we prefer not to use syslog, and the >> wiki does not indicate it can be done? > > but that is exactly why syslog exists instead re-invent the wheel > > [root at mail:~]$ cat /etc/rsyslog.conf | grep database > :msg, contains, "Connected to database dbmail" ~ > > From h.reindl at thelounge.net Sat Mar 23 04:28:30 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sat, 23 Mar 2013 03:28:30 +0100 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: References: <514D069E.9040605@thelounge.net> Message-ID: <514D134E.2030206@thelounge.net> >> [root at mail:~]$ cat /etc/rsyslog.conf | grep database >> :msg, contains, "Connected to database dbmail" ~ was not helpful? well, not if you insist in not use syslog maybe you should explain why not using syslog as everybody else to taken serious because "i do not want" in case where it is clear you need is no reason Am 23.03.2013 02:58, schrieb Nick Edwards: > As usual you post with nothing helpful to say, I wont dignify your > regular trolling by commenting any further > > On 3/23/13, Reindl Harald wrote: >> >> >> Am 23.03.2013 02:31, schrieb Nick Edwards: >>> Hello Timo >>> >>> We would like to reduce the logging by increasing severity, we don't >>> use syslog since we use >>> >>> log_path = /var/log/dovecot/pop3.log >> >> why? >> >>> Is there a way auth-worker can be made to log warn|error instead of >>> info? >>> >>> Constantly 1/5th of the log file is filled with auth-work info >>> connecting to mysql socket, which we do not need to see unless, well, >>> we need to see it either via debug, or if there is a problem, I know >>> this can be done from syslog, but we prefer not to use syslog, and the >>> wiki does not indicate it can be done? >> >> but that is exactly why syslog exists instead re-invent the wheel >> >> [root at mail:~]$ cat /etc/rsyslog.conf | grep database >> :msg, contains, "Connected to database dbmail" ~ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From dormitionskete at hotmail.com Sat Mar 23 06:35:20 2013 From: dormitionskete at hotmail.com (DormitionSkete@hotmail.com) Date: Fri, 22 Mar 2013 22:35:20 -0600 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: <1363942043.13923.47.camel@innu> References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> <1363791544.10326.251.camel@innu> <1363942043.13923.47.camel@innu> Message-ID: On Mar 22, 2013, at 2:47 AM, Timo Sirainen wrote: > On Wed, 2013-03-20 at 17:40 -0600, DormitionSkete at hotmail.com wrote: >> On Mar 20, 2013, at 8:59 AM, Timo Sirainen wrote: >> >>> On Wed, 2013-03-20 at 08:15 -0600, DormitionSkete at hotmail.com wrote: >>> >>>> My experience with IMAP over the internet with a couple of servers outside our monastery (while I was in it, and we have considerably better download speeds than upload) has always been that IMAP has always been incredibly slow. So, I've always just allowed users to connect to the IMAP server via webmail. It's slow, but usable. >>> >>> Another idea: Get some cheap server from outside, use dsync replication >>> to keep it synced with your internal one, and set up DNS so that users >>> get directed to the fastest server. http://wiki2.dovecot.org/Replication >>> >>> >> >> I LIKE this idea, but I have a few questions about it to see if it >> would be appropriate for our situation. There are a few other things >> to consider that I didn't mention before because they did not seem >> relevant earlier. >> >> First off, I'd just like to say that we have a web server set up at a >> location outside of our monastery that hosts all of our websites. I'm >> currently in the process of building new servers to replace both it >> and our current email server. So, assuming this is both plausible for >> our situation, and within my capabilities, I should be able to work on >> this at my leisure, and get the initial sync of our emails done while >> on the same LAN. >> >> So, the additional info and questions are the following: >> >> 1.) Our download speeds are decent enough, but in addition to having >> poor upload speeds, we also have very strict limits on how much we are >> able to download. And we use almost every bit of it every day. We >> cannot get more, either. We have unlimited downloads for four hours >> at night, however. > > If a delayed sync isn't a problem, you could do it only once at nights. > You wouldn't need to use the replicator service at all, just run > "doveadm sync -f -A -d" in a cronjob. > >> 2.) We have very large message archives. We basically have 95% of >> the emails we've received for the past 16 years. So, the sync *must* >> only update items that have been changed. Is this how it it would >> work? > > dsync can do full sync (= all messages' metadata is sent + new messages' > contents), "changed sync" (= same as full sync, but only for changed > folders) or incremental sync (= only new messages' metadata + contents > are sent). The incremental sync is what replicator service does while > it's running, but it's still currently doing a full sync at startup. > > A nightly cronjob could do incremental syncing also, but it would have > to run dsync separately for each user and store the sync state to some > file. > > The "changed sync" works well enough usually, but it has a problem if > both replicas have had exactly the same amount of changes it doesn't > realize that there may be differences between them and skip it. > >> 3.) We are currently using uw-imap with mbox. If we switch to >> Dovecot, using Maildir format, will the sync only update the new >> messages and the header files for any folders that have been changed? > > It works the same with all mailbox formats. Headers and bodies aren't > synced separately, but metadata (= ~100 bytes/msg maybe) is. > >> 4.) I thought I read somewhere in Dovecot's documentation last night >> that it has a 50 mb limit on folders. It can't write anything larger >> than that. Does this sound familiar? (Now I can't find it!) If so, >> is that for mbox? We currently have some mbox folders whose files are >> significantly larger than that. If we convert to Maildir format, >> where the individual messages are in their own files, could a folder >> contain messages totaling more than 50 MB using Dovecot? > > Dovecot has no such limit. Postfix by default has set a file size limit > for 50 MB, which effectively limits mbox sizes to 50 MB, but it can be > removed with Postfix mailbox_size_limit setting. > >> 4a. -- Oops. I just noticed this: "NOTE2: sdbox/mdbox mailbox >> formats are recommended for replication. Maildir still has some issues >> (although probably not noticeable in normal use)." Should I consider >> this a show-stopper for syncing like this? > > With v2.2 I don't think there's much of a difference anymore. > >> 5.) In the http://wiki2.dovecot.org/Replication page, would this be >> continuously synced each time a user sends, receives, deletes, or >> moves messages, etc.? Or would it be periodically synced? > > With replicator it syncs immediately when something changes. > >> 6.) Also, that page does not make it clear if one server is like the >> "master" and the other the "slave". Do I do the same changes to both >> servers? > > Both servers are equal. Setup both servers exactly the same. > >> If, given the above additional information, it would not be an >> appropriate solution for us, this suggestion about syncing the two >> servers gave me another idea. >> >> I was thinking, "Well, I wonder if I could just sync the Inboxes? We >> don't really need the folders synced. In the highly unlikely event a >> person would ever need something from one of his folders, he could >> always just log into the (slow) monastery server through web mail and >> get it that way." > > If you're syncing via ssh, you can give "-m inbox" parameter to > dsync_remote_cmd setting and it syncs only INBOX. But it's still > unnecessarily running dsync whenever anything changes. With some > hardcoding it would be easy to change that though. > >> (When we are on the road, we are generally working real hard, and we >> don't answer any more emails or do any other computer work than we >> absolutely have to.) >> >> So, that led me to the idea to simply set up some message rules in >> procmail in our (slow) monastery server to copy any incoming messages >> to the server offsite in addition to delivering them locally. For the >> most part, that would be sufficient for us -- and considerably >> easier. >> >> The only downsides to this are that when we reply to messages, they >> would not be marked as having been replied to, and we wouldn't have >> copies of our replies on our main server. >> >> The not being marked as replied to is not a big deal. I know we could >> manually copy any sent messages from one server to the other when we >> returned to the monastery, if we really wanted to, but does anyone >> know of a better way to do it? > > The users would then need to have two accounts I think, one for internal > and one for outside mail. Otherwise whenever they switch between servers > they need a full resync. > > > Thank you very, very much, Timo. I appreciate this more than you can possibly imagine. And thank you, everyone else who contributed to this thread, as well. I appreciate all of your ideas and suggestions very much, too. My current plan is to to move the bulk of our archives to another server -- actually, a different zone on the same Solaris machine -- and dsync just our primary email server at night. The archives are rarely used, and don't need to be accessed from outside. In fact, I'll probably leave them in uw-imap so I don't have to convert them to dovecot. I think that should probably work the best for us, if I can pull it off. I'm a lot more of a programmer than a system admin. Thank you all again. From noel.butler at ausics.net Sat Mar 23 09:13:08 2013 From: noel.butler at ausics.net (Noel Butler) Date: Sat, 23 Mar 2013 17:13:08 +1000 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D134E.2030206@thelounge.net> References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> Message-ID: <1364022788.7940.7.camel@tardis> On Sat, 2013-03-23 at 03:28 +0100, Reindl Harald wrote: > maybe you should explain why not using syslog as > everybody else Why do you think you speak for everybody else? Because you sure as hell don't, so stop pretending to. WTF is in the air this week, it seems to contain a few self proclaimed god's who apparently know what everyone else does, or, at least thought they did. I too have always used dovecot logging to specific files for over a decade, I know plenty of others too. Anyone who knows anything about syslog on large production servers knows avoiding it is best practice, it's also about the only thing DJB and I ever agreed on. But back on topic, I think it would be an excellent option, less work for dovecot, in forseeable future though, editing source would be the way to go. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From jtam.home at gmail.com Sat Mar 23 09:48:05 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Sat, 23 Mar 2013 00:48:05 -0700 (PDT) Subject: [Dovecot] Migrating password scheme In-Reply-To: References: Message-ID: I tried the userdb prefetch / postlogin script method to do some password manipulation, but it doesn't appear to work for me. In particular, I don't think this method works with userdb { driver = passwd-file args = /path/to/passwd-file userdb_pw=%w } because it doesn't understand arbitrary var=value in the args configuration. Dvoecot seems to accept the entire string as the pathname for a password file. Is there a way to pass the plaintext password to a post-login script using passwd-file userdb? Before this, I managed password manipulation by process tracing dovecot's auth process read() syscalls and parsing out the user/password from the second buffer argument. Quite a hack but it worked. Joseph Tam From hostmaster at taunusstein.net Sat Mar 23 11:03:57 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Sat, 23 Mar 2013 10:03:57 +0100 Subject: [Dovecot] Crash while moving mail between private folder and shared folder Message-ID: <514D6FFD.8000808@taunusstein.net> Hello, while moving a mail from a private folder (inbox) to a shared folder and back to private folder Dovecot 2.2rc3 crashes: ---cut here--- Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19423, TLS Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f82f65b28fa] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f82f65b293e] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f82f657435b] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f82f686b590] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f82f686b5a9] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f82f51127bd] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f82f511424b] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f82f511445d] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f82f511800b] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f82f552d7cb] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f82f687274f] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f82f6872810] -> dovecot-01/imap() [0x40d29d] -> dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() [0x415250] -> dovecot-01/imap() [0x41530a] -> dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> dovecot-01/imap(client_input+0x72) [0x415972] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f82f65c20e6] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f82f65c2f37] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f82f65c1c28] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f82f6579473] -> dovecot-01/imap(main+0x270) [0x40b950] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f82f61e6ead] -> dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: master: service(imap): child 19423 killed with signal 6 (core dumps disabled) Mar 23 09:57:44 dovecot dovecot: imap-login: Login: user=, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, mpid=19425, TLS Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns != NULL) Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) [0x7f66ed9a58fa] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) [0x7f66ed9a593e] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f66ed96735b] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) [0x7f66edc5e590] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) [0x7f66edc5e5a9] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) [0x7f66ec5057bd] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) [0x7f66ec50724b] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) [0x7f66ec50745d] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) [0x7f66ec50b00b] -> /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) [0x7f66ec9207cb] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) [0x7f66edc6574f] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) [0x7f66edc65810] -> dovecot-01/imap() [0x40d29d] -> dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() [0x415250] -> dovecot-01/imap() [0x41530a] -> dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> dovecot-01/imap(client_input+0x72) [0x415972] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f66ed9b50e6] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) [0x7f66ed9b5f37] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f66ed9b4c28] -> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f66ed96c473] -> dovecot-01/imap(main+0x270) [0x40b950] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f66ed5d9ead] -> dovecot-01/imap() [0x40baad] Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: master: service(imap): child 19425 killed with signal 6 (core dumps disabled) Mar 23 09:57:46 dovecot dovecot: imap(john.doe at example.net): Disconnected: Logged out in=192 out=1118 ---cut here--- Following config was used: ---cut here--- # 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 ext4 auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes auth_verbose = yes auth_verbose_passwords = plain base_dir = /home/dovecot/ hostname = mail.ip6.li instance_name = dovecot-01 lda_mailbox_autocreate = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_gid = dovecot mail_location = maildir:/home/vmail/%d/%u/Maildir mail_plugins = quota mail_uid = dovecot managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace { list = children location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u prefix = shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / type = private } passdb { args = failure_show_msg=yes dovecot driver = pam } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size quota = maildir:User quota quota_grace = 10%% quota_rule = *:storage=1G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = postmaster at ip6.li protocols = imap pop3 lmtp sieve quota_full_tempfail = yes sendmail_path = /usr/lib/sendmail service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl_ca = References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> <1364022788.7940.7.camel@tardis> Message-ID: <514D7C82.9000905@thelounge.net> Am 23.03.2013 08:13, schrieb Noel Butler: > On Sat, 2013-03-23 at 03:28 +0100, Reindl Harald wrote: >> maybe you should explain why not using syslog as >> everybody else > > Why do you think you speak for everybody else? Because you sure as hell > don't, so stop pretending to. WTF is in the air this week, it seems to > contain a few self proclaimed god's who apparently know what everyone else > does, or, at least thought they did blablablanla > I too have always used dovecot logging to specific files for over a > decade, I know plenty of others too maybe you should RTFM, this is nothing you can't do easily with rsyslog and much more felxible as with any program option # systemd-logind not in /var/log/messages :programname, isequal, "systemd-logind" -/var/log/secure :programname, isequal, "systemd-logind" ~ # log dhcpd in own file :programname, isequal, "dhcpd" -/var/log/dhcpd.log :programname, isequal, "dhcpd" ~ :programname, isequal, "vmnet-dhcpd" -/var/log/dhcpd.log :programname, isequal, "vmnet-dhcpd" ~ # log hostapd in own file :programname, isequal, "hostapd" -/var/log/hostapd.log :programname, isequal, "hostapd" ~ > Anyone who knows anything about syslog on large production servers knows > avoiding it is best practice, it's also about the only thing DJB and I > ever agreed on blablablanla in large environments you even have your syslogd logging on a remote machine for auditing and security reasons -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From me at junc.eu Sat Mar 23 18:52:38 2013 From: me at junc.eu (Benny Pedersen) Date: Sat, 23 Mar 2013 17:52:38 +0100 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D134E.2030206@thelounge.net> References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> Message-ID: Reindl Harald skrev den 2013-03-23 03:28: > maybe you should explain why not using syslog as > everybody else to taken serious because "i do not > want" in case where it is clear you need is no reason blame apache for not using syslog by default, sure just show a patch to fix it :) if you cant, why care on trying ? From me at junc.eu Sat Mar 23 18:57:48 2013 From: me at junc.eu (Benny Pedersen) Date: Sat, 23 Mar 2013 17:57:48 +0100 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D7C82.9000905@thelounge.net> References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> <1364022788.7940.7.camel@tardis> <514D7C82.9000905@thelounge.net> Message-ID: Reindl Harald skrev den 2013-03-23 10:57: > in large environments you even have your syslogd logging on a remote > machine for auditing and security reasons or amazon-s3 remote filestore :) we can continue ? From me at junc.eu Sat Mar 23 19:19:08 2013 From: me at junc.eu (Benny Pedersen) Date: Sat, 23 Mar 2013 18:19:08 +0100 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> Message-ID: <4650d37cfe90761bb977cfa909263ba9@junc.eu> DormitionSkete at hotmail.com skrev den 2013-03-20 14:35: > Well, like I said, we have real slow upload speeds. I think POP3 > would give a better user experience. what is slow then ?, download all mails + keep copy in pop3, or dynamicly get the single email via imap ? i have 768kbit upload and i see no problem with users here, users that want a offline copy can move it offline From me at junc.eu Sat Mar 23 19:23:40 2013 From: me at junc.eu (Benny Pedersen) Date: Sat, 23 Mar 2013 18:23:40 +0100 Subject: [Dovecot] Disallow POP3 from deleting messages In-Reply-To: References: <1363783410.10326.245.camel@innu> <20130320132211.GC20746@nihlus.leuxner.net> <20130320135145.GD20746@nihlus.leuxner.net> Message-ID: <840d140aac414174b2042fe4a3091e7f@junc.eu> DormitionSkete at hotmail.com skrev den 2013-03-20 15:15: > My experience with IMAP over the internet with a couple of servers > outside our monastery (while I was in it, and we have considerably > better download speeds than upload) has always been that IMAP has > always been incredibly slow. remember courier-imap with client side filters in squirrelmail ?, that was slow :) with dovecot / sieve server side filtering there is no slow down at all > So, I've always just allowed users to > connect to the IMAP server via webmail. It's slow, but usable. stop using client side filtering > I guess it's time to open a port in our firewall and do some testing > with a couple of clients from outside. Maybe they'll work better > than > I've always assumed. +1, close pop3 on outside :) > I appreciate the input, everybody. thats whats maillist is for From lst_hoe02 at kwsoft.de Sat Mar 23 21:31:12 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Sat, 23 Mar 2013 20:31:12 +0100 Subject: [Dovecot] Migrating password scheme In-Reply-To: References: Message-ID: <20130323203112.Horde.pZjFSU6jTahRTgMAUYbAx1A@webmail.kwsoft.de> Zitat von Joseph Tam : > I tried the userdb prefetch / postlogin script method to do some password > manipulation, but it doesn't appear to work for me. In particular, I > don't think this method works with > > userdb { > driver = passwd-file > args = /path/to/passwd-file userdb_pw=%w > } > From what i understand you have to set a userdb_ variable with passdb and userdb prefetch set. The %w variable seems to be already empty (again?) at userdb stage. Regards Andreas -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6144 bytes Desc: S/MIME Cryptographic Signature URL: From nick.z.edwards at gmail.com Sun Mar 24 03:42:32 2013 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Sun, 24 Mar 2013 11:42:32 +1000 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D134E.2030206@thelounge.net> References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> Message-ID: you don't get it do you, troll, since your name is not Timo and you have no fucking idea about our requirements, or dovecot's code, STFU, you are contributing NOTHING, like always, so do not bother with this thread because you are not helpful, if we could use your beloved syslog, we would, but it again I'll say it because you have a serious comprehension problem, it does not suite our needs, and because of your whitenoise Timo or others who might help wont probably bother with this thread, but you're an expert at fucking it over for others. you are nothing but a bored, arrogant and caustic person, who feels the need to berate others without knowing all the facts, this is evident by the many mailing lists you are subscribed to. *PLONKED* On 3/23/13, Reindl Harald wrote: >>> [root at mail:~]$ cat /etc/rsyslog.conf | grep database >>> :msg, contains, "Connected to database dbmail" ~ > > was not helpful? > well, not if you insist in not use syslog > > maybe you should explain why not using syslog as > everybody else to taken serious because "i do not > want" in case where it is clear you need is no reason > > Am 23.03.2013 02:58, schrieb Nick Edwards: >> As usual you post with nothing helpful to say, I wont dignify your >> regular trolling by commenting any further >> >> On 3/23/13, Reindl Harald wrote: >>> >>> >>> Am 23.03.2013 02:31, schrieb Nick Edwards: >>>> Hello Timo >>>> >>>> We would like to reduce the logging by increasing severity, we don't >>>> use syslog since we use >>>> >>>> log_path = /var/log/dovecot/pop3.log >>> >>> why? >>> >>>> Is there a way auth-worker can be made to log warn|error instead of >>>> info? >>>> >>>> Constantly 1/5th of the log file is filled with auth-work info >>>> connecting to mysql socket, which we do not need to see unless, well, >>>> we need to see it either via debug, or if there is a problem, I know >>>> this can be done from syslog, but we prefer not to use syslog, and the >>>> wiki does not indicate it can be done? >>> >>> but that is exactly why syslog exists instead re-invent the wheel >>> >>> [root at mail:~]$ cat /etc/rsyslog.conf | grep database >>> :msg, contains, "Connected to database dbmail" ~ > > From stsiol at yahoo.co.uk Sun Mar 24 09:35:21 2013 From: stsiol at yahoo.co.uk (Spyros Tsiolis) Date: Sun, 24 Mar 2013 07:35:21 +0000 (GMT) Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> Message-ID: <1364110521.15709.YahooMailNeo@web28806.mail.ir2.yahoo.com> >________________________________ > From: Nick Edwards >To: dovecot at dovecot.org? >Sent: Sunday, 24 March 2013, 3:42 >Subject: Re: [Dovecot] Reduce logging auth-worker >? >you don't get it do you, troll, since your name is not Timo and you >have no fucking idea about our requirements, or dovecot's code,? STFU, >you are contributing NOTHING, like always, so do not bother with this >thread because you are not helpful, if we could use your beloved >syslog, we would, but it again I'll say it because you have a serious >comprehension problem, it does not suite our needs, and because of >your whitenoise Timo or others who might help wont probably bother >with this thread, but you're an expert at fucking it over for others. > >you are nothing but a bored, arrogant and caustic person, who feels >the need to berate others without knowing all the facts, this is >evident by the many mailing lists you are subscribed to. > >*PLONKED* Nick, I don't think it's appropriate to use such language. We are all responsible people here trying to get answers to problems/questions. I am sure you know your stuff, i don't doubt? that. And I am not trying to start a flame war :-) Peace, s. ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis From tss at iki.fi Sun Mar 24 19:05:43 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 19:05:43 +0200 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: References: Message-ID: On 23.3.2013, at 3.31, Nick Edwards wrote: > We would like to reduce the logging by increasing severity, we don't > use syslog since we use > > log_path = /var/log/dovecot/pop3.log > > Is there a way auth-worker can be made to log warn|error instead of info? > > Constantly 1/5th of the log file is filled with auth-work info > connecting to mysql socket, which we do not need to see unless, well, > we need to see it either via debug, or if there is a problem, I know > this can be done from syslog, but we prefer not to use syslog, and the > wiki does not indicate it can be done? Well, you could do something like: service auth-worker { executable = auth -w -L -o info_log_path=/dev/null } Or you could increase process_min_avail so processes wouldn't all the time be created/destroyed and you wouldn't have so many mysql connection messages. But then again, I can't really think of any use for those messages. LDAP for example doesn't log about it. So removed from v2.2 unless someone gives a good reason for why they should stay: http://hg.dovecot.org/dovecot-2.2/rev/33e78edac8f5 From tss at iki.fi Sun Mar 24 19:10:09 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 19:10:09 +0200 Subject: [Dovecot] Migarting password scheme In-Reply-To: <514C9F3A.30303@isletech.net> References: <20130321175119.Horde.UG0wDE6jTahRSzqHe4NVvZA@webmail.kwsoft.de> <514C9F3A.30303@isletech.net> Message-ID: <7A019CFC-94DC-4F79-9077-641E143DAEAB@iki.fi> On 22.3.2013, at 20.13, Daryl Richards wrote: > On 21/03/2013 17:39, Timo Sirainen wrote: >> userdb_plain_pass method requires that you use userdb prefetch. And >> Daryl's method of using %w in regular userdb .. I'm not really sure >> how well that works. Could easily be that different Dovecot versions >> behave differently. > > So, basically what I am doing may fail at any time? Guess it's time to > go play with config. > > BTW, I'm using 2.1.15 so it still works there? Well, I think v2.0 cleared the password early and v2.1 only after everything is fully finished. And I'm not at least planning changing it back. So I guess your config will stay working. :) From tss at iki.fi Sun Mar 24 19:12:22 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 19:12:22 +0200 Subject: [Dovecot] Migrating password scheme In-Reply-To: References: Message-ID: <27FF8B9C-EAB8-442C-99A6-C5A882AD7CE0@iki.fi> On 23.3.2013, at 9.48, Joseph Tam wrote: > > I tried the userdb prefetch / postlogin script method to do some password > manipulation, but it doesn't appear to work for me. In particular, I > don't think this method works with > > userdb { > driver = passwd-file > args = /path/to/passwd-file userdb_pw=%w > } With v2.1 try: userdb { driver = passwd-file args = /path/to/passwd-file default_fields = pw=%w } From tss at iki.fi Sun Mar 24 19:21:25 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 19:21:25 +0200 Subject: [Dovecot] Replicator updates Message-ID: Some new features in hg: - replicator now correctly saves/restores state on exit/startup. it won't immediately start resyncing everyone now always. - if sync fails for user, retry in 5 minutes - doveadm replicator status: Give overview of replication status - doveadm replicator status : Show users' replication status - doveadm replicator replicate [-p ] : Replicate users now. replication_full_sync_interval was also changed to 24h by default. I was thinking that with that and a nightly cronjob running "doveadm replicator replicate '*'" the full syncs could only be done during night times. From tpetrosy at gmail.com Sun Mar 24 18:12:12 2013 From: tpetrosy at gmail.com (Tigran Petrosyan) Date: Sun, 24 Mar 2013 20:12:12 +0400 Subject: [Dovecot] Please help to make decision Message-ID: Hi We are going to implement the "Dovecot" for 1 million users. We are going to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 via (Fibre Channel storage). Can someone help to make decision? What kind of storage solution we can use to achieve good performance and scalability. From dovecot at pupat-ghestem.net Sun Mar 24 20:31:33 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 19:31:33 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime Message-ID: <514F4685.2020906@pupat-ghestem.net> Hello, I am running a dovecot 2.1.13 server and lately it stops responding after about a week of uptime. Simply restarting the dovecot service solves the issue. I tried to look a bit in my maillog file but did not find anything obvious. During the time when the server is not responding I can still see imap-login entries from the connection attempt by my email client. Any help about how to diagnose the problem would be appreciated. Thanks, Matthieu From tss at iki.fi Sun Mar 24 20:38:26 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 20:38:26 +0200 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F4685.2020906@pupat-ghestem.net> References: <514F4685.2020906@pupat-ghestem.net> Message-ID: <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> On 24.3.2013, at 20.31, Matthieu wrote: > Hello, > > I am running a dovecot 2.1.13 server and lately it stops responding after about a week of uptime. Simply restarting the dovecot service solves the issue. > > I tried to look a bit in my maillog file but did not find anything obvious. During the time when the server is not responding I can still see imap-login entries from the connection attempt by my email client. Any help about how to diagnose the problem would be appreciated. Find any errors and warnings Dovecot logged. If they don't go to a different file, do something like: egrep -i dovecot.*(error|warning) /var/log/maillog From tss at iki.fi Sun Mar 24 20:45:27 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 20:45:27 +0200 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: <0045E050-CEFA-40E2-9620-4E0625F92AF5@iki.fi> On 24.3.2013, at 18.12, Tigran Petrosyan wrote: > We are going to implement the "Dovecot" for 1 million users. We are going > to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 > via (Fibre Channel storage). > Can someone help to make decision? What kind of storage solution we can use > to achieve good performance and scalability. I remember people complaining about GFS2 (and other cluster filesystems) having bad performance. But in any case whatever you use, be sure to use also http://wiki2.dovecot.org/Director Even if it's not strictly needed, it improves the performance with GFS2. Object storages also scale nicely (e.g. Scality). For best performance with them you'd need Dovecot object storage plugin (not open source). From dovecot at pupat-ghestem.net Sun Mar 24 22:00:29 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 21:00:29 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> Message-ID: <514F5B5D.4040304@pupat-ghestem.net> On 03/24/2013 07:38 PM, Timo Sirainen wrote: > egrep -i dovecot.*(error|warning) /var/log/maillog The output of this command is empty. From tss at iki.fi Sun Mar 24 22:04:59 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 22:04:59 +0200 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F5B5D.4040304@pupat-ghestem.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> Message-ID: <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> On 24.3.2013, at 22.00, Matthieu wrote: > On 03/24/2013 07:38 PM, Timo Sirainen wrote: >> egrep -i dovecot.*(error|warning) /var/log/maillog > The output of this command is empty. Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would see at least those. From dovecot at pupat-ghestem.net Sun Mar 24 22:09:35 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 21:09:35 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> Message-ID: <514F5D7F.3060802@pupat-ghestem.net> On 03/24/2013 09:04 PM, Timo Sirainen wrote: > On 24.3.2013, at 22.00, Matthieu wrote: > >> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>> egrep -i dovecot.*(error|warning) /var/log/maillog >> The output of this command is empty. > Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would see at least those. > > Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: Mar 24 19:13:18 hebus dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:18 hebus dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:18 hebus dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user2 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:19 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call Mar 24 19:13:20 hebus dovecot: imap-login: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:20 hebus dovecot: imap-login: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:20 hebus dovecot: ssl-params: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:20 hebus dovecot: auth-worker(32592): Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:20 hebus dovecot: auth-worker(32595): Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:20 hebus dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints From h.reindl at thelounge.net Sun Mar 24 22:17:12 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Sun, 24 Mar 2013 21:17:12 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F5D7F.3060802@pupat-ghestem.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> Message-ID: <514F5F48.8020802@thelounge.net> Am 24.03.2013 21:09, schrieb Matthieu: > On 03/24/2013 09:04 PM, Timo Sirainen wrote: >> On 24.3.2013, at 22.00, Matthieu wrote: >> >>> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>>> egrep -i dovecot.*(error|warning) /var/log/maillog >>> The output of this command is empty. >> Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would >> see at least those. >> >> > Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: > > Mar 24 19:13:18 hebus dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Mar 24 19:13:18 hebus dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Mar 24 19:13:18 hebus dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) > Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call > Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call > Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call > Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints > Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See > http://wiki2.dovecot.org/Mountpoints what happened with /tmp and /var/tmp? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From dovecot at pupat-ghestem.net Sun Mar 24 22:22:21 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 21:22:21 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F5F48.8020802@thelounge.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> <514F5F48.8020802@thelounge.net> Message-ID: <514F607D.80109@pupat-ghestem.net> On 03/24/2013 09:17 PM, Reindl Harald wrote: > Am 24.03.2013 21:09, schrieb Matthieu: >> On 03/24/2013 09:04 PM, Timo Sirainen wrote: >>> On 24.3.2013, at 22.00, Matthieu wrote: >>> >>>> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>>>> egrep -i dovecot.*(error|warning) /var/log/maillog >>>> The output of this command is empty. >>> Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would >>> see at least those. >>> >>> >> Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: >> >> Mar 24 19:13:18 hebus dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints >> Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See >> http://wiki2.dovecot.org/Mountpoints > what happened with /tmp and /var/tmp? > Not much. This are not mount points, just regular folders. At the moment they contains a variety of files from different dates. From tss at iki.fi Sun Mar 24 22:31:35 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 22:31:35 +0200 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F5D7F.3060802@pupat-ghestem.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> Message-ID: On 24.3.2013, at 22.09, Matthieu wrote: > On 03/24/2013 09:04 PM, Timo Sirainen wrote: >> On 24.3.2013, at 22.00, Matthieu wrote: >> >>> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>>> egrep -i dovecot.*(error|warning) /var/log/maillog >>> The output of this command is empty. >> Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would see at least those. >> > Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: Well .. If Dovecot has a problem it should have logged about it. I'm not aware of any way to cause it to hang otherwise. doveconf -n output could be helpful, it might have something to do with your auth settings. Also it would help to know what happens when you connect to the IMAP port from localhost when it's hanging, and try to log in. Does it reply with the banner? Or does it hang only after using the login command? http://wiki2.dovecot.org/TestInstallation From dovecot at pupat-ghestem.net Sun Mar 24 22:36:35 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 21:36:35 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> Message-ID: <514F63D3.3030203@pupat-ghestem.net> On 03/24/2013 09:31 PM, Timo Sirainen wrote: > On 24.3.2013, at 22.09, Matthieu wrote: > >> On 03/24/2013 09:04 PM, Timo Sirainen wrote: >>> On 24.3.2013, at 22.00, Matthieu wrote: >>> >>>> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>>>> egrep -i dovecot.*(error|warning) /var/log/maillog >>>> The output of this command is empty. >>> Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would see at least those. >>> >> Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: > Well .. If Dovecot has a problem it should have logged about it. I'm not aware of any way to cause it to hang otherwise. doveconf -n output could be helpful, it might have something to do with your auth settings. > > Also it would help to know what happens when you connect to the IMAP port from localhost when it's hanging, and try to log in. Does it reply with the banner? Or does it hang only after using the login command? http://wiki2.dovecot.org/TestInstallation > Attached is the output of dovecot -n Regarding connecting to the IMAP port this would have to wait until the next time the hang happens. -------------- next part -------------- # dovecot -n # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.6.11 armv6l Fedora remix release 17 (Raspberrypi Fedora Remix) ext4 mail_location = maildir:/home/mail/%u/Maildir mbox_write_locks = fcntl namespace { inbox = yes location = mailbox { special_use = \Drafts name = Drafts } mailbox { special_use = \Junk name = Junk } mailbox { special_use = \Sent name = Sent } mailbox { special_use = \Sent name = Sent Messages } mailbox { special_use = \Trash name = Trash } prefix = name = inbox } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocols = imap service replication-notify-fifo { name = aggregator } service anvil-auth-penalty { name = anvil } service auth-worker { name = auth-worker } service { unix_listener { mode = 0666 path = /var/spool/postfix/private/auth } name = auth } service config { name = config } service dict { name = dict } service login/proxy-notify { name = director } service dns-client { name = dns_client } service doveadm-server { name = doveadm } service imap { name = imap-login } service login/imap { name = imap } service indexer-worker { name = indexer-worker } service indexer { name = indexer } service ipc { name = ipc } service lmtp { name = lmtp } service log-errors { name = log } service pop3 { name = pop3-login } service login/pop3 { name = pop3 } service replicator { name = replicator } service login/ssl-params { name = ssl-params } service stats-mail { name = stats } ssl = required ssl_cert = References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> <514F63D3.3030203@pupat-ghestem.net> Message-ID: <6AD39E2D-78BC-46C0-9018-9C948BFB9760@iki.fi> On 24.3.2013, at 22.36, Matthieu wrote: >> Well .. If Dovecot has a problem it should have logged about it. I'm not aware of any way to cause it to hang otherwise. doveconf -n output could be helpful, it might have something to do with your auth settings. >> >> Also it would help to know what happens when you connect to the IMAP port from localhost when it's hanging, and try to log in. Does it reply with the banner? Or does it hang only after using the login command? http://wiki2.dovecot.org/TestInstallation >> > Attached is the output of dovecot -n That's a rather strange looking dovecot -n. You have every service listed there with name setting. That's not normal. And of course Raspberrypi .. wonder if it has something to do with it. > Regarding connecting to the IMAP port this would have to wait until the next time the hang happens. Yeah. Also get a list of "ps auxw" output. straceing some processes (dovecot, imap-login) might be helpful too. From dovecot at pupat-ghestem.net Sun Mar 24 22:22:21 2013 From: dovecot at pupat-ghestem.net (Matthieu) Date: Sun, 24 Mar 2013 21:22:21 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F5F48.8020802@thelounge.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> <514F5F48.8020802@thelounge.net> Message-ID: <514F607D.80109@pupat-ghestem.net> On 03/24/2013 09:17 PM, Reindl Harald wrote: > Am 24.03.2013 21:09, schrieb Matthieu: >> On 03/24/2013 09:04 PM, Timo Sirainen wrote: >>> On 24.3.2013, at 22.00, Matthieu wrote: >>> >>>> On 03/24/2013 07:38 PM, Timo Sirainen wrote: >>>>> egrep -i dovecot.*(error|warning) /var/log/maillog >>>> The output of this command is empty. >>> Every time you stop Dovecot it logs a warning. You said you started (=restarted?) dovecot, so I'd think you would >>> see at least those. >>> >>> >> Oh yes sorry. I filtered by time as well. Those are the warnings from the last restart: >> >> Mar 24 19:13:18 hebus dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:18 hebus dovecot: imap(user1 at mydomain.com): Error: write(anvil) failed: Interrupted system call >> Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints >> Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See >> http://wiki2.dovecot.org/Mountpoints > what happened with /tmp and /var/tmp? > Not much. This are not mount points, just regular folders. At the moment they contains a variety of files from different dates. From trashcan at odo.in-berlin.de Sun Mar 24 23:07:57 2013 From: trashcan at odo.in-berlin.de (Michael Grimm) Date: Sun, 24 Mar 2013 22:07:57 +0100 Subject: [Dovecot] replicator/dsync over tcp Message-ID: Hi -- I am testing replicator/dsync over tcp, and I did run into some issues. First of all I did need to extend http://wiki2.dovecot.org/Replication to get dsync over tcp running without ssl: | # dsync over tcp default port | # | doveadm_port = 12345 | service doveadm { | # running dsync over tcp and using ssl | # added-->| user = vmail | inet_listener { added-->| address = 1.2.3.4 | port = 12345 | # ssl = yes | } | } | plugin { | # this host replicates to remote host | # | mail_replica = tcp:SERVER-A.TLD That didn't work ... | dovecot: doveadm(test): Error: doveadm_password not set, can't authenticate to remote server ... thus, I needed to add: added-->| local 1.2.3.4 { added-->| # password for client authentication by doveadm server added-->| # added-->| doveadm_password = secret added-->| # allow client to only use specified list of commands (default is all): added-->| # added-->| #doveadm_allowed_commands = added-->| } 1. Question: may one include "secret" from a file? Well, that runs like a charm! Now, I did try to add ssl by activating "ssl = yes" in 'service doveadm' (see above) and adding ... | # used by replicator/dsync over tcp | # | ssl_client_ca_dir = //ssl/certs ... and ... | mail_replica = tcps:SERVER-A.TLD But, this didn't work (logfile at remote server): | dovecot: doveadm(test): Invalid certificate: self signed certificate: /OU=dovecot server/CN=OTHER-NAME.TLD/emailAddress=postmaster at OTHER-NAME.TLD | dovecot: doveadm(test): Error: SERVER-A.TLD: Received invalid SSL certificate | dovecot: doveadm(test): Error: sync: Disconnected from remote The OTHER-NAME.TLD is served by my additional settings used by my MUAs: | ssl_cert = /ssl/certs/OTHER-NAME.TLD.pem | ssl_key = /ssl/private/OTHER-NAME.TLD.pem I did supply SERVER-A.TLD certs and private certificates at both servers as well, but dovecot seems to use those of OTHER-NAME.TLD for replicator/dsync instead :-( 2. Question: May I config the certificate that should be used for replicator/dsync and that might be different from those used by my MUAs (other then pointing to '//ssl/certs')? I am quite sure that I screwed my config somehow, but I cannot find the cause. Thus, someone? Thanks, and with kind regards, Michael From trashcan at odo.in-berlin.de Sun Mar 24 23:14:51 2013 From: trashcan at odo.in-berlin.de (Michael Grimm) Date: Sun, 24 Mar 2013 22:14:51 +0100 Subject: [Dovecot] replicator/dsync over tcp In-Reply-To: References: Message-ID: <000C614D-3F1E-4A6C-8C8F-7D6686CFDFE7@odo.in-berlin.de> Hi -- On 24.03.2013, at 22:07, Michael Grimm wrote: Forgot: That is Dovecot v2.2.rc3 (33e78edac8f5+) Regards, Michael From tss at iki.fi Sun Mar 24 23:30:58 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 23:30:58 +0200 Subject: [Dovecot] replicator/dsync over tcp In-Reply-To: References: Message-ID: <71A7D3A9-0D9B-4018-861E-9439F84E5C47@iki.fi> On 24.3.2013, at 23.07, Michael Grimm wrote: > First of all I did need to extend http://wiki2.dovecot.org/Replication to get dsync over tcp running without ssl: .. > | dovecot: doveadm(test): Error: doveadm_password not set, can't authenticate to remote server Updated http://master.wiki2.dovecot.org/Replication with it. > 1. Question: may one include "secret" from a file? > > Well, that runs like a charm! name = Now, I did try to add ssl by activating "ssl = yes" in 'service doveadm' (see above) and adding ... > > | # used by replicator/dsync over tcp > | # > | ssl_client_ca_dir = //ssl/certs > > ... and ... > > | mail_replica = tcps:SERVER-A.TLD > > But, this didn't work (logfile at remote server): > > | dovecot: doveadm(test): Invalid certificate: self signed certificate: /OU=dovecot server/CN=OTHER-NAME.TLD/emailAddress=postmaster at OTHER-NAME.TLD > | dovecot: doveadm(test): Error: SERVER-A.TLD: Received invalid SSL certificate > | dovecot: doveadm(test): Error: sync: Disconnected from remote > > The OTHER-NAME.TLD is served by my additional settings used by my MUAs: > > | ssl_cert = /ssl/certs/OTHER-NAME.TLD.pem > | ssl_key = /ssl/private/OTHER-NAME.TLD.pem > > I did supply SERVER-A.TLD certs and private certificates at both servers as well, but dovecot seems to use those of OTHER-NAME.TLD for replicator/dsync instead :-( The SERVER-A.TLD needs to have a certificate that is signed by one of the CAs in ssl_client_ca_dir. ssl_cert/key settings are irrelevant here. You can't use a self-signed cert, unless you put it into the CA dir (I don't know how exactly that works). From mysqlstudent at gmail.com Sun Mar 24 23:36:45 2013 From: mysqlstudent at gmail.com (Alex) Date: Sun, 24 Mar 2013 17:36:45 -0400 Subject: [Dovecot] Reporting on user info Message-ID: Hi all, I've just installed fc18 with dovecot-2.1.15 and have all the usual services set up and running properly. Of course now management is interested in who is using what service, for how long. Are there any existing reporting features available from within dovecot to provide stats on mail usage over time? Ideally, I'd like to provide a log file and find out who used each service, how long they were logged in, and from where they logged in. It would also be interesting to have a real-time view of who's connected. Does any such utility exist? Thanks, Alex From tss at iki.fi Sun Mar 24 23:39:50 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 24 Mar 2013 23:39:50 +0200 Subject: [Dovecot] Reporting on user info In-Reply-To: References: Message-ID: <035C10F4-1B6E-4D8E-AD1B-FD920DE3CB4E@iki.fi> On 24.3.2013, at 23.36, Alex wrote: > I've just installed fc18 with dovecot-2.1.15 and have all the usual > services set up and running properly. > > Of course now management is interested in who is using what service, > for how long. Are there any existing reporting features available from > within dovecot to provide stats on mail usage over time? > > Ideally, I'd like to provide a log file and find out who used each > service, how long they were logged in, and from where they logged in. Dovecot logs all that info. You'd need to write a script to parse the logs. > It would also be interesting to have a real-time view of who's > connected. Does any such utility exist? doveadm who From paveldimow at gmail.com Mon Mar 25 00:01:49 2013 From: paveldimow at gmail.com (Pavel Dimow) Date: Sun, 24 Mar 2013 23:01:49 +0100 Subject: [Dovecot] Dovecot v2 multiple domains Message-ID: Hello, I would like to have multiple domains on same server (with different ip's) and I want that user logs with username with domain part for every domain, but I can't find any documentation on this. To be more precise I found a post regarding dovecot v1 that suggest making separate init scripts for every domain but it also suggest that dovecot v2 will support this in code. This is the post http://dovecot.org/pipermail/dovecot/2006-April/012455.html Am I missing something or this is not still possible? From tss at iki.fi Mon Mar 25 00:08:32 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 00:08:32 +0200 Subject: [Dovecot] Dovecot v2 multiple domains In-Reply-To: References: Message-ID: <46151339-5408-4D5F-8BB9-2802D529ABED@iki.fi> On 25.3.2013, at 0.01, Pavel Dimow wrote: > Hello, > > I would like to have multiple domains on same server (with different > ip's) and I want that user logs with username with domain part for > every domain, "with"? so people logging in as user at domain? There is nothing you need to do. Dovecot doesn't care about domains, only how login names match to mail directories. If you really meant "without", then you need to match the IP address with the username. %l variables expands to the IP in e.g. passdb sql query. From erik at lysator.liu.se Mon Mar 25 01:10:17 2013 From: erik at lysator.liu.se (Erik Persson) Date: Mon, 25 Mar 2013 00:10:17 +0100 Subject: [Dovecot] SiS attachment file larger than expected Message-ID: <289C2E64-6F6F-4FD9-988B-66B7F6A8F34B@lysator.liu.se> Hello! Name's Erik and I have been using Dovecot for a few months and I so far quite happy with the software. To this list I am quite new though. After a testing period I have now been running a ~300 user system running CentOS 6 and Dovecot 2.1.14 with Postfix and SiS enabled. For the large part the system is running flawlessly but I have caught a few error messages: imap(censored at censored.domain): Error: Attachment file /mail/attachments/70/d0/70d04b12123bfb145983f5a674ee2e65029a4018aff1c6db51993b75f10bf101-117a1a3b06f54251e96200004d877aa0 larger than expected (370113) The total number of files that I have found complaints about in the log are less than 10 accessed by 3 users in a attachment file system that by now is housing 100k + files. The only common denominator I have found so far is that all the attachments are PDF files. Most if not all of the logged files are the only referenced link of the corresponding hash. Any idea what might be causing this and how it can be prevented? I do like to be a bit paranoid when it comes to data integrity. As I am not completely familiar with the dovecot tools I also wonder if there is a way to find the offending message in the mailbox other than trying to access it via a mail client? Best regards and keep up the good work! /Erik From tss at iki.fi Mon Mar 25 01:19:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 01:19:23 +0200 Subject: [Dovecot] SiS attachment file larger than expected In-Reply-To: <289C2E64-6F6F-4FD9-988B-66B7F6A8F34B@lysator.liu.se> References: <289C2E64-6F6F-4FD9-988B-66B7F6A8F34B@lysator.liu.se> Message-ID: <0DE499D8-7D64-489C-8121-80D2384B7A51@iki.fi> On 25.3.2013, at 1.10, Erik Persson wrote: > For the large part the system is running flawlessly but I have caught a few error messages: > > imap(censored at censored.domain): Error: Attachment file /mail/attachments/70/d0/70d04b12123bfb145983f5a674ee2e65029a4018aff1c6db51993b75f10bf101-117a1a3b06f54251e96200004d877aa0 larger than expected (370113) So, how large is this file really? (I guess the error message should show that too.) From erik at lysator.liu.se Mon Mar 25 01:26:28 2013 From: erik at lysator.liu.se (Erik Persson) Date: Mon, 25 Mar 2013 00:26:28 +0100 Subject: [Dovecot] SiS attachment file larger than expected In-Reply-To: <0DE499D8-7D64-489C-8121-80D2384B7A51@iki.fi> References: <289C2E64-6F6F-4FD9-988B-66B7F6A8F34B@lysator.liu.se> <0DE499D8-7D64-489C-8121-80D2384B7A51@iki.fi> Message-ID: 25 mar 2013 kl. 00:19 skrev Timo Sirainen : > On 25.3.2013, at 1.10, Erik Persson wrote: > >> For the large part the system is running flawlessly but I have caught a few error messages: >> >> imap(censored at censored.domain): Error: Attachment file /mail/attachments/70/d0/70d04b12123bfb145983f5a674ee2e65029a4018aff1c6db51993b75f10bf101-117a1a3b06f54251e96200004d877aa0 larger than expected (370113) > > So, how large is this file really? (I guess the error message should show that too.) > Someone else is not sleeping either it seems? :) Is the recorded size in the index 370113? This is what it looks like in the file system: [root at email01 ~]# ls -l /mail/attachments/70/d0/70d04b12123bfb145983f5a674ee2e65029a4018aff1c6db51993b75f10bf101-117a1a3b06f54251e96200004d877aa0 -rw-rw-rw- 2 vmail vmail 273781 Mar 15 11:16 /mail/attachments/70/d0/70d04b12123bfb145983f5a674ee2e65029a4018aff1c6db51993b75f10bf101-117a1a3b06f54251e96200004d877aa0 I guess that 370113 must be the base64 encoded size then? The actual file looks definitely like plain PDF. Cheers, /Erik From noel.butler at ausics.net Mon Mar 25 02:07:57 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 25 Mar 2013 10:07:57 +1000 Subject: [Dovecot] Reduce logging auth-worker In-Reply-To: <514D7C82.9000905@thelounge.net> References: <514D069E.9040605@thelounge.net> <514D134E.2030206@thelounge.net> <1364022788.7940.7.camel@tardis> <514D7C82.9000905@thelounge.net> Message-ID: <1364170077.4106.40.camel@tardis> On Sat, 2013-03-23 at 10:57 +0100, Reindl Harald wrote: > _deleted usual drivell_ > > Anyone who knows anything about syslog on large production servers knows > > avoiding it is best practice, it's also about the only thing DJB and I > > ever agreed on > > blablablanla > > in large environments you even have your syslogd logging on a remote > machine for auditing and security reasons > it shows you have never worked for a large ISP, or probably a small one at that, anyway going back to my usual not reading your trash talk. Oh yeah, Nick, +1 to your previous. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Mon Mar 25 02:21:29 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 25 Mar 2013 10:21:29 +1000 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: <1364170889.4106.53.camel@tardis> On Sun, 2013-03-24 at 20:12 +0400, Tigran Petrosyan wrote: > Hi > We are going to implement the "Dovecot" for 1 million users. We are going > to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 > via (Fibre Channel storage). > Can someone help to make decision? What kind of storage solution we can use > to achieve good performance and scalability. I'd recommend NFS, very easy to scale and excellent performance, we limit 8K simultaneous connections per server, they could do lot more, but never seen close to that anyway, usually at peaks is around 5K per box, however, thats pop3 - imap is only used for webmail. If you are only doing pop3, use INDEX=MEMORY as well, eg: mail_location = maildir:/var/vmail/%d/%1n/%1.1n/%2.1n/% n/Maildir:INDEX=MEMORY But if using imap, then I understand dovecots director (we dont use it) is better solution -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From noel.butler at ausics.net Mon Mar 25 02:29:37 2013 From: noel.butler at ausics.net (Noel Butler) Date: Mon, 25 Mar 2013 10:29:37 +1000 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <514F607D.80109@pupat-ghestem.net> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> <514F5F48.8020802@thelounge.net> <514F607D.80109@pupat-ghestem.net> Message-ID: <1364171377.4106.55.camel@tardis> On Sun, 2013-03-24 at 21:22 +0100, Matthieu wrote: > >> Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints > >> Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See > >> http://wiki2.dovecot.org/Mountpoints > > what happened with /tmp and /var/tmp? > > > Not much. This are not mount points, just regular folders. At the moment > they contains a variety of files from different dates. A lot of things need those directories, especially /tmp so I would investigate with high degree of urgency, why they are no longer available -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From h.reindl at thelounge.net Mon Mar 25 02:34:41 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 25 Mar 2013 01:34:41 +0100 Subject: [Dovecot] Dovecot service not responding after about a week of uptime In-Reply-To: <1364171377.4106.55.camel@tardis> References: <514F4685.2020906@pupat-ghestem.net> <78C8CE64-3BFA-4452-B15B-AEF622ED6A36@iki.fi> <514F5B5D.4040304@pupat-ghestem.net> <4FB5DDB4-4388-428E-890B-A84C0CC39608@iki.fi> <514F5D7F.3060802@pupat-ghestem.net> <514F5F48.8020802@thelounge.net> <514F607D.80109@pupat-ghestem.net> <1364171377.4106.55.camel@tardis> Message-ID: <514F9BA1.5030905@thelounge.net> Am 25.03.2013 01:29, schrieb Noel Butler: > On Sun, 2013-03-24 at 21:22 +0100, Matthieu wrote: > >>>> Mar 24 19:13:21 hebus dovecot: master: Warning: /tmp is no longer mounted. See http://wiki2.dovecot.org/Mountpoints >>>> Mar 24 19:13:21 hebus dovecot: master: Warning: /var/tmp is no longer mounted. See >>>> http://wiki2.dovecot.org/Mountpoints >>> what happened with /tmp and /var/tmp? >>> >> Not much. This are not mount points, just regular folders. At the moment >> they contains a variety of files from different dates. > > > A lot of things need those directories, especially /tmp so I would > investigate with high degree of urgency, why they are no longer > available it is a dovecot-bug to whine about ANY no longer present mount-point even if has nothing to do with mail at all "no longer available" is relative if you do not mount any partition to a mount-point it ends in a folder on the root-fs, the only harm in case of /tmp would be unmount it while services are active withour restart them -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From dmalolepszy at optusnet.com.au Mon Mar 25 03:07:02 2013 From: dmalolepszy at optusnet.com.au (Dominic Malolepszy) Date: Mon, 25 Mar 2013 12:07:02 +1100 Subject: [Dovecot] Dovecot DNS queries its own host many times a second Message-ID: <514FA336.1050603@optusnet.com.au> Hi, We have observed that Dovecot appears to make a DNS lookup of its own hostname many times a second. Each Dovecot server in our cluster appears to be doing around 50 queries per second to find out its own hostname. Rsyslog was the first thing we assumed was the cause, however stopping it did not help. Also the fact that at the time Dovecot was doing around 50 logins a second, seemed to correlate with it making these queries. Is there any reason why Dovecot would need to do a lookup of its own hosts IP address every time? Seems like a strange thing to do and not cache its own hostname. Dominic From stan at hardwarefreak.com Mon Mar 25 03:45:43 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Sun, 24 Mar 2013 20:45:43 -0500 Subject: [Dovecot] Please help to make decision In-Reply-To: <0045E050-CEFA-40E2-9620-4E0625F92AF5@iki.fi> References: <0045E050-CEFA-40E2-9620-4E0625F92AF5@iki.fi> Message-ID: <514FAC47.7090706@hardwarefreak.com> On 3/24/2013 1:45 PM, Timo Sirainen wrote: > On 24.3.2013, at 18.12, Tigran Petrosyan wrote: > >> We are going to implement the "Dovecot" for 1 million users. We are going >> to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 >> via (Fibre Channel storage). >> Can someone help to make decision? What kind of storage solution we can use >> to achieve good performance and scalability. This greatly depends upon whose cluster NFS storage product we're talking about. > I remember people complaining about GFS2 (and other cluster filesystems) having bad performance. But in any case whatever you use, be sure to use also http://wiki2.dovecot.org/Director Even if it's not strictly needed, it improves the performance with GFS2. GFS2 and OCFS2 performance is suffers when using maildir due to the filesystem metadata being broadcast amongst all nodes, thus creating high latency and low metadata IOPS. The more nodes the worse this problem becomes. If using old fashioned UNIX mbox, or Dovecot mdbox with a good deal of emails per file then this isn't as much of an issue as metadata changes are few. If using maildir with a cluster filesystem using a small number of fat nodes is mandatory to minimize metadata traffic. If using fiber channel SAN storage with your cluster filesystem, keep in mind that one single port 8gb HBA and its SFP transceiver costs significantly more than a 1U server. Given that a single 8gb FC port can carry (800MB/s / 32KB)= 25,600 emails per second, or 2.2 billion emails/day, fat nodes make more sense from a financial standpoint as well. Mail workloads don't require much CPU, but need low latency disk and network IO, and lots of memory. Four dual socket Opteron 8-core servers (16c per server), 128GB RAM, two single port 8gb FC HBAs with SCSI multipath, dual GbE ports for user traffic and dual GbE for GFS2 metadata, should fit the bill nicely. Any quality high performance SAN head with 2-4 ports per dual controller, or multiple SAN heads, that can expand to 480 or more drives, is suitable. If the head has only 4 ports total you will need an FC switch with at least 8 ports, preferably two switches with minimum 4 ports each (8 is the smallest typically available)--this provides maximum redundancy as you survive a switch failure. For transactional workloads you never want to use parity as the RMW cycles that result for smaller than stripe width writes degrade write throughput by a factor of 5:1 or more compared to non-parity RAID. So RAID10 is the only game in town, thus you need lots of spindles. With 480x 600GB SAS 15K drives (4x 60 bay 4U chassis) and 16 spares you have 464 drives configured in 29 RAID10 arrays of 16 drives, 4.8TB raw per array, and yielding an optimal 8x 32KB stripe width of 256KB. You would format each 4.8TB exported LUN with GFS2, yielding 29 cluster filesystems, with ~35K user mail directories on each. If you have a filesystem problem and must run a check/repair, or even worse restore from tape or D2D, you're only affecting up to 1/29th, or 35K of your 1M users. If you feel this is too many filesystems to manage you can span arrays with the controller firmware or with mdraid/lvm2. And of course you will need a box dedicated to Director, which will spread connections across your 4 server nodes. This is not a complete "how-to" obviously, but should give you some pointers/ideas on overall architecture options and best practices. -- Stan From craig.dovecot at noboost.org Mon Mar 25 04:10:42 2013 From: craig.dovecot at noboost.org (craig.dovecot at noboost.org) Date: Mon, 25 Mar 2013 13:10:42 +1100 Subject: [Dovecot] Confirmation Please - Dovecot for Email Delivery Message-ID: <20130325021042.GA12930@noboost.org> Hi All, Spec: Centos 6.3x64 Dovecot-2.0.9-5.el6.x86_64 Goal: 1) Inbound emails are delivered by Dovecot and the UID/GID is determined by a local /etc/dovecot/users file. 2) I'd like to have IMAPS clients authenticate with Dovecot via LDAP. Questions: 1) I've attempted to ensure that Dovecot will always use the local password file for mail delivery as no actual password is needed. Then the LDAP server for when the IMAPS email client connects. This appears to be working as I expect, can anyone confirm/deny the below settings are correct? 2) Is there a Dovecot architecture diagram/documentation anywhere? Settings: ------------------------------------------------------------------------- File: dovecot.conf protocols = imap lmtp listen = * File: 10-auth.conf disable_plaintext_auth = yes auth_username_format = %Ln auth_mechanisms = plain !include auth-passwdfile.conf.ext !include auth-ldap.conf.ext File: auth-passwdfile.conf.ext mail_location = maildir:/home/%n/Maildir #passdb { # driver = passwd-file # args = username_format=%n /etc/dovecot/users #} userdb { driver = passwd-file args = username_format=%n /etc/dovecot/users } File: dovecot-ldap.conf.ext hosts = sysvm-ipa.noboost.org tls = yes tls_ca_cert_dir = /etc/openldap/certs auth_bind = yes auth_bind_userdn = uid=%u,cn=users,cn=accounts,dc=noboost,dc=org base = cn=users,cn=accounts,dc=noboost,dc=org pass_attrs = uid=user pass_filter = (&(objectClass=posixAccount)(uid=%u)) File: /etc/dovecot/users craig:x:890:432:Craig:/home/craig:/bin/bash ------------------------------------------------------------------------- cya Craig From dovecot at lists.wgwh.ch Mon Mar 25 09:31:35 2013 From: dovecot at lists.wgwh.ch (Oli Schacher) Date: Mon, 25 Mar 2013 08:31:35 +0100 Subject: [Dovecot] dsync replication: assertion failed: (ibc->value_input == NULL) Message-ID: <20130325083135.228f83de@lists.wgwh.ch> current hg (33e78edac8f5) Mar 25 07:47:27 fumailsynctest2 dovecot: dsync-remote(): Panic: file dsync-ibc-stream.c: line 527 (dsync_ibc_stream_input_next): assertion failed: (ibc->value_input == NULL) Mar 25 07:47:27 fumailsynctest2 dovecot: dsync-remote(): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5ebea) [0x7f67d85ffbea] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5ec36) [0x7f67d85ffc36] -> /usr/lib64/dovecot/libdovecot.so.0(+0x1fcea) [0x7f67d85c0cea] -> dovecot/doveadm-server() [0x4258ec] -> dovecot/doveadm-server() [0x4268f6] -> dovecot/doveadm-server(dsync_brain_sync_mails+0x426) [0x41aa66] -> dovecot/doveadm-server(dsync_brain_run+0x162) [0x4172a2] -> dovecot/doveadm-server() [0x417940] -> dovecot/doveadm-server() [0x428410] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f67d860ed36] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f67d860fde7] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f67d860ecd8] -> dovecot/doveadm-server() [0x414fda] -> dovecot/doveadm-server() [0x40c71f] -> dovecot/doveadm-server() [0x41459a] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x36) [0x7f67d860ed36] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0xa7) [0x7f67d860fde7] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x28) [0x7f67d860ecd8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f67d85c5743] -> dovecot/doveadm-server(main+0x121) [0x414ce1] -> /lib64/libc.so.6(__libc_start_main+0xfd) [0x3400a1ecdd] -> dovecot/doveadm-server() [0x40c109] Mar 25 07:47:27 fumailsynctest2 dovecot: dsync-remote(): Fatal: master: service(doveadm): child 27336 killed with signal 6 (core dumped) (gdb) bt full #0 0x0000003400a328a5 in raise () from /lib64/libc.so.6 No symbol table info available. #1 0x0000003400a34085 in abort () from /lib64/libc.so.6 No symbol table info available. #2 0x00007f67d85ffbf8 in default_fatal_finish (type=, status=0) at failures.c:191 backtrace = 0x1baf510 "/usr/lib64/dovecot/libdovecot.so.0(+0x5ebea) [0x7f67d85ffbea] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5ec36) [0x7f67d85ffc36] -> /usr/lib64/dovecot/libdovecot.so.0(+0x1fcea) [0x7f67d85c0cea] -> dovec"... #3 0x00007f67d85ffc36 in i_internal_fatal_handler (ctx=0x7ffffc4466c0, format=, args=) at failures.c:652 status = 0 #4 0x00007f67d85c0cea in i_panic (format=0x6ac8
) at failures.c:263 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area = 0x7ffffc446790, reg_save_area = 0x7ffffc4466d0}} #5 0x00000000004258ec in dsync_ibc_stream_input_next (ibc=0x1bda990, item=ITEM_MAILBOX_ATTRIBUTE, decoder_r=0x7ffffc446808) at dsync-ibc-stream.c:527 line_item = ITEM_NONE line = error = i = __FUNCTION__ = "dsync_ibc_stream_input_next" #6 0x00000000004268f6 in dsync_ibc_stream_recv_mailbox_attribute (_ibc=0x1bda990, attr_r=0x7ffffc446878) at dsync-ibc-stream.c:1311 ibc = 0x1bda990 pool = 0x1bdabc0 decoder = attr = 0x1bdabe0 value = ret = __FUNCTION__ = "dsync_ibc_stream_recv_mailbox_attribute" #7 0x000000000041aa66 in dsync_brain_recv_mailbox_attribute (brain=0x1bdc890) at dsync-brain-mails.c:68 attr = input = ret = #8 dsync_brain_sync_mails (brain=0x1bdc890) at dsync-brain-mails.c:316 changed = false __FUNCTION__ = "dsync_brain_sync_mails" #9 0x00000000004172a2 in dsync_brain_run_real (brain=0x1bdc890, changed_r=0x7ffffc44698f) at dsync-brain.c:423 changed = false ret = true #10 dsync_brain_run (brain=0x1bdc890, changed_r=0x7ffffc44698f) at dsync-brain.c:452 _data_stack_cur_id = 5 ret = true #11 0x0000000000417940 in dsync_brain_run_io (context=0x1bdc890) at dsync-brain.c:41 brain = 0x1bdc890 changed = false try_pending = true #12 0x0000000000428410 in dsync_ibc_stream_input (ibc=0x1bda990) at dsync-ibc-stream.c:194 No locals. #13 0x00007f67d860ed36 in io_loop_call_io (io=0x1bc9f30) at ioloop.c:387 ioloop = 0x1bb5720 t_id = 4 #14 0x00007f67d860fde7 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:215 ctx = 0x1bb8550 events = event = 0x1bb85c0 ---Type to continue, or q to quit--- list = 0x1bbe320 io = tv = {tv_sec = 4, tv_usec = 891617} msecs = ret = 1 i = call = __FUNCTION__ = "io_loop_handler_run" #15 0x00007f67d860ecd8 in io_loop_run (ioloop=0x1bb5720) at ioloop.c:406 No locals. #16 0x0000000000414fda in cmd_dsync_server_run (_ctx=0x1bcb560, user=0x1bd49b0) at doveadm-dsync.c:862 ctx = 0x1bcb560 ibc = 0x1bda990 brain = 0x1bdc890 temp_prefix = 0x1baf378 #17 0x000000000040c71f in doveadm_mail_next_user (ctx=0x1bcb560, input=, error_r=0x7ffffc446ae0) at doveadm-mail.c:309 error = ret = 0 __FUNCTION__ = "doveadm_mail_next_user" #18 0x000000000041459a in doveadm_mail_cmd_server_run (conn=0x1bbe510) at client-connection.c:115 error = 0x7f67d85a1000 "\177ELF\002\001\001" ret = #19 client_handle_command (conn=0x1bbe510) at client-connection.c:217 ctx = 0x1bcb560 flags = cmd_name = input = {module = 0x0, service = 0x42ce7c "doveadm", username = 0x1bad569 "", session_id = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u = {__u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields = 0x0, flags_override_add = 0, flags_override_remove = 0, no_userdb_lookup = 0} argc = 2 #20 client_connection_input (conn=0x1bbe510) at client-connection.c:317 args = 0x1bad5b0 _data_stack_cur_id = 3 line = ok = true #21 0x00007f67d860ed36 in io_loop_call_io (io=0x1bbe2d0) at ioloop.c:387 ioloop = 0x1bb5720 t_id = 2 #22 0x00007f67d860fde7 in io_loop_handler_run (ioloop=) at ioloop-epoll.c:215 ctx = 0x1bb8550 events = event = 0x1bb85c0 list = 0x1bbe320 io = tv = {tv_sec = 2147483, tv_usec = 0} msecs = ret = 1 i = call = __FUNCTION__ = "io_loop_handler_run" #23 0x00007f67d860ecd8 in io_loop_run (ioloop=0x1bb5720) at ioloop.c:406 ---Type to continue, or q to quit--- No locals. #24 0x00007f67d85c5743 in master_service_run (service=0x1bb55c0, callback=) at master-service.c:550 No locals. #25 0x0000000000414ce1 in main (argc=1, argv=0x1bb53a0) at main.c:91 set_roots = {0x42cc00, 0x0} error = 0x0 From guido+dovecot.org at berhoerster.name Mon Mar 25 10:11:54 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Mon, 25 Mar 2013 09:11:54 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes Message-ID: <20130325081154.GA5217@hal.local.invalid> Hi, I have some trouble getting per-user SEEN-flags to work with read-only mailboxes in a public namespace. Basically, I'm following the wiki at http://wiki2.dovecot.org/SharedMailboxes/Public#Maildir:_Per-user_.2BAFw-Seen_flag and the relevant configuration is as follows: namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = maildir:/srv/mail/public:LAYOUT=fs:INDEX=~/public prefix = Public/ separator = / subscriptions = no type = public } plugin { acl = vfile ... } protocol imap { mail_plugins = " acl quota trash zlib autocreate imap_acl imap_quota imap_zlib" } I have a virtual-user setup with static userdb and there is no permissions problem since everything is created through dovecot: mail_gid = vmail mail_location = mdbox:~/mdbox mail_uid = vmail [...] userdb { args = uid=vmail gid=vmail home=/srv/mail/virtual/%n driver = static } The content of /srv/mail/public/dovecot-acl (and the one of all mailboxes below it) is: owner lrwstipekxa authenticated lr Users can access all mailboxes in the Public/ namespace and read the messages and I can see that dovecot.index.cache and dovecot.index.log are created under ~/public, however setting the SEEN flag for a message is ignored since the mailbox is read-only. Changing the ACL from authenticated lr to authenticated lrs allows user to set the SEEN flag, but globally on the actual mailbox. How can I get per-user SEEN flags to work? The Dovecot version is 2.0.9. Thanks, -- Guido Berhoerster From hajo.locke at gmx.de Mon Mar 25 10:23:54 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Mon, 25 Mar 2013 09:23:54 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST Message-ID: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local> Hello, i do some tests with dovecot 2.1.7 and activated a default special-use config. To get it work with outlook 2013, i also added XLIST to imap capability string. basically this is working. is somebody also using special-use folders successful with outlook 2013? In my understanding of special-use extension, every client should map its own local folders to corresponding folders on server. Real Name of folder on server should be irrelevant, if a folder "aaa" is marked as \Sent, then a Client should show this folder as "Sent" "Sent Items" or "Gesendete Objekte", just like local preferences. Outlook 2013 seems to work slightly different. Outlook 2013 seems to really use the marked folder on server regardless of local preferences. If i mark Drafts as \Drafts, outlook 2013 will use this for drafts even in german environment. Did somebody other notice this behaviour? Is it possible to adjust some settings in outlook 2013 fo fix this? Otherwise the serveradmin is forced to provide special-use folders per every single user and let them choose how his folders should be named? What experience did others make who use special-use folders in productive environment? Thanks, Hajo From giunta at sissa.it Mon Mar 25 10:57:55 2013 From: giunta at sissa.it (Marco Giunta) Date: Mon, 25 Mar 2013 09:57:55 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <20130325081154.GA5217@hal.local.invalid> References: <20130325081154.GA5217@hal.local.invalid> Message-ID: <51501193.70300@sissa.it> On 2013-03-25 09:11, Guido Berhoerster wrote: > How can I get per-user SEEN flags to work? Hi, You have to create an empty file named '**dovecot-shared' in your '/srv/mail/public/' directory. Here the reference on dovecot wiki: http://wiki2.dovecot.org/SharedMailboxes/Public?highlight=%28dovecot-shared%29#Maildir:_Per-user_.2BAFw-Seen_flag I've waste a lot of time first time I've configure the same thing on our server .... Cheers, Marco -- ----------------------------------- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ----------------------------------- From tss at iki.fi Mon Mar 25 11:28:54 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 11:28:54 +0200 Subject: [Dovecot] Dovecot DNS queries its own host many times a second In-Reply-To: <514FA336.1050603@optusnet.com.au> References: <514FA336.1050603@optusnet.com.au> Message-ID: On 25.3.2013, at 3.07, Dominic Malolepszy wrote: > We have observed that Dovecot appears to make a DNS lookup of its own hostname many times a second. Each Dovecot server in our cluster appears to be doing around 50 queries per second to find out its own hostname. Rsyslog was the first thing we assumed was the cause, however stopping it did not help. Also the fact that at the time Dovecot was doing around 50 logins a second, seemed to correlate with it making these queries. Is there any reason why Dovecot would need to do a lookup of its own hosts IP address every time? Seems like a strange thing to do and not cache its own hostname. I expected the libc to look it up from /etc/hosts directly.. Anyway, v2.2 does such caching. I'm not sure if it's worth the trouble to backport it to v2.1. From simon.buongiorno at gmail.com Mon Mar 25 12:03:27 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Mon, 25 Mar 2013 11:03:27 +0100 Subject: [Dovecot] Disk Encryption Message-ID: Hi As I understand it email headers need to be unencrypted (otherwise DKIM doesn't work). From the MUA to either Postfix, or Dovecot the connection is (or can/should be) secured with TLS/SSL. What I would like to know is if it is possible to encrypt the mailstore? Postfix is using Dovecot for delivery so it's only Dovecot that would need to encrypt/decrypt the mailstore. Is this possible? Is there a terrible reason to do it even if it is possible? I realise that from MTA to MTA there's no guarantee of encryption (and in fact it's very unlikely unless keys have been exchanged), but my primary goal is supplement the physical security of the mail store of mails we already have or have sent. Mostly just idle curiosity as to what has been done, or what could be done. What is worth doing is a separate thread entirely. Thanks. Simon From lst_hoe02 at kwsoft.de Mon Mar 25 12:04:57 2013 From: lst_hoe02 at kwsoft.de (lst_hoe02 at kwsoft.de) Date: Mon, 25 Mar 2013 10:04:57 +0000 Subject: [Dovecot] Dovecot DNS queries its own host many times a second In-Reply-To: References: <514FA336.1050603@optusnet.com.au> Message-ID: <20130325100457.Horde.YIodGLI0pgkmrFbQGJ_H_A1@horde4.hq.kwsoft.de> Zitat von Timo Sirainen : > On 25.3.2013, at 3.07, Dominic Malolepszy > wrote: > >> We have observed that Dovecot appears to make a DNS lookup of its >> own hostname many times a second. Each Dovecot server in our >> cluster appears to be doing around 50 queries per second to find >> out its own hostname. Rsyslog was the first thing we assumed was >> the cause, however stopping it did not help. Also the fact that at >> the time Dovecot was doing around 50 logins a second, seemed to >> correlate with it making these queries. Is there any reason why >> Dovecot would need to do a lookup of its own hosts IP address every >> time? Seems like a strange thing to do and not cache its own >> hostname. > > I expected the libc to look it up from /etc/hosts directly.. Anyway, > v2.2 does such caching. I'm not sure if it's worth the trouble to > backport it to v2.1. I guess this is dependant on content in /etc/nsswitch.conf at least on Linux, no? Regards Andreas From guido+dovecot.org at berhoerster.name Mon Mar 25 12:07:25 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Mon, 25 Mar 2013 11:07:25 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <51501193.70300@sissa.it> Message-ID: <20130325100725.GB5217@hal.local.invalid> * Marco Giunta [2013-03-25 08:57]: > [-- Attachment #1 --] > [-- Type: multipart/alternative, Encoding: 7bit, Size: 4.8K --] > > On 2013-03-25 09:11, Guido Berhoerster wrote: >> How can I get per-user SEEN flags to work? > > Hi, > > You have to create an empty file named '**dovecot-shared' in your > '/srv/mail/public/' directory. > > Here the reference on dovecot wiki: > > > http://wiki2.dovecot.org/SharedMailboxes/Public?highlight=%28dovecot-shared%29#Maildir:_Per-user_.2BAFw-Seen_flag > > > I've waste a lot of time first time I've configure the same thing on our > server .... D'uh, I totally overlooked that these have to be created manually. So now I've created these on the toplevel, and in every mailbox below and I've changed all dovecot-acl files from authenticated lr to authenticated lrs and restarted dovecot, yet the mailboxes are still marked read-only and setting the seen flag is ignored. Somehow I thought I did the same change to the acl files and it worked as expected (except the per-user flag of course). Anything else I have to do to allow seen flags to be set? -- Guido Berhoerster From paveldimow at gmail.com Mon Mar 25 12:24:15 2013 From: paveldimow at gmail.com (Pavel Dimow) Date: Mon, 25 Mar 2013 11:24:15 +0100 Subject: [Dovecot] Dovecot v2 multiple domains In-Reply-To: <46151339-5408-4D5F-8BB9-2802D529ABED@iki.fi> References: <46151339-5408-4D5F-8BB9-2802D529ABED@iki.fi> Message-ID: Thank you Timo and yes I mean without ;) On Sun, Mar 24, 2013 at 11:08 PM, Timo Sirainen wrote: > On 25.3.2013, at 0.01, Pavel Dimow wrote: > > > Hello, > > > > I would like to have multiple domains on same server (with different > > ip's) and I want that user logs with username with domain part for > > every domain, > > "with"? so people logging in as user at domain? There is nothing you need to > do. Dovecot doesn't care about domains, only how login names match to mail > directories. > > If you really meant "without", then you need to match the IP address with > the username. %l variables expands to the IP in e.g. passdb sql query. > > From hostmaster at taunusstein.net Mon Mar 25 12:26:11 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Mon, 25 Mar 2013 11:26:11 +0100 Subject: [Dovecot] nopassword not working in Dovecot 2.2rc3? Message-ID: <51502643.1040305@taunusstein.net> Hello, I got some problems while set up a test system for Client Cert Auth, therefore passwords are not requred. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'user at example.net' shows exactly what is expected, bur Dovecot does net regongnize 'Y' as nopassword: Mar 25 11:18:04 dovecot dovecot: auth: Debug: sql(user at example.net,192.168.200.6,): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'user at example.net' Mar 25 11:18:04 dovecot dovecot: auth: sql(user at example.net,192.168.200.6,): Empty password returned without nopassword Mar 25 11:18:06 dovecot dovecot: auth: Debug: client passdb out: FAIL#0112#011user=user at example.net Mar 25 11:18:07 dovecot dovecot: imap-login: Disconnected (auth failed, 2 attempts in 9 secs): user=, method=PLAIN, rip=192.168.200.6, lip=192.168.200.22, TLS As shown on http://wiki2.dovecot.org/AuthDatabase/SQL select statement above should prevent Dovecot from verifying password. any hints? best regards Christian From giunta at sissa.it Mon Mar 25 12:45:18 2013 From: giunta at sissa.it (Marco Giunta) Date: Mon, 25 Mar 2013 11:45:18 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <20130325100725.GB5217@hal.local.invalid> References: <20130325100725.GB5217@hal.local.invalid> Message-ID: <51502ABE.3090407@sissa.it> On 2013-03-25 11:07, Guido Berhoerster wrote: > Anything else I have to do > to allow seen flags to be set? I've the same configuration and it works like expected : mail_uid = vmail mail_gid = mail namespace public { separator = / prefix = Public/ location = maildir:/path/to/public:INDEX=/path/to/indexes/%u/public subscriptions = no list = children } Which are the permissions of file '/srv/mail/public/dovecot-shared' ??? Did you try with a new user ?? Marco -- ----------------------------------- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ----------------------------------- From guido+dovecot.org at berhoerster.name Mon Mar 25 12:59:09 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Mon, 25 Mar 2013 11:59:09 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <51502ABE.3090407@sissa.it> Message-ID: <20130325105908.GC5217@hal.local.invalid> * Marco Giunta [2013-03-25 10:45]: > [-- Attachment #1 --] > [-- Type: multipart/alternative, Encoding: 7bit, Size: 4.8K --] > > On 2013-03-25 11:07, Guido Berhoerster wrote: >> Anything else I have to do >> to allow seen flags to be set? > I've the same configuration and it works like expected : > > mail_uid = vmail > mail_gid = mail > > > namespace public { > separator = / > prefix = Public/ > location = maildir:/path/to/public:INDEX=/path/to/indexes/%u/public > subscriptions = no > list = children > } > > > Which are the permissions of file '/srv/mail/public/dovecot-shared' ??? -rw-r-----. 1 vmail vmail 0 Mar 25 10:22 /srv/mail/public/dovecot-shared So readable by dovecot, even if they weren't the seen flag should be set on the actual mailbox I suppose. > Did you try with a new user ?? Yeah, I created a new user and also tried removing dovecot-acl-list to no avail. Is there any cache that might cause the ACL not to be updated? Is "authenticated lrs" in the dovecot-acl correct for a read-only mailbox for which only the seen flag can be set? -- Guido Berhoerster From rs at sys4.de Mon Mar 25 13:18:41 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 25 Mar 2013 12:18:41 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local> Message-ID: <51503291.5070008@sys4.de> Am 25.03.2013 09:23, schrieb Hajo Locke: > Hello, > > i do some tests with dovecot 2.1.7 and activated a default special-use > config. To get it work with outlook 2013, i also added XLIST to imap > capability string. basically this is working. > > is somebody also using special-use folders successful with outlook 2013? yes, testet a few times, works fine, without Junk folder , cause outlook wants this handled by it own, but i ve seen reg patches to change this > In my understanding of special-use extension, every client should map > its own local folders to corresponding folders on server. Real Name of > folder on server should be irrelevant, if a folder "aaa" is marked as > \Sent, then a Client should show this folder as "Sent" "Sent Items" or > "Gesendete Objekte", just like local preferences. the "special names" are "comming" from the server and are stated in rfc http://tools.ietf.org/html/rfc6154 the clients decides how to handle it additional there is an alias plugin dovecot ( not the same as "special folders" but can be mixed " http://wiki2.dovecot.org/Plugins/MailboxAlias but thats more ment as a solution for older Outlooks which always create i.e "Gesendete Objekte" to get mapped to "Sent" so its a workaround not "magic" > Outlook 2013 seems to work slightly different. Outlook 2013 seems to > really use the marked folder on server regardless of local preferences. > If i mark Drafts as \Drafts, outlook 2013 will use this for drafts even > in german environment. Did somebody other notice this behaviour? yes, if you set "drafts" its used by german outlook, no translation, just verified that > Is it possible to adjust some settings in outlook 2013 fo fix this? not that i know, but i will investigate, guess there are ways to fix it there maybe some reg hacks, but dont go there until they are not official > Otherwise the serveradmin is forced to provide special-use folders per > every single user and let them choose how his folders should be named? > What experience did others make who use special-use folders in > productive environment? my personal meanings stay at english in your dovecot conf translation should be done from the client, if outlook 2013 german does not, ask Microsoft why. Comparing K9 on Android german, the also stay with i.e "Sent" but add ( Gesendet ) after that, looks like a good idea to me, having orig server folder name with country language translation adding > > Thanks, > Hajo > > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Mon Mar 25 13:30:36 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 25 Mar 2013 12:30:36 +0100 Subject: [Dovecot] Disk Encryption In-Reply-To: References: Message-ID: <5150355C.4000802@sys4.de> Am 25.03.2013 11:03, schrieb Simon Brereton: > Hi > > As I understand it email headers need to be unencrypted (otherwise > DKIM doesn't work). From the MUA to either Postfix, or Dovecot the > connection is (or can/should be) secured with TLS/SSL. > > What I would like to know is if it is possible to encrypt the > mailstore? Postfix is using Dovecot for delivery so it's only Dovecot > that would need to encrypt/decrypt the mailstore. > > Is this possible? Is there a terrible reason to do it even if it is possible? > > I realise that from MTA to MTA there's no guarantee of encryption (and > in fact it's very unlikely unless keys have been exchanged), but my > primary goal is supplement the physical security of the mail store of > mails we already have or have sent. > > Mostly just idle curiosity as to what has been done, or what could be > done. What is worth doing is a separate thread entirely. > > Thanks. > > Simon > my meaning crypted mailstore makes sense in a mail archive, in germany you have to have a mail archive for some kind of company emails all these solutions have some crypted mailstore , and some more features for data security, but thats a big theme, to big for here crypt storage isnt "the saveness" per default, someone hacking the system and get root may hack your crypt storage too etc, also to big theme for here in working mailservers end to end encryption is/should be state of the art with smime/gpg etc Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From giunta at sissa.it Mon Mar 25 13:44:06 2013 From: giunta at sissa.it (Marco Giunta) Date: Mon, 25 Mar 2013 12:44:06 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <20130325105908.GC5217@hal.local.invalid> References: <20130325105908.GC5217@hal.local.invalid> Message-ID: <51503886.9020801@sissa.it> On 2013-03-25 11:59, Guido Berhoerster wrote: > Is "authenticated lrs" in the dovecot-acl correct for a read-only > mailbox for which only the seen flag can be set? We are using 'anyone' instead of 'authenticated', but I don't think this could be the problem: # cat |/path/to/public/dovecot-acl| anyone lrs user=johndoe lrwstipekxa -- ----------------------------------- |Marco Giunta - SISSA Computer Staff| |Via Bonomea, 265 | |34136 - Trieste, Italy | |Tel: +39-40-3787-503 | |Fax: +39-040-3787-244 | |e-mail: marco.giunta AT sissa.it | ----------------------------------- From tss at iki.fi Mon Mar 25 14:12:24 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 14:12:24 +0200 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <20130325105908.GC5217@hal.local.invalid> References: <20130325105908.GC5217@hal.local.invalid> Message-ID: <1364213544.13923.88.camel@innu> On Mon, 2013-03-25 at 11:59 +0100, Guido Berhoerster wrote: > > Which are the permissions of file '/srv/mail/public/dovecot-shared' ??? > > -rw-r-----. 1 vmail vmail 0 Mar 25 10:22 /srv/mail/public/dovecot-shared > > So readable by dovecot, even if they weren't the seen flag should > be set on the actual mailbox I suppose. > > > > Did you try with a new user ?? > > Yeah, I created a new user and also tried removing > dovecot-acl-list to no avail. Is there any cache that might cause > the ACL not to be updated? > > Is "authenticated lrs" in the dovecot-acl correct for a read-only > mailbox for which only the seen flag can be set? Find out if the problem is setting the seen flag, or something more generic with ACLs. So easiest way to test private seen flags: Disable ACL plugin. From rs at sys4.de Mon Mar 25 14:15:48 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 25 Mar 2013 13:15:48 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <51503291.5070008@sys4.de> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local> <51503291.5070008@sys4.de> Message-ID: <51503FF4.8080409@sys4.de> Am 25.03.2013 12:18, schrieb Robert Schetterer: >> Is it possible to adjust some settings in outlook 2013 fo fix this? > not that i know, but i will investigate, guess there are ways to fix it > there maybe some reg hacks, but dont go there until they are not official > if your brave you may try , no idea if that might work MFCMAPI http://www.howto-outlook.com/howto/renamedefaultfolders.htm http://www.slipstick.com/outlook/rename-outlooks-default-folders/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Mon Mar 25 14:19:23 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 14:19:23 +0200 Subject: [Dovecot] dsync replication: assertion failed: (ibc->value_input == NULL) In-Reply-To: <20130325083135.228f83de@lists.wgwh.ch> References: <20130325083135.228f83de@lists.wgwh.ch> Message-ID: On 25.3.2013, at 9.31, Oli Schacher wrote: > current hg (33e78edac8f5) > > Mar 25 07:47:27 fumailsynctest2 dovecot: dsync-remote(): Panic: file dsync-ibc-stream.c: line 527 (dsync_ibc_stream_input_next): assertion failed: (ibc->value_input == NULL) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/acb88f199704 From simon.buongiorno at gmail.com Mon Mar 25 15:24:39 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Mon, 25 Mar 2013 14:24:39 +0100 Subject: [Dovecot] Disk Encryption In-Reply-To: <5150355C.4000802@sys4.de> References: <5150355C.4000802@sys4.de> Message-ID: On 25 March 2013 12:30, Robert Schetterer wrote: > Am 25.03.2013 11:03, schrieb Simon Brereton: >> Hi >> >> As I understand it email headers need to be unencrypted (otherwise >> DKIM doesn't work). From the MUA to either Postfix, or Dovecot the >> connection is (or can/should be) secured with TLS/SSL. >> >> What I would like to know is if it is possible to encrypt the >> mailstore? Postfix is using Dovecot for delivery so it's only Dovecot >> that would need to encrypt/decrypt the mailstore. >> >> Is this possible? Is there a terrible reason to do it even if it is possible? >> >> I realise that from MTA to MTA there's no guarantee of encryption (and >> in fact it's very unlikely unless keys have been exchanged), but my >> primary goal is supplement the physical security of the mail store of >> mails we already have or have sent. >> >> Mostly just idle curiosity as to what has been done, or what could be >> done. What is worth doing is a separate thread entirely. >> >> Thanks. >> >> Simon >> > > my meaning > > crypted mailstore makes sense in a mail archive, in germany > you have to have a mail archive for some kind of company emails > all these solutions have some crypted mailstore , and some > more features for data security, but thats a big theme, to big for here > > crypt storage isnt "the saveness" per default, someone hacking the system > and get root may hack your crypt storage too etc, also to big theme for here Robert, indeed, this is sort of my point. If we encrypt laptop harddrives to prevent unauthorised access, that doesn't prevent the possiblity of someone who already has admin access to the device from decrypting/viewing/moving files. What it does do is prevent unauthorised access to the data if there is no admin access. Currently my mail store isn't encrypted and I would like to know if it is possible to do that, and if so, maybe get some pointers. Simon From h.reindl at thelounge.net Mon Mar 25 15:32:03 2013 From: h.reindl at thelounge.net (Reindl Harald) Date: Mon, 25 Mar 2013 14:32:03 +0100 Subject: [Dovecot] Disk Encryption In-Reply-To: References: <5150355C.4000802@sys4.de> Message-ID: <515051D3.9040602@thelounge.net> Am 25.03.2013 14:24, schrieb Simon Brereton: >> crypt storage isnt "the saveness" per default, someone hacking the system >> and get root may hack your crypt storage too etc, also to big theme for here > > Robert, indeed, this is sort of my point. If we encrypt laptop > harddrives to prevent unauthorised access, that doesn't prevent the > possiblity of someone who already has admin access to the device from > decrypting/viewing/moving files. What it does do is prevent > unauthorised access to the data if there is no admin access. > > Currently my mail store isn't encrypted and I would like to know if it > is possible to do that, and if so, maybe get some pointers this is independent of the used software and transparent http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 263 bytes Desc: OpenPGP digital signature URL: From hajo.locke at gmx.de Mon Mar 25 15:36:53 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Mon, 25 Mar 2013 14:36:53 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de> <51503FF4.8080409@sys4.de> Message-ID: <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> Hello, > if your brave you may try , no idea if that might work > MFCMAPI > http://www.howto-outlook.com/howto/renamedefaultfolders.htm > http://www.slipstick.com/outlook/rename-outlooks-default-folders/ thanks, the MFCMAPI way is working, but i'm afraid that only experienced users will have success. i think about of moving all the special_folders stuff to userdb and let every user decide on its own. 2 reasons. 1: outlook 2013 and may be other clients only work correct if special_folders on server are autocreated (auto=subscribe). Even when adding the special_folders later manually, outlook 2013 would not use them for current account. i had to delete and recreate the account to get it work again. autocreate and subscription seems to be really needed. This folders may be annoying for users who dont use a "special_folders client". 2. if microsoft has choosen to not map local folders to serverfolders, i expect a lot of support effort to explain why folder names are like this. even if i decide to use german names on server, there will be complains by other users who wants to have there own preferred foldernames. moving all this to a userdb lookup is really not in the purpose of rfc 6154, but seems to be for me the best compromise. i dont know which way i will go, but already tried the userdb-thing. without suceess. I want to know if this will work from pure technical side and deside later to use or to discard this possibility. A good way to do this seems to be the userdb_import field: http://wiki2.dovecot.org/UserDatabase/ExtraFields i reduced the special_folders part in conf file to: namespace inbox { inbox = yes } then i added text-field to my MySQL Table mail_users and inserted a text like this: namespace/inbox/hallohallo/auto=subscribenamespace/inbox/hallohallo/special_use=\Sent Also i edited the password_query (i use userdb prefetch) password_query = SELECT `inbox` as `user`, `password`, `home` as userdb_home, `uid` AS userdb_uid, `gid` AS userdb_gid, userdb_import as userdb_userdb_import FROM `mail_users` WHERE `login` = '%u' AND `active`='Y' This results in no error but also no effect. Verbose logging did show a line like this: Mar 25 13:16:49 myhostname dovecot: auth: Debug: master out: USER 3613786113 myuser home=/home/myuser uid=1004 gid=1000 namespace/inbox/hallohallo/auto=subscribe^Atnamespace/inbox/hallohallo/special_use=\Sent Looks not really bad, but is not working. What did i wrong? I would like to get this work to have a plan B. Thanks, Hajo From tss at iki.fi Mon Mar 25 15:43:41 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 15:43:41 +0200 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de> <51503FF4.8080409@sys4.de> <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> Message-ID: On 25.3.2013, at 15.36, Hajo Locke wrote: > Also i edited the password_query (i use userdb prefetch) > > password_query = SELECT `inbox` as `user`, `password`, `home` as userdb_home, `uid` AS userdb_uid, `gid` AS userdb_gid, userdb_import as userdb_userdb_import FROM `mail_users` WHERE `login` = '%u' AND `active`='Y' > > This results in no error but also no effect. Verbose logging did show a line like this: > > Mar 25 13:16:49 myhostname dovecot: auth: Debug: master out: USER 3613786113 myuser home=/home/myuser uid=1004 gid=1000 > namespace/inbox/hallohallo/auto=subscribe^Atnamespace/inbox/hallohallo/special_use=\Sent > Looks not really bad, but is not working. > What did i wrong? I would like to get this work to have a plan B. See if it works without userdb prefetch? Possibly a bug.. From list at airstreamcomm.net Mon Mar 25 15:51:12 2013 From: list at airstreamcomm.net (list at airstreamcomm.net) Date: Mon, 25 Mar 2013 08:51:12 -0500 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: <51505650.5000502@airstreamcomm.net> On 3/24/13 11:12 AM, Tigran Petrosyan wrote: > Hi > We are going to implement the "Dovecot" for 1 million users. We are going > to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 > via (Fibre Channel storage). > Can someone help to make decision? What kind of storage solution we can use > to achieve good performance and scalability. > NFS has worked well for us on a 65,000 user Dovecot cluster. We use a dual controller NetApp in cluster mode which give great performance. You might also consider looking at the commercial version of Dovecot which has the Object Storage plugin, which might suit your scalability needs much better (size and especially budget wise). I would also recommend testing with actual work loads similar to what you plan on implementing. Our team developed a mail generating botnet in which we ran SMTP/IMAP/POP tests where we could control levels of each. From hajo.locke at gmx.de Mon Mar 25 16:13:56 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Mon, 25 Mar 2013 15:13:56 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> Message-ID: <8A86F82DFA0144129F043A1C71CB37EB@ai.local> Hello, >> Also i edited the password_query (i use userdb prefetch) >> >> password_query = SELECT `inbox` as `user`, `password`, `home` as >> userdb_home, `uid` AS userdb_uid, `gid` AS userdb_gid, userdb_import as >> userdb_userdb_import FROM `mail_users` WHERE `login` = '%u' AND >> `active`='Y' >> >> This results in no error but also no effect. Verbose logging did show a >> line like this: >> >> Mar 25 13:16:49 myhostname dovecot: auth: Debug: master out: USER >> 3613786113 myuser home=/home/myuser uid=1004 >> gid=1000 >> >> namespace/inbox/hallohallo/auto=subscribe^Atnamespace/inbox/hallohallo/special_use=\Sent >> Looks not really bad, but is not working. >> What did i wrong? I would like to get this work to have a plan B. > See if it works without userdb prefetch? Possibly a bug.. Unfortunately not. I edited the sql.conf to: password_query = SELECT `inbox` as `username`, `password`, FROM `mail_users` WHERE `login` = '%u' AND `active`='Y' user_query =SELECT `inbox` as `user`, `password`, `home`, `uid`, `gid` , userdb_import FROM `mail_users` WHERE `login` = '%u' AND `active`='Y' Maillog says: Mar 25 14:59:53 myhostname dovecot: auth-worker(16079): Debug: sql(myusername,ip.ip.ip.ip): SELECT `inbox` as `user`, `password`, `home`, `uid`, `gid` , userdb_import FROM `mail_users` WHERE `login` = 'myusername' AND `active`='Y' Mar 25 14:59:53 myhostname dovecot: auth: Debug: master out: USER 778960897 myusername password= home=/home/myusername uid=1004 gid=1000 namespace/inbox/hallohallo/auto=subscribe namespace/inbox/hallohallo/special_use=\Sent looks correct, login and reading mail works, but there is no folder autcreated etc. dovecot is 2.1.7 Thanks, Hajo From tss at iki.fi Mon Mar 25 16:21:12 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 16:21:12 +0200 Subject: [Dovecot] doveadm with multiple commands In-Reply-To: <20120924212448.GA9310@daniel.localdomain> References: <20120920201741.GA9646@daniel.localdomain> <5DFBB4D5-BA4C-49DE-B8E7-C95982801B9D@iki.fi> <20120924212448.GA9310@daniel.localdomain> Message-ID: <1364221272.13923.90.camel@innu> On Mon, 2012-09-24 at 23:24 +0200, Daniel Parthey wrote: > > >> Timo Sirainen wrote: > > >>> doveadm multi [-A | -u wildcards] [ [...]] .. > Ok, so how about "batch"? > > It reads a series of commands and collects them into > one "batch job" which is then carried out. Added this finally :) http://hg.dovecot.org/dovecot-2.1/rev/8cc28a5a3f4f I was also considering using just another parameter to existing commands to specify the separator, but it was a bit more difficult to implement. Also I couldn't figure out any good parameter letter that wasn't already in use. From gordon.grubert+lists at uni-greifswald.de Mon Mar 25 16:22:04 2013 From: gordon.grubert+lists at uni-greifswald.de (Gordon Grubert) Date: Mon, 25 Mar 2013 15:22:04 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <515051D3.9040602@thelounge.net> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> Message-ID: <51505D8C.5050503@uni-greifswald.de> Dear list, we're using dovecot 2.1.15 (debian binary package). The following error can be found in the mail log files: Mar 25 15:08:46 mailserver2 dovecot: imap-login: Login: user=, method=PLAIN, rip=IP, lip=IP, mpid=28663, TLS, session= Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Cached message size smaller than expected (2252 < 4821) Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Maildir filename has wrong S value, renamed the file from /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS to /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Corrupted index cache file /var/vmail/uni-greifswald.de/USER/Maildir/dovecot.index.cache: Broken physical size for mail UID 25250 Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Cached message size smaller than expected (2252 < 4821) Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Maildir filename has wrong S value, renamed the file from /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS to /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Corrupted index cache file /var/vmail/uni-greifswald.de/USER/Maildir/dovecot.index.cache: Broken physical size for mail UID 25250 Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: read(/var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS) failed: Input/output error (FETCH for mailbox INBOX UID 25250) Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Disconnected: Internal error occurred. Refer to server log for more information. [2013-03-25 15:08:46] in=246 out=953 The same problem was reported by Ralf Hildebrandt one year ago. The bug should be fixed with revision 3599790da3d7 but it seems to be there again. Input/output errors of the file system are improbable because all files are accessible and can be read with cat and less. Any ideas? Best regards, Gordon -- Leiter AG Technische Infrastruktur und Basisdienste Universitaetsrechenzentrum (URZ) E.-M.-Arndt-Universitaet Greifswald Felix-Hausdorff-Str. 12 17489 Greifswald Germany Tel. +49 3834 86-1456 Fax. +49 3834 86-1401 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4982 bytes Desc: S/MIME Cryptographic Signature URL: From rs at sys4.de Mon Mar 25 16:24:29 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 25 Mar 2013 15:24:29 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de> <51503FF4.8080409@sys4.de> <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> Message-ID: <51505E1D.4070105@sys4.de> Am 25.03.2013 14:36, schrieb Hajo Locke: > Hello, > > >> if your brave you may try , no idea if that might work > >> MFCMAPI > >> http://www.howto-outlook.com/howto/renamedefaultfolders.htm >> http://www.slipstick.com/outlook/rename-outlooks-default-folders/ > > thanks, the MFCMAPI way is working, but i'm afraid that only experienced > users will have success. however you are "the man" who tried it, thx > > i think about of moving all the special_folders stuff to userdb and let > every user decide on its own. > 2 reasons. your choice, i would not use outlook at all, its simply not a good internet mail client in fact it is the client of exchange. Alternative imternet mail clients are "good enough" now, if sombody likes outlook he better should use it with exchange > > 1: outlook 2013 and may be other clients only work correct if > special_folders on server are autocreated (auto=subscribe). Even when > adding the special_folders later manually, outlook 2013 would not use > them for current account. yes, you need to setup new profile then, thats how outlook 2013 works i had to delete and recreate the account to > get it work again. autocreate and subscription seems to be really > needed. This folders may be annoying for users who dont use a > "special_folders client". not to my knowledge, most users are on thunderbird, apple mail , k9 etc since yet ,nobody phoned me here *g, after all, most imap clients without "special folders features" still autocreate their meaning of special folder via imap auto by itselves, and that will stay that way until everyone has upgraded to clients with "special folders features" so this means perhaps never *g > > 2. if microsoft has choosen to not map local folders to serverfolders, i > expect a lot of support effort to explain why folder names are like > this. even if i decide to use german names on server, there will be > complains by other users who wants to have there own preferred foldernames. Microsoft has choosen to earn money with cloud outlook.com services and on exchange, the have no prime interest in imap however outlook 2013 does active sync too, as anounced new horde webmail will be full compatible to outlook 2013 active sync version, so for one account minimum you will have mail , kalendar, abook, notes etc in sync , no need for direct imap in outlook 2013 then > > moving all this to a userdb lookup is really not in the purpose of rfc > 6154, but seems to be for me the best compromise. > > i dont know which way i will go, but already tried the userdb-thing. > without suceess. > I want to know if this will work from pure technical side and deside > later to use or to discard this possibility. > > A good way to do this seems to be the userdb_import field: > http://wiki2.dovecot.org/UserDatabase/ExtraFields > > i reduced the special_folders part in conf file to: > namespace inbox { > inbox = yes > } > > > then i added text-field to my MySQL Table mail_users and inserted a text > like this: > namespace/inbox/hallohallo/auto=subscribenamespace/inbox/hallohallo/special_use=\Sent > > > Also i edited the password_query (i use userdb prefetch) > > password_query = SELECT `inbox` as `user`, `password`, `home` as > userdb_home, `uid` AS userdb_uid, `gid` AS userdb_gid, userdb_import as > userdb_userdb_import FROM `mail_users` WHERE `login` = '%u' AND > `active`='Y' > > This results in no error but also no effect. Verbose logging did show a > line like this: > > Mar 25 13:16:49 myhostname dovecot: auth: Debug: master out: USER > 3613786113 myuser home=/home/myuser uid=1004 > gid=1000 > > namespace/inbox/hallohallo/auto=subscribe^Atnamespace/inbox/hallohallo/special_use=\Sent > > Looks not really bad, but is not working. > What did i wrong? I would like to get this work to have a plan B. as Timo wrote perhaps a bug > > > Thanks, > Hajo Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From rs at sys4.de Mon Mar 25 16:27:30 2013 From: rs at sys4.de (Robert Schetterer) Date: Mon, 25 Mar 2013 15:27:30 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51505D8C.5050503@uni-greifswald.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> Message-ID: <51505ED2.8070806@sys4.de> Am 25.03.2013 15:22, schrieb Gordon Grubert: > Dear list, > > we're using dovecot 2.1.15 (debian binary package). The following > error can be found in the mail log files: > > Mar 25 15:08:46 mailserver2 dovecot: imap-login: Login: user=, > method=PLAIN, rip=IP, lip=IP, mpid=28663, TLS, session= > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Cached message > size smaller than expected (2252 < 4821) > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Maildir filename > has wrong S value, renamed the file from > /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS > to > /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS > > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Corrupted index > cache file > /var/vmail/uni-greifswald.de/USER/Maildir/dovecot.index.cache: Broken > physical size for mail UID 25250 > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Cached message > size smaller than expected (2252 < 4821) > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Maildir filename > has wrong S value, renamed the file from > /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS > to > /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS > > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Corrupted index > cache file > /var/vmail/uni-greifswald.de/USER/Maildir/dovecot.index.cache: Broken > physical size for mail UID 25250 > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: > read(/var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS) > failed: Input/output error (FETCH for mailbox INBOX UID 25250) > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Disconnected: Internal > error occurred. Refer to server log for more information. [2013-03-25 > 15:08:46] in=246 out=953 > > The same problem was reported by Ralf Hildebrandt one year ago. The bug > should be fixed with revision 3599790da3d7 but it seems to be there > again. > > Input/output errors of the file system are improbable because all > files are accessible and can be read with cat and less. > > Any ideas? > > Best regards, > Gordon please reread the list archive ,solutions where massive posted and a new repair script was created Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Mon Mar 25 16:28:44 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 16:28:44 +0200 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <8A86F82DFA0144129F043A1C71CB37EB@ai.local> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> <8A86F82DFA0144129F043A1C71CB37EB@ai.local> Message-ID: On 25.3.2013, at 16.13, Hajo Locke wrote: >>> Mar 25 13:16:49 myhostname dovecot: auth: Debug: master out: USER 3613786113 myuser home=/home/myuser uid=1004 gid=1000 >>> namespace/inbox/hallohallo/auto=subscribe^Atnamespace/inbox/hallohallo/special_use=\Sent >>> Looks not really bad, but is not working. >>> What did i wrong? I would like to get this work to have a plan B. > >> See if it works without userdb prefetch? Possibly a bug.. > > Unfortunately not. I edited the sql.conf to: > > Mar 25 14:59:53 myhostname dovecot: auth-worker(16079): Debug: sql(myusername,ip.ip.ip.ip): SELECT `inbox` as `user`, `password`, `home`, `uid`, `gid` , userdb_import FROM `mail_users` WHERE `login` = 'myusername' AND `active`='Y' > Mar 25 14:59:53 myhostname dovecot: auth: Debug: master out: USER 778960897 myusername password= home=/home/myusername uid=1004 gid=1000 namespace/inbox/hallohallo/auto=subscribe namespace/inbox/hallohallo/special_use=\Sent Looks like it fixed the TAB problem. So I guess I need to fix userdb_userdb_import. > looks correct, login and reading mail works, but there is no folder autcreated etc. dovecot is 2.1.7 The problem is that there is no namespace/inbox/hallohallo section. It needs to be created explicitly. And the naming is wrong. So I think..: namespace/inbox/mailbox=hallohallo namespace/inbox/mailbox/hallohallo/auto=subscribe From tss at iki.fi Mon Mar 25 16:35:04 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 16:35:04 +0200 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> <8A86F82DFA0144129F043A1C71CB37EB@ai.local> Message-ID: On 25.3.2013, at 16.28, Timo Sirainen wrote: > Looks like it fixed the TAB problem. So I guess I need to fix userdb_userdb_import. Could you try if the attached patch fixes it? -------------- next part -------------- A non-text attachment was scrubbed... Name: diff Type: application/octet-stream Size: 652 bytes Desc: not available URL: From tss at iki.fi Mon Mar 25 16:38:03 2013 From: tss at iki.fi (Timo Sirainen) Date: Mon, 25 Mar 2013 16:38:03 +0200 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51505D8C.5050503@uni-greifswald.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> Message-ID: <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> On 25.3.2013, at 16.22, Gordon Grubert wrote: > Mar 25 15:08:46 mailserver2 dovecot: imap-login: Login: user=, method=PLAIN, rip=IP, lip=IP, mpid=28663, TLS, session= > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Cached message size smaller than expected (2252 < 4821) > Mar 25 15:08:46 mailserver2 dovecot: imap(USER): Error: Maildir filename has wrong S value, renamed the file from /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS to /var/vmail/uni-greifswald.de/USER/Maildir/cur/1169635911.30322.scooby,S=2252:2,RS .. > The same problem was reported by Ralf Hildebrandt one year ago. The bug > should be fixed with revision 3599790da3d7 but it seems to be there > again. The Dovecot bug was fixed, but the real reason for this is that the S=values are wrong in your maildir. You can either run the fixing script or set maildir_broken_filename_sizes=yes. > Input/output errors of the file system are improbable because all > files are accessible and can be read with cat and less. That's just Dovecot's internal way of passing a failure to other parts of the code. From guido+dovecot.org at berhoerster.name Mon Mar 25 16:40:16 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Mon, 25 Mar 2013 15:40:16 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <1364213544.13923.88.camel@innu> References: <20130325105908.GC5217@hal.local.invalid> <1364213544.13923.88.camel@innu> Message-ID: <20130325144016.GD5217@hal.local.invalid> * Timo Sirainen [2013-03-25 13:29]: > On Mon, 2013-03-25 at 11:59 +0100, Guido Berhoerster wrote: > > > Which are the permissions of file '/srv/mail/public/dovecot-shared' ??? > > > > -rw-r-----. 1 vmail vmail 0 Mar 25 10:22 /srv/mail/public/dovecot-shared > > > > So readable by dovecot, even if they weren't the seen flag should > > be set on the actual mailbox I suppose. > > > > > > > Did you try with a new user ?? > > > > Yeah, I created a new user and also tried removing > > dovecot-acl-list to no avail. Is there any cache that might cause > > the ACL not to be updated? > > > > Is "authenticated lrs" in the dovecot-acl correct for a read-only > > mailbox for which only the seen flag can be set? > > Find out if the problem is setting the seen flag, or something more > generic with ACLs. So easiest way to test private seen flags: Disable > ACL plugin. Disabling the ACL plugin makes it work and the seen flags are stored per-user. So it is apparently a problem with ACLs. Here is the contents of the only mailbox in the Public/ namespace: drwxrwx---. 3 root vmail 4096 Mar 25 15:31 /srv/mail/public -rw-rw----. 1 vmail vmail 36 Mar 25 10:41 /srv/mail/public/dovecot-acl -rw-rw----. 1 vmail vmail 0 Mar 25 15:31 /srv/mail/public/dovecot-acl-list -rw-------. 1 vmail vmail 30 Mar 25 15:27 /srv/mail/public/maildirsize drwxrwx---. 5 vmail vmail 4096 Mar 25 15:32 /srv/mail/public/Test -rw-rw----. 1 vmail vmail 36 Mar 25 10:41 /srv/mail/public/Test/dovecot-acl drwxrwx---. 2 vmail vmail 4096 Mar 25 15:27 /srv/mail/public/Test/tmp drwxrwx---. 2 vmail vmail 4096 Mar 25 15:27 /srv/mail/public/Test/cur -rw-rw----. 1 vmail vmail 592 Mar 9 15:17 /srv/mail/public/Test/cur/634c300070443b517913000020523daa:2,S -rw-rw----. 1 vmail vmail 556 Mar 13 19:13 /srv/mail/public/Test/cur/626be511e4c14051bf1a000020523daa:2,S drwxrwx---. 2 vmail vmail 4096 Mar 25 15:24 /srv/mail/public/Test/new -rw-rw----. 1 vmail vmail 0 Mar 25 15:24 /srv/mail/public/Test/dovecot-shared -rw-rw----. 1 vmail vmail 123 Mar 25 15:27 /srv/mail/public/Test/dovecot-uidlist -rw-r-----. 1 vmail vmail 0 Mar 25 10:22 /srv/mail/public/dovecot-shared -r--r--r--. 1 vmail vmail 0 Mar 25 15:26 /srv/mail/public/dovecot-uidvalidity.51505eac -rw-rw----. 1 vmail vmail 8 Mar 25 15:26 /srv/mail/public/dovecot-uidvalidity $ cat /srv/mail/public/dovecot-acl /srv/mail/public/Test/dovecot-acl owner lrwstipekxa authenticated lrs owner lrwstipekxa authenticated lrs ACL related configuration: mail_plugins = " acl quota trash zlib" plugin { acl = vfile ... } protocol lmtp { mail_plugins = " acl quota trash zlib sieve" } protocol lda { mail_plugins = " acl quota trash zlib sieve" } protocol imap { mail_plugins = " acl quota trash zlib autocreate imap_acl imap_quota imap_zlib" } Any idea what the problem could be here? -- Guido Berhoerster From guido+dovecot.org at berhoerster.name Mon Mar 25 16:56:38 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Mon, 25 Mar 2013 15:56:38 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <20130325144016.GD5217@hal.local.invalid> Message-ID: <20130325145638.GE5217@hal.local.invalid> I should probably add that the ACL file in the public mailbox is read correctly according to the logs: Mar 25 15:53:34 imap(gber at test.invalid): Debug: acl vfile: reading file /srv/mail/public/Test/dovecot-acl -- Guido Berhoerster From hajo.locke at gmx.de Mon Mar 25 17:14:11 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Mon, 25 Mar 2013 16:14:11 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local><8A86F82DFA0144129F043A1C71CB37EB@ai.local> Message-ID: <404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> Hello, > Looks like it fixed the TAB problem. So I guess I need to fix > userdb_userdb_import. > Could you try if the attached patch fixes it? i added the patch and did build my packages. sql.conf i switched back to prefetch. Log looks like: Mar 25 16:01:55 myhostname dovecot: auth: Debug: prefetch(myusername,ip.ip.ip.ip,): success Mar 25 16:01:55 myhostname dovecot: auth: Debug: master out: USER 3357409281 myusername home=/home/myusername uid=1004 gid=1000 namespace/inbox/mailbox=hallohallo^Atnamespace/inbox/mailbox/hallohallo/auto=subscribe same line occurs when querying ...userdb_import as userdb_import... in place of ...userdb_import as userdb_userdb_import... I also used your suggested userdb_import setting, but seems that i have no luck today. with and without prefetching there are no folders etc. autocreated. i'm stuck... :( Thanks, Hajo From bruce+dovecot at bmts.us Mon Mar 25 16:55:51 2013 From: bruce+dovecot at bmts.us (Bruce Marriner) Date: Mon, 25 Mar 2013 09:55:51 -0500 Subject: [Dovecot] Dovecot 2.1.15 on CentOS 6.4 with metadata-plugin Message-ID: <2848-51506580-1-7b2e7300@83876321> Hello, I hope somebody can help me with this :) I am trying to get Dovecot 2.1 working with Kolab 3.0 and to start that processes I need? to compile the Dovecot metadata plugin with Dovecot. For the plugin to compile correctly against the Dovecot source code Dovecot must first be patched with a patch from the plugin author (Dennis Schridde) that is currently not part of the Dovecot code (Timo, could this be added to Dovecot?) I am documenting this entire process and once it's finished it may also be helpful to the Dovecot community. You can see some of my progress, or lack of, and errors here : http://bmts.us/wiki/doku.php?id=article:kolab:dovecot In order to compile the plugin I have removed CentOS yum packages for autoconf, automake, and libtool and downloaded, compiled, and installed versions autoconf 2.69, automake 1.12.6, and libtool 2.4.2. If I download Dovecot (not from hg) I can run ./configure and make without any problems. But, to add the patch to Dovecot I need to run the autoreconf command and this is where I have trouble. [root at kolab dovecot-2.1.15]# autoreconf aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in' configure.in:284: warning: macro 'AM_ICONV' not found in library configure.in:284: error: possibly undefined macro: AM_ICONV If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. autoreconf: /usr/local/bin/autoconf failed with exit status: 1 I read this is related to gettext, so I installed gettext 0.18.2 from source and now I get the following errors : [root at kolab dovecot-2.1.15]# autoreconf aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in' automake: warning: autoconf input should be named 'configure.ac', not 'configure.in' automake: warning: autoconf input should be named 'configure.ac', not 'configure.in' src/plugins/acl/Makefile.am:16: error: 'module_LTLIBRARIES' is used but 'moduledir' is undefined src/plugins/acl/Makefile.am:19: warning: variable 'lib01_acl_plugin_la_SOURCES' is defined but no program or src/plugins/acl/Makefile.am:19: library has 'lib01_acl_plugin_la' as canonical name (possible typo) src/plugins/acl/Makefile.am:14: warning: variable 'lib01_acl_plugin_la_LDFLAGS' is defined but no program or src/plugins/acl/Makefile.am:14: library has 'lib01_acl_plugin_la' as canonical name (possible typo) src/plugins/autocreate/Makefile.am:11: error: 'module_LTLIBRARIES' is used but 'moduledir' is undefined src/plugins/autocreate/Makefile.am:14: warning: variable 'lib20_autocreate_plugin_la_SOURCES' is defined but no program or src/plugins/autocreate/Makefile.am:14: library has 'lib20_autocreate_plugin_la' as canonical name (possible typo) src/plugins/autocreate/Makefile.am:9: warning: variable 'lib20_autocreate_plugin_la_LDFLAGS' is defined but no program or src/plugins/autocreate/Makefile.am:9: library has 'lib20_autocreate_plugin_la' as canonical name (possible typo) ... ... ... ... autoreconf: automake failed with exit status: 1 From hajo.locke at gmx.de Mon Mar 25 18:14:33 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Mon, 25 Mar 2013 17:14:33 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local><8A86F82DFA0144129F043A1C71CB37EB@ai.local> <404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> Message-ID: <72C91CE8B78146C9B9C99E34F00534F3@ai.local> Hello, > I also used your suggested userdb_import setting, but seems that i have no > luck today. with and without prefetching there are no folders etc. > autocreated. > now i have a partially success. the autocreate works if mailbox hallohallo is basically created in conf file with special_use purpose: namespace inbox { inbox = yes } namespace inbox { mailbox hallohallo { special_use = \Sent auto=no } } userdb_import: namespace/inbox/mailbox=hallohallo namespace/inbox/mailbox/hallohallo/auto=subscribe In this case the settings from userdb_import override this part of conffile and folder hallohallo is autocreated and accepted by outlook 2013. (works only without prefetch) but my goal is to put also the special_use purpose per user to userdb. i reduced conf file to: namespace inbox { inbox = yes } now i extended userdb_import to: namespace/inbox/mailbox=hallohallo namespace/inbox/mailbox/hallohallo/special_use=\Sent namespace/inbox/mailbox/hallohallo/auto=subscribe At this point nothing happens. there is no folder autocreated and telnet session shows no special_use folder. Is there a possibility to put the complete special_folders config to userdb? Thanks, Hajo From thierry at odry.net Mon Mar 25 20:47:00 2013 From: thierry at odry.net (Thierry de Montaudry) Date: Mon, 25 Mar 2013 20:47:00 +0200 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: Hi Tigran, Managing a mail system for 1M odd users, we did run for a few years on some high range SAN system (NetApp, then EMC), but were not happy with the performance, whatever double head, fibre, and so on, it just couldn't handle the IOs. I must just say that at this time, we were not using dovecot. Then we moved to a completely different structure: 24 storage machines (plain CentOS as NFS servers), 7 frontend (webmail through IMAP + POP3 server) and 5 MXs, and all front end machines running dovecot. That was a major change in the system performances, but not happy yet with the 50T total storage we had. Having huge traffic between front end machine and storage, and at this time, I was not sure the switches were handling the load properly. Not talking about the load on the front end machine which some times needed a hard reboot to recover from NFS timeouts. Even after trying some heavy optimizations all around, and particularly on NFS. Then we did look at the Dovecot director, but not sure how it would handle 1M users, we moved to the proxy solution: we are now running dovecot on the 24 storage machines, our webmail system connecting with IMAP to the final storage machine, as well as the MXs with LMTP, we only use dovecot proxy for the POP3 access on the 7 front end machines. And I must say, what a change. Since then the system is running smoothly, no more worries about NFS timeouts and the loadavg on all machine is down to almost nothing, as well as the internal traffic on the switches and our stress. And most important, the feed back from our users told us that we did the right thing. Only trouble: now and then we have to move users around, as if a machine gets full, the only solution is to move data to one that has more space. But this is achieved easily with the dsync tool. This is just my experience, it might not be the best, but with the (limited) budget we had, we finally came up with a solutions that can handle the load and got us away from SAN systems which could never handle the IOs for mail access. Just for the sake of it, our storage machines only have each 4 x 1T SATA drives in RAID 10, and 16G of mem, which I've been told would never do the job, but it just works. Thanks Timo. Hoping this will help in your decision, Regards, Thierry On 24 Mar 2013, at 18:12, Tigran Petrosyan wrote: > Hi > We are going to implement the "Dovecot" for 1 million users. We are going > to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 > via (Fibre Channel storage). > Can someone help to make decision? What kind of storage solution we can use > to achieve good performance and scalability. From brintoul at sbcglobal.net Tue Mar 26 03:58:19 2013 From: brintoul at sbcglobal.net (Bradley Rintoul) Date: Mon, 25 Mar 2013 18:58:19 -0700 (PDT) Subject: [Dovecot] ACL for root-level mailboxes Message-ID: <1364263099.67196.YahooMailRC@web184703.mail.ne1.yahoo.com> Hello: I see in the documentation where it says that if mailboxes are created at the root level it will use the namespace's default ACL. I'm using Dovecot 2.0.9 so there is no default namespace defined, so I'm a bit handicapped here... Anyway, assuming I can figure out how to define a default namespace, how do I specify its ACL? Where would the file describing the access go? Sorry if this is a bit broad, but any help would be appreciated. Thanks, B. Rintoul From jtam.home at gmail.com Tue Mar 26 05:14:10 2013 From: jtam.home at gmail.com (Joseph Tam) Date: Mon, 25 Mar 2013 20:14:10 -0700 (PDT) Subject: [Dovecot] Migrating password scheme In-Reply-To: References: Message-ID: Andreas wrote: > > I tried the userdb prefetch / postlogin script method to do some password > > manipulation, but it doesn't appear to work for me. In particular, I > > don't think this method works with > > > > userdb { > > driver = passwd-file > > args = /path/to/passwd-file userdb_pw=%w > > } > > > > From what i understand you have to set a userdb_ variable > with passdb and userdb prefetch set. The %w variable seems to be > already empty (again?) at userdb stage. Did all of that. The problem is not prefetching, but that you can't pass arguments via the args=.... Dovecot parses the entire line as a password file pathname. Timo Sirainen definitively writes: > With v2.1 try: > > userdb { > driver = passwd-file > args = /path/to/passwd-file > default_fields = pw=%w > } Thanks, Timo. This works beautifully. Furthermore, it doesn't need the userdb prefetch. Summarizing, the minimal incantation for passing dovecot variables to the post-login script is userdb { driver = passwd-file args = /var/dovecot/test/passwd default_fields = pw=%w } service imap { executable = imap postlogin ... } service pop3 { executable = imap postlogin ... } service postlogin { executable = script-login /path/to/postlogin-exec # Careful -- defaults to root user = $default_internal_user unix_listener postlogin { } } I've updated the Dovecot2 wiki, but I am unsure which userdb's "default_fields" applies to, and whether it just applies to postlogin scripts, so I documented it at http://wiki2.dovecot.org/AuthDatabase/PasswdFile Joseph Tam From guido+dovecot.org at berhoerster.name Tue Mar 26 09:59:16 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Tue, 26 Mar 2013 08:59:16 +0100 Subject: [Dovecot] Per-user seen flags for public read-only mailboxes In-Reply-To: <1364213544.13923.88.camel@innu> Message-ID: <20130326075916.GG5217@hal.local.invalid> * Timo Sirainen [2013-03-25 12:12]: > On Mon, 2013-03-25 at 11:59 +0100, Guido Berhoerster wrote: >> > Which are the permissions of file '/srv/mail/public/dovecot-shared' ??? >> >> -rw-r-----. 1 vmail vmail 0 Mar 25 10:22 /srv/mail/public/dovecot-shared >> >> So readable by dovecot, even if they weren't the seen flag should >> be set on the actual mailbox I suppose. >> >> >> > Did you try with a new user ?? >> >> Yeah, I created a new user and also tried removing >> dovecot-acl-list to no avail. Is there any cache that might cause >> the ACL not to be updated? >> >> Is "authenticated lrs" in the dovecot-acl correct for a read-only >> mailbox for which only the seen flag can be set? > > Find out if the problem is setting the seen flag, or something more > generic with ACLs. So easiest way to test private seen flags: Disable > ACL plugin. So I did some further experimenting and either disabling the ACL plugin or changing permissions to "authenticated lrws" makes a mailbox not read-only and allows storing the seen flag on a per-user basis. Am I still doing something wrong or is this a bug in dovecot 2.0.9? -- Guido Berhoerster From hajo.locke at gmx.de Tue Mar 26 11:06:46 2013 From: hajo.locke at gmx.de (Hajo Locke) Date: Tue, 26 Mar 2013 10:06:46 +0100 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local><8A86F82DFA0144129F043A1C71CB37EB@ai.local><404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> <72C91CE8B78146C9B9C99E34F00534F3@ai.local> Message-ID: <16EFDF957F884AA8A83C883A5A6FDC3B@ai.local> Hallo, > the autocreate works if mailbox hallohallo is basically created in conf > file with special_use purpose: > > namespace inbox { > inbox = yes > } > > namespace inbox { > > mailbox hallohallo { > special_use = \Sent > auto=no > } > > } > > userdb_import: namespace/inbox/mailbox=hallohallo > namespace/inbox/mailbox/hallohallo/auto=subscribe > > In this case the settings from userdb_import override this part of > conffile and folder hallohallo is autocreated and accepted by outlook > 2013. (works only without prefetch) > but my goal is to put also the special_use purpose per user to userdb. > i reduced conf file to: > > namespace inbox { > inbox = yes > } > > now i extended userdb_import to: > > namespace/inbox/mailbox=hallohallo > namespace/inbox/mailbox/hallohallo/special_use=\Sent > namespace/inbox/mailbox/hallohallo/auto=subscribe > so this seems to be the end of the attempt to move special_use features 100% to userdb. i have to mark a folder with special_use feature directly in conf-file and are only able to control the autocreation of this folder in userdb_import If i move all (like above) all 3 lines to userdb, then nothing good happens, sometimes outlook 2013 even crashes... so, do i have any other chances? Thanks, Hajo From nmilas at noa.gr Tue Mar 26 12:14:03 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 12:14:03 +0200 Subject: [Dovecot] Error Building v2.2 Message-ID: <515174EB.3030802@noa.gr> Hello, I am trying to build Dovecot v2.2 (nightly version 20130326, which I have renamed and use as 2.2.0) on CentOS 6.4 x86_64 and I am having a problem: ... + ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info 'INSTALL_DATA=install -c -p -m644' --docdir=/usr/share/doc/dovecot-2.2.0 --disable-static --disable-rpath --with-nss --with-shadow --with-pam --with-gssapi=plugin --with-ldap=plugin --with-sql=plugin --with-pgsql --with-mysql --with-sqlite --with-zlib --with-libcap --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-solr --with-docs --with-bzlib configure: error: unrecognized option: --docdir=/usr/share/doc/dovecot-2.2.0 I found here: http://www.dovecot.org/list/dovecot/2011-April/058420.html that --docdir option exists when autoconf version > 2.60. Yet: $ rpm -qa | grep autoconf autoconf-2.63-5.1.el6.noarch So, what may be wrong? Please help. Thanks, Nick From christian.wiese at securepoint.de Tue Mar 26 12:46:47 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Tue, 26 Mar 2013 11:46:47 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <515174EB.3030802@noa.gr> References: <515174EB.3030802@noa.gr> Message-ID: <20130326114647.7c0b7abd@cw-desktop> Hi, just a quick guess, but maybe you need to run the supplied 'autogen.sh' script before running configure, so your configure scripts gets regenerated using _your_ installed version of autoconf. Chris Am Tue, 26 Mar 2013 12:14:03 +0200 schrieb Nikolaos Milas : > Hello, > > I am trying to build Dovecot v2.2 (nightly version 20130326, which I > have renamed and use as 2.2.0) on CentOS 6.4 x86_64 and I am having a > problem: > ... > + ./configure --build=x86_64-redhat-linux-gnu > --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu > --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin > --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share > --includedir=/usr/include --libdir=/usr/lib64 > --libexecdir=/usr/libexec --localstatedir=/var > --sharedstatedir=/var/lib --mandir=/usr/share/man > --infodir=/usr/share/info 'INSTALL_DATA=install -c -p -m644' > --docdir=/usr/share/doc/dovecot-2.2.0 --disable-static > --disable-rpath --with-nss --with-shadow --with-pam > --with-gssapi=plugin --with-ldap=plugin --with-sql=plugin > --with-pgsql --with-mysql --with-sqlite --with-zlib --with-libcap > --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-solr > --with-docs --with-bzlib configure: error: unrecognized option: > --docdir=/usr/share/doc/dovecot-2.2.0 > > I found here: > http://www.dovecot.org/list/dovecot/2011-April/058420.html that > --docdir option exists when autoconf version > 2.60. > > Yet: > > $ rpm -qa | grep autoconf > autoconf-2.63-5.1.el6.noarch > > So, what may be wrong? > > Please help. > > Thanks, > Nick -- Kind regards, Mit freundlichen Gr??en, Christian Wiese Follow us on Facebook: Follow us on Twitter: --------------------------------------------------------------------- Securepoint GmbH Christian Wiese Salzstr. 1 D-21335 Lueneburg http://www.securepoint.de Tele: ++49 4131 2401-0 Fax: ++49 4131 2401-50 Lueneburg HRB 1776 --------------------------------------------------------------------- CONFIDENTIALITY : This e-mail and any attachments are confidential and may be privileged. If you are not a named recipient, please notify the sender immediately and do not disclose the contents to another person, use it for any purpose or store or copy the information in any medium. GEHEIMHALTUNGSPFLICHT : Dieses E-Mail und alle damit verbundenen Anlagen sind vertraulich und d?rfen nur bestimmten Personen zug?nglich gemacht werden. Sofern Sie nicht zu den angegebenen Empf?ngern geh?ren, benachrichtigen Sie bitte unverz?glich den Absender. Der Inhalt darf weder an Dritte weitergegeben noch zu anderen Zwecken verwendet werden. Die Informationen d?rfen auch nicht auf einem Datentr?ger gespeichert oder auf einen Datentr?ger kopiert werden. From nmilas at noa.gr Tue Mar 26 13:02:35 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 13:02:35 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <20130326114647.7c0b7abd@cw-desktop> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> Message-ID: <5151804B.2030403@noa.gr> On 26/3/2013 12:46 ??, Christian Wiese wrote: > just a quick guess, but maybe you need to run the supplied 'autogen.sh' > script before running configure, so your configure scripts gets > regenerated using_your_ installed version of autoconf. Thanks, I am using an SRPM ?? build RPMs. This SRPM was running fine with earlier versions of dovecot - I don't see any reference of autogen therein. The SRPM is: http://ns.fakessh.eu/rpms/dovecot-2.1.8-1.centme.src.rpm I've tried building on CentOS 5.9 as well, but it failed with the same error. Again, I did not have such problems when building 2.1.x versions. Any other ideas? Nick From christian.wiese at securepoint.de Tue Mar 26 13:30:42 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Tue, 26 Mar 2013 12:30:42 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <5151804B.2030403@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> Message-ID: <20130326123042.664075c3@cw-desktop> Hi Nick, long time I haven't used RPMs or SRPMs, so I cannot really help about it. > I am using an SRPM ?? build RPMs. This SRPM was running fine with > earlier versions of dovecot - I don't see any reference of autogen > therein. > That there is no "reference of autogen" within the spec we shouldn't really wondering about, maybe because this spec file is normally used together with "release tarballs". I fetched the nightly snapshot you are using to check the included configure script, to see what version of autoconf was used to generate it. ---------------------------snip-------------------------------------- #! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59 for Dovecot 20130326. ---------------------------snip-------------------------------------- As we see the included configure script was generate using autoconf 2.59. > The SRPM is: http://ns.fakessh.eu/rpms/dovecot-2.1.8-1.centme.src.rpm > > I've tried building on CentOS 5.9 as well, but it failed with the > same error. Again, I did not have such problems when building 2.1.x > versions. Most probably the configure scripts of those version have been generated with an autoconf version > 2.59. Taking a quick look into the dovecot 2.1.12 sources reveals that the included configure script was generated with autoconf 2.68. ---------------------------snip-------------------------------------- #! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.68 for Dovecot 2.1.12. ---------------------------snip-------------------------------------- So I guess we have nailed down the problem ;) > Any other ideas? I would suggest that you really try to tweak the spec file of that package to regenerate the configure script. I have already seen that there is no autogen.sh shipped within the nightly snapshots, so you might want to try to call 'autorecon -vfi' _before_ calling 'configure'. > > Nick Good Luck, Chris From christian.wiese at securepoint.de Tue Mar 26 13:35:05 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Tue, 26 Mar 2013 12:35:05 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <20130326123042.664075c3@cw-desktop> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> Message-ID: <20130326123505.151b93f6@cw-desktop> I made a little typo > I would suggest that you really try to tweak the spec file of that > package to regenerate the configure script. I have already seen that > there is no autogen.sh shipped within the nightly snapshots, so you > might want to try to call 'autorecon -vfi' _before_ calling > 'configure'. try to call 'autoreconf -vfi' ;) From nmilas at noa.gr Tue Mar 26 14:03:19 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 14:03:19 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <20130326123505.151b93f6@cw-desktop> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> Message-ID: <51518E87.9030603@noa.gr> On 26/3/2013 1:35 ??, Christian Wiese wrote: > try to call 'autoreconf -vfi';) That's pure magic - autoreconf did the trick (on CentOS 6)! I, a poor man trying to build these rocket-science apps, could not do it without your magic... Yet, it did not work on CentOS 5: autoreconf: Entering directory `.' autoreconf: configure.ac: not using Gettext autoreconf: running: aclocal --force aclocal:configure.ac:294: warning: macro `AM_ICONV' not found in library autoreconf: configure.ac: tracing autoreconf: running: libtoolize --copy --force aclocal:configure.ac:294: warning: macro `AM_ICONV' not found in library autoreconf: running: /usr/bin/autoconf --force configure.ac:294: error: possibly undefined macro: AM_ICONV If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. autoreconf: /usr/bin/autoconf failed with exit status: 1 Any ideas? Also, on CentOS 6, much later down the compilation, I got another error: ... ./../../sieve-generator.h:78: error: expected specifier-qualifier-list before 'ARRAY_DEFINE' cmd-vacation.c: In function 'ext_vacation_operation_execute': cmd-vacation.c:696: warning: implicit declaration of function 'ARRAY_DEFINE' cmd-vacation.c:696: error: 'norm_addresses' undeclared (first use in this function) cmd-vacation.c:696: error: (Each undeclared identifier is reported only once cmd-vacation.c:696: error: for each function it appears in.) cmd-vacation.c:696: error: expected expression before 'const' cmd-vacation.c:712: warning: type defaults to 'int' in declaration of 'type name' cmd-vacation.c:712: error: size of array 'type name' is negative cmd-vacation.c:726: warning: type defaults to 'int' in declaration of 'type name' cmd-vacation.c:727: warning: type defaults to 'int' in declaration of 'type name' make[5]: *** [cmd-vacation.lo] Error 1 make[5]: Leaving directory `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve/plugins' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3' Could you shed some light on this as well? Perhaps pigeonhole 2.1-0.3.3 is not compatible with 2.2 ? Any suggestions? Thanks and Regards, Nick From christian.wiese at securepoint.de Tue Mar 26 14:36:35 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Tue, 26 Mar 2013 13:36:35 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <51518E87.9030603@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> Message-ID: <20130326133635.3fb774d2@cw-desktop> Hi Nick, > > try to call 'autoreconf -vfi';) > > That's pure magic - autoreconf did the trick (on CentOS 6)! > > I, a poor man trying to build these rocket-science apps, could not do > it without your magic... Don't worry... that is no rocket science ;) I agree that dealing with "autofoo" can be very annoying but there is no reason to fear it. You simply need to get some experience with it which is hard to get when using pre-built binary packages ;) > Yet, it did not work on CentOS 5: > > autoreconf: Entering directory `.' > autoreconf: configure.ac: not using Gettext > autoreconf: running: aclocal --force > aclocal:configure.ac:294: warning: macro `AM_ICONV' not found in > library autoreconf: configure.ac: tracing > autoreconf: running: libtoolize --copy --force > aclocal:configure.ac:294: warning: macro `AM_ICONV' not found in > library autoreconf: running: /usr/bin/autoconf --force > configure.ac:294: error: possibly undefined macro: AM_ICONV > If this token and others are legitimate, please use m4_pattern_allow. > See the Autoconf documentation. > autoreconf: /usr/bin/autoconf failed with exit status: 1 I think the iconv.m4 is missing which is installed by gettext. Maybe you have gettext development stuff installed on the machine where the autoreconf is working. So you might want to install it on your CentOS 5 machine too. > Also, on CentOS 6, much later down the compilation, I got another > error: > > ... > ./../../sieve-generator.h:78: error: expected > specifier-qualifier-list before 'ARRAY_DEFINE' > cmd-vacation.c: In function 'ext_vacation_operation_execute': > cmd-vacation.c:696: warning: implicit declaration of function > 'ARRAY_DEFINE' cmd-vacation.c:696: error: 'norm_addresses' undeclared > (first use in this function) > cmd-vacation.c:696: error: (Each undeclared identifier is reported > only once cmd-vacation.c:696: error: for each function it appears in.) > cmd-vacation.c:696: error: expected expression before 'const' > cmd-vacation.c:712: warning: type defaults to 'int' in declaration of > 'type name' > cmd-vacation.c:712: error: size of array 'type name' is negative > cmd-vacation.c:726: warning: type defaults to 'int' in declaration of > 'type name' > cmd-vacation.c:727: warning: type defaults to 'int' in declaration of > 'type name' > make[5]: *** [cmd-vacation.lo] Error 1 > make[5]: Leaving directory > `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve/plugins/vacation' > make[4]: *** [all-recursive] Error 1 > make[4]: Leaving directory > `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve/plugins' > make[3]: *** [all-recursive] Error 1 > make[3]: Leaving directory > `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src/lib-sieve' > make[2]: *** [all-recursive] Error 1 > make[2]: Leaving directory > `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3/src' > make[1]: *** [all-recursive] Error 1 > make[1]: Leaving directory > `/home/dovebuilder/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.1-pigeonhole-0.3.3' > > Could you shed some light on this as well? Perhaps pigeonhole > 2.1-0.3.3 is not compatible with 2.2 ? Any suggestions? > Pigeonhole 2.1-0.3.3 is not compatible with dovecot 2.2, thus it is mandatory to update pigeonhole too. There seem to be no snapshot tarballs for it, so you most probably need to create your own from the correct mercurial branch. see: http://hg.rename-it.nl/dovecot-2.2-pigeonhole/ Hint: You can create a tarball from it through the web interface above. Cheers, Chris From jg at softjury.de Tue Mar 26 15:39:01 2013 From: jg at softjury.de (Jan Phillip Greimann) Date: Tue, 26 Mar 2013 14:39:01 +0100 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions Message-ID: <5151A4F5.3090706@softjury.de> Hi there, I read an article about dovecot 2.2, which includes the LEMONADE extensions, and was fascinated about the feature "Forward without download". We have a small internet-uplink in our office and our CEO loves to receive mails with large attachments, he also reply/forward it, so every time the full attachments get downloaded and uploaded again. Now the question is: Is LEMONADE supported by desktop-mailclients like thunderbird or just mobile Clients? (Google said nothing to this, maybe searched the wrong words) I hope someone can help me with this. Greetings, Jan From nmilas at noa.gr Tue Mar 26 16:19:22 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 16:19:22 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <20130326133635.3fb774d2@cw-desktop> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> Message-ID: <5151AE69.4030401@noa.gr> On 26/3/2013 2:36 ??, Christian Wiese wrote: > Pigeonhole 2.1-0.3.3 is not compatible with dovecot 2.2, thus it is > mandatory to update pigeonhole too. There seem to be no snapshot > tarballs for it, so you most probably need to create your own from the > correct mercurial branch. Tried with dovecot-2-2-pigeonhole-097764f6bbe3 which I renamed as dovecot-2.2-pigeonhole-0.3.4 and at some point it failed as well: ... + pushd dovecot-2.2-pigeonhole-0.3.4 ~/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.2-pigeonhole-0.3.4 ~/rpmbuild/BUILD/dovecot-2.2.0 + CFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fno-strict-aliasing' + export CFLAGS + CXXFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' + export CXXFLAGS + FFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -I/usr/lib64/gfortran/modules' + export FFLAGS + ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info 'INSTALL_DATA=install -c -p -m644' --disable-static --with-dovecot=../ --without-unfinished-features /var/tmp/rpm-tmp.yRHSSw: line 93: ./configure: No such file or directory error: Bad exit status from /var/tmp/rpm-tmp.yRHSSw (%build) Any ideas? It may be that the 2.1 spec file needs heavier (than what I've done) customization to be suitable for v2.2 compilation... Thanks for your kind help. Nick From dave.gattis at suhner.com Tue Mar 26 16:39:29 2013 From: dave.gattis at suhner.com (rpsuprdave) Date: Tue, 26 Mar 2013 07:39:29 -0700 (PDT) Subject: [Dovecot] Released Pigeonhole v0.2.4 for Dovecot v2.0.14 In-Reply-To: <4E6FC369.1090506@rename-it.nl> References: <4E6FC369.1090506@rename-it.nl> Message-ID: <1364308769140-41111.post@n4.nabble.com> Hello Dovecot Users, This looks like a possible workaround for issues I am having with Dovecot 2.1.7. Our emails are redirected from the home office so the vacation response always fails with, "discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers". I need to use the sieve vacation option but cannot figure out how to get it working for us. If I send to the local address, it works fine. If I send to the redirect address, it fails with above error. Unfortunately, all of our emails are from redirected addresses, all from a single domain. There's got to be some way to make it work AND protect our server's good name. Any help greatly appreciated, Dave Stephan Bosch-2 wrote > + Vacation extension: finally added support for using the original > recipient in vacation address check. It is also possible to disable > the recipient address check entirely. Check doc/vacation.txt for > configuration information. -- View this message in context: http://dovecot.2317879.n4.nabble.com/Released-Pigeonhole-v0-2-4-for-Dovecot-v2-0-14-tp14196p41111.html Sent from the Dovecot mailing list archive at Nabble.com. From CMarcus at Media-Brokers.com Tue Mar 26 16:40:05 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Tue, 26 Mar 2013 10:40:05 -0400 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <5151A4F5.3090706@softjury.de> References: <5151A4F5.3090706@softjury.de> Message-ID: <5151B345.9050400@Media-Brokers.com> On 2013-03-26 9:39 AM, Jan Phillip Greimann wrote: > I read an article about dovecot 2.2, which includes the LEMONADE > extensions, and was fascinated about the feature "Forward without > download". We have a small internet-uplink in our office and our CEO > loves to receive mails with large attachments, he also reply/forward > it, so every time the full attachments get downloaded and uploaded > again. Now the question is: Is LEMONADE supported by > desktop-mailclients like thunderbird or just mobile Clients? (Google > said nothing to this, maybe searched the wrong words) It depends on whether you are using POP or IMAP. If he/you all are using POP, then this won't help you. But if you are accessing your email via IMAP, then it will depend on the client. I honestly don't know what, if any, clients support it and/or to what extent, but I don't think Thunderbird supports it... One thing that Timo has talked about is the possibility of something like a submission service, so that at least, when sending messages, assuming that you 'save a copy of all sent mail to the Sent folder', it doesn't have to upload it twice (once for sending, then again for copying to the Sent folder), but I have no idea if that feature could also be leveraged to provide the functionality you are wanting WITHOUT client-side support. From christian.wiese at securepoint.de Tue Mar 26 16:42:35 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Tue, 26 Mar 2013 15:42:35 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <5151AE69.4030401@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> <5151AE69.4030401@noa.gr> Message-ID: <20130326154235.70724de6@cw-desktop> Hi Nick, > > Tried with dovecot-2-2-pigeonhole-097764f6bbe3 which I renamed as > dovecot-2.2-pigeonhole-0.3.4 and at some point it failed as well: > > ... > + pushd dovecot-2.2-pigeonhole-0.3.4 > ~/rpmbuild/BUILD/dovecot-2.2.0/dovecot-2.2-pigeonhole-0.3.4 > ~/rpmbuild/BUILD/dovecot-2.2.0 > + CFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic > -fno-strict-aliasing' > + export CFLAGS > + CXXFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' > + export CXXFLAGS > + FFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic > -I/usr/lib64/gfortran/modules' > + export FFLAGS > + ./configure --build=x86_64-redhat-linux-gnu > --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu > --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin > --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share > --includedir=/usr/include --libdir=/usr/lib64 > --libexecdir=/usr/libexec --localstatedir=/var > --sharedstatedir=/var/lib --mandir=/usr/share/man > --infodir=/usr/share/info 'INSTALL_DATA=install -c -p -m644' > --disable-static --with-dovecot=../ > --without-unfinished-features /var/tmp/rpm-tmp.yRHSSw: line > 93: ./configure: No such file or directory error: Bad exit status > from /var/tmp/rpm-tmp.yRHSSw (%build) > > Any ideas? Without knowing the spec file it is hard to tell but I think that you didn't run autogen.sh shipped with the dovecot-pigeonhole sources, because "./configure: No such file or directory error" is kind of explicit about what went wrong. So I bet you simply need to run the 'autogen.sh' script shipped with the pigeonhole sources, to get a configure script generated. Needless to say that this has to be done before actually calling configure, so most probably calling autogen.sh right after the "pushd dovecot-2.2-pigeonhole-0.3.4" might be a good idea ;) Cheers, Chris From rs at sys4.de Tue Mar 26 16:55:37 2013 From: rs at sys4.de (Robert Schetterer) Date: Tue, 26 Mar 2013 15:55:37 +0100 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <5151A4F5.3090706@softjury.de> References: <5151A4F5.3090706@softjury.de> Message-ID: <5151B6E9.50109@sys4.de> Am 26.03.2013 14:39, schrieb Jan Phillip Greimann: > Hi there, > > I read an article about dovecot 2.2, which includes the LEMONADE > extensions, and was fascinated about the feature "Forward without > download". We have a small internet-uplink in our office and our CEO > loves to receive mails with large attachments, he also reply/forward it, > so every time the full attachments get downloaded and uploaded again. > Now the question is: Is LEMONADE supported by desktop-mailclients like > thunderbird or just mobile Clients? (Google said nothing to this, maybe > searched the wrong words) > > I hope someone can help me with this. > > Greetings, Jan > you may have a look to the links, but dont expect lemonade in desktop clients in prime, guess it will be first in smartphone clients http://en.wikipedia.org/wiki/Lemonade_Profile http://kb.mozillazine.org/IMAP#Lemonade https://wiki.mozilla.org/MailNews:Supported_IMAP_extensions http://www.linux-magazin.de/Ausgaben/2009/12/Lemonade-fuer-unterwegs http://www.heise.de/netze/meldung/Lemonade-verbessert-IMAP-Zugriff-fuer-Mobilgeraete-752533.html http://www.isode.com/whitepapers/lemonade-profile.html Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From dave.gattis at suhner.com Tue Mar 26 19:10:52 2013 From: dave.gattis at suhner.com (Dave Gattis) Date: Tue, 26 Mar 2013 13:10:52 -0400 Subject: [Dovecot] Sieve Vacation for redirected email Message-ID: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> I posted this elsewhere, but under an old post. I apologize for the repeated question. Hello Dovecot Users, Dovecot 2.1.7 Our emails are redirected from the home office causing all vacation responses to fail with, "discarding vacation response for implicitly delivered message; no known (envelope) recipient address found in message headers". I need to use the Sieve Vacation option but cannot figure out how to get it working for us. If I send to the local address, it works fine. If I send to the redirect address, it fails with above error. Unfortunately, all of our emails are redirects from a single domain. There's got to be some way to make it work. Any help would be greatly appreciated, Dave Stephan Bosch-2 wrote > + Vacation extension: finally added support for using the original > recipient in vacation address check. It is also possible to disable > the recipient address check entirely. Check doc/vacation.txt for > configuration information. From gedalya at gedalya.net Tue Mar 26 19:48:19 2013 From: gedalya at gedalya.net (Gedalya) Date: Tue, 26 Mar 2013 13:48:19 -0400 Subject: [Dovecot] Sieve Vacation for redirected email In-Reply-To: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> References: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> Message-ID: <5151DF63.6090004@gedalya.net> I think you might want to look at the :addresses paramerer http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples#Vacation_auto-reply http://tools.ietf.org/html/rfc5230#page-7 On 03/26/2013 01:10 PM, Dave Gattis wrote: > I posted this elsewhere, but under an old post. I apologize for the > repeated question. > > Hello Dovecot Users, > > Dovecot 2.1.7 > > Our emails are redirected from the home office causing all vacation > responses to fail with, "discarding vacation response for implicitly > delivered message; no known (envelope) recipient address found in > message headers". > I need to use the Sieve Vacation option but cannot figure out how to > get it working for us. If I send to the local address, it works > fine. If I send to the redirect address, it fails with above error. > Unfortunately, all of our emails are redirects from a single domain. > There's got to be some way to make it work. > Any help would be greatly appreciated, > Dave > > > > Stephan Bosch-2 wrote >> + Vacation extension: finally added support for using the original >> recipient in vacation address check. It is also possible to disable >> the recipient address check entirely. Check doc/vacation.txt for >> configuration information. > > > From dave.gattis at suhner.com Tue Mar 26 21:14:08 2013 From: dave.gattis at suhner.com (rpsuprdave) Date: Tue, 26 Mar 2013 12:14:08 -0700 (PDT) Subject: [Dovecot] Sieve Vacation for redirected email In-Reply-To: <5151DF63.6090004@gedalya.net> References: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> <5151DF63.6090004@gedalya.net> Message-ID: <1364325248146-41117.post@n4.nabble.com> Here's the headers for my emails: Return-Path: X-Original-To: dave.gattis at domain-b.com Delivered-To: dave.gattis at domain-b.com Received: from spamcop.main.ch (spamcop.main.ch [83.144.241.40]) by domain-b.com (Postfix) with ESMTP id 0E4E81C101DE for ; Tue, 26 Mar 2013 14:35:13 -0400 (EDT) Received: from ex.domain-a.com (ex.domain-a.com [83.144.240.35]) by spamcop.main.ch with ESMTP id 0dP4XCjZrdDY5l1Q for ; Tue, 26 Mar 2013 19:41:36 +0100 (CET) Received: from EX2.domain-a.com ([fe80::acd3:8e53:bcb6:7a4%11]) by ex2.domain-a.com ([fe80::acd3:8e53:bcb6:7a4%11]) with Microsoft SMTP Server id 14.01.0355.002; Tue, 26 Mar 2013 19:39:54 +0100 From: Dave Gattis To: SUMACO Gattis Dave Subject: test 0 Date: Tue, 26 Mar 2013 18:41:31 +0000 Message-ID: Resent-From: Content-Type: text/plain; charset="iso-8859-1" Content-ID: <9DB22326568944448618AFEDB6FAE727 at domain-a.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Resent-Message-Id: <20130326184137.22986D3422 at spamcop.main.ch> Resent-Date: Tue, 26 Mar 2013 19:41:37 +0100 (CET) X-WatchGuard-AntiVirus: part scanned. clean action=allow X-MyCompanyUSA-MailScanner-Information: Please contact the ISP for more information X-MyCompanyUSA-MailScanner-ID: 0E4E81C101DE.A6387 X-MyCompanyUSA-MailScanner: Found to be clean X-MyCompanyUSA-MailScanner-From: dave.gattis at domain-a.com X-Spam-Status: No From: Dave Gattis is the original sender. To: SUMACO Gattis Dave is where I sent it. X-Original-To: dave.gattis at domain-b.com is where it was redirected to. Postfix and dovecot handle everything nicely, but the vacation piece reports no known recipient, or if I add my address, it reports that can't send to itself. Dave -- View this message in context: http://dovecot.2317879.n4.nabble.com/Sieve-Vacation-for-redirected-email-tp41115p41117.html Sent from the Dovecot mailing list archive at Nabble.com. From nmilas at noa.gr Tue Mar 26 21:40:34 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 21:40:34 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <20130326154235.70724de6@cw-desktop> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> <5151AE69.4030401@noa.gr> <20130326154235.70724de6@cw-desktop> Message-ID: <5151F9B2.9010807@noa.gr> On 26/3/2013 4:42 ??, Christian Wiese wrote: > most probably calling autogen.sh right after the "pushd > dovecot-2.2-pigeonhole-0.3.4" might be a good idea I found I needed to add: %{_builddir}/%{name}-%{version}/dovecot-2.2-pigeonhole-%{pigeonholever}/autogen.sh ....at the suggested point (calling autogen.sh alone would not work). Also I had to add (at the %files section): %{_libdir}/dovecot/libssl_iostream_openssl.so ...because otherwise I got the error: RPM build errors: Installed (but unpackaged) file(s) found: /usr/lib64/dovecot/libssl_iostream_openssl.so And, finally, build was finished successfully. I haven't installed/tested it yet, but at least RPMs were created fine. I'll post the final package soon in case someone would like to use it. However, on CentOS 5, it didn't work. autoreconf did not output errors after I installed gettext-devel but it again threw: + ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info 'INSTALL_DATA=install -c -p -m644' --docdir=/usr/share/doc/dovecot-2.2.0 --disable-static --disable-rpath --with-nss --with-shadow --with-pam --with-gssapi=plugin --with-ldap=plugin --with-sql=plugin --with-pgsql --with-mysql --with-sqlite --with-zlib --with-libcap --with-ssl=openssl --with-ssldir=/etc/pki/dovecot --with-solr --with-docs --with-bzlib configure: error: unrecognized option: --docdir=/usr/share/doc/dovecot-2.2.0 Any other suggestions? Thanks again for your valuable guidance. Nick From nmilas at noa.gr Tue Mar 26 22:57:02 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Tue, 26 Mar 2013 22:57:02 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <5151F9B2.9010807@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> <5151AE69.4030401@noa.gr> <20130326154235.70724de6@cw-desktop> <5151F9B2.9010807@noa.gr> Message-ID: <51520B9E.6050202@noa.gr> On 26/3/2013 9:40 ??, Nikolaos Milas wrote: > However, on CentOS 5, it didn't work. autoreconf did not output errors > after I installed gettext-devel but it again threw: Hmm, I forgot; According to: http://www.dovecot.org/list/dovecot/2011-April/058420.html, --docdir option exists when autoconf version > 2.60, but CentOS / RHEL 5 has version 2.59. So, how do we build Dovecot v2.2 on CentOS 5 ? Thanks, Nick From p.heinlein at heinlein-support.de Wed Mar 27 00:15:54 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Tue, 26 Mar 2013 23:15:54 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> Message-ID: <51521E1A.3060205@heinlein-support.de> Am 25.03.2013 15:38, schrieb Timo Sirainen: Hi, >> The same problem was reported by Ralf Hildebrandt one year ago. The bug >> should be fixed with revision 3599790da3d7 but it seems to be there >> again. > > The Dovecot bug was fixed, but the real reason for this is that the S=values are wrong in your maildir. You can either run the fixing script or set maildir_broken_filename_sizes=yes. Looks like this (or a related) bug still exist. If you have a Maildir-Storage with gzip compression enabled, everything's working fine if the user receives mail by LMTP. The mail is saved in his Maildir-Storage, having the right (uncompressed) size in the filename. vmail vmail 1.9K Mar 26 22:17 1364332643.M527513P23361.mailserver2,S=3780,W=3860:2 But: If the dovecot.index is broken, corrupt or deleted, Dovecot isn't able to rebuild his index-files. In Step ONE dovecot creates his index-files, but looks like Dovecot's using the (smaller) FILEsize instead of the (larger) real size. In Step TWO Dovecot's realizing that the cached size and the stored file size in the filename doesn't fit together. But Dovecot doesn't fix his index file; instead Dovecot's renaming the Maildir-Files, storing the (small) file size in the filename. Mar 26 22:39:17 mailserver2 dovecot: imap(testuser): Error: Cached message size smaller than expe cted (1467 < 3780) Error: Maildir filename has wrong S value, r enamed the file from /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M527513P23361.m ailserver2,S=3780,W=3860:2, to /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M5275 13P23361.mailserver2,S=1856:2, HOW TO REPRODUCE: *) Create a Maildir-Store with zip enabled *) Deliver Mails into it. Everything's working fine, the filenames are right *) Delete dovecot.index* *) STEP ONE: Dovecot's complaining about broken index-files *) STEP TWO: Dovecot's renaming the files I haven't seen any way to find to workaround or repair this broken Maildir-Storage. Even if I rename all files and set sizes in the filenames, Dovecot's complaining about the mismatch in his cache and starts his (broken) repair action. If we're right, this could be grow to a real problem. Every Server with zipped Maildirs can be completly ruined just by deleting his index-cache-files. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From andre.rodier at gmail.com Wed Mar 27 00:48:58 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Tue, 26 Mar 2013 22:48:58 +0000 Subject: [Dovecot] Importing emails from PST Archives Message-ID: <20130326224858.GA16593@london.s2end.co.uk> Hello everyone, I am currently migrating a small company from exchange 2003 to Dovecot. So far, the most painful process has been the PST archives. (Except the inconditionals of Outlook) I have been able to create the directory structure using the last version of readpst, with the -r flag. But once this done, I have not been able to find one tool that worked correctly. Maybe the configuration I have is complex. The perl script to transform mbox files into maildirs in the dovecot distribution is old, and crashed many times in the middle of the process. I had a look to the script, and gave up trying to fix it. I found a python script that was supposed to crawl this folder structure, and to replicate it using IMAP commands, but it crashed as well, and restarting the process would import twice the same messages. The script is here: http://costela.net/2011/06/importing-an-outlook-pst-into-imap/ I found another python script that was working better, and seemed to be well written, but with one mbox to one IMAP folder only. It can be found here: http://imap-upload.svn.sourceforge.net/viewvc/imap-upload/trunk/ I have modified, and I have added some minor fixes: - Recursively traverse a folder structure, and replicate it using IMAP commands on the server. - Properly manage folder names with special characters. (dovecot can manage these characters using the listescape plugin). - Avoid taking all the resources of the server (A quirty hack that can change). I am not an expert in Python, and the script has been quickly writter to fit my needs. However I think it can be modified easily to any configuration. In the future, maybe this script can use the libpst python bindings to import the emails directly. The last version of the script, modified is here: https://github.com/arodier/EmailTools/tree/master/Migration. Do not hesitate to help me, to make the script as generic as possible, particularly if you are a python expert. I post this on this list, because I think you maybe interested if you are in the same case as me. The license is not specified, but I will probably use GPLv3. Regards, Andr? From andre.rodier at gmail.com Wed Mar 27 01:20:55 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Tue, 26 Mar 2013 23:20:55 +0000 Subject: [Dovecot] Problem when indexing maildir with a large number of folders Message-ID: <20130326232055.GB16593@london.s2end.co.uk> Hello everybody, As part of a migration from exchange 2003 to dovecot, I have converted a lot of PST files for a user. I am importing his PST files in a maildir folder called 'Archives'. Actually, I reached about 770 'Archives' folders, and the total length of their names is about 59k characters. Thanks to wc! I am using Maildir++ I can run the doveadm index command on the private namespace, however, I am not able to do this on the virtual folders. Here the error I have: > doveadm(john smith): Panic: file mail-index-transaction-update.c: line 875 (mail_index_update_header_ext): assertion failed: (offset <= (uint16_t)-1 && size > <= (uint16_t)-1 && offset + size <= (uint16_t)-1) > doveadm(gareth walters): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4414a) [0x7f9b7100714a] -> > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f9b7100720a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f9b70fde82a] -> > /usr/lib/dovecot/libdovecot-storage.so.0(+0xb8079) [0x7f9b7130a079] -> /usr/lib/dovecot/modules/lib20_virtual_plugin.so(virtual_storage_sync_init+0x788) > [0x7f9b6f1775a8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x33) [0x7f9b712cf3e3] -> > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x27) [0x7f9b712cf507] -> doveadm(+0x16618) [0x7f9b719c8618] -> doveadm(+0x13346) [0x7f9b719c5346] -> > doveadm(+0x13e21) [0x7f9b719c5e21] -> doveadm(doveadm_mail_try_run+0x161) [0x7f9b719c62e1] -> doveadm(main+0x3d1) [0x7f9b719c4ef1] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f9b70c57ead] -> doveadm(+0x13125) [0x7f9b719c5125] > Aborted I can see I have reached a limit, but is there any configuration value I can use to increase this limit, please? Kind regards, Andr?. From ben at morrow.me.uk Wed Mar 27 05:38:42 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 27 Mar 2013 03:38:42 +0000 Subject: [Dovecot] Importing emails from PST Archives In-Reply-To: <20130326224858.GA16593@london.s2end.co.uk> References: <20130326224858.GA16593@london.s2end.co.uk> Message-ID: <20130327033842.GA2335@anubis.morrow.me.uk> At 10PM +0000 on 26/03/13 you (Andre Rodier) wrote: > > The perl script to transform mbox files into maildirs in the dovecot > distribution is old, and crashed many times in the middle of the > process. > I had a look to the script, and gave up trying to fix it. > > I found a python script that was supposed to crawl this folder > structure, and to replicate it using IMAP commands, but it crashed as > well, and restarting the > process would import twice the same messages. The script is here: > http://costela.net/2011/06/importing-an-outlook-pst-into-imap/ > > I found another python script that was working better, and seemed to > be well written, but with one mbox to one IMAP folder only. > It can be found here: > http://imap-upload.svn.sourceforge.net/viewvc/imap-upload/trunk/ > I have modified, and I have added some minor fixes: > - Recursively traverse a folder structure, and replicate it using IMAP > commands on the server. > - Properly manage folder names with special characters. (dovecot can > manage these characters using the listescape plugin). > - Avoid taking all the resources of the server (A quirty hack that can > change). If I'm reading this right, it's reading a tree of mboxes? You should be able to convert this to any format Dovecot understands (maildir, dbox) with dsync, without having to go through IMAP. You would need to configure dsync to read the mboxes just as you would have configured Dovecot; for a sync from temporary mboxes you probably want to use INDEX=MEMORY to avoid having to mess about creating index files. > I am not an expert in Python, and the script has been quickly writter > to fit my needs. However I think it can be modified easily to any > configuration. > In the future, maybe this script can use the libpst python bindings to > import the emails directly. > The last version of the script, modified is here: > https://github.com/arodier/EmailTools/tree/master/Migration. Do not > hesitate to help me, to make the script as > generic as possible, particularly if you are a python expert. Well, on my quick look, I don't much like this line: ad = float(open("/proc/loadavg").readline().split(" ")[:3][0]) I would be surprised if Python didn't provide a portable way to get at that information... let's see (I don't really speak Python)... oh yes, os.getloadavg(). > I post this on this list, because I think you maybe interested if you > are in the same case as me. The license is not specified, but I will > probably use GPLv3. Without wishing to get into a licence war, there are a lot of people who object to the GPLv3, for good reasons. Do you have a good reason for changing it from the MIT licence used by the original? Ben From ben at morrow.me.uk Wed Mar 27 06:06:21 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Wed, 27 Mar 2013 04:06:21 +0000 Subject: [Dovecot] Sieve Vacation for redirected email In-Reply-To: <1364325248146-41117.post@n4.nabble.com> References: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> <5151DF63.6090004@gedalya.net> <1364325248146-41117.post@n4.nabble.com> Message-ID: <20130327040620.GB2335@anubis.morrow.me.uk> At 12PM -0700 on 26/03/13 you (rpsuprdave) wrote: > Here's the headers for my emails: > > Return-Path: > X-Original-To: dave.gattis at domain-b.com > Delivered-To: dave.gattis at domain-b.com [...] > From: Dave Gattis > To: SUMACO Gattis Dave [...] > > From: Dave Gattis is the original sender. > To: SUMACO Gattis Dave is where I sent it. > X-Original-To: dave.gattis at domain-b.com is where it was redirected to. > > Postfix and dovecot handle everything nicely, but the vacation piece reports > no known recipient, or if I add my address, it reports that can't send to > itself. Something's screwed up somewhere with your delivery. That Return-Path is wrong: it should be . Vacation will only reply to the Return-Path address, so if that's wrong then the replies will never go to the right place (and, in this case, they'll never be sent since the Return-Path is your address). Note that this would also apply to a bounce: if a message bounced because you were over quota, that bounce would loop and get thrown away and you'd never see it. If your forwarder is rewriting MAIL FROM to work around SPF breakage, you need to switch to using SRS or something equivalent to get vacation to work. Ben From delphij at delphij.net Wed Mar 27 06:36:27 2013 From: delphij at delphij.net (Xin Li) Date: Tue, 26 Mar 2013 21:36:27 -0700 Subject: [Dovecot] Disk Encryption In-Reply-To: References: <5150355C.4000802@sys4.de> Message-ID: <5152774B.30505@delphij.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 3/25/13 6:24 AM, Simon Brereton wrote: > On 25 March 2013 12:30, Robert Schetterer wrote: >> Am 25.03.2013 11:03, schrieb Simon Brereton: >>> Hi >>> >>> As I understand it email headers need to be unencrypted >>> (otherwise DKIM doesn't work). From the MUA to either Postfix, >>> or Dovecot the connection is (or can/should be) secured with >>> TLS/SSL. >>> >>> What I would like to know is if it is possible to encrypt the >>> mailstore? Postfix is using Dovecot for delivery so it's only >>> Dovecot that would need to encrypt/decrypt the mailstore. >>> >>> Is this possible? Is there a terrible reason to do it even if >>> it is possible? >>> >>> I realise that from MTA to MTA there's no guarantee of >>> encryption (and in fact it's very unlikely unless keys have >>> been exchanged), but my primary goal is supplement the physical >>> security of the mail store of mails we already have or have >>> sent. >>> >>> Mostly just idle curiosity as to what has been done, or what >>> could be done. What is worth doing is a separate thread >>> entirely. >>> >>> Thanks. >>> >>> Simon >>> >> >> my meaning >> >> crypted mailstore makes sense in a mail archive, in germany you >> have to have a mail archive for some kind of company emails all >> these solutions have some crypted mailstore , and some more >> features for data security, but thats a big theme, to big for >> here >> >> crypt storage isnt "the saveness" per default, someone hacking >> the system and get root may hack your crypt storage too etc, also >> to big theme for here > > Robert, indeed, this is sort of my point. If we encrypt laptop > harddrives to prevent unauthorised access, that doesn't prevent > the possiblity of someone who already has admin access to the > device from decrypting/viewing/moving files. What it does do is > prevent unauthorised access to the data if there is no admin > access. > > Currently my mail store isn't encrypted and I would like to know if > it is possible to do that, and if so, maybe get some pointers. Let's say you operate a mail server which uses a RAID array (or ZFS pool) as backend storage and one day one disks goes bad and needs to be replaced. You don't want information being leak from that bad disk when returning to vendor for replacement. There are a lot of solutions to this issue. One possible way is to use FreeBSD's full disk encryption, geli(4), to encrypt all hard drives and have the email server hold the key on its boot partition, but don't protect it with a password so that the mail server can boot without any human intervention. Encrypting individual user's mail store make little sense as one can still get your decryption key if they got root privilege, usually by tracing the login process or just replace it with something that can do the login but also save login credentials. In short, if root have been compromised, it's game over already. Cheers, -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJRUndLAAoJEG80Jeu8UPuzyyMIAJ22uv8U2OlZFFAUWTDL4zu/ tw6ZhxqQxhHVsg69kQPmIRVnMvlv0bhRqQphaJl5PQJAnfiwvrulx8ruFfTWIM3W xyxKMQtY/pJouRJwz1SZsfuuBNjU+ACX17IXIi5NDkLm8IT1FLgS9fWaYotACIUe 5fTXgodDDAGrWoYE4X1WTJiYCEE4UisilExaAJ0quk72NO/TzMnsLktR7mx0eSaP NqAi8ger9a2rflStgdJlI6pCmzRs4onAs2YWZq4F5Nv/wnnUysMsSjwNW+MuL4WY jWbX8oF+11kyH14vPLvzLKvMXjC9yKf8G880OPuMmgFQOrYAXzP5yp3w/rRVBCM= =SMvV -----END PGP SIGNATURE----- From cryptodan at gmail.com Wed Mar 27 06:47:52 2013 From: cryptodan at gmail.com (Daniel Reinhardt) Date: Wed, 27 Mar 2013 00:47:52 -0400 Subject: [Dovecot] Disk Encryption In-Reply-To: <5152774B.30505@delphij.net> References: <5150355C.4000802@sys4.de> <5152774B.30505@delphij.net> Message-ID: If you are concerned about data being left on a hard drive when it fails and you are returning it to vendor, then I would consider hard drive degaussers. They are effective, but are very costly. On Wed, Mar 27, 2013 at 12:36 AM, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 3/25/13 6:24 AM, Simon Brereton wrote: > > On 25 March 2013 12:30, Robert Schetterer wrote: > >> Am 25.03.2013 11:03, schrieb Simon Brereton: > >>> Hi > >>> > >>> As I understand it email headers need to be unencrypted > >>> (otherwise DKIM doesn't work). From the MUA to either Postfix, > >>> or Dovecot the connection is (or can/should be) secured with > >>> TLS/SSL. > >>> > >>> What I would like to know is if it is possible to encrypt the > >>> mailstore? Postfix is using Dovecot for delivery so it's only > >>> Dovecot that would need to encrypt/decrypt the mailstore. > >>> > >>> Is this possible? Is there a terrible reason to do it even if > >>> it is possible? > >>> > >>> I realise that from MTA to MTA there's no guarantee of > >>> encryption (and in fact it's very unlikely unless keys have > >>> been exchanged), but my primary goal is supplement the physical > >>> security of the mail store of mails we already have or have > >>> sent. > >>> > >>> Mostly just idle curiosity as to what has been done, or what > >>> could be done. What is worth doing is a separate thread > >>> entirely. > >>> > >>> Thanks. > >>> > >>> Simon > >>> > >> > >> my meaning > >> > >> crypted mailstore makes sense in a mail archive, in germany you > >> have to have a mail archive for some kind of company emails all > >> these solutions have some crypted mailstore , and some more > >> features for data security, but thats a big theme, to big for > >> here > >> > >> crypt storage isnt "the saveness" per default, someone hacking > >> the system and get root may hack your crypt storage too etc, also > >> to big theme for here > > > > Robert, indeed, this is sort of my point. If we encrypt laptop > > harddrives to prevent unauthorised access, that doesn't prevent > > the possiblity of someone who already has admin access to the > > device from decrypting/viewing/moving files. What it does do is > > prevent unauthorised access to the data if there is no admin > > access. > > > > Currently my mail store isn't encrypted and I would like to know if > > it is possible to do that, and if so, maybe get some pointers. > > Let's say you operate a mail server which uses a RAID array (or ZFS > pool) as backend storage and one day one disks goes bad and needs to > be replaced. You don't want information being leak from that bad disk > when returning to vendor for replacement. > > There are a lot of solutions to this issue. One possible way is to > use FreeBSD's full disk encryption, geli(4), to encrypt all hard > drives and have the email server hold the key on its boot partition, > but don't protect it with a password so that the mail server can boot > without any human intervention. > > Encrypting individual user's mail store make little sense as one can > still get your decryption key if they got root privilege, usually by > tracing the login process or just replace it with something that can > do the login but also save login credentials. In short, if root have > been compromised, it's game over already. > > Cheers, > > -----BEGIN PGP SIGNATURE----- > > iQEcBAEBCAAGBQJRUndLAAoJEG80Jeu8UPuzyyMIAJ22uv8U2OlZFFAUWTDL4zu/ > tw6ZhxqQxhHVsg69kQPmIRVnMvlv0bhRqQphaJl5PQJAnfiwvrulx8ruFfTWIM3W > xyxKMQtY/pJouRJwz1SZsfuuBNjU+ACX17IXIi5NDkLm8IT1FLgS9fWaYotACIUe > 5fTXgodDDAGrWoYE4X1WTJiYCEE4UisilExaAJ0quk72NO/TzMnsLktR7mx0eSaP > NqAi8ger9a2rflStgdJlI6pCmzRs4onAs2YWZq4F5Nv/wnnUysMsSjwNW+MuL4WY > jWbX8oF+11kyH14vPLvzLKvMXjC9yKf8G880OPuMmgFQOrYAXzP5yp3w/rRVBCM= > =SMvV > -----END PGP SIGNATURE----- > -- Daniel Reinhardt cryptodan at cryptodan.net http://www.cryptodan.net 301-875-7018(c) 410-455-0488(h) From andre.rodier at gmail.com Wed Mar 27 08:56:01 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Wed, 27 Mar 2013 06:56:01 +0000 Subject: [Dovecot] Importing emails from PST Archives In-Reply-To: <20130327033842.GA2335@anubis.morrow.me.uk> References: <20130326224858.GA16593@london.s2end.co.uk> <20130327033842.GA2335@anubis.morrow.me.uk> Message-ID: <20130327065601.GD16593@london.s2end.co.uk> On Wednesday, 27.03.13 at 03:38, Ben Morrow wrote: > At 10PM +0000 on 26/03/13 you (Andre Rodier) wrote: > > > > The perl script to transform mbox files into maildirs in the dovecot > > distribution is old, and crashed many times in the middle of the > > process. > > I had a look to the script, and gave up trying to fix it. > > > > I found a python script that was supposed to crawl this folder > > structure, and to replicate it using IMAP commands, but it crashed as > > well, and restarting the > > process would import twice the same messages. The script is here: > > http://costela.net/2011/06/importing-an-outlook-pst-into-imap/ > > > > I found another python script that was working better, and seemed to > > be well written, but with one mbox to one IMAP folder only. > > It can be found here: > > http://imap-upload.svn.sourceforge.net/viewvc/imap-upload/trunk/ > > I have modified, and I have added some minor fixes: > > - Recursively traverse a folder structure, and replicate it using IMAP > > commands on the server. > > - Properly manage folder names with special characters. (dovecot can > > manage these characters using the listescape plugin). > > - Avoid taking all the resources of the server (A quirty hack that can > > change). > > If I'm reading this right, it's reading a tree of mboxes? You should be > able to convert this to any format Dovecot understands (maildir, dbox) > with dsync, without having to go through IMAP. You would need to > configure dsync to read the mboxes just as you would have configured > Dovecot; for a sync from temporary mboxes you probably want to use > INDEX=MEMORY to avoid having to mess about creating index files. I have not tried with dsync, but the script had the advantage to be quick to modify to my needs. One very bad thing with the PST archives is the modification of the sender information using the common name in active directory. I will modify the script to revert back to the original email address when I need. Also, since I am dealing with 10 years old emails, my users want to delete or deduplicate some of them, which have no legal value. A good example is distribution lists in AD. > > > I am not an expert in Python, and the script has been quickly writter > > to fit my needs. However I think it can be modified easily to any > > configuration. > > In the future, maybe this script can use the libpst python bindings to > > import the emails directly. > > The last version of the script, modified is here: > > https://github.com/arodier/EmailTools/tree/master/Migration. Do not > > hesitate to help me, to make the script as > > generic as possible, particularly if you are a python expert. > > Well, on my quick look, I don't much like this line: > > ad = float(open("/proc/loadavg").readline().split(" ")[:3][0]) > > I would be surprised if Python didn't provide a portable way to get at > that information... let's see (I don't really speak Python)... oh yes, > os.getloadavg(). Thanks for this, I will modify the script. > > > I post this on this list, because I think you maybe interested if you > > are in the same case as me. The license is not specified, but I will > > probably use GPLv3. > > Without wishing to get into a licence war, there are a lot of people who > object to the GPLv3, for good reasons. Do you have a good reason for > changing it from the MIT licence used by the original? > I am not an expert in software licensing, but I am happy with this license so far. > Ben Thanks for your suggestions From pablo at vieira.es Wed Mar 27 05:15:19 2013 From: pablo at vieira.es (Pablo Vieira) Date: Wed, 27 Mar 2013 04:15:19 +0100 Subject: [Dovecot] Gmail like labels, three years later Message-ID: On this post http://www.dovecot.org/list/dovecot/2011-June/059605.html I was asking about the possibility of using arbitrary labels on messages, much like Gmail does. On following replies, I was told about few tricks that might be used, that the IMAP protocol was being considering UTF-8 labels and ways to integrate them into the current system, etc., etc., etc. That sounds nice and all. I'm chiming in three years later only to know if things have changed, both at Dovecot and at the IMAP protocol. Are we closer to have proper labels on IMAP? Labels that help sorting messages in virtual folders where a message can belong in several of them? I consider "label vs folder" a done discussion (since labels can always include folders; a labels system can always be implemented as a folders system, but not viceversa; etc), so what's stopping development in that direction? Have any new energies being devoted to that cause? I just seen Dovecot is number 1 among IMAP servers by a large margin. Congratulations to the devs. Aleve. From tss at iki.fi Wed Mar 27 09:27:13 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 09:27:13 +0200 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: References: Message-ID: On 27.3.2013, at 5.15, Pablo Vieira wrote: > On this post http://www.dovecot.org/list/dovecot/2011-June/059605.html I > was asking about the possibility of using arbitrary labels on messages, > much like Gmail does. On following replies, I was told about few tricks > that might be used, that the IMAP protocol was being considering UTF-8 > labels and ways to integrate them into the current system, etc., etc., etc. > That sounds nice and all. > > I'm chiming in three years later only to know if things have changed, both > at Dovecot and at the IMAP protocol. Are we closer to have proper labels on > IMAP? Labels that help sorting messages in virtual folders where a message > can belong in several of them? My latest idea: Keep using the rather dummy simple IMAP keywords. Use IMAP METADATA to create a mapping between keyword <-> human readable name. Dovecot is getting close to having native METADATA support. Such IMAP standard would still need to be designed though. Anyone up for writing an RFC? :) From p.heinlein at heinlein-support.de Wed Mar 27 09:34:31 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 27 Mar 2013 08:34:31 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51521E1A.3060205@heinlein-support.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> Message-ID: <5152A107.2030402@heinlein-support.de> Am 26.03.2013 23:15, schrieb Peer Heinlein: > If we're right, this could be grow to a real problem. Every Server with > zipped Maildirs can be completly ruined just by deleting his > index-cache-files. More and more users complained this morning about broken mailboxes and our logfile was full of errors. We made a simple downgrade to 2.0.21 and now everything's working perfect. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From tss at iki.fi Wed Mar 27 09:38:58 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 09:38:58 +0200 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <5152A107.2030402@heinlein-support.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> Message-ID: On 27.3.2013, at 9.34, Peer Heinlein wrote: > Am 26.03.2013 23:15, schrieb Peer Heinlein: > >> If we're right, this could be grow to a real problem. Every Server with >> zipped Maildirs can be completly ruined just by deleting his >> index-cache-files. > > More and more users complained this morning about broken mailboxes and > our logfile was full of errors. > > We made a simple downgrade to 2.0.21 and now everything's working perfect. maildir_broken_file_sizes=yes would also bring back v2.0 behavior. But yeah, looks like there's a bug. From tss at iki.fi Wed Mar 27 09:44:53 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 09:44:53 +0200 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51521E1A.3060205@heinlein-support.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> Message-ID: On 27.3.2013, at 0.15, Peer Heinlein wrote: > Mar 26 22:39:17 mailserver2 dovecot: imap(testuser): Error: Cached > message size smaller than expe > cted (1467 < 3780) > > Error: Maildir filename has wrong S value, r > enamed the file from > /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M527513P23361.m > ailserver2,S=3780,W=3860:2, to > /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M5275 > 13P23361.mailserver2,S=1856:2, > > > HOW TO REPRODUCE: > > *) Create a Maildir-Store with zip enabled > *) Deliver Mails into it. Everything's working fine, the filenames are right > *) Delete dovecot.index* > *) STEP ONE: Dovecot's complaining about broken index-files > *) STEP TWO: Dovecot's renaming the files Oh, except I actually forgot to load zlib plugin in my previous test. I can't reproduce with these steps.. and I don't really see why they would cause it anyway. A broken cached size would cause that rename, but not a missing cached size. From rs at sys4.de Wed Mar 27 10:13:29 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 27 Mar 2013 09:13:29 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> Message-ID: <5152AA29.8090908@sys4.de> Am 27.03.2013 08:44, schrieb Timo Sirainen: > On 27.3.2013, at 0.15, Peer Heinlein wrote: > >> Mar 26 22:39:17 mailserver2 dovecot: imap(testuser): Error: Cached >> message size smaller than expe >> cted (1467 < 3780) >> >> Error: Maildir filename has wrong S value, r >> enamed the file from >> /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M527513P23361.m >> ailserver2,S=3780,W=3860:2, to >> /var/vmail/uni-greifswald.de/testuser/Maildir/cur/1364332643.M5275 >> 13P23361.mailserver2,S=1856:2, >> >> >> HOW TO REPRODUCE: >> >> *) Create a Maildir-Store with zip enabled guess you mean zlib ? >> *) Deliver Mails into it. Everything's working fine, the filenames are right >> *) Delete dovecot.index* in fact i did this 2 weeks ago , no errors came up with 2.1.15, maildirs/mailboxes got work again >> *) STEP ONE: Dovecot's complaining about broken index-files >> *) STEP TWO: Dovecot's renaming the files > > Oh, except I actually forgot to load zlib plugin in my previous test. I can't reproduce with these steps.. and I don't really see why they would cause it anyway. A broken cached size would cause that rename, but not a missing cached size. > my problem was ,i couldnt find out why i needed to delete index* to get 2 Mailboxes work again,for more magic, no problem in the logs and mailboxes worked in thunderbird linux but not in thunderbird windows ( clean new setups ),i speculated to some problem with massive pop3 and imap in parallel from different ip at same time to the same mailbox via loadbalancers crashing something, but sadly couldnt reproduce it yet Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From hostmaster at taunusstein.net Wed Mar 27 10:49:52 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Wed, 27 Mar 2013 09:49:52 +0100 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem Message-ID: <5152B2B0.5090303@taunusstein.net> Hello, I would like to set up a Dovecot based mail system which uses X.509 Client Certificates for authentication. A webmail system based on Horde5 should use Dovecot as backend. For now Dovecot works with client certificates issued by my CA and Horde authenticates also with same client certs. Due to protocol it is impossible to use client certs presented by user to Horde for authentication at Dovecot, so Horde should be allowed to authenticate itself without or an arbitrary password to Dovecot. Horde and Dovecot are running in same protected LAN. Unfortunately Dovecot does not support different authentication methods on different IP addresses or ports. This does not work: remote 192.168.116.28/32 { auth_ssl_require_client_cert = no auth_ssl_username_from_cert = yes disable_plaintext_auth = no ssl = yes } Result is "doveconf: Fatal: Error in configuration file /opt/dovecot-2.2.rc3/etc/dovecot/conf.d/10-auth.conf line 103: Auth settings not supported inside local/remote blocks: auth_ssl_require_client_cert" Replacing "auth_ssl_require_client_cert = no" by "ssl_verify_client_cert = no" does not yield in an error, but it does nothing, Dovecot still insists for a client certificate. I afraid that I am trapped by this problem: http://dovecot.2317879.n4.nabble.com/Problem-with-requiring-client-certificates-for-external-connections-tp475.html Is there any way to turn off client certs for specific local or remote IP addresses? best regards Christian From christian.wiese at securepoint.de Wed Mar 27 11:06:23 2013 From: christian.wiese at securepoint.de (Christian Wiese) Date: Wed, 27 Mar 2013 10:06:23 +0100 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <51520B9E.6050202@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> <5151AE69.4030401@noa.gr> <20130326154235.70724de6@cw-desktop> <5151F9B2.9010807@noa.gr> <51520B9E.6050202@noa.gr> Message-ID: <20130327100623.1b9e0301@cw-desktop> Hi Nick, good to hear that you had some partial success at least! > > However, on CentOS 5, it didn't work. autoreconf did not output > > errors after I installed gettext-devel but it again threw: > > Hmm, I forgot; According to: > http://www.dovecot.org/list/dovecot/2011-April/058420.html, --docdir > option exists when autoconf version > 2.60, but CentOS / RHEL 5 has > version 2.59. > > So, how do we build Dovecot v2.2 on CentOS 5 ? What about _not_ passing the --docdir configure option at all when building for CentOS 5? As I mentioned earlier I have not much experience when it comes to RPM stuff, but maybe there is a way to check for the CentOS version within the spec file, to decide if you should pass the --docdir or not. If that is not possible you might need to create a dedicated SRPM for each CentOS version. Cheers, Chris From simon.buongiorno at gmail.com Wed Mar 27 11:23:27 2013 From: simon.buongiorno at gmail.com (Simon Brereton) Date: Wed, 27 Mar 2013 10:23:27 +0100 Subject: [Dovecot] Disk Encryption In-Reply-To: <5152774B.30505@delphij.net> References: <5150355C.4000802@sys4.de> <5152774B.30505@delphij.net> Message-ID: On 27 March 2013 05:36, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 3/25/13 6:24 AM, Simon Brereton wrote: >> On 25 March 2013 12:30, Robert Schetterer wrote: >>> Am 25.03.2013 11:03, schrieb Simon Brereton: >>>> Hi >>>> >>>> As I understand it email headers need to be unencrypted >>>> (otherwise DKIM doesn't work). From the MUA to either Postfix, >>>> or Dovecot the connection is (or can/should be) secured with >>>> TLS/SSL. >>>> >>>> What I would like to know is if it is possible to encrypt the >>>> mailstore? Postfix is using Dovecot for delivery so it's only >>>> Dovecot that would need to encrypt/decrypt the mailstore. >>>> >>>> Is this possible? Is there a terrible reason to do it even if >>>> it is possible? >>>> >>>> I realise that from MTA to MTA there's no guarantee of >>>> encryption (and in fact it's very unlikely unless keys have >>>> been exchanged), but my primary goal is supplement the physical >>>> security of the mail store of mails we already have or have >>>> sent. >>>> >>>> Mostly just idle curiosity as to what has been done, or what >>>> could be done. What is worth doing is a separate thread >>>> entirely. >>>> >>>> Thanks. >>>> >>>> Simon >>>> >>> >>> my meaning >>> >>> crypted mailstore makes sense in a mail archive, in germany you >>> have to have a mail archive for some kind of company emails all >>> these solutions have some crypted mailstore , and some more >>> features for data security, but thats a big theme, to big for >>> here >>> >>> crypt storage isnt "the saveness" per default, someone hacking >>> the system and get root may hack your crypt storage too etc, also >>> to big theme for here >> >> Robert, indeed, this is sort of my point. If we encrypt laptop >> harddrives to prevent unauthorised access, that doesn't prevent >> the possiblity of someone who already has admin access to the >> device from decrypting/viewing/moving files. What it does do is >> prevent unauthorised access to the data if there is no admin >> access. >> >> Currently my mail store isn't encrypted and I would like to know if >> it is possible to do that, and if so, maybe get some pointers. > > Let's say you operate a mail server which uses a RAID array (or ZFS > pool) as backend storage and one day one disks goes bad and needs to > be replaced. You don't want information being leak from that bad disk > when returning to vendor for replacement. > > There are a lot of solutions to this issue. One possible way is to > use FreeBSD's full disk encryption, geli(4), to encrypt all hard > drives and have the email server hold the key on its boot partition, > but don't protect it with a password so that the mail server can boot > without any human intervention. Thanks. I think I will investigate this option. I use Debian, and I think the same approach is possible. My concern with this approach is that if the drive is booted from then the information is freely available - but as you say, only if the root password is known. If the drive is simply mounted in different system, then the passphrase would be need (this is what I understand). Alternatively, I could encrypt /var/mail/ and mount it as a LUKS volume to achieve the same effect. But I need a test plan and equipment. Thanks for all the pointers. Simon From skdovecot at smail.inf.fh-brs.de Wed Mar 27 11:47:10 2013 From: skdovecot at smail.inf.fh-brs.de (Steffen Kaiser) Date: Wed, 27 Mar 2013 10:47:10 +0100 (CET) Subject: [Dovecot] Sieve Vacation for redirected email In-Reply-To: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> References: <2e210fb27591d5ad08df0fd0e3f3c71c@mail.suhnerusa.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 26 Mar 2013, Dave Gattis wrote: > Our emails are redirected from the home office causing all vacation responses > to fail with, "discarding vacation response for implicitly delivered message; > no known (envelope) recipient address found in message headers". === headers from reply Return-Path: X-Original-To: dave.gattis at domain-b.com Delivered-To: dave.gattis at domain-b.com Received: from spamcop.main.ch (spamcop.main.ch [83.144.241.40]) by domain-b.com (Postfix) with ESMTP id 0E4E81C101DE for ; Tue, 26 Mar 2013 14:35:13 -0400 (EDT) Received: from ex.domain-a.com (ex.domain-a.com [83.144.240.35]) by spamcop.main.ch with ESMTP id 0dP4XCjZrdDY5l1Q for ; Tue, 26 Mar 2013 19:41:36 +0100 (CET) Received: from EX2.domain-a.com ([fe80::acd3:8e53:bcb6:7a4%11]) by ex2.domain-a.com ([fe80::acd3:8e53:bcb6:7a4%11]) with Microsoft SMTP Server id 14.01.0355.002; Tue, 26 Mar 2013 19:39:54 +0100 From: Dave Gattis To: SUMACO Gattis Dave ===== You have two problems: a) "no known (envelope) recipient address found in message headers" means, that the vacation :addresses list does not contain dave.gattis at domain-a.com because vacation probes the entries of the :addresses list against To and CC. b) the messages are _resend_ not forwarded by spamcop.main.ch to your MTA. By doing so the original *envelope* sender address is lost, which is *not* the entry in "From:". Therefore vacation would send the reply to: dave.gattis at domain-a.com which is the return path per your excerpt. You could verify that by finding the envelope sender in the postfix logs, I guess; or by fixing a). Actually, I'm not sure if pigeonhole can pick up the address to reply to from a mail header - I do not see any hints in the sample config. So, maybe, you need to ask spamcop.main.ch to preserve the return address. Note: Changing the envelope sender is not bad by itself, it solves several problems with forwarding; a well-known MTA can do this, too: http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/8006eabb-3334-4ff1-89d6-d647088bec46 , but you get other problems rewriting the sender address. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBUVLAH13r2wJMiz2NAQJYbgf+OdgAU/KJiMANoUJ6XDiwPuNGr0IMNCev QOBtc+EgDTJ36yBAbtOn88zhHCgXuBwLxQax5cx3E5eQ0mba6IxJm7c9whaJA+IG y0Eh8bJiIfAKtGrEWoz6riktDkJ89kLpxY0zycpPgK6xGUiBvSHFb59bpIMc+WLX YHXWzX8u3216Jydr28x+Gcday/mix6zujoQucRjzPmAXc9RjFqkLxiOuIdDP+zSH war8t7QWlEVtfgCOG07V0QkqEvM047HhRbSZuTRcTHmUH2Sjfwe3fdHdnmjd4wvk wsVl9F/X7cdzh84uQ2eP2ZIfQYuC4vu/Ur1ONyaxH4DBxFyIdFjngA== =stJs -----END PGP SIGNATURE----- From jeroen at massar.ch Wed Mar 27 12:17:02 2013 From: jeroen at massar.ch (Jeroen Massar) Date: Wed, 27 Mar 2013 11:17:02 +0100 Subject: [Dovecot] Disk Encryption In-Reply-To: References: <5150355C.4000802@sys4.de> <5152774B.30505@delphij.net> Message-ID: <5152C71E.8090104@massar.ch> [..] > Currently my mail store isn't encrypted and I would like to know if > it is possible to do that, and if so, maybe get some pointers. There are two main roads: - filesystem/disk based encryption * Fast and easy to setup though (eg LUKS on Linux) * does not protect against a running system being attacked, eg that they can run custom code in the same security level that thus can read the unencrypted content. - per-file encryption, eg with PGP/GnuPG * Likely more complex to setup/fail-prone * attacker getting access can only encrypt more mail and/or of course subvert any new mail, but can't decrypt old. * there are a couple of tools which enable this, typically it is a procmail/pipe through gnupg * Decryption of mails can be done with a "IMAP-proxy" style tool or possibly better/easier by the mail client. * Check out: - https://github.com/isislovecruft/leap_mx - https://grepular.com/Automatically_Encrypting_all_Incoming_Email - https://perot.me/encrypt-specific-incoming-emails-using-dovecot-and-sieve For both: * Store your decryption keys in a secure/offline place (cold-boot attacks) * "Rubber Hose Crypto": http://www.schlockmercenary.com/2006-03-29 * "Lead Pipe Crypto": http://www.schlockmercenary.com/2009-10-19 Of course it always depends on the attack vectors that you are protecting against ;) Greets, Jeroen From gordon.grubert+lists at uni-greifswald.de Wed Mar 27 12:19:37 2013 From: gordon.grubert+lists at uni-greifswald.de (Gordon Grubert) Date: Wed, 27 Mar 2013 11:19:37 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> Message-ID: <5152C7B9.2050101@uni-greifswald.de> On 03/27/2013 08:38 AM, Timo Sirainen wrote: > On 27.3.2013, at 9.34, Peer Heinlein wrote: > >> Am 26.03.2013 23:15, schrieb Peer Heinlein: >> >>> If we're right, this could be grow to a real problem. Every Server with >>> zipped Maildirs can be completly ruined just by deleting his >>> index-cache-files. >> >> More and more users complained this morning about broken mailboxes and >> our logfile was full of errors. >> >> We made a simple downgrade to 2.0.21 and now everything's working perfect. > > maildir_broken_file_sizes=yes would also bring back v2.0 behavior. But yeah, looks like there's a bug. No, it does not. Best regards, Gordon -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4982 bytes Desc: S/MIME Cryptographic Signature URL: From andre.rodier at gmail.com Wed Mar 27 12:31:27 2013 From: andre.rodier at gmail.com (Andre Rodier) Date: Wed, 27 Mar 2013 10:31:27 +0000 Subject: [Dovecot] Problem when indexing maildir with a large number of folders In-Reply-To: <20130326232055.GB16593@london.s2end.co.uk> References: <20130326232055.GB16593@london.s2end.co.uk> Message-ID: <20130327103127.GB23243@london.s2end.co.uk> Hello again, I am sorry to be a pain, but is there any chance someone knows this problem, and how I can fix this, please? Kind regards, Andr? On Tuesday, 26.03.13 at 23:20, Andre Rodier wrote: > Hello everybody, > > As part of a migration from exchange 2003 to dovecot, I have converted a lot of PST files for a user. I am importing his PST files in a maildir folder called > 'Archives'. Actually, I reached about 770 'Archives' folders, and the total length of their names is about 59k characters. Thanks to wc! > > I am using Maildir++ > > I can run the doveadm index command on the private namespace, however, I am not able to do this on the virtual folders. > > Here the error I have: > > > doveadm(john smith): Panic: file mail-index-transaction-update.c: line 875 (mail_index_update_header_ext): assertion failed: (offset <= (uint16_t)-1 && size > > <= (uint16_t)-1 && offset + size <= (uint16_t)-1) > > doveadm(gareth walters): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x4414a) [0x7f9b7100714a] -> > > /usr/lib/dovecot/libdovecot.so.0(default_fatal_handler+0x2a) [0x7f9b7100720a] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f9b70fde82a] -> > > /usr/lib/dovecot/libdovecot-storage.so.0(+0xb8079) [0x7f9b7130a079] -> /usr/lib/dovecot/modules/lib20_virtual_plugin.so(virtual_storage_sync_init+0x788) > > [0x7f9b6f1775a8] -> /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync_init+0x33) [0x7f9b712cf3e3] -> > > /usr/lib/dovecot/libdovecot-storage.so.0(mailbox_sync+0x27) [0x7f9b712cf507] -> doveadm(+0x16618) [0x7f9b719c8618] -> doveadm(+0x13346) [0x7f9b719c5346] -> > > doveadm(+0x13e21) [0x7f9b719c5e21] -> doveadm(doveadm_mail_try_run+0x161) [0x7f9b719c62e1] -> doveadm(main+0x3d1) [0x7f9b719c4ef1] -> > > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f9b70c57ead] -> doveadm(+0x13125) [0x7f9b719c5125] > > Aborted > > I can see I have reached a limit, but is there any configuration value I can use to increase this limit, please? > > Kind regards, > Andr?. From rs at sys4.de Wed Mar 27 12:48:55 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 27 Mar 2013 11:48:55 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <5152C7B9.2050101@uni-greifswald.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> <5152C7B9.2050101@uni-greifswald.de> Message-ID: <5152CE97.3090804@sys4.de> Am 27.03.2013 11:19, schrieb Gordon Grubert: > On 03/27/2013 08:38 AM, Timo Sirainen wrote: >> On 27.3.2013, at 9.34, Peer Heinlein >> wrote: >> >>> Am 26.03.2013 23:15, schrieb Peer Heinlein: >>> >>>> If we're right, this could be grow to a real problem. Every Server with >>>> zipped Maildirs can be completly ruined just by deleting his >>>> index-cache-files. >>> >>> More and more users complained this morning about broken mailboxes and >>> our logfile was full of errors. >>> >>> We made a simple downgrade to 2.0.21 and now everything's working >>> perfect. >> >> maildir_broken_file_sizes=yes would also bring back v2.0 behavior. But >> yeah, looks like there's a bug. > > No, it does not. > > Best regards, > Gordon > > agree, when i first run at that problem maildir_broken_file_sizes=yes didnt fixed it, i had to repair maildirs manual by script, upgraded dovecot 2.1.x to newer version, that problem never came back again, just for interest what dovecot source did you use, did you you compile modifications by your own ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From tss at iki.fi Wed Mar 27 12:52:20 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 12:52:20 +0200 Subject: [Dovecot] Problem when indexing maildir with a large number of folders In-Reply-To: <20130326232055.GB16593@london.s2end.co.uk> References: <20130326232055.GB16593@london.s2end.co.uk> Message-ID: <357B313D-E573-4546-BDF4-A106B5CE9ED1@iki.fi> On 27.3.2013, at 1.20, Andre Rodier wrote: >> doveadm(john smith): Panic: file mail-index-transaction-update.c: line 875 (mail_index_update_header_ext): assertion failed: (offset <= (uint16_t)-1 && size >> <= (uint16_t)-1 && offset + size <= (uint16_t)-1) > > I can see I have reached a limit, but is there any configuration value I can use to increase this limit, please? Looks like this was an easier fix than I thought: http://hg.dovecot.org/dovecot-2.1/rev/87d0c4056b4d I didn't test it now, but the code to handle it exists. From gordon.grubert+lists at uni-greifswald.de Wed Mar 27 12:55:05 2013 From: gordon.grubert+lists at uni-greifswald.de (Gordon Grubert) Date: Wed, 27 Mar 2013 11:55:05 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <5152CE97.3090804@sys4.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> <5152C7B9.2050101@uni-greifswald.de> <5152CE97.3090804@sys4.de> Message-ID: <5152D009.2010704@uni-greifswald.de> On 03/27/2013 11:48 AM, Robert Schetterer wrote: > agree, when i first run at that problem > maildir_broken_file_sizes=yes didnt fixed it, i had to repair maildirs > manual by script, upgraded dovecot 2.1.x to newer version, that problem > never came back again, just for interest what dovecot source did you > use, did you you compile modifications by your own ? I used the debian binary package for dovecot 2.1.15 from xi.rename-it.nl Best regards, Gordon From rs at sys4.de Wed Mar 27 13:22:00 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 27 Mar 2013 12:22:00 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <5152D009.2010704@uni-greifswald.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> <5152C7B9.2050101@uni-greifswald.de> <5152CE97.3090804@sys4.de> <5152D009.2010704@uni-greifswald.de> Message-ID: <5152D658.1030300@sys4.de> Am 27.03.2013 11:55, schrieb Gordon Grubert: > On 03/27/2013 11:48 AM, Robert Schetterer wrote: >> agree, when i first run at that problem >> maildir_broken_file_sizes=yes didnt fixed it, i had to repair maildirs >> manual by script, upgraded dovecot 2.1.x to newer version, that problem >> never came back again, just for interest what dovecot source did you >> use, did you you compile modifications by your own ? > > I used the debian binary package for dovecot 2.1.15 from > xi.rename-it.nl did you changed anything in your config too, using or changing other features too , while upgrade ? Did you modifications to the sources ( debian rules etc ) and recompile i.e integrate lucene etc ? > > Best regards, > Gordon > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From CMarcus at Media-Brokers.com Wed Mar 27 13:23:45 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Wed, 27 Mar 2013 07:23:45 -0400 Subject: [Dovecot] Disk Encryption In-Reply-To: References: <5150355C.4000802@sys4.de> <5152774B.30505@delphij.net> Message-ID: <5152D6C1.9010802@Media-Brokers.com> Did anyone else get 13 identical copies of this response from Daniel??? On 2013-03-27 12:47 AM, Daniel Reinhardt wrote: > If you are concerned about data being left on a hard drive when it fails > and you are returning it to vendor, then I would consider hard drive > degaussers. They are effective, but are very costly. > > > On Wed, Mar 27, 2013 at 12:36 AM, Xin Li wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> On 3/25/13 6:24 AM, Simon Brereton wrote: >>> On 25 March 2013 12:30, Robert Schetterer wrote: >>>> Am 25.03.2013 11:03, schrieb Simon Brereton: >>>>> Hi >>>>> >>>>> As I understand it email headers need to be unencrypted >>>>> (otherwise DKIM doesn't work). From the MUA to either Postfix, >>>>> or Dovecot the connection is (or can/should be) secured with >>>>> TLS/SSL. >>>>> >>>>> What I would like to know is if it is possible to encrypt the >>>>> mailstore? Postfix is using Dovecot for delivery so it's only >>>>> Dovecot that would need to encrypt/decrypt the mailstore. >>>>> >>>>> Is this possible? Is there a terrible reason to do it even if >>>>> it is possible? >>>>> >>>>> I realise that from MTA to MTA there's no guarantee of >>>>> encryption (and in fact it's very unlikely unless keys have >>>>> been exchanged), but my primary goal is supplement the physical >>>>> security of the mail store of mails we already have or have >>>>> sent. >>>>> >>>>> Mostly just idle curiosity as to what has been done, or what >>>>> could be done. What is worth doing is a separate thread >>>>> entirely. >>>>> >>>>> Thanks. >>>>> >>>>> Simon >>>>> >>>> my meaning >>>> >>>> crypted mailstore makes sense in a mail archive, in germany you >>>> have to have a mail archive for some kind of company emails all >>>> these solutions have some crypted mailstore , and some more >>>> features for data security, but thats a big theme, to big for >>>> here >>>> >>>> crypt storage isnt "the saveness" per default, someone hacking >>>> the system and get root may hack your crypt storage too etc, also >>>> to big theme for here >>> Robert, indeed, this is sort of my point. If we encrypt laptop >>> harddrives to prevent unauthorised access, that doesn't prevent >>> the possiblity of someone who already has admin access to the >>> device from decrypting/viewing/moving files. What it does do is >>> prevent unauthorised access to the data if there is no admin >>> access. >>> >>> Currently my mail store isn't encrypted and I would like to know if >>> it is possible to do that, and if so, maybe get some pointers. >> Let's say you operate a mail server which uses a RAID array (or ZFS >> pool) as backend storage and one day one disks goes bad and needs to >> be replaced. You don't want information being leak from that bad disk >> when returning to vendor for replacement. >> >> There are a lot of solutions to this issue. One possible way is to >> use FreeBSD's full disk encryption, geli(4), to encrypt all hard >> drives and have the email server hold the key on its boot partition, >> but don't protect it with a password so that the mail server can boot >> without any human intervention. >> >> Encrypting individual user's mail store make little sense as one can >> still get your decryption key if they got root privilege, usually by >> tracing the login process or just replace it with something that can >> do the login but also save login credentials. In short, if root have >> been compromised, it's game over already. >> >> Cheers, >> >> -----BEGIN PGP SIGNATURE----- >> >> iQEcBAEBCAAGBQJRUndLAAoJEG80Jeu8UPuzyyMIAJ22uv8U2OlZFFAUWTDL4zu/ >> tw6ZhxqQxhHVsg69kQPmIRVnMvlv0bhRqQphaJl5PQJAnfiwvrulx8ruFfTWIM3W >> xyxKMQtY/pJouRJwz1SZsfuuBNjU+ACX17IXIi5NDkLm8IT1FLgS9fWaYotACIUe >> 5fTXgodDDAGrWoYE4X1WTJiYCEE4UisilExaAJ0quk72NO/TzMnsLktR7mx0eSaP >> NqAi8ger9a2rflStgdJlI6pCmzRs4onAs2YWZq4F5Nv/wnnUysMsSjwNW+MuL4WY >> jWbX8oF+11kyH14vPLvzLKvMXjC9yKf8G880OPuMmgFQOrYAXzP5yp3w/rRVBCM= >> =SMvV >> -----END PGP SIGNATURE----- >> > > -- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax From megodin at inboxalias.com Wed Mar 27 13:30:48 2013 From: megodin at inboxalias.com (megodin at inboxalias.com) Date: 27 Mar 2013 07:30:48 -0400 Subject: [Dovecot] Implementing Single instance attachment storage (SIS) with sdbox Message-ID: Hi there, as I want to implement data dedupliction on my dovecot system (eg. a users sends the same attchment to 5 different users on my system so I only have to store the attachment one time and set pointers to the file) , I found out it could be possible with Single instance attachment storage (SIS), so I read several pages about SIS as it was quoted here (http://wiki2.dovecot.org/MailboxFormat/dbox): > dbox storage is extensible. Single instance attachment storage was already implemented as such extension. But I did not found any further intructions in Dovecot Wiki how to implement it - however, on Dovecots blog there was an older article from Timo which gave some indication how to get it work (http://blog.dovecot.org/2010/07/single-instance-attachment-storage.html): > mail_location = dbox:~/dbox:ATTACHMENTS=/attachments/$/$ But when I change my configuration according to this (I use sdbox as mail format), I just get a "Unknown setting: ATTACHMENTS" in my mail.err log. Can anybody give me a clue how to get this working? Thanks in advance! Megodin --- Alle Postf??cher an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/produkte/basic/index.html _________________________________________________________________ Send and receive anonymous emails to your inbox with InboxAlias. http://www.inboxalias.com From guido+dovecot.org at berhoerster.name Wed Mar 27 13:41:26 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Wed, 27 Mar 2013 12:41:26 +0100 Subject: [Dovecot] Incorrect response when opening read-only mailboxes with per-user flags? Message-ID: <20130327114125.GH5217@hal.local.invalid> After some debugging on the protocol level I've finally found the problem with per-user seen flags in read-only mailboxes. Dovecot actually does allow storing the seen flag on messages but AFAICS it does not communicate that correctly to clients, this is what its response to selecting a read-only mailbox with "lrs" ACL in effect for the logged in user looks like: 2 SELECT "Public/Test" * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 2 EXISTS * 0 RECENT * OK [UNSEEN 2] First unseen. * OK [UIDVALIDITY 1364221612] UIDs valid * OK [UIDNEXT 3] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest 2 OK [READ-ONLY] Select completed. Shouldn't PERMANENTFLAGS contain \Seen here if per-user seen flags are enable and should it even be tagged READ-ONLY at all in this case? At least clients such as Python imaplib, IMAPClient, or Roundcube will open such mailboxes with EXAMINE and thus do not allow the modification of flags. -- Guido Berhoerster From user+dovecot at localhost.localdomain.org Wed Mar 27 14:49:37 2013 From: user+dovecot at localhost.localdomain.org (Pascal Volk) Date: Wed, 27 Mar 2013 13:49:37 +0100 Subject: [Dovecot] Implementing Single instance attachment storage (SIS) with sdbox In-Reply-To: References: Message-ID: <5152EAE1.3030900@localhost.localdomain.org> On 03/27/2013 12:30 PM megodin at inboxalias.com wrote: > Hi there, > > as I want to implement data dedupliction on my dovecot system (eg. a users sends the same attchment to 5 different users on my system so I only have to store the attachment one time and set pointers to the file) , I found out it could be possible with Single instance attachment storage (SIS), so I read several pages about SIS as it was quoted here (http://wiki2.dovecot.org/MailboxFormat/dbox): > >> dbox storage is extensible. Single instance attachment storage was already implemented as such extension. > > But I did not found any further intructions in Dovecot Wiki how to implement it - however, on Dovecots blog there was an older article from Timo which gave some indication how to get it work (http://blog.dovecot.org/2010/07/single-instance-attachment-storage.html): > > >> mail_location = dbox:~/dbox:ATTACHMENTS=/attachments/$/$ > > > But when I change my configuration according to this (I use sdbox as mail format), I just get a "Unknown setting: ATTACHMENTS" in my mail.err log. > > Can anybody give me a clue how to get this working? Hm, that blog post seems to be a little bit old. There is no need to modify the mail_location setting. All single instance storage related settings could be found at the end of conf.d/10-mail.conf . Regards, Pascal -- The trapper recommends today: fabaceae.1308601 at localdomain.org From alessio at skye.it Wed Mar 27 15:25:07 2013 From: alessio at skye.it (Alessio Cecchi) Date: Wed, 27 Mar 2013 14:25:07 +0100 Subject: [Dovecot] Problem when indexing maildir with a large number of folders In-Reply-To: <20130326232055.GB16593@london.s2end.co.uk> References: <20130326232055.GB16593@london.s2end.co.uk> Message-ID: <5152F333.7060105@skye.it> Il 27/03/2013 00:20, Andre Rodier ha scritto: > Hello everybody, > > As part of a migration from exchange 2003 to dovecot, I have converted a lot of PST files for a user. I am importing his PST files in a maildir folder called > 'Archives'. Actually, I reached about 770 'Archives' folders, and the total length of their names is about 59k characters. Thanks to wc! > > I am using Maildir++ Hi, what kind of method are you using for converting PST into Maildir? Thanks -- Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it From andre.rodier at gmail.com Wed Mar 27 15:58:57 2013 From: andre.rodier at gmail.com (=?UTF-8?Q?Andr=C3=A9_Rodier?=) Date: Wed, 27 Mar 2013 13:58:57 +0000 Subject: [Dovecot] Problem when indexing maildir with a large number of folders In-Reply-To: <5152F333.7060105@skye.it> References: <20130326232055.GB16593@london.s2end.co.uk> <5152F333.7060105@skye.it> Message-ID: Hello Allessio, I am using readpst -r from libpst (http://www.five-ten-sg.com/libpst/) Andr? On 27 March 2013 13:25, Alessio Cecchi wrote: > Il 27/03/2013 00:20, Andre Rodier ha scritto: > >> Hello everybody, >> >> As part of a migration from exchange 2003 to dovecot, I have converted a >> lot of PST files for a user. I am importing his PST files in a maildir >> folder called >> 'Archives'. Actually, I reached about 770 'Archives' folders, and the >> total length of their names is about 59k characters. Thanks to wc! >> >> I am using Maildir++ > > > Hi, > > what kind of method are you using for converting PST into Maildir? > > Thanks > -- > Alessio Cecchi is: > @ ILS -> http://www.linux.it/~alessice/ > on LinkedIn -> http://www.linkedin.com/in/alessice > Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ > @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it -- Andr? Rodier From bruce+dovecot at bmts.us Wed Mar 27 16:34:13 2013 From: bruce+dovecot at bmts.us (Bruce Marriner) Date: Wed, 27 Mar 2013 09:34:13 -0500 Subject: [Dovecot] Dovecot METADATA support Message-ID: <2846-51530380-1b-230f3880@7907076> I've been trying to work with dovecot metadata plugin and posted a question here related to that a few days ago here : http://www.dovecot.org/list/dovecot/2013-March/089241.html I just read today (e-mail on this list) from Timo Sirainen that >> >> Dovecot is getting close to having native METADATA support. >> I am very curious about this. When is "getting close" and I would guess this will be for v2.2? Will this support be the same as the dovecot-metadata-plugin in hg or something completely different? I'm sorry if I'm asking questions that have already been answered. My goal is to use Kolab3 with Dovecot instead of using Cyrus IMAP and Kolab requires metadata/annotation support. Right now I'm testing this using the dovecot-metadata-plugin but I am very interested it learning about native metadata support and testing it with Kolab 3. Any detail you can provide would be very appreciated. Bruce From ewald.lists at fun.de Wed Mar 27 16:57:43 2013 From: ewald.lists at fun.de (Ewald Dieterich) Date: Wed, 27 Mar 2013 15:57:43 +0100 Subject: [Dovecot] Separate log file for Sieve Message-ID: <515308E7.30302@fun.de> I use log_path = /var/log/dovecot/error.log info_log_path = /var/log/dovecot/info.log debug_log_path = /var/log/dovecot/debug.log to log to different files. Since I don't consider Sieve errors as severe as "real" Dovecot errors I would like to keep them away from the error log. Is it possible to configure a separate log file for Sieve? From pablo at vieira.es Wed Mar 27 17:28:02 2013 From: pablo at vieira.es (Pablo Vieira) Date: Wed, 27 Mar 2013 16:28:02 +0100 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: References: Message-ID: 2013/3/27 Timo Sirainen > On 27.3.2013, at 5.15, Pablo Vieira wrote: > > > On this post http://www.dovecot.org/list/dovecot/2011-June/059605.html I > > was asking about the possibility of using arbitrary labels on messages, > > much like Gmail does. On following replies, I was told about few tricks > > that might be used, that the IMAP protocol was being considering UTF-8 > > labels and ways to integrate them into the current system, etc., etc., > etc. > > That sounds nice and all. > > > > I'm chiming in three years later only to know if things have changed, > both > > at Dovecot and at the IMAP protocol. Are we closer to have proper labels > on > > IMAP? Labels that help sorting messages in virtual folders where a > message > > can belong in several of them? > > My latest idea: Keep using the rather dummy simple IMAP keywords. Use IMAP > METADATA to create a mapping between keyword <-> human readable name. > Dovecot is getting close to having native METADATA support. Such IMAP > standard would still need to be designed though. Anyone up for writing an > RFC? :) > > Thanks Timo, I'm not quite sure what IMAP METADATA is. Will have some spare time this summer. Any good readings about IMAP you can recommend? MIght as well help in that department. From nmilas at noa.gr Wed Mar 27 17:46:32 2013 From: nmilas at noa.gr (Nikolaos Milas) Date: Wed, 27 Mar 2013 17:46:32 +0200 Subject: [Dovecot] Error Building v2.2 In-Reply-To: <51520B9E.6050202@noa.gr> References: <515174EB.3030802@noa.gr> <20130326114647.7c0b7abd@cw-desktop> <5151804B.2030403@noa.gr> <20130326123042.664075c3@cw-desktop> <20130326123505.151b93f6@cw-desktop> <51518E87.9030603@noa.gr> <20130326133635.3fb774d2@cw-desktop> <5151AE69.4030401@noa.gr> <20130326154235.70724de6@cw-desktop> <5151F9B2.9010807@noa.gr> <51520B9E.6050202@noa.gr> Message-ID: <51531458.3030608@noa.gr> On 26/3/2013 10:57 ??, Nikolaos Milas wrote: > So, how do we build Dovecot v2.2 on CentOS 5 ? I decided to use: ftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/h/hp/hphp/CentOS%205%2064bit/RPM/autoconf-2.63-3.noarch.rpm which required me to build m4 with a version > 1.4.7 (because I couldn't find such an m4 version around). Therefore, I used: https://oss.oracle.com/el5/SRPMS/m4-1.4.5-3.el5.1.src.rpm with source for v1.4.9 (from: ftp://ftp.gnu.org/gnu/m4/) and I built m4-1.4.9-1.el5.1.x86_64.rpm After that, I was able to build Dovecot 2.2 successfully on CentOS 5. Nevertheless, I had a bunch of warnings from autoconf, which I copy below, in case someone can suggest how to avoid them. Thanks and regards, Nick autoconf warnings follow: ========================================================================= + autoreconf -vfi autoreconf: Entering directory `.' autoreconf: configure.ac: not using Gettext autoreconf: running: aclocal --force configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... /usr/share/aclocal/libtool.m4:615: AC_LIBTOOL_COMPILER_OPTION is expanded from... /usr/share/aclocal/libtool.m4:4835: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... /usr/share/aclocal/libtool.m4:2668: _LT_AC_LANG_C_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:2667: AC_LIBTOOL_LANG_C_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:80: AC_LIBTOOL_SETUP is expanded from... /usr/share/aclocal/libtool.m4:60: _AC_PROG_LIBTOOL is expanded from... /usr/share/aclocal/libtool.m4:25: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:660: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:2749: _LT_AC_LANG_CXX_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:2748: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:1804: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:3916: _LT_AC_LANG_F77_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:3915: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:4018: _LT_AC_LANG_GCJ_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:4017: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: configure.ac: tracing configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... aclocal.m4:1878: AC_LIBTOOL_COMPILER_OPTION is expanded from... aclocal.m4:6086: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... aclocal.m4:3931: _LT_AC_LANG_C_CONFIG is expanded from... aclocal.m4:3930: AC_LIBTOOL_LANG_C_CONFIG is expanded from... aclocal.m4:1343: AC_LIBTOOL_SETUP is expanded from... aclocal.m4:1323: _AC_PROG_LIBTOOL is expanded from... aclocal.m4:1288: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:1923: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:4008: _LT_AC_LANG_CXX_CONFIG is expanded from... aclocal.m4:4007: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... aclocal.m4:3067: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5171: _LT_AC_LANG_F77_CONFIG is expanded from... aclocal.m4:5170: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5273: _LT_AC_LANG_GCJ_CONFIG is expanded from... aclocal.m4:5272: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: running: libtoolize --copy --force configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... /usr/share/aclocal/libtool.m4:615: AC_LIBTOOL_COMPILER_OPTION is expanded from... /usr/share/aclocal/libtool.m4:4835: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... /usr/share/aclocal/libtool.m4:2668: _LT_AC_LANG_C_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:2667: AC_LIBTOOL_LANG_C_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:80: AC_LIBTOOL_SETUP is expanded from... /usr/share/aclocal/libtool.m4:60: _AC_PROG_LIBTOOL is expanded from... /usr/share/aclocal/libtool.m4:25: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:660: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:2749: _LT_AC_LANG_CXX_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:2748: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:1804: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:3916: _LT_AC_LANG_F77_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:3915: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached /usr/share/aclocal/libtool.m4:4018: _LT_AC_LANG_GCJ_CONFIG is expanded from... /usr/share/aclocal/libtool.m4:4017: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: running: /usr/bin/autoconf --force configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... aclocal.m4:1878: AC_LIBTOOL_COMPILER_OPTION is expanded from... aclocal.m4:6086: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... aclocal.m4:3931: _LT_AC_LANG_C_CONFIG is expanded from... aclocal.m4:3930: AC_LIBTOOL_LANG_C_CONFIG is expanded from... aclocal.m4:1343: AC_LIBTOOL_SETUP is expanded from... aclocal.m4:1323: _AC_PROG_LIBTOOL is expanded from... aclocal.m4:1288: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:1923: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:4008: _LT_AC_LANG_CXX_CONFIG is expanded from... aclocal.m4:4007: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... aclocal.m4:3067: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5171: _LT_AC_LANG_F77_CONFIG is expanded from... aclocal.m4:5170: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5273: _LT_AC_LANG_GCJ_CONFIG is expanded from... aclocal.m4:5272: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: running: /usr/bin/autoheader --force configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... aclocal.m4:1878: AC_LIBTOOL_COMPILER_OPTION is expanded from... aclocal.m4:6086: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... aclocal.m4:3931: _LT_AC_LANG_C_CONFIG is expanded from... aclocal.m4:3930: AC_LIBTOOL_LANG_C_CONFIG is expanded from... aclocal.m4:1343: AC_LIBTOOL_SETUP is expanded from... aclocal.m4:1323: _AC_PROG_LIBTOOL is expanded from... aclocal.m4:1288: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:1923: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:4008: _LT_AC_LANG_CXX_CONFIG is expanded from... aclocal.m4:4007: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... aclocal.m4:3067: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5171: _LT_AC_LANG_F77_CONFIG is expanded from... aclocal.m4:5170: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5273: _LT_AC_LANG_GCJ_CONFIG is expanded from... aclocal.m4:5272: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: running: automake --add-missing --copy --force-missing configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works, ...): suspicious cache-id, must contain _cv_ to be cached ../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from... ../../lib/autoconf/general.m4:1994: AC_CACHE_CHECK is expanded from... aclocal.m4:1878: AC_LIBTOOL_COMPILER_OPTION is expanded from... aclocal.m4:6086: AC_LIBTOOL_PROG_COMPILER_PIC is expanded from... aclocal.m4:3931: _LT_AC_LANG_C_CONFIG is expanded from... aclocal.m4:3930: AC_LIBTOOL_LANG_C_CONFIG is expanded from... aclocal.m4:1343: AC_LIBTOOL_SETUP is expanded from... aclocal.m4:1323: _AC_PROG_LIBTOOL is expanded from... aclocal.m4:1288: AC_PROG_LIBTOOL is expanded from... configure.ac:293: the top level configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:1923: AC_LIBTOOL_LINKER_OPTION is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:4008: _LT_AC_LANG_CXX_CONFIG is expanded from... aclocal.m4:4007: AC_LIBTOOL_LANG_CXX_CONFIG is expanded from... aclocal.m4:3067: _LT_AC_TAGCONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_CXX, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5171: _LT_AC_LANG_F77_CONFIG is expanded from... aclocal.m4:5170: AC_LIBTOOL_LANG_F77_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_F77, ...): suspicious cache-id, must contain _cv_ to be cached configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_pic_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached aclocal.m4:5273: _LT_AC_LANG_GCJ_CONFIG is expanded from... aclocal.m4:5272: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from... configure.ac:293: warning: AC_CACHE_VAL(lt_prog_compiler_static_works_GCJ, ...): suspicious cache-id, must contain _cv_ to be cached autoreconf: Leaving directory `.' ========================================================================= From kadafax at gmail.com Wed Mar 27 18:01:39 2013 From: kadafax at gmail.com (kadafax at gmail.com) Date: Wed, 27 Mar 2013 17:01:39 +0100 Subject: [Dovecot] Crash while moving mail between private folder and shared folder In-Reply-To: <514D6FFD.8000808@taunusstein.net> References: <514D6FFD.8000808@taunusstein.net> Message-ID: <515317E3.8090402@gmail.com> Hi, Just to bump the OP message as I experience the exact same symptom with the same configuration. That is: when moving an email to a virtual mailboxes, dovecot crash (and sometime the email disappears from the real mailbox). Thx Le 23/03/13 10:03, Christian Felsing a ?crit : > Hello, > > while moving a mail from a private folder (inbox) to a shared folder and > back to private folder Dovecot 2.2rc3 crashes: > > ---cut here--- > Mar 23 09:57:44 dovecot dovecot: imap-login: Login: > user=, method=PLAIN, rip=192.168.200.6, > lip=192.168.200.22, mpid=19423, TLS > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file > mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns > != NULL) > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw > backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) > [0x7f82f65b28fa] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) > [0x7f82f65b293e] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0x7f82f657435b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) > [0x7f82f686b590] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) > [0x7f82f686b5a9] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) > [0x7f82f51127bd] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) > [0x7f82f511424b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) > [0x7f82f511445d] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) > [0x7f82f511800b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) > [0x7f82f552d7cb] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) > [0x7f82f687274f] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) > [0x7f82f6872810] -> dovecot-01/imap() [0x40d29d] -> > dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() > [0x415250] -> dovecot-01/imap() [0x41530a] -> > dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> > dovecot-01/imap(client_input+0x72) [0x415972] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) > [0x7f82f65c20e6] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) > [0x7f82f65c2f37] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) > [0x7f82f65c1c28] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f82f6579473] > -> dovecot-01/imap(main+0x270) [0x40b950] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f82f61e6ead] > -> dovecot-01/imap() [0x40baad] > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: > master: service(imap): child 19423 killed with signal 6 (core dumps > disabled) > Mar 23 09:57:44 dovecot dovecot: imap-login: Login: > user=, method=PLAIN, rip=192.168.200.6, > lip=192.168.200.22, mpid=19425, TLS > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file > mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns > != NULL) > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw > backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) > [0x7f66ed9a58fa] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) > [0x7f66ed9a593e] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) > [0x7f66ed96735b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) > [0x7f66edc5e590] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) > [0x7f66edc5e5a9] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) > [0x7f66ec5057bd] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) > [0x7f66ec50724b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) > [0x7f66ec50745d] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) > [0x7f66ec50b00b] -> > /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) > [0x7f66ec9207cb] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) > [0x7f66edc6574f] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) > [0x7f66edc65810] -> dovecot-01/imap() [0x40d29d] -> > dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() > [0x415250] -> dovecot-01/imap() [0x41530a] -> > dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> > dovecot-01/imap(client_input+0x72) [0x415972] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) > [0x7f66ed9b50e6] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) > [0x7f66ed9b5f37] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) > [0x7f66ed9b4c28] -> > /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f66ed96c473] > -> dovecot-01/imap(main+0x270) [0x40b950] -> > /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f66ed5d9ead] > -> dovecot-01/imap() [0x40baad] > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: > master: service(imap): child 19425 killed with signal 6 (core dumps > disabled) > Mar 23 09:57:46 dovecot dovecot: imap(john.doe at example.net): > Disconnected: Logged out in=192 out=1118 > ---cut here--- > > Following config was used: > > ---cut here--- > # 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 ext4 > auth_ssl_require_client_cert = yes > auth_ssl_username_from_cert = yes > auth_verbose = yes > auth_verbose_passwords = plain > base_dir = /home/dovecot/ > hostname = mail.ip6.li > instance_name = dovecot-01 > lda_mailbox_autocreate = yes > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c > mail_gid = dovecot > mail_location = maildir:/home/vmail/%d/%u/Maildir > mail_plugins = quota > mail_uid = dovecot > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave > namespace { > list = children > location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u > prefix = shared/%%u/ > separator = / > subscriptions = no > type = shared > } > namespace inbox { > inbox = yes > list = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > separator = / > type = private > } > passdb { > args = failure_show_msg=yes dovecot > driver = pam > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes > mail_log_events = delete undelete expunge copy mailbox_delete > mailbox_rename > mail_log_fields = uid box msgid size > quota = maildir:User quota > quota_grace = 10%% > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+100M > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > } > postmaster_address = postmaster at ip6.li > protocols = imap pop3 lmtp sieve > quota_full_tempfail = yes > sendmail_path = /usr/lib/sendmail > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > ssl_ca = ssl_cert = ssl_cert_username_field = emailAddress > ssl_key = ssl_require_crl = no > ssl_verify_client_cert = yes > userdb { > args = allow_all_users=yes uid=vmail gid=vmail home=/home/vmail/%d/%u > driver = static > } > protocol lda { > auth_socket_path = /var/run/dovecot/auth-master > mail_plugin_dir = /opt/dovecot/lib/dovecot > mail_plugins = quota sieve acl > } > protocol imap { > mail_plugins = quota acl imap_acl imap_quota > } > protocol lmtp { > mail_plugins = quota sieve > } > protocol sieve { > managesieve_implementation_string = Dovecot Pigeonhole > managesieve_logout_format = bytes ( in=%i : out=%o ) > } > protocol pop3 { > mail_plugins = quota > pop3_uidl_format = %08Xu%08Xv > } > ---cut here--- > > best regards > Christian > From p.heinlein at heinlein-support.de Wed Mar 27 18:41:32 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 27 Mar 2013 17:41:32 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> Message-ID: <5153213C.7020009@heinlein-support.de> Am 27.03.2013 08:44, schrieb Timo Sirainen: > Oh, except I actually forgot to load zlib plugin in my previous test. I can't reproduce with these steps.. and I don't really see why they would cause it anyway. A broken cached size would cause that rename, but not a missing cached size. Thats why I wrote from STEP ONE and from STEP TWO. I had the impression, that Dovecot first rebuilds his cache with WRONG sizes and THEN starts in step two the renaming. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From p.heinlein at heinlein-support.de Wed Mar 27 18:46:32 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 27 Mar 2013 17:46:32 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5152A107.2030402@heinlein-support.de> Message-ID: <51532268.5020806@heinlein-support.de> Am 27.03.2013 11:19, schrieb Gordon Grubert: >>> We made a simple downgrade to 2.0.21 and now everything's working >>> perfect. >> >> maildir_broken_file_sizes=yes would also bring back v2.0 behavior. But >> yeah, looks like there's a bug. > > No, it does not. In Timo's first mail he wrote maildir_broken_fileNAME_sizes and we used that (which didn't helped at all). mailserver2:~/dovecot.neu.2-1# grep -r maildir_broken * conf.d/10-mail.conf:maildir_broken_filename_sizes = yes mailserver2:~/dovecot.neu.2-1# But maybe it's working with "maildir_broken_file_sizes" :-), we can test that on our test-system. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From linuxer at netsteps.ch Wed Mar 27 18:49:53 2013 From: linuxer at netsteps.ch (linuxer at netsteps.ch) Date: Wed, 27 Mar 2013 17:49:53 +0100 (CET) Subject: [Dovecot] Managesieve Automatic Homedir Creation: File not Found Error Message-ID: <34614.212.25.21.114.1364402993.squirrel@mail2.prologon.ch> Hi all, I'm running dovecot version 2.0.19 (Ubuntu 12.04) and I discovered some unexpected behaviour related to the Dovecot managesieve module. When connecting to the managesieve service from a client for the first time (e.g. roundcube webmail), I get an application error. This is logged by Dovecot: Error: sieve-storage: opendir(/var/.../exampledomain/exampleuser at exampledomain//sieve) failed: No such file or directory. At first glance I thought the problem was caused by the "//" in the directory path. I assume this is just a concatenation of the user virtual home directory (in my case "/var/.../exampledomain/exampleuser at exampledomain/" and the default sieve folder (~/sieve). While this looks wrong it seems not to be the actual problem (should be fixed though?) Then I noticed that the user home directory and sieve data were actually properly created despite the error. When connecting again, it worked without error. The problem can be reproduced by deleting the users virtual home directory and connecting again. A guess would be that the automatic creation of the virtual users homedir folder structure is some asychronous process not being completed in time. I also found this older thread with a similar issue: http://osdir.com/ml/dovecot-development/2010-05/msg00018.html Could also be worth mentioning that I'm running Dovecot on a virtualized host with possibly relatively poor I/O performance (maybe faster environments don't have this problem). Thanks for looking into this, and thx for the really neat dovecot software package! Cheers, L. From p.heinlein at heinlein-support.de Wed Mar 27 18:51:31 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 27 Mar 2013 17:51:31 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51505ED2.8070806@sys4.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <51505ED2.8070806@sys4.de> Message-ID: <51532393.2010800@heinlein-support.de> Am 25.03.2013 15:27, schrieb Robert Schetterer: > please reread the list archive ,solutions where massive posted > and a new repair script was created We did that before, for sure. But there are NO working solutions for that and the problem still exists and ist a massive problem, because a simple version upgrade doesn't work and leads to a DOS of the infected systems. The repair script hasn't worked at all with our kind of Maildir-Filenames. If others run into the same problem: We used this simple piece of code (which is much easier to read and adapt): for FILE in * ; do OLDNAME=$FILE SIZE=`zcat $FILE | wc -c` NEWNAME=`echo $FILE | sed "s/\(.*\)S=.*:\(.*\)/\1S=$SIZE:\2/g"` if [ ! $OLDNAME = $NEWNAME ] ; then echo mv "$OLDNAME" "$NEWNAME" fi done Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From rs at sys4.de Wed Mar 27 19:41:24 2013 From: rs at sys4.de (Robert Schetterer) Date: Wed, 27 Mar 2013 18:41:24 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <51532393.2010800@heinlein-support.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <51505ED2.8070806@sys4.de> <51532393.2010800@heinlein-support.de> Message-ID: <51532F44.6030307@sys4.de> Am 27.03.2013 17:51, schrieb Peer Heinlein: > Am 25.03.2013 15:27, schrieb Robert Schetterer: > > >> please reread the list archive ,solutions where massive posted >> and a new repair script was created > > We did that before, for sure. > > But there are NO working solutions for that and the problem still exists > and ist a massive problem, because a simple version upgrade doesn't work > and leads to a DOS of the infected systems. > > The repair script hasn't worked at all with our kind of Maildir-Filenames. > > If others run into the same problem: > > We used this simple piece of code (which is much easier to read and adapt): > > for FILE in * ; do > OLDNAME=$FILE > SIZE=`zcat $FILE | wc -c` > NEWNAME=`echo $FILE | sed "s/\(.*\)S=.*:\(.*\)/\1S=$SIZE:\2/g"` > > if [ ! $OLDNAME = $NEWNAME ] ; then > echo mv "$OLDNAME" "$NEWNAME" > fi > done > > > Peer > > Hi Peer , as talked to Gordon, this was a total upgrade from 2.0.x to 2.1.x and you converted all maildir to compressed before, right ? posting some conf parameters might be helpfull , did you investigated broken maildirs for mixing compressed and uncompressed mails exist, as i understand Gordon there should be only compressed ? Have you checked about double compressed mails in broken maildirs ? As wrote before, at my bug time after repair with script and upgrading dovecot, failures had gone and never returned, but my setup may be different from yours and failure did happend sometime upgrade dove 2.1.x not at migrate from dove 2.0.x, did you changed something other too ? Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich From nicolas at babelouest.org Wed Mar 27 20:14:16 2013 From: nicolas at babelouest.org (Nicolas Mora) Date: Wed, 27 Mar 2013 14:14:16 -0400 Subject: [Dovecot] Authentication failure messages in logs In-Reply-To: References: <51449712.6060001@babelouest.org> Message-ID: <3b54b610b64e39156440c7c7a590bbbf@webmail.babelouest.org> Le 18/03/2013 10:13, Steffen Kaiser a ?crit?: > > Well, you seem to use just one passdb. The article you are referring > to says "the first try is always empty username and password so it > slows down terribly every action.". > Yes, sorry, I may have messed up with the links... In fact, I may have been wrong from the beginning because the problem seems not to come from dovecot but higher in the auth process, probably PAM... Sorry for the silly question. From tss at iki.fi Wed Mar 27 21:10:59 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 21:10:59 +0200 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: <5153213C.7020009@heinlein-support.de> References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5153213C.7020009@heinlein-support.de> Message-ID: On 27.3.2013, at 18.41, Peer Heinlein wrote: > Am 27.03.2013 08:44, schrieb Timo Sirainen: > >> Oh, except I actually forgot to load zlib plugin in my previous test. > I can't reproduce with these steps.. and I don't really see why they > would cause it anyway. A broken cached size would cause that rename, but > not a missing cached size. > > Thats why I wrote from STEP ONE and from STEP TWO. > > I had the impression, that Dovecot first rebuilds his cache with WRONG > sizes and THEN starts in step two the renaming. Well, the question is then.. Why were the corrupted in the first place? Based on your previous error message it looked like the cache file contained the compressed size, so maybe zlib plugin wasn't loaded for some Dovecot process at that time? Anyway, yeah, I guess there are two potential improvements here: Either a) don't rename maildir file if S=size is different from cached size or b) rename the S=size to the correct decompressed size (=no renaming if it's correct). Not sure which one is easier to do, possibly b) and possibly it should be done anyway. In any case, I think this is a good addition: http://hg.dovecot.org/dovecot-2.2/rev/6d9444ea1c9a From tss at iki.fi Wed Mar 27 21:14:04 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 21:14:04 +0200 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: References: Message-ID: <1BE8D417-2794-4675-BEC9-A8B25B2460F0@iki.fi> On 27.3.2013, at 17.28, Pablo Vieira wrote: >> My latest idea: Keep using the rather dummy simple IMAP keywords. Use IMAP >> METADATA to create a mapping between keyword <-> human readable name. >> Dovecot is getting close to having native METADATA support. Such IMAP >> standard would still need to be designed though. Anyone up for writing an >> RFC? :) >> >> Thanks Timo, I'm not quite sure what IMAP METADATA is. Will have some > spare time this summer. Any good readings about IMAP you can recommend? > MIght as well help in that department. METADATA is simply about adding simple key=value pairs to mailboxes. So you could have something like: /shared/keywords/$Label1 = Important /shared/keywords/$Label2 = Work /shared/keywords/HelloWorld = Hello World messages Probably it wouldn't need to be any more complex than that. The clients would then handle adding/changing/removing those keywords. http://tools.ietf.org/html/rfc5464 describes METADATA. From tss at iki.fi Wed Mar 27 21:25:15 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 21:25:15 +0200 Subject: [Dovecot] Dovecot METADATA support In-Reply-To: <2846-51530380-1b-230f3880@7907076> References: <2846-51530380-1b-230f3880@7907076> Message-ID: <4AAED0D9-424B-460D-9B64-2668211ED374@iki.fi> On 27.3.2013, at 16.34, Bruce Marriner wrote: > I've been trying to work with dovecot metadata plugin and posted a question here related to that a few days ago here : > http://www.dovecot.org/list/dovecot/2013-March/089241.html The patch is now in v2.1 hg, so will be in v2.1.16. > I just read today (e-mail on this list) from Timo Sirainen that > >>> Dovecot is getting close to having native METADATA support. > > I am very curious about this. When is "getting close" and I would guess this will be for v2.2? Will this support be the same as the dovecot-metadata-plugin in hg or something completely different? I'm sorry if I'm asking questions that have already been answered. The metadata plugin started with implementing the IMAP commands and kind of ignored the difficult parts of fitting it in with everything. The stuff that is in Dovecot now handles most of the difficult parts, but the IMAP commands are missing. There are still two somewhat difficult things missing: * Where/how to keep track of metadata quota to prevent abuse? Maybe some limits to number of entries, max. bytes total in entries, max. bytes per entry. Although the last one only is useful for those backends that can't handle large entry sizes. ( * Maybe there should be a new dict backend that can handle both small and large entries more optimally.. Then again some nosql dict backend would probably work well too.) * Currently it's configured via mail_attribute_dict, which can e.g. point to a file in user's home directory. How to handle shared metadata in shared folders? Should userA just be accessing userB's dict file? Where are metadata stored for public folders that have no owner? Should there be two dict settings for private and public dict? (The last, or maybe all, would be a non-issue if I had already implemented my idea of having only one dict configuration where different prefixes could be mapped to completely different locations/backends/etc.) From tss at iki.fi Wed Mar 27 21:27:22 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 21:27:22 +0200 Subject: [Dovecot] Incorrect response when opening read-only mailboxes with per-user flags? In-Reply-To: <20130327114125.GH5217@hal.local.invalid> References: <20130327114125.GH5217@hal.local.invalid> Message-ID: <6A65F367-7AD0-466F-A274-FBD3BD2CA522@iki.fi> On 27.3.2013, at 13.41, Guido Berhoerster wrote: > After some debugging on the protocol level I've finally found the > problem with per-user seen flags in read-only mailboxes. Dovecot > actually does allow storing the seen flag on messages but AFAICS > it does not communicate that correctly to clients, this is what > its response to selecting a read-only mailbox with "lrs" ACL in > effect for the logged in user looks like: > > 2 SELECT "Public/Test" .. > 2 OK [READ-ONLY] Select completed. > > Shouldn't PERMANENTFLAGS contain \Seen here if per-user seen > flags are enable and should it even be tagged READ-ONLY at all in > this case? At least clients such as Python imaplib, IMAPClient, > or Roundcube will open such mailboxes with EXAMINE and thus do > not allow the modification of flags. Are you still testing on v2.0? It could be a bug in it. From tss at iki.fi Wed Mar 27 21:31:32 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 21:31:32 +0200 Subject: [Dovecot] Migrating password scheme In-Reply-To: References: Message-ID: On 26.3.2013, at 5.14, Joseph Tam wrote: > I've updated the Dovecot2 wiki, but I am unsure which userdb's > "default_fields" applies to, and whether it just applies to postlogin > scripts, so I documented it at > > http://wiki2.dovecot.org/AuthDatabase/PasswdFile It works with all userdbs and passdbs. There are some other new features also generic to all passdbs. I guess the PasswordDatabase and UserDatabase pages need some sections about them.. Wonder if the common ones should be pointed to AuthDatabase or just copy&pasted (=become desynced over time) to both pages.. Could be a good feature idea for a wiki to allow importing text from some other page :) Anyway, I'll probably move these things over unless someone happens to beat me to it. Way too busy right now though. From bruce+dovecot at bmts.us Wed Mar 27 21:44:07 2013 From: bruce+dovecot at bmts.us (Bruce Marriner) Date: Wed, 27 Mar 2013 14:44:07 -0500 Subject: [Dovecot] Dovecot METADATA support In-Reply-To: <4AAED0D9-424B-460D-9B64-2668211ED374@iki.fi> Message-ID: <2847-51534c00-29-7ff64380@114345510> On Wednesday, March 27, 2013 02:25 PM CDT, Timo Sirainen wrote: > On 27.3.2013, at 16.34, Bruce Marriner wrote: > > > I've been trying to work with dovecot metadata plugin and posted a question here related to that a few days ago here : > > http://www.dovecot.org/list/dovecot/2013-March/089241.html > > The patch is now in v2.1 hg, so will be in v2.1.16. Thank you. > >>> Dovecot is getting close to having native METADATA support. > > > > I am very curious about this. When is "getting close" and I would guess this will be for v2.2? Will this support be the same as the dovecot-metadata-plugin in hg or something completely different? I'm sorry if I'm asking questions that have already been answered. > > The metadata plugin started with implementing the IMAP commands and kind of ignored the difficult parts of fitting it in with everything. The stuff that is in Dovecot now handles most of the difficult parts, but the IMAP commands are missing. There are still two somewhat difficult things missing: > > * Where/how to keep track of metadata quota to prevent abuse? Maybe some limits to number of entries, max. bytes total in entries, max. bytes per entry. Although the last one only is useful for those backends that can't handle large entry sizes. > > ( * Maybe there should be a new dict backend that can handle both small and large entries more optimally.. Then again some nosql dict backend would probably work well too.) > > * Currently it's configured via mail_attribute_dict, which can e.g. point to a file in user's home directory. How to handle shared metadata in shared folders? Should userA just be accessing userB's dict file? Where are metadata stored for public folders that have no owner? Should there be two dict settings for private and public dict? (The last, or maybe all, would be a non-issue if I had already implemented my idea of having only one dict configuration where different prefixes could be mapped to completely different locations/backends/etc.) > These questions I can't help much with, sadly. But I am more then willing to help with any testing, debugging, etc that I can possibly provide when there's something to test :). I really do appreciate your work on this Timo! From slusarz at curecanti.org Wed Mar 27 22:15:57 2013 From: slusarz at curecanti.org (Michael M Slusarz) Date: Wed, 27 Mar 2013 14:15:57 -0600 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: References: Message-ID: <20130327141557.Horde.EaFUBXn3h1UCowyMUXkizA8@bigworm.curecanti.org> Quoting Timo Sirainen : > On 27.3.2013, at 5.15, Pablo Vieira wrote: > >> On this post http://www.dovecot.org/list/dovecot/2011-June/059605.html I >> was asking about the possibility of using arbitrary labels on messages, >> much like Gmail does. On following replies, I was told about few tricks >> that might be used, that the IMAP protocol was being considering UTF-8 >> labels and ways to integrate them into the current system, etc., etc., etc. >> That sounds nice and all. >> >> I'm chiming in three years later only to know if things have changed, both >> at Dovecot and at the IMAP protocol. Are we closer to have proper labels on >> IMAP? Labels that help sorting messages in virtual folders where a message >> can belong in several of them? > > My latest idea: Keep using the rather dummy simple IMAP keywords. > Use IMAP METADATA to create a mapping between keyword <-> human > readable name. Dovecot is getting close to having native METADATA > support. Such IMAP standard would still need to be designed though. > Anyone up for writing an RFC? :) Would the idea be that once the extension is announced a client would then need to do a metadata lookup everytime you open the mailbox to build a keyword->label map? That could potentially be an expensive operation. Maybe you could do something like an ENABLE LABELS so that when you open a mailbox, you would see something like this (SELECT/EXAMINE response): * FLAGS (\Answered \Flagged \Deleted \Seen \Draft foo1 foo2 Junk NonJunk) * LABELS (NIL NIL NIL NIL NIL "Label 1" "Label 2 Text" NIL NIL) So there is no need to manually deal with lookups. Storing the labels would be done via standard METADATA commands. michael From guido+dovecot.org at berhoerster.name Wed Mar 27 22:16:41 2013 From: guido+dovecot.org at berhoerster.name (Guido Berhoerster) Date: Wed, 27 Mar 2013 21:16:41 +0100 Subject: [Dovecot] Incorrect response when opening read-only mailboxes with per-user flags? In-Reply-To: <6A65F367-7AD0-466F-A274-FBD3BD2CA522@iki.fi> References: <20130327114125.GH5217@hal.local.invalid> <6A65F367-7AD0-466F-A274-FBD3BD2CA522@iki.fi> Message-ID: <20130327201641.GM5217@hal.local.invalid> * Timo Sirainen [2013-03-27 20:27]: > On 27.3.2013, at 13.41, Guido Berhoerster wrote: > > > After some debugging on the protocol level I've finally found the > > problem with per-user seen flags in read-only mailboxes. Dovecot > > actually does allow storing the seen flag on messages but AFAICS > > it does not communicate that correctly to clients, this is what > > its response to selecting a read-only mailbox with "lrs" ACL in > > effect for the logged in user looks like: > > > > 2 SELECT "Public/Test" > .. > > 2 OK [READ-ONLY] Select completed. > > > > Shouldn't PERMANENTFLAGS contain \Seen here if per-user seen > > flags are enable and should it even be tagged READ-ONLY at all in > > this case? At least clients such as Python imaplib, IMAPClient, > > or Roundcube will open such mailboxes with EXAMINE and thus do > > not allow the modification of flags. > > Are you still testing on v2.0? It could be a bug in it. Yes, this is 2.0.9 from RHEL6. -- Guido Berhoerster From tss at iki.fi Wed Mar 27 22:22:59 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 22:22:59 +0200 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: <20130327141557.Horde.EaFUBXn3h1UCowyMUXkizA8@bigworm.curecanti.org> References: <20130327141557.Horde.EaFUBXn3h1UCowyMUXkizA8@bigworm.curecanti.org> Message-ID: <157A857F-AEE2-47A4-9D57-501CF085C36F@iki.fi> On 27.3.2013, at 22.15, Michael M Slusarz wrote: >> My latest idea: Keep using the rather dummy simple IMAP keywords. Use IMAP METADATA to create a mapping between keyword <-> human readable name. Dovecot is getting close to having native METADATA support. Such IMAP standard would still need to be designed though. Anyone up for writing an RFC? :) > > Would the idea be that once the extension is announced a client would then need to do a metadata lookup everytime you open the mailbox to build a keyword->label map? That could potentially be an expensive operation. > > Maybe you could do something like an ENABLE LABELS so that when you open a mailbox, you would see something like this (SELECT/EXAMINE response): > > * FLAGS (\Answered \Flagged \Deleted \Seen \Draft foo1 foo2 Junk NonJunk) > * LABELS (NIL NIL NIL NIL NIL "Label 1" "Label 2 Text" NIL NIL) > > So there is no need to manually deal with lookups. Storing the labels would be done via standard METADATA commands. Hmm. Maybe .. Although it would be nice to get the IMAP design away from such special-case features and try to make these more generic (which might not even require server modifications to work). Like maybe with CONDSTORE/QRESYNC you could simply see if your cached labels-modseq equals to the old one. Or simply pipelining the GETMETADATA command with SELECT. Or something.. I haven't really thought this much. From tss at iki.fi Wed Mar 27 22:23:39 2013 From: tss at iki.fi (Timo Sirainen) Date: Wed, 27 Mar 2013 22:23:39 +0200 Subject: [Dovecot] Incorrect response when opening read-only mailboxes with per-user flags? In-Reply-To: <20130327201641.GM5217@hal.local.invalid> References: <20130327114125.GH5217@hal.local.invalid> <6A65F367-7AD0-466F-A274-FBD3BD2CA522@iki.fi> <20130327201641.GM5217@hal.local.invalid> Message-ID: <51FFBBD1-88EB-4EDA-8E79-DFEA0D613C55@iki.fi> On 27.3.2013, at 22.16, Guido Berhoerster wrote: > * Timo Sirainen [2013-03-27 20:27]: >> On 27.3.2013, at 13.41, Guido Berhoerster wrote: >> >>> After some debugging on the protocol level I've finally found the >>> problem with per-user seen flags in read-only mailboxes. Dovecot >>> actually does allow storing the seen flag on messages but AFAICS >>> it does not communicate that correctly to clients, this is what >>> its response to selecting a read-only mailbox with "lrs" ACL in >>> effect for the logged in user looks like: >>> >>> 2 SELECT "Public/Test" >> .. >>> 2 OK [READ-ONLY] Select completed. >>> >>> Shouldn't PERMANENTFLAGS contain \Seen here if per-user seen >>> flags are enable and should it even be tagged READ-ONLY at all in >>> this case? At least clients such as Python imaplib, IMAPClient, >>> or Roundcube will open such mailboxes with EXAMINE and thus do >>> not allow the modification of flags. >> >> Are you still testing on v2.0? It could be a bug in it. > > Yes, this is 2.0.9 from RHEL6. I remember fixing this bug. There's a very good chance that it would simply work with v2.1. From pablo at vieira.es Wed Mar 27 22:31:02 2013 From: pablo at vieira.es (Pablo Vieira) Date: Wed, 27 Mar 2013 21:31:02 +0100 Subject: [Dovecot] Gmail like labels, three years later In-Reply-To: <1BE8D417-2794-4675-BEC9-A8B25B2460F0@iki.fi> References: <1BE8D417-2794-4675-BEC9-A8B25B2460F0@iki.fi> Message-ID: 2013/3/27 Timo Sirainen > On 27.3.2013, at 17.28, Pablo Vieira wrote: > > METADATA is simply about adding simple key=value pairs to mailboxes. So > you could have something like: > > /shared/keywords/$Label1 = Important > /shared/keywords/$Label2 = Work > /shared/keywords/HelloWorld = Hello World messages > > Probably it wouldn't need to be any more complex than that. The clients > would then handle adding/changing/removing those keywords. > > http://tools.ietf.org/html/rfc5464 describes METADATA. > > Thanks a lot. Any idea when METADATA will have a full implementation in Dovecot? Them along with virtual folders might make it easy to build a Gmail-like system. From p.heinlein at heinlein-support.de Wed Mar 27 23:24:20 2013 From: p.heinlein at heinlein-support.de (Peer Heinlein) Date: Wed, 27 Mar 2013 22:24:20 +0100 Subject: [Dovecot] 2.1: Error: Maildir filename has wrong S value, renamed the file from In-Reply-To: References: <5150355C.4000802@sys4.de> <515051D3.9040602@thelounge.net> <51505D8C.5050503@uni-greifswald.de> <6758D8B2-E4FB-4808-9F93-4AB13001DC51@iki.fi> <51521E1A.3060205@heinlein-support.de> <5153213C.7020009@heinlein-support.de> Message-ID: <51536384.1040902@heinlein-support.de> Am 27.03.2013 20:10, schrieb Timo Sirainen: Hi, > Well, the question is then.. Why were the corrupted in the first place? Based on your previous error message it looked like the cache file contained the compressed size, so maybe zlib plugin wasn't loaded for some Dovecot process at that time? AFAIK zlib is always on: mailserver2:~# doveconf | grep plugins mail_plugins = quota acl mail_log notify zlib mail_plugins = quota acl mail_log notify zlib sieve mail_plugins = quota acl mail_log notify zlib imap_quota imap_acl mail_plugins = quota acl mail_log notify zlib I'll try to create and send you a test-case with an infected maildir. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin From noel.butler at ausics.net Wed Mar 27 23:54:31 2013 From: noel.butler at ausics.net (Noel Butler) Date: Thu, 28 Mar 2013 07:54:31 +1000 Subject: [Dovecot] Disk Encryption In-Reply-To: <5152D6C1.9010802@Media-Brokers.com> References: <5150355C.4000802@sys4.de> <5152774B.30505@delphij.net> <5152D6C1.9010802@Media-Brokers.com> Message-ID: <1364421271.5643.3.camel@tardis> nope On Wed, 2013-03-27 at 07:23 -0400, Charles Marcus wrote: > Did anyone else get 13 identical copies of this response from Daniel??? > > On 2013-03-27 12:47 AM, Daniel Reinhardt wrote: > > If you are concerned about data being left on a hard drive when it fails > > and you are returning it to vendor, then I would consider hard drive > > degaussers. They are effective, but are very costly. > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: This is a digitally signed message part URL: From vimuthd at gmail.com Thu Mar 28 08:18:42 2013 From: vimuthd at gmail.com (Vimuth) Date: Thu, 28 Mar 2013 11:48:42 +0530 Subject: [Dovecot] dovecot v-2.0, postfix+mysql configuration issue. Message-ID: Greetings Gentlemen, Im in the attempt of configuring a postfix mail server on RHEL6.2 with the said components in the subject. I followed a couple of guides and I beleive that Im almost there, but I get the following error when I try to send a mail to a user who is in the mysql database as follows, Dovecot version that is being used is 2.0.X. echo test | mail vimuth at mydomain.rock [root at box1 ~]# tail -f /var/log/maillog Mar 26 07:00:44 box1 dovecot: auth: Error: sql(vimuth at mydomain.rock): User query failed: Table 'mailserver.users' doesn't exist (using built-in default user_query: SELECT home, uid, gid FROM users WHERE username = '%n' AND domain = '%d') Mar 26 07:00:44 box1 dovecot: lda: Error: user vimuth at mydomain.rock: Auth USER lookup failed Mar 26 07:00:44 box1 dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information. Mar 26 07:00:44 box1 postfix/pipe[6291]: A9E0E23B96: to=, relay=dovecot, delay=14255, delays=14255/0.02/0/0.12, dsn=4.3.0, status=deferred (temporary failure) Mar 26 07:05:44 box1 postfix/qmgr[5675]: 2E5AD23B66: from=, size=421, nrcpt=1 (queue active) Mar 26 07:05:44 box1 dovecot: auth: Error: mysql: Query failed, retrying: Table 'mailserver.users' doesn't exist Mar 26 07:05:44 box1 dovecot: auth: Error: sql(vimuth at mydomain.rock): User query failed: Table 'mailserver.users' doesn't exist (using built-in default user_query: SELECT home, uid, gid FROM users WHERE username = '%n' AND domain = '%d') Mar 26 07:05:44 box1 dovecot: lda: Error: user vimuth at mydomain.rock: Auth USER lookup failed Mar 26 07:05:44 box1 dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information. Mar 26 07:05:44 box1 postfix/pipe[6312]: 2E5AD23B66: to=, relay=dovecot, delay=16007, delays=16007/0.03/0/0.08, dsn=4.3.0, status=deferred (temporary failure) As I understand, this has something to do with the way I have setup my database. Im gonna post what are in my most important configuration files and also of course in the database. here's *"/etc/dovecot/dovecot-sql.conf.ext"* driver = mysql connect = host=127.0.0.1 dbname=mailserver user=mailuser password=redhat default_pass_scheme = MD5 password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; here's */etc/postfix/main.cf* # TLS parameters smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_key_file = /etc/pki/tls/private/smtpd.key smtpd_tls_cert_file = /etc/pki/tls/smtpd.crt smtpd_tls_CAfile = /etc/pki/tls/certs/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom # set smtpd restrictions smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination virtual_mailbox_domains = mysql:/etc/postfix/ mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf mailbox_command = /usr/libexec/dovecot/deliver mailbox_transport = dovecot virtual_transport = dovecot dovecot_destination_recipient_limit = 1 Now to the *database * mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mail | | mailserver | | mysql | +--------------------+[ mysql> use mailserver; Database changed mysql> select * from mailserver; mysql> show tables; +----------------------+ | Tables_in_mailserver | +----------------------+ | virtual_aliases | | virtual_domains | | virtual_users | +----------------------+ mysql> select * from virtual_users; +----+-----------+----------------------------------+----------------------+ | id | domain_id | password | email | +----+-----------+----------------------------------+----------------------+ | 1 | 1 | e2798af12a7a0f4f70b4d69efbc25f4d | vimuth at mydomain.rock | +----+-----------+----------------------------------+----------------------+ 1 row in set (0.00 sec) Please can someone help. If you need more information please let me know. I'm ready to tear down the entire implementation and start from the scratch. Many thanks in advance. /Vimuth From dovecot at lists.wgwh.ch Thu Mar 28 09:25:13 2013 From: dovecot at lists.wgwh.ch (Oli Schacher) Date: Thu, 28 Mar 2013 08:25:13 +0100 Subject: [Dovecot] dovecot v-2.0, postfix+mysql configuration issue. In-Reply-To: References: Message-ID: <20130328082513.23464b65@lists.wgwh.ch> On Thu, 28 Mar 2013 11:48:42 +0530 Vimuth wrote: > Mar 26 07:00:44 box1 dovecot: auth: Error: sql(vimuth at mydomain.rock): > User query failed: Table 'mailserver.users' doesn't exist (using > built-in default user_query: SELECT home, uid, gid FROM users WHERE > username = '%n' AND domain = '%d') > > > here's *"/etc/dovecot/dovecot-sql.conf.ext"* > >driver = mysql >connect = host=127.0.0.1 dbname=mailserver user=mailuser >password=redhat >default_pass_scheme = MD5 >password_query = SELECT email as user, password FROM virtual_users >WHERE >email='%u'; looks like the "user_query" is missing in this file and therefore dovecot uses a builtin query which uses a different table name http://wiki2.dovecot.org/AuthDatabase/SQL From vimuthd at gmail.com Thu Mar 28 10:28:08 2013 From: vimuthd at gmail.com (Vimuth) Date: Thu, 28 Mar 2013 13:58:08 +0530 Subject: [Dovecot] dovecot v-2.0, postfix+mysql configuration issue. In-Reply-To: <20130328082513.23464b65@lists.wgwh.ch> References: <20130328082513.23464b65@lists.wgwh.ch> Message-ID: Thank you very much for replying Mr Oli. Ummm Im confused. Could you please kindly mention as to how I should mention the user query? If I may speak though following are the mysql statements I used to create the tables n etc.. GRANT SELECT ON mailserver.* TO 'mailuser'@'127.0.0.1' IDENTIFIED BY 'mailuser2011'; CREATE TABLE `virtual_domains` ( `id` int(11) NOT NULL auto_increment, `name` varchar(50) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE TABLE `virtual_users` ( `id` int(11) NOT NULL auto_increment, `domain_id` int(11) NOT NULL, `password` varchar(32) NOT NULL, `email` varchar(100) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `email` (`email`), FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE TABLE `virtual_aliases` ( `id` int(11) NOT NULL auto_increment, `domain_id` int(11) NOT NULL, `source` varchar(100) NOT NULL, `destination` varchar(100) NOT NULL, PRIMARY KEY (`id`), FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=utf8; But in that dovecot link you've sent me mention of a home that my db doesnt know about. SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d' Please help sir. This is just a general question. if at all possible could you please point me to a good working guide related to this whole attempt. Thats is "postfix+dovecot-2.0+mysql+TLS" ? I'm yet to find a good source in order to get there.Problem is whatever you find is postfix with dovecot1.X implementation. thanks and Regards On Thu, Mar 28, 2013 at 12:55 PM, Oli Schacher wrote: > On Thu, 28 Mar 2013 11:48:42 +0530 > Vimuth wrote: > > > Mar 26 07:00:44 box1 dovecot: auth: Error: sql(vimuth at mydomain.rock): > > User query failed: Table 'mailserver.users' doesn't exist (using > > built-in default user_query: SELECT home, uid, gid FROM users WHERE > > username = '%n' AND domain = '%d') > > > > > > > here's *"/etc/dovecot/dovecot-sql.conf.ext"* > > > > >driver = mysql > >connect = host=127.0.0.1 dbname=mailserver user=mailuser > >password=redhat > >default_pass_scheme = MD5 > >password_query = SELECT email as user, password FROM virtual_users > >WHERE > >email='%u'; > > looks like the "user_query" is missing in this file and therefore > dovecot uses a builtin query which uses a different table name > > http://wiki2.dovecot.org/AuthDatabase/SQL > > > From paul at vandervlis.nl Thu Mar 28 10:51:00 2013 From: paul at vandervlis.nl (Paul van der Vlis) Date: Thu, 28 Mar 2013 09:51:00 +0100 Subject: [Dovecot] Conversion from Evolution maildir to imap Message-ID: Hello, A customer has a thin-client server with 100+ homedirs with Evolution. They are using POP3 and maildir. Now I want to switch to IMAP. Can I use Dovecot on this maildirs, or does Evolution use another kind of maildir? Does Dovecot change anything in the maildirs? Do I loose my flags this way, like "read" ? Normally I am using Cyrus IMAP. What I want to do is to install Dovecot to have access to the mail over IMAP because Dovecot can do maildir (Cyrus cannot). Then I can use imapsync to sync everything to Cyrus. Do you think that's a good idea? With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ From Lutz.Pressler at SerNet.DE Thu Mar 28 15:56:34 2013 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Thu, 28 Mar 2013 14:56:34 +0100 Subject: [Dovecot] changing flags automatically Message-ID: Hello, (2.2:) there is no doveadm subcommand to change flags of messages, is it? The following should work reliably? # mark messages with subject $SUBJECT in mailbox $MAILBOX of user $USERID as read ( i=2 echo "1 SELECT "$MAILBOX doveadm search -u $USERID mailbox $MAILBOX subject "$SUBJECT" \ | while read g u do echo $i" UID STORE "$u" flags (\Seen)" i=$((i+1)); done echo "0 LOGOUT" ) | /usr/lib/dovecot/imap -u $USERID Greetings, Lutz From tss at iki.fi Thu Mar 28 17:07:33 2013 From: tss at iki.fi (Timo Sirainen) Date: Thu, 28 Mar 2013 17:07:33 +0200 Subject: [Dovecot] changing flags automatically In-Reply-To: References: Message-ID: <1364483253.13923.131.camel@innu> On Thu, 2013-03-28 at 14:56 +0100, Lutz Pre?ler wrote: > Hello, > > (2.2:) there is no doveadm subcommand to change flags of messages, is it? Nope. > The following should work reliably? > > # mark messages with subject $SUBJECT in mailbox $MAILBOX of user $USERID as read > ( i=2 > echo "1 SELECT "$MAILBOX > doveadm search -u $USERID mailbox $MAILBOX subject "$SUBJECT" \ > | while read g u > do > echo $i" UID STORE "$u" flags (\Seen)" > i=$((i+1)); > done > echo "0 LOGOUT" > ) | /usr/lib/dovecot/imap -u $USERID I guess it does, but a much easier way: printf "a select $MAILBOX\nb search return (save) subject \"$SUBJECT \""\n3 store $ +flags \\seen\n" | doveadm exec imap -u $USERID You probably want +flags, not flags, so it won't touch non-seen flags. From l.chelchowski at eurocar.pl Thu Mar 28 17:35:46 2013 From: l.chelchowski at eurocar.pl (=?UTF-8?B?xYF1a2Fzeg==?=) Date: Thu, 28 Mar 2013 16:35:46 +0100 Subject: [Dovecot] Virtual - thread refs for labeled message Message-ID: <51546352.1010109@eurocar.pl> Hi I hope you will understand my problem. I want to make virtual folder called "Virtual/label1-threads". This folder should have: 1. messages labeled fe. $label1 from INBOX and 2. messages from Sent folder inthread refs with those labeled. message1 <-- $label1 INBOX |----message2 <- Sent ------|-----message3 <- INBOX ..... Can anyone help me with this? -- ?ukasz From lists at wildgooses.com Thu Mar 28 22:34:16 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Mar 2013 20:34:16 +0000 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: <5154A948.3010503@wildgooses.com> I believe a variation on that theme is also to "double" each machine using DRBD so that machines are arranged in pairs. One can fail and the other will take over the load. ie each pair of machines mirrors the storage for the other. With this arrangement only warm failover is usually required and hence DRBD can run in async mode and performance impact is low Note I don't use any of the above, it was a setup described by Timo some years back Good luck Ed W On 25/03/2013 18:47, Thierry de Montaudry wrote: > Hi Tigran, > > Managing a mail system for 1M odd users, we did run for a few years on some high range SAN system (NetApp, then EMC), but were not happy with the performance, whatever double head, fibre, and so on, it just couldn't handle the IOs. I must just say that at this time, we were not using dovecot. > > Then we moved to a completely different structure: 24 storage machines (plain CentOS as NFS servers), 7 frontend (webmail through IMAP + POP3 server) and 5 MXs, and all front end machines running dovecot. That was a major change in the system performances, but not happy yet with the 50T total storage we had. Having huge traffic between front end machine and storage, and at this time, I was not sure the switches were handling the load properly. Not talking about the load on the front end machine which some times needed a hard reboot to recover from NFS timeouts. Even after trying some heavy optimizations all around, and particularly on NFS. > > Then we did look at the Dovecot director, but not sure how it would handle 1M users, we moved to the proxy solution: we are now running dovecot on the 24 storage machines, our webmail system connecting with IMAP to the final storage machine, as well as the MXs with LMTP, we only use dovecot proxy for the POP3 access on the 7 front end machines. And I must say, what a change. Since then the system is running smoothly, no more worries about NFS timeouts and the loadavg on all machine is down to almost nothing, as well as the internal traffic on the switches and our stress. And most important, the feed back from our users told us that we did the right thing. > > Only trouble: now and then we have to move users around, as if a machine gets full, the only solution is to move data to one that has more space. But this is achieved easily with the dsync tool. > > This is just my experience, it might not be the best, but with the (limited) budget we had, we finally came up with a solutions that can handle the load and got us away from SAN systems which could never handle the IOs for mail access. Just for the sake of it, our storage machines only have each 4 x 1T SATA drives in RAID 10, and 16G of mem, which I've been told would never do the job, but it just works. Thanks Timo. > > Hoping this will help in your decision, > > Regards, > > Thierry > > > On 24 Mar 2013, at 18:12, Tigran Petrosyan wrote: > >> Hi >> We are going to implement the "Dovecot" for 1 million users. We are going >> to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 >> via (Fibre Channel storage). >> Can someone help to make decision? What kind of storage solution we can use >> to achieve good performance and scalability. From lists at wildgooses.com Thu Mar 28 22:44:02 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Mar 2013 20:44:02 +0000 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <5151A4F5.3090706@softjury.de> References: <5151A4F5.3090706@softjury.de> Message-ID: <5154AB92.9020700@wildgooses.com> On 26/03/2013 13:39, Jan Phillip Greimann wrote: > Hi there, > > I read an article about dovecot 2.2, which includes the LEMONADE > extensions, and was fascinated about the feature "Forward without > download". We have a small internet-uplink in our office and our CEO > loves to receive mails with large attachments, he also reply/forward > it, so every time the full attachments get downloaded and uploaded > again. Now the question is: Is LEMONADE supported by > desktop-mailclients like thunderbird or just mobile Clients? (Google > said nothing to this, maybe searched the wrong words) > > I hope someone can help me with this. Which client are you using? My understanding is that you will need an SMTP server which supports such a feature. Apple patch Postfix to support this using the BURL extension, however, for whatever reason the patch has not been picked up by Postfix: http://www.opensource.apple.com/source/postfix/postfix-229/patches/burl.patch I think it would be worth rattling the postfix list to see if it could be reviewed Note, my favourite solution would be a new RFC which triggers Dovecot to pass to SMTP a specified message from a specified folder. This would then mean you can use all the IMAP features to compose your message on the server, probably bypassing lots of downloading. Further it would mean no duplicated data when moving the message to the Sent Folder since such an operation would be all done and tracked via IMAP. So you would compose the message in "Outbox", ask Dovecot to send it, then (possibly atomically) move it to Sent folder. However, a) there is no such RFC and b) there is no client mailer which supports it. I think Apple might be the people to rattle to get such an idea off the ground though - they seem to have the desire to make it happen (add in K9 developers and submit a patch to Mozilla and at least there would be basic groundwork...) Cheers Ed W From tss at iki.fi Fri Mar 29 00:10:52 2013 From: tss at iki.fi (Timo Sirainen) Date: Fri, 29 Mar 2013 00:10:52 +0200 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <5154AB92.9020700@wildgooses.com> References: <5151A4F5.3090706@softjury.de> <5154AB92.9020700@wildgooses.com> Message-ID: <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> On 28.3.2013, at 22.44, Ed W wrote: > My understanding is that you will need an SMTP server which supports such a feature. Apple patch Postfix to support this using the BURL extension, however, for whatever reason the patch has not been picked up by Postfix: > > http://www.opensource.apple.com/source/postfix/postfix-229/patches/burl.patch > > I think it would be worth rattling the postfix list to see if it could be reviewed Wietse mentioned a few months ago he's looking into it. I don't know what happend since. Also there's a good chance that Dovecot v2.3 will have an SMTP submission server with BURL support (that will simply forward the mail to a real SMTP server). From lists at wildgooses.com Fri Mar 29 00:35:01 2013 From: lists at wildgooses.com (Ed W) Date: Thu, 28 Mar 2013 22:35:01 +0000 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> References: <5151A4F5.3090706@softjury.de> <5154AB92.9020700@wildgooses.com> <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> Message-ID: <5154C595.1070007@wildgooses.com> On 28/03/2013 22:10, Timo Sirainen wrote: > On 28.3.2013, at 22.44, Ed W wrote: > >> My understanding is that you will need an SMTP server which supports such a feature. Apple patch Postfix to support this using the BURL extension, however, for whatever reason the patch has not been picked up by Postfix: >> >> http://www.opensource.apple.com/source/postfix/postfix-229/patches/burl.patch >> >> I think it would be worth rattling the postfix list to see if it could be reviewed > Wietse mentioned a few months ago he's looking into it. I don't know what happend since. > > Also there's a good chance that Dovecot v2.3 will have an SMTP submission server with BURL support (that will simply forward the mail to a real SMTP server). > If you know any Apple devs, then consider running some kind of "submit message xx to SMTP" extension past them? It seems to be a far better solution than BURL and all the other workarounds and completely solves the Sent Items duplicate transmission, etc Cheers Ed W From stephan at rename-it.nl Fri Mar 29 01:48:44 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Fri, 29 Mar 2013 00:48:44 +0100 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> References: <5151A4F5.3090706@softjury.de> <5154AB92.9020700@wildgooses.com> <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> Message-ID: <5154D6DC.40306@rename-it.nl> On 3/28/2013 11:10 PM, Timo Sirainen wrote: > On 28.3.2013, at 22.44, Ed W wrote: > > Also there's a good chance that Dovecot v2.3 will have an SMTP submission server with BURL support (that will simply forward the mail to a real SMTP server). A few weeks back I gave this a look and I made a functional prototype of that already. I'll commit it to my patch repository in a week or so. Regards, Stephan. From number100 at gmx.de Fri Mar 29 02:18:13 2013 From: number100 at gmx.de (Michael) Date: Fri, 29 Mar 2013 01:18:13 +0100 Subject: [Dovecot] 3 node setup without cluster filesystem Message-ID: <5154DDC5.1010309@gmx.de> Hi everyone, short version: Is there any 3 host (two MX and one frontend IMAP) that can use a shared (iSCSI) ext4 volume? Long version: I am running a very complex setup right now with two MX, two proxies(lmtp/imap)/imap-frontends and two backends mounting an ocfs2 volume. I would like to reduce the complexity (and the number of hosts) and get rid of ocfs2. I ask myself if I can use an ext4 iSCSI-LUN using this setup: MX01 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail MX02 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail IMAP01 (imap) -> mail_home: /var/mail Regards Michael From daniel.parthey at informatik.tu-chemnitz.de Fri Mar 29 02:43:00 2013 From: daniel.parthey at informatik.tu-chemnitz.de (Daniel Parthey) Date: Fri, 29 Mar 2013 01:43:00 +0100 Subject: [Dovecot] 3 node setup without cluster filesystem In-Reply-To: <5154DDC5.1010309@gmx.de> References: <5154DDC5.1010309@gmx.de> Message-ID: <20130329004300.GA28243@daniel.localdomain> Michael wrote: > short version: Is there any 3 host (two MX and one frontend IMAP) that > can use a shared (iSCSI) ext4 volume? No. iSCSI exports a block device from one host to another single host. > Long version: > I am running a very complex setup right now with two MX, two > proxies(lmtp/imap)/imap-frontends and two backends mounting an > ocfs2 volume. > > I would like to reduce the complexity (and the number of hosts) and > get rid of ocfs2. I ask myself if I can use an ext4 iSCSI-LUN using > this setup: > > MX01 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail > MX02 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail > IMAP01 (imap) -> mail_home: /var/mail You cannot mount an iSCSI device simultaneously from different hosts without using any locking/cluster filesystems. Otherwise you would risk corrupting your ext4 filesystem. Use NFSv4, DRBD or any other clustering mechanisms to provide high availability while preserving data integrity. Regards Daniel -- https://plus.google.com/103021802792276734820 From kuizhang at gmail.com Fri Mar 29 05:46:01 2013 From: kuizhang at gmail.com (Kui Zhang) Date: Thu, 28 Mar 2013 20:46:01 -0700 Subject: [Dovecot] 3 node setup without cluster filesystem In-Reply-To: <20130329004300.GA28243@daniel.localdomain> References: <5154DDC5.1010309@gmx.de> <20130329004300.GA28243@daniel.localdomain> Message-ID: On Thu, Mar 28, 2013 at 5:43 PM, Daniel Parthey < daniel.parthey at informatik.tu-chemnitz.de> wrote: > Michael wrote: > > short version: Is there any 3 host (two MX and one frontend IMAP) that > > can use a shared (iSCSI) ext4 volume? > > No. iSCSI exports a block device from one host to another single host. > > No, you can export iSCSI to multiple host. > > Long version: > > I am running a very complex setup right now with two MX, two > > proxies(lmtp/imap)/imap-frontends and two backends mounting an > > ocfs2 volume. > > > > I would like to reduce the complexity (and the number of hosts) and > > get rid of ocfs2. I ask myself if I can use an ext4 iSCSI-LUN using > > this setup: > > > > MX01 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail > > MX02 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail > > IMAP01 (imap) -> mail_home: /var/mail > > You cannot mount an iSCSI device simultaneously from different hosts > without using any locking/cluster filesystems. Otherwise you would > risk corrupting your ext4 filesystem. > > Use NFSv4, DRBD or any other clustering mechanisms to provide > high availability while preserving data integrity. > > Regards > Daniel > -- > https://plus.google.com/103021802792276734820 > Problem is ext4, It is not a cluster file system, as far as I know. So, it does not coordinate file locking, across multiple nodes. It would result corruptions. You could get it down to 2 nodes, with drbd and any non cluster file system. Since only one node, that does the I/O. Any file system would work. I like xfs better than ext4. mx01 -> lmtp: tcp (vip) / (dovecot imap) -> mail_home mx02 / Google for "mysql drbd pacemaker". The configs are similar. Kui.Z From stan at hardwarefreak.com Fri Mar 29 07:23:37 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 29 Mar 2013 00:23:37 -0500 Subject: [Dovecot] Please help to make decision In-Reply-To: <5154A948.3010503@wildgooses.com> References: <5154A948.3010503@wildgooses.com> Message-ID: <51552559.6060308@hardwarefreak.com> On 3/28/2013 3:34 PM, Ed W wrote: > I believe a variation on that theme is also to "double" each machine > using DRBD so that machines are arranged in pairs. One can fail and the > other will take over the load. ie each pair of machines mirrors the > storage for the other. With this arrangement only warm failover is > usually required and hence DRBD can run in async mode and performance > impact is low This is an active/passive setup, and doubles your hardware costs across the board, with no parallel performance gain. This is not financially feasible for 1M users. Going active/active would be better as you can cut in half the number of server nodes required. But here you must use a cluster filesystem, and you're still buying double the quantity of disks that are needed. At this scale it is much more cost effective to acquire 4 midrange FC/iSCSI SAN heads with 120x 15K 600GB SAS drives each, 480 total. With RAID10 you get 144TB net capacity. An active/active DRBD solution would require 960 drives instead of 480 for the same net storage and IOPS. These drives run about $400 USD in such a bulk purchase depending on vendor. That's an extra ~$192,0000 wasted on drives. Not to mention all the extra JBOD chassis required, and more importantly the extra power/cooling cost. You can obtain 4 low frills high performance midrange SAN heads for quite a bit less than that $192,000. The Nexsan E60 comes to mind. Four FC SAN heads each with dual active/active controllers and four 8Gb FC ports plus four expansion chassis, w/480x 600GB 15K drives in 32U, leaving 8U at the bottom of the rack for the 10KVA UPS needed to power them. -- Stan From stan at hardwarefreak.com Fri Mar 29 07:48:10 2013 From: stan at hardwarefreak.com (Stan Hoeppner) Date: Fri, 29 Mar 2013 00:48:10 -0500 Subject: [Dovecot] Please help to make decision In-Reply-To: <5154A948.3010503@wildgooses.com> References: <5154A948.3010503@wildgooses.com> Message-ID: <51552B1A.1070306@hardwarefreak.com> > On 25/03/2013 18:47, Thierry de Montaudry wrote: >> This is just my experience, it might not be the best, but with the >> (limited) budget we had, we finally came up with a solutions that can >> handle the load and got us away from SAN systems which could never >> handle the IOs for mail access. Just for the sake of it, our storage >> machines only have each 4 x 1T SATA drives in RAID 10, and 16G of mem, >> which I've been told would never do the job, but it just works. Thanks >> Timo. With only 48 effective 7.2k data spindles and 1M users, this would tend to suggest that only a tiny fraction of your users are logged in and performing IOs at any point in time. Number of active sessions dictates IOPS requirements, not total #mailboxes, and the former may be drastically different between these two 1M user sites. If 500K of your 1M users were logged in concurrently via webmail I'd guess the heads of those 96 drives would hit their peak seek rate instantly and remain there, and iowait would go through the roof. My previous posts in this thread make the assumption that the worst case scenario to architect for is 500K logged in active IMAP users at a given PIT. -- Stan From mastertoilet at netzero.net Fri Mar 29 09:11:25 2013 From: mastertoilet at netzero.net (mastertoilet at netzero.net) Date: Fri, 29 Mar 2013 07:11:25 GMT Subject: [Dovecot] about maildirsize not updating Message-ID: <20130329.001125.24546.0@webmail02.dca.untd.com> Hi. i am currently using roundcube my webmail and configure using dovecot quota plugins. but it seems to not be updating the maildirsize when new mails comes.Deleting the maildirsize will recreate the files correctly.Is there any solutions to this problem with dovecot. ____________________________________________________________ How to Sleep Like a Rock Obey this one natural trick to fall asleep and stay asleep all night. http://thirdpartyoffers.netzero.net/TGL3231/51553ef81818d3ef72750st04duc From goktug.yildirim at gmail.com Fri Mar 29 11:31:18 2013 From: goktug.yildirim at gmail.com (Goktug YILDIRIM) Date: Fri, 29 Mar 2013 11:31:18 +0200 Subject: [Dovecot] Cassandra support Message-ID: Hi, I've read some previous threads about Cassandra support. In a message at April 2012 it was written that it would take a few hours after doing some internal stuff. http://dovecot.markmail.org/search/?q=cassandra#query:cassandra%20order%3Adate-backward+page:1+mid:emfxwl4fdrnrhkn7+state:results I wonder if there have been a progress since then? Or a better alternative came up? -- Goktug From asai at globalchangemusic.org Fri Mar 29 16:11:01 2013 From: asai at globalchangemusic.org (Asai) Date: Fri, 29 Mar 2013 07:11:01 -0700 Subject: [Dovecot] Restoring Mails via DSync Message-ID: <5155A0F5.9000701@globalchangemusic.org> Greetings, Can anyone give me a quick pointer to the right command to use for restoring backups made by dsync? I have our whole mail server backed up with it, but not sure how to restore... Any help would be greatly appreciated. -- --Asai From rob0 at gmx.co.uk Fri Mar 29 16:45:16 2013 From: rob0 at gmx.co.uk (/dev/rob0) Date: Fri, 29 Mar 2013 09:45:16 -0500 Subject: [Dovecot] Postfix/Dovecot/lmtp with virtual and local users In-Reply-To: <514C29FD.9060300@cryptix.de> References: <514B14CE.5040409@cryptix.de> <1363942136.13923.48.camel@innu> <514C29FD.9060300@cryptix.de> Message-ID: <20130329144516.GO3672@harrier.slackbuilds.org> I'm interested in this as well, and having looked over the wiki2 pages on LDA and LMTP, and the files conf.d/15-lda.conf and conf.d/20-lmtp.conf to which they refer, I still don't see how the lmtpd knows a given user at domain is a system user. For virtual domains, I guess the assumption is that the Dovecot username is user at domain. (Even that assumption is not necessarily valid; there is no requirement to format virtual usernames that way.) The closest I can find is "hostname" in 15-lda.conf, but that does not really say anything about it being used to identify a system user. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: From daniel at dlutt.de Fri Mar 29 17:45:16 2013 From: daniel at dlutt.de (Daniel Luttermann) Date: Fri, 29 Mar 2013 16:45:16 +0100 Subject: [Dovecot] dovecot v-2.0, postfix+mysql configuration issue. In-Reply-To: References: Message-ID: <1234485632.20130329164516@dlutt.de> On 2013-03-28, Vimuth wrote: > echo test | mail vimuth at mydomain.rock > [root at box1 ~]# tail -f /var/log/maillog > Mar 26 07:00:44 box1 dovecot: auth: Error: sql(vimuth at mydomain.rock): User > query failed: Table 'mailserver.users' doesn't exist (using built-in > default user_query: SELECT home, uid, gid FROM users WHERE username = '%n' > AND domain = '%d') > Mar 26 07:00:44 box1 dovecot: lda: Error: user vimuth at mydomain.rock: Auth > USER lookup failed > Mar 26 07:00:44 box1 dovecot: lda: Fatal: Internal error occurred. Refer to > server log for more information. Dovecot needs to know if the user exists and where the mails should be saved. You can use a dedicated user lookup query like SELECT home, uid, gid FROM users WHERE userid = '%u' or you can use a static userdb. See: http://wiki2.dovecot.org/UserDatabase/Static But it's also possible to combine passdb and userdb into a single lookup. This is explained here: http://wiki2.dovecot.org/UserDatabase/Prefetch Because you're using virtual users you'll find other useful informations here: http://wiki2.dovecot.org/VirtualUsers I guess you could start with a static userdb like userdb { driver = static args = uid=vmail gid=vmail home=/var/mail/%d/%n } In this example, mails are saved in /var/mail/domain/username. -- Daniel From ben at morrow.me.uk Fri Mar 29 18:37:07 2013 From: ben at morrow.me.uk (Ben Morrow) Date: Fri, 29 Mar 2013 16:37:07 +0000 Subject: [Dovecot] Restoring Mails via DSync In-Reply-To: <5155A0F5.9000701@globalchangemusic.org> References: <5155A0F5.9000701@globalchangemusic.org> Message-ID: <20130329163707.GC2335@anubis.morrow.me.uk> At 7AM -0700 on 29/03/13 you (Asai) wrote: > > Can anyone give me a quick pointer to the right command to use for > restoring backups made by dsync? I have our whole mail server backed up > with it, but not sure how to restore... Any help would be greatly > appreciated. I would have thought you want to use exactly the dsync command you used to take the backup, but with -R (or without it, if you were using it before). Ben From asai at globalchangemusic.org Fri Mar 29 18:49:09 2013 From: asai at globalchangemusic.org (Asai) Date: Fri, 29 Mar 2013 09:49:09 -0700 Subject: [Dovecot] Restoring Mails via DSync In-Reply-To: <20130329163707.GC2335@anubis.morrow.me.uk> References: <5155A0F5.9000701@globalchangemusic.org> <20130329163707.GC2335@anubis.morrow.me.uk> Message-ID: <5155C605.3030604@globalchangemusic.org> Awesome, Ben. Thanks. --Asai On 3/29/2013 9:37 AM, Ben Morrow wrote: > At 7AM -0700 on 29/03/13 you (Asai) wrote: >> Can anyone give me a quick pointer to the right command to use for >> restoring backups made by dsync? I have our whole mail server backed up >> with it, but not sure how to restore... Any help would be greatly >> appreciated. > I would have thought you want to use exactly the dsync command you used > to take the backup, but with -R (or without it, if you were using it > before). > > Ben > From CMarcus at Media-Brokers.com Fri Mar 29 19:28:34 2013 From: CMarcus at Media-Brokers.com (Charles Marcus) Date: Fri, 29 Mar 2013 13:28:34 -0400 Subject: [Dovecot] Dovecot 2.2 & LEMONADE extensions In-Reply-To: <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> References: <5151A4F5.3090706@softjury.de> <5154AB92.9020700@wildgooses.com> <55A02E03-42A8-4DF6-9A5B-7168AA530BF8@iki.fi> Message-ID: <5155CF42.7020005@Media-Brokers.com> On 2013-03-28 6:10 PM, Timo Sirainen wrote: > Also there's a good chance that Dovecot v2.3 will have an SMTP > submission server with BURL support (that will simply forward the mail > to a real SMTP server). Awesome to hear Timo, thanks! -- Best regards, Charles From mailmgnt at malteswart.de Sat Mar 30 02:12:40 2013 From: mailmgnt at malteswart.de (Malte Swart) Date: Sat, 30 Mar 2013 01:12:40 +0100 Subject: [Dovecot] 3 node setup without cluster filesystem In-Reply-To: <5154DDC5.1010309@gmx.de> References: <5154DDC5.1010309@gmx.de> Message-ID: <1990966.10oUJaz2H0@falcon> On Friday 29 March 2013 01:18:13 Michael wrote: > short version: Is there any 3 host (two MX and one frontend IMAP) that > can use a shared (iSCSI) ext4 volume? > > Long version: > I am running a very complex setup right now with two MX, two > proxies(lmtp/imap)/imap-frontends and two backends mounting an > ocfs2 volume. > > I would like to reduce the complexity (and the number of hosts) and > get rid of ocfs2. I ask myself if I can use an ext4 iSCSI-LUN using > this setup: You could manage the mailboxes only on one machine with using lmtp over network (http://wiki2.dovecot.org/LMTP): > MX01 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail MX01 -> lmtp:inet::24 -> IMAP01-> mail_home: /var/mail > MX02 -> lmtp:unix:private/dovecot-lmtp -> mail_home: /var/mail MX02 -> lmtp:inet::24 -> IMAP01-> mail_home: /var/mail > IMAP01 (imap) -> mail_home: /var/mail So only one node accesses the mail storage and every filesystem should work. Bye Malte. From ramesh25 at gmail.com Sat Mar 30 03:03:50 2013 From: ramesh25 at gmail.com (Ramesh Natarajan) Date: Fri, 29 Mar 2013 20:03:50 -0500 Subject: [Dovecot] Custom Headers/Flags Support in dovecot Message-ID: I am currently trying to evaluate if I can use dovecot to be used for my imap server like application. This is not an email application but a generic storage server that uses IMAP protocol to save and retrieve messages. The messages have standard From/To/Date headers and a lot of custom headers for threading conversations e.t.c. As a part of my application requirements I also need to support custom flags and have ability to set/change/retrieve them via IMAP. 1) Does Dovecot support custom flags to be set/changed/retrieved? 2) I understand dovecot optimizes standard RFC822 headers and flags in cache/index files for faster lookups and searches. Does custom headers and flags fall into this optimization algorithm? 3) I am planning to support multiple users and each mailbox may have upto 1000 folders. Each folder may have an average of 20 MIME encoded messages. I am planning to use local storage with single-dbox format. Do you see any issues with this? thanks Ramesh From bind at enas.net Sat Mar 30 14:43:54 2013 From: bind at enas.net (Urban Loesch) Date: Sat, 30 Mar 2013 13:43:54 +0100 Subject: [Dovecot] Please help to make decision In-Reply-To: References: Message-ID: <5156DE0A.3050803@enas.net> Hi, we have similar setup like Thierry, but not so big. Only 40k users and 1,2T of used space. Only 300 concurrent POP3 and 1600 IMAP sessions. Imap is increasing continously. Due to the fact that we have a low budget we impelented the following small solution. - 2 static IMAP/POP3 Proxies (no director) load balanced with the well known CLUSTERIP module from iptables (poors man loadbalancing, but works only in layer 2 envirmonments. Works great for our needs and would be scalable too) - 2 static SMTP relayservers load balanced the same way as above. - 4 storage machines in active/passive setup with DRBD on top of LVM2. On each active node are running 4-5 virtual containers (based on http://linux-vserver.org). All 40k accounts a spread on this 8 containers. This has the advantage to quickly move the hole container from one storage machine to another wihout dsync if there is not enough space on some node. - 2 Mysql master/master containers to store userinformation which then are be cached by dovecot itself. This extremly reduces database load. All servers (proxies, relayserver dovecot, mysql are containers). So we can move them around on different hardware without changing any configuration. But this happens rarely. Dovecot uses mdbox storage format with compression enabled. No problems yet. Index and mdbox files are stored on different mount points. This gives us the chance to move them easily to different spindles if we need. In the future we plan to store indexes on SSD's and mdbox files on SATA drives, as in fact the main IO happens on index files and the use of disk space is increasing. As mentioned above, this is not a big setup, but for our needs it works very good and stable. Helps us to save money and problems with NFS and SAN's, etc. And it can be scaled out very easy. Regards Urban Am 25.03.2013 19:47, schrieb Thierry de Montaudry: > Hi Tigran, > > Managing a mail system for 1M odd users, we did run for a few years on some high range SAN system (NetApp, then EMC), but were not happy with the performance, whatever double head, fibre, and so on, it just couldn't handle the IOs. I must just say that at this time, we were not using dovecot. > > Then we moved to a completely different structure: 24 storage machines (plain CentOS as NFS servers), 7 frontend (webmail through IMAP + POP3 server) and 5 MXs, and all front end machines running dovecot. That was a major change in the system performances, but not happy yet with the 50T total storage we had. Having huge traffic between front end machine and storage, and at this time, I was not sure the switches were handling the load properly. Not talking about the load on the front end machine which some times needed a hard reboot to recover from NFS timeouts. Even after trying some heavy optimizations all around, and particularly on NFS. > > Then we did look at the Dovecot director, but not sure how it would handle 1M users, we moved to the proxy solution: we are now running dovecot on the 24 storage machines, our webmail system connecting with IMAP to the final storage machine, as well as the MXs with LMTP, we only use dovecot proxy for the POP3 access on the 7 front end machines. And I must say, what a change. Since then the system is running smoothly, no more worries about NFS timeouts and the loadavg on all machine is down to almost nothing, as well as the internal traffic on the switches and our stress. And most important, the feed back from our users told us that we did the right thing. > > Only trouble: now and then we have to move users around, as if a machine gets full, the only solution is to move data to one that has more space. But this is achieved easily with the dsync tool. > > This is just my experience, it might not be the best, but with the (limited) budget we had, we finally came up with a solutions that can handle the load and got us away from SAN systems which could never handle the IOs for mail access. Just for the sake of it, our storage machines only have each 4 x 1T SATA drives in RAID 10, and 16G of mem, which I've been told would never do the job, but it just works. Thanks Timo. > > Hoping this will help in your decision, > > Regards, > > Thierry > > > On 24 Mar 2013, at 18:12, Tigran Petrosyan wrote: > >> Hi >> We are going to implement the "Dovecot" for 1 million users. We are going >> to use more than 100T storage space. Now we examine 2 solutions NFS or GFS2 >> via (Fibre Channel storage). >> Can someone help to make decision? What kind of storage solution we can use >> to achieve good performance and scalability. > From goktug.yildirim at gmail.com Sat Mar 30 19:45:37 2013 From: goktug.yildirim at gmail.com (=?utf-8?Q?G=C3=B6ktu=C4=9F_Y=C4=B1ld=C4=B1r=C4=B1m?=) Date: Sat, 30 Mar 2013 19:45:37 +0200 Subject: [Dovecot] Cassandra support In-Reply-To: References: Message-ID: <7AD9FBDD-1AEB-451C-998E-22125FF3D6C7@gmail.com> Hi all, I hope to find a direction in my very first e-mail to dovecot mailing list :) Thanks in advance, On Mar 29, 2013, at 11:31 AM, Goktug YILDIRIM wrote: > Hi, > > I've read some previous threads about Cassandra support. In a message at April 2012 it was written that it would take a few hours after doing some internal stuff. http://dovecot.markmail.org/search/?q=cassandra#query:cassandra%20order%3Adate-backward+page:1+mid:emfxwl4fdrnrhkn7+state:results > > I wonder if there have been a progress since then? Or a better alternative came up? > > -- Goktug > > From tss at iki.fi Sun Mar 31 11:16:43 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:16:43 +0300 Subject: [Dovecot] loop when I enable In-Reply-To: <20130321155546.1a57a4c5@itxnew.bitcorner.intern> References: <20130321155546.1a57a4c5@itxnew.bitcorner.intern> Message-ID: On 21.3.2013, at 16.55, Andreas Meyer wrote: > The problem occurs when I add the following to dovecot.conf: > > quota_warning = storage=95%% quota-warning 95 %u > quota_warning2 = storage=80%% quota-warning 80 %u > quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota > > The script executed looks like this: > > #!/bin/sh > PERCENT=$1 > USER=$2 > cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=maildir:User quota:noenforcing" Just because quota isn't enforced, it doesn't mean that the quota warnings aren't executed. You need to disable quota entirely (e.g. -o plugin/quota= might work, although it requires a somewhat new version). From tss at iki.fi Sun Mar 31 11:20:14 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:20:14 +0300 Subject: [Dovecot] dsync mirror to convert from mbox (1.2x) to mdbox (2.2) In-Reply-To: <514B8A46.4040309@pacific.net> References: <514B8A46.4040309@pacific.net> Message-ID: <1283426C-DABB-4227-8A56-1980C8F6825F@iki.fi> On 22.3.2013, at 0.31, Ken A wrote: > I'm converting mail from mbox to mdbox. > I've copied mail over to a new system, and now I'm running dsync like this: > > dsync -u username mirror > mbox:/folder_location/username:INBOX=/inbox_location/username > > That seemed to work, with a couple minor errors: > >> dsync(username): Warning: Our dotlock file /mail_location/username.lock was deleted (locked 20 secs ago, touched 20 secs ago) >> dsync(username): Error: file_dotlock_delete() failed with mbox file /mail_location/username: No such file or directory > > Do I also need to specify where dovecot's indexes are for the old mbox > files, or is this not needed for mbox conversions (when they are the > source)? Indexes aren't required, but looks like it takes a while to run dsync and you have another process that decides 20 seconds is long enough for a timeout and deletes the lock. Indexes would make it somewhat faster. Do you have mbox_dotlock_change_timeout=20? That's too low. From tss at iki.fi Sun Mar 31 11:26:06 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:26:06 +0300 Subject: [Dovecot] ACL for root-level mailboxes In-Reply-To: <1364263099.67196.YahooMailRC@web184703.mail.ne1.yahoo.com> References: <1364263099.67196.YahooMailRC@web184703.mail.ne1.yahoo.com> Message-ID: <8231873E-38AE-4FF1-ADA6-CACD5B15AC98@iki.fi> On 26.3.2013, at 3.58, Bradley Rintoul wrote: > I see in the documentation where it says that if mailboxes are created at the > root level it will use the namespace's default ACL. I'm using Dovecot 2.0.9 so > there is no default namespace defined, so I'm a bit handicapped here... Anyway, > assuming I can figure out how to define a default namespace, how do I specify > its ACL? Where would the file describing the access go? I'm not sure if it works in v2.0.9 at all. But if it does, you'll simply need to create dovecot-acl file to the mailbox directory root (e.g. /path/to/Maildir/dovecot-acl). From tss at iki.fi Sun Mar 31 11:29:49 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:29:49 +0300 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: <5152B2B0.5090303@taunusstein.net> References: <5152B2B0.5090303@taunusstein.net> Message-ID: On 27.3.2013, at 10.49, Christian Felsing wrote: > I would like to set up a Dovecot based mail system which uses X.509 > Client Certificates for authentication. A webmail system based on Horde5 > should use Dovecot as backend. .. > Unfortunately Dovecot does not support different authentication methods > on different IP addresses or ports. This does not work: > > remote 192.168.116.28/32 { > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = yes > disable_plaintext_auth = no > ssl = yes > > } > > Result is "doveconf: Fatal: Error in configuration file > /opt/dovecot-2.2.rc3/etc/dovecot/conf.d/10-auth.conf line 103: Auth > settings not supported inside local/remote blocks: > auth_ssl_require_client_cert" Right. Would be nice to support at some point, but not that easy to implement. > Is there any way to turn off client certs for specific local or remote > IP addresses? In your passdb you can use %r = remote IP and %k = certificate valid to figure out if the user is allowed or not. For example with SQL passdb that would be possible, or checkpassword. http://wiki2.dovecot.org/Variables From tss at iki.fi Sun Mar 31 11:34:07 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:34:07 +0300 Subject: [Dovecot] Separate log file for Sieve In-Reply-To: <515308E7.30302@fun.de> References: <515308E7.30302@fun.de> Message-ID: <1737C450-3E98-4190-B70E-3EDCD8011383@iki.fi> On 27.3.2013, at 16.57, Ewald Dieterich wrote: > log_path = /var/log/dovecot/error.log > info_log_path = /var/log/dovecot/info.log > debug_log_path = /var/log/dovecot/debug.log > > to log to different files. > > Since I don't consider Sieve errors as severe as "real" Dovecot errors I would like to keep them away from the error log. > > Is it possible to configure a separate log file for Sieve? No, unless you use some syslog feature. There are some plans to reduce the number of errors that Sieve logs though. You could put all the LDA messages to a different log file though: protocol lda { log_path = /var/log/dovecot/lda.log } From tss at iki.fi Sun Mar 31 11:41:08 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:41:08 +0300 Subject: [Dovecot] Managesieve Automatic Homedir Creation: File not Found Error In-Reply-To: <34614.212.25.21.114.1364402993.squirrel@mail2.prologon.ch> References: <34614.212.25.21.114.1364402993.squirrel@mail2.prologon.ch> Message-ID: On 27.3.2013, at 18.49, linuxer at netsteps.ch wrote: > I'm running dovecot version 2.0.19 (Ubuntu 12.04) and I discovered some > unexpected behaviour related to the Dovecot managesieve module. When > connecting to the managesieve service from a client for the first time > (e.g. roundcube webmail), I get an application error. This is logged by > Dovecot: > > Error: sieve-storage: > opendir(/var/.../exampledomain/exampleuser at exampledomain//sieve) failed: > No such file or directory. I think there's a good chance of this being fixed in a newer version. I'd try with v2.1 before spending more time on it. (Although I couldn't reproduce this with v2.0 + latest pigeonhole either.) From tss at iki.fi Sun Mar 31 11:44:20 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:44:20 +0300 Subject: [Dovecot] Conversion from Evolution maildir to imap In-Reply-To: References: Message-ID: On 28.3.2013, at 10.51, Paul van der Vlis wrote: > A customer has a thin-client server with 100+ homedirs with Evolution. > They are using POP3 and maildir. Now I want to switch to IMAP. > > Can I use Dovecot on this maildirs, or does Evolution use another kind > of maildir? I'm guessing it uses Dovecot's :LAYOUT=fs directory structure. > Does Dovecot change anything in the maildirs? > > Do I loose my flags this way, like "read" ? I'm not sure, depends on if Evolution stored the flags to maildir filenames. I'm guessing it doesn't, so you'd lose flags. > Normally I am using Cyrus IMAP. What I want to do is to install Dovecot > to have access to the mail over IMAP because Dovecot can do maildir > (Cyrus cannot). Then I can use imapsync to sync everything to Cyrus. > Do you think that's a good idea? The best way in any case would be to simply configure the new IMAP account to Evolution and copy the messages there using Evolution itself. From tss at iki.fi Sun Mar 31 11:48:16 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:48:16 +0300 Subject: [Dovecot] Virtual - thread refs for labeled message In-Reply-To: <51546352.1010109@eurocar.pl> References: <51546352.1010109@eurocar.pl> Message-ID: <48F9031C-1423-4B1E-85F6-9426917CB74B@iki.fi> On 28.3.2013, at 17.35, ?ukasz wrote: > Hi > > I hope you will understand my problem. > I want to make virtual folder called "Virtual/label1-threads". This folder should have: > 1. messages labeled fe. $label1 from INBOX > and > 2. messages from Sent folder inthread refs with those labeled. > > message1 <-- $label1 INBOX > |----message2 <- Sent > ------|-----message3 <- INBOX > ..... > > Can anyone help me with this? INBOX Sent inthread refs x-mailbox INBOX keyword $label1 Unfortunately currently you'll currently have trouble automatically removing any threads if you unset the $label1. You'd have to delete the dovecot.index* files so it gets rebuilt. Or alternatively use INDEX=MEMORY for the virtual mailbox so it never gets saved, but that's of course slower. From tss at iki.fi Sun Mar 31 11:49:41 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:49:41 +0300 Subject: [Dovecot] about maildirsize not updating In-Reply-To: <20130329.001125.24546.0@webmail02.dca.untd.com> References: <20130329.001125.24546.0@webmail02.dca.untd.com> Message-ID: <1E4184AC-6C82-4F74-9443-B564EA3099B1@iki.fi> On 29.3.2013, at 9.11, mastertoilet at netzero.net wrote: > i am currently using roundcube my webmail and configure using dovecot quota plugins. but it seems to not be updating the maildirsize when new mails comes.Deleting the maildirsize will recreate the files correctly.Is there any solutions to this problem with dovecot. Either you're not using dovecot-lda to deliver the mails, or you haven't configured quota plugin correctly for it. dovecot -n output and logs about a mail delivery would help. From tss at iki.fi Sun Mar 31 11:53:29 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 11:53:29 +0300 Subject: [Dovecot] Postfix/Dovecot/lmtp with virtual and local users In-Reply-To: <514C29FD.9060300@cryptix.de> References: <514B14CE.5040409@cryptix.de> <1363942136.13923.48.camel@innu> <514C29FD.9060300@cryptix.de> Message-ID: <847AC10A-AF94-4320-8BE8-8237D11EC6E8@iki.fi> On 22.3.2013, at 11.53, David Obando wrote: > Timo Sirainen schrieb am 22.03.2013 09:48: >> Maybe. Depends on your Dovecot version and passdb/userdb >> configuration. So, doveconf -n output? > I use version 2.1.7 from the backports repo on Debian Squeeze. > > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > passdb { > driver = pam > } Nope, you can't currently do "user at domain" auth for sql and "user" for PAM. You could try using passdb checkpassword instead though, which allows you to script it any way you want. > userdb { > args = /etc/dovecot/dovecot-sql.conf.ext > driver = sql > } > userdb { > driver = passwd > } Also userdb passwd can't do that. I've thought of adding a generic passdb/userdb { auth_username_format } setting, but that doesn't exist yet. Would be easy to do though.. From tss at iki.fi Sun Mar 31 12:03:35 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 12:03:35 +0300 Subject: [Dovecot] Custom Headers/Flags Support in dovecot In-Reply-To: References: Message-ID: <1D3AE06B-359B-4849-A8E3-D727A327D05C@iki.fi> On 30.3.2013, at 3.03, Ramesh Natarajan wrote: > I am currently trying to evaluate if I can use dovecot to be used for my > imap server like application. This is not an email application but a > generic storage server that uses IMAP protocol to save and retrieve > messages. > > The messages have standard From/To/Date headers and a lot of custom headers > for threading conversations e.t.c. As a part of my application > requirements I also need to support custom flags and have ability to > set/change/retrieve them via IMAP. > > 1) Does Dovecot support custom flags to be set/changed/retrieved? Custom flags, yes. But note that they are intended to be just flags that are used by multiple messages, i.e. it's not a good idea to create new unique flags for different emails. I wouldn't be very comfortable in adding more than about 100 different flags (per folder), although Dovecot could probably handle thousands (by wasting memory and CPU unnecessarily). > 2) I understand dovecot optimizes standard RFC822 headers and flags in > cache/index files for faster lookups and searches. Does custom headers and > flags fall into this optimization algorithm? Dovecot adds to cache file those headers that are requested by the client. Initially nothing is cached (and nothing will be if client doesn't request them). So only IMAP FETCH[HEADER.FIELDS (..)] or FETCH ENVELOPE or SEARCH HEADER xx and such will add the header to cache file. Flags are always in the index file. > 3) I am planning to support multiple users and each mailbox may have upto > 1000 folders. Each folder may have an average of 20 MIME encoded > messages. I am planning to use local storage with single-dbox format. Do > you see any issues with this? You can only change headers by creating a new message and deleting the old one. Sounds like IMAP ANNOTATE extension is what you're really after, but Dovecot doesn't support that yet. Dovecot does have IMAP METADATA plugin though, which allows setting key=value pairs to folders. Dovecot v2.2 will maybe have that natively implemented as well. It might be possible to use that as a base for implementing ANNOTATE extension too.. From tss at iki.fi Sun Mar 31 12:13:14 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 12:13:14 +0300 Subject: [Dovecot] Cassandra support In-Reply-To: References: Message-ID: <905BC55A-F878-4FE7-81D0-F023B52C0985@iki.fi> On 29.3.2013, at 11.31, Goktug YILDIRIM wrote: > I've read some previous threads about Cassandra support. In a message at > April 2012 it was written that it would take a few hours after doing some > internal stuff. > http://dovecot.markmail.org/search/?q=cassandra#query:cassandra%20order%3Adate-backward+page:1+mid:emfxwl4fdrnrhkn7+state:results > > I wonder if there have been a progress since then? Or a better alternative > came up? Since then I've figured out another better way to do it, basically keeping a local cache of mails/indexes and somewhat lazily uploading the indexes to storage. I've also since then figured out that only selling support doesn't work well enough for my Dovecot company. So we're just about ready to start selling object storage plugin for Dovecot, which supports all kinds of backends. Not Cassandra yet though, but could be added at some point. http://www.dovecot.fi/products/ From anmeyer at anup.de Sun Mar 31 14:07:17 2013 From: anmeyer at anup.de (Andreas Meyer) Date: Sun, 31 Mar 2013 13:07:17 +0200 Subject: [Dovecot] global mail_plugins Message-ID: <20130331130717.712559cc@itxnew.bitcorner.intern> Hello! How do I know what is specified in the global mail_plugins? # doveconf |grep mail_plugins mail_plugins = mail_plugins = " quota sieve" mail_plugins = " quota imap_quota autocreate" mail_plugins = " sieve" Is it just what is defined in the dovecot.conf and when there is nothing defined there are no global mail_plugins per default? Andreas From stephan at rename-it.nl Sun Mar 31 15:43:31 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 31 Mar 2013 14:43:31 +0200 Subject: [Dovecot] Separate log file for Sieve In-Reply-To: <1737C450-3E98-4190-B70E-3EDCD8011383@iki.fi> References: <515308E7.30302@fun.de> <1737C450-3E98-4190-B70E-3EDCD8011383@iki.fi> Message-ID: <51582F73.8070500@rename-it.nl> Op 3/31/2013 10:34 AM, Timo Sirainen schreef: > On 27.3.2013, at 16.57, Ewald Dieterich wrote: > >> log_path = /var/log/dovecot/error.log >> info_log_path = /var/log/dovecot/info.log >> debug_log_path = /var/log/dovecot/debug.log >> >> to log to different files. >> >> Since I don't consider Sieve errors as severe as "real" Dovecot errors I would like to keep them away from the error log. >> >> Is it possible to configure a separate log file for Sieve? > No, unless you use some syslog feature. There are some plans to reduce the number of errors that Sieve logs though. Some of which is already implemented, but still pending release. Regards, Stephan. From stephan at rename-it.nl Sun Mar 31 15:45:09 2013 From: stephan at rename-it.nl (Stephan Bosch) Date: Sun, 31 Mar 2013 14:45:09 +0200 Subject: [Dovecot] sieve-filter ignoring separator In-Reply-To: <1363961862597-41000.post@n4.nabble.com> References: <514AB932.7060808@rename-it.nl> <1363961862597-41000.post@n4.nabble.com> Message-ID: <51582FD5.5030407@rename-it.nl> Op 3/22/2013 3:17 PM, isakrubin schreef: > Stephan Bosch-2 wrote >> On 3/4/2013 9:21 PM, Isak Rubin wrote: >>> # dovecot --version >>> 2.1.9 >> This Dovecot is very old, so is probably your Pigeonhole version. Recent >> versions should work fine in this regard. >> >> Regards, >> >> Stephan. > Upgraded to > # dovecot --version > 2.2.rc3 > > > still same issue :/ Ok, will look at this some time next week. Regards, Stephan. From hostmaster at taunusstein.net Sun Mar 31 15:47:35 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Sun, 31 Mar 2013 14:47:35 +0200 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: References: <5152B2B0.5090303@taunusstein.net> Message-ID: <51583067.3010109@taunusstein.net> Hi Timo, thank you for that hint. SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = '%u' does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: password_query = SELECT MD5('%w') AS password, userid AS user FROM users WHERE (userid = '%u') and (('%k' = 'valid') or ('%r' = '192.168.116.30')); so Dovecot accepts any password provided by user. This solution works now for users which are directily using imap or pop3 _and_ for users which are using Horde webmail frontend backed by Dovecot. This is now a configuration which does not need any passwords stored on server which provides IMHO more security. best regards Christian Am 31.03.2013 10:29, schrieb Timo Sirainen: >> Is there any way to turn off client certs for specific local or remote >> IP addresses? > > In your passdb you can use %r = remote IP and %k = certificate valid to figure out if the user is allowed or not. For example with SQL passdb that would be possible, or checkpassword. http://wiki2.dovecot.org/Variables > From tss at iki.fi Sun Mar 31 16:06:12 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 16:06:12 +0300 Subject: [Dovecot] global mail_plugins In-Reply-To: <20130331130717.712559cc@itxnew.bitcorner.intern> References: <20130331130717.712559cc@itxnew.bitcorner.intern> Message-ID: <3172FE3F-3487-4E54-85B7-C0CE7C613BAB@iki.fi> On 31.3.2013, at 14.07, Andreas Meyer wrote: > How do I know what is specified in the global mail_plugins? > > # doveconf |grep mail_plugins > mail_plugins = You have nothing. Easier to test: "doveconf mail_plugins" > mail_plugins = " quota sieve" > mail_plugins = " quota imap_quota autocreate" > mail_plugins = " sieve" All of these have intendation, so they are within protocol {} sections, which is visible if you don't use |grep directly. > Is it just what is defined in the dovecot.conf and when there > is nothing defined there are no global mail_plugins per default? It's the mail_plugins setting that isn't inside any section {}. From tss at iki.fi Sun Mar 31 16:18:53 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 16:18:53 +0300 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: <51583067.3010109@taunusstein.net> References: <5152B2B0.5090303@taunusstein.net> <51583067.3010109@taunusstein.net> Message-ID: <068950E3-87C4-4EAA-8F5A-7DC79CED7BED@iki.fi> On 31.3.2013, at 15.47, Christian Felsing wrote: > thank you for that hint. > > SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users > WHERE userid = '%u' > does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: I don't understand. I remember some other mail about this as well. It works fine with my tests.. What does it log with you? From tss at iki.fi Sun Mar 31 16:47:37 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 16:47:37 +0300 Subject: [Dovecot] Crash while moving mail between private folder and shared folder In-Reply-To: <514D6FFD.8000808@taunusstein.net> References: <514D6FFD.8000808@taunusstein.net> Message-ID: <3B71CF74-B067-45A1-8502-6CAB37870994@iki.fi> On 23.3.2013, at 11.03, Christian Felsing wrote: > while moving a mail from a private folder (inbox) to a shared folder and > back to private folder Dovecot 2.2rc3 crashes: > > ---cut here--- > Mar 23 09:57:44 dovecot dovecot: imap-login: Login: > user=, method=PLAIN, rip=192.168.200.6, > lip=192.168.200.22, mpid=19423, TLS > Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file > mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns > != NULL) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/f617e2fcce66 From ka at pacific.net Sun Mar 31 16:51:24 2013 From: ka at pacific.net (Ken A) Date: Sun, 31 Mar 2013 08:51:24 -0500 Subject: [Dovecot] dsync mirror to convert from mbox (1.2x) to mdbox (2.2) In-Reply-To: <1283426C-DABB-4227-8A56-1980C8F6825F@iki.fi> References: <514B8A46.4040309@pacific.net> <1283426C-DABB-4227-8A56-1980C8F6825F@iki.fi> Message-ID: <51583F5C.9010608@pacific.net> On 3/31/2013 3:20 AM, Timo Sirainen wrote: > On 22.3.2013, at 0.31, Ken A wrote: > >> I'm converting mail from mbox to mdbox. I've copied mail over to a >> new system, and now I'm running dsync like this: >> >> dsync -u username mirror >> mbox:/folder_location/username:INBOX=/inbox_location/username >> >> That seemed to work, with a couple minor errors: >> >>> dsync(username): Warning: Our dotlock file >>> /mail_location/username.lock was deleted (locked 20 secs ago, >>> touched 20 secs ago) dsync(username): Error: >>> file_dotlock_delete() failed with mbox file >>> /mail_location/username: No such file or directory >> >> Do I also need to specify where dovecot's indexes are for the old >> mbox files, or is this not needed for mbox conversions (when they >> are the source)? > > > Indexes aren't required, but looks like it takes a while to run dsync > and you have another process that decides 20 seconds is long enough > for a timeout and deletes the lock. Indexes would make it somewhat > faster. Do you have mbox_dotlock_change_timeout=20? That's too low. > I installed RC2.3, and am now using "dsync -R -u username backup mbox:" and it seems to work fine now. The only lock files would be those created by dsync, since this is all just an rsync'd copy of mboxes that previously lived in /var/spool/mail on another box. There are no mbox specific configurations in dovecot. Thanks, Ken -- Ken Anderson Pacific Internet - http://www.pacific.net From tss at iki.fi Sun Mar 31 17:26:19 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 17:26:19 +0300 Subject: [Dovecot] Crash while moving mail between private folder and shared folder In-Reply-To: <515317E3.8090402@gmail.com> References: <514D6FFD.8000808@taunusstein.net> <515317E3.8090402@gmail.com> Message-ID: On 27.3.2013, at 18.01, kadafax at gmail.com wrote: > Just to bump the OP message as I experience the exact same symptom with the same configuration. That is: when moving an email to a virtual mailboxes, dovecot crash (and sometime the email disappears from the real mailbox). I'm guessing your error was different though. These should fix them: http://hg.dovecot.org/dovecot-2.2/rev/12136db6e31f http://hg.dovecot.org/dovecot-2.2/rev/9a8119326bd0 (not sure if http://hg.dovecot.org/dovecot-2.2/rev/f31d241d5371 is also required) > > Thx > > Le 23/03/13 10:03, Christian Felsing a ?crit : >> Hello, >> >> while moving a mail from a private folder (inbox) to a shared folder and >> back to private folder Dovecot 2.2rc3 crashes: >> >> ---cut here--- >> Mar 23 09:57:44 dovecot dovecot: imap-login: Login: >> user=, method=PLAIN, rip=192.168.200.6, >> lip=192.168.200.22, mpid=19423, TLS >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file >> mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns >> != NULL) >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw >> backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) >> [0x7f82f65b28fa] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) >> [0x7f82f65b293e] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) >> [0x7f82f657435b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) >> [0x7f82f686b590] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) >> [0x7f82f686b5a9] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) >> [0x7f82f51127bd] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) >> [0x7f82f511424b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) >> [0x7f82f511445d] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) >> [0x7f82f511800b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) >> [0x7f82f552d7cb] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) >> [0x7f82f687274f] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) >> [0x7f82f6872810] -> dovecot-01/imap() [0x40d29d] -> >> dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() >> [0x415250] -> dovecot-01/imap() [0x41530a] -> >> dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> >> dovecot-01/imap(client_input+0x72) [0x415972] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) >> [0x7f82f65c20e6] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) >> [0x7f82f65c2f37] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) >> [0x7f82f65c1c28] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f82f6579473] >> -> dovecot-01/imap(main+0x270) [0x40b950] -> >> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f82f61e6ead] >> -> dovecot-01/imap() [0x40baad] >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: >> master: service(imap): child 19423 killed with signal 6 (core dumps >> disabled) >> Mar 23 09:57:44 dovecot dovecot: imap-login: Login: >> user=, method=PLAIN, rip=192.168.200.6, >> lip=192.168.200.22, mpid=19425, TLS >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Panic: file >> mail-namespace.c: line 654 (mail_namespace_find): assertion failed: (ns >> != NULL) >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Error: Raw >> backtrace: /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x608fa) >> [0x7f66ed9a58fa] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(+0x6093e) >> [0x7f66ed9a593e] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(i_fatal+0) >> [0x7f66ed96735b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0) >> [0x7f66edc5e590] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mail_namespace_find_unalias+0x19) >> [0x7f66edc5e5a9] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0x57bd) >> [0x7f66ec5057bd] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_test_alloc+0xcb) >> [0x7f66ec50724b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(quota_try_alloc+0x3d) >> [0x7f66ec50745d] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib10_quota_plugin.so(+0xb00b) >> [0x7f66ec50b00b] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/lib01_acl_plugin.so(+0xc7cb) >> [0x7f66ec9207cb] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_copy+0x5f) >> [0x7f66edc6574f] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot-storage.so.0(mailbox_move+0x10) >> [0x7f66edc65810] -> dovecot-01/imap() [0x40d29d] -> >> dovecot-01/imap(command_exec+0x3c) [0x4161ec] -> dovecot-01/imap() >> [0x415250] -> dovecot-01/imap() [0x41530a] -> >> dovecot-01/imap(client_handle_input+0x115) [0x4155c5] -> >> dovecot-01/imap(client_input+0x72) [0x415972] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x36) >> [0x7f66ed9b50e6] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0xd7) >> [0x7f66ed9b5f37] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(io_loop_run+0x28) >> [0x7f66ed9b4c28] -> >> /opt/dovecot-2.2.rc3/lib/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f66ed96c473] >> -> dovecot-01/imap(main+0x270) [0x40b950] -> >> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f66ed5d9ead] >> -> dovecot-01/imap() [0x40baad] >> Mar 23 09:57:44 dovecot dovecot: imap(john.doe at example.net): Fatal: >> master: service(imap): child 19425 killed with signal 6 (core dumps >> disabled) >> Mar 23 09:57:46 dovecot dovecot: imap(john.doe at example.net): >> Disconnected: Logged out in=192 out=1118 >> ---cut here--- >> >> Following config was used: >> >> ---cut here--- >> # 2.2.rc3: /opt/dovecot-2.2.rc3/etc/dovecot/dovecot.conf >> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.0 ext4 >> auth_ssl_require_client_cert = yes >> auth_ssl_username_from_cert = yes >> auth_verbose = yes >> auth_verbose_passwords = plain >> base_dir = /home/dovecot/ >> hostname = mail.ip6.li >> instance_name = dovecot-01 >> lda_mailbox_autocreate = yes >> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c >> mail_gid = dovecot >> mail_location = maildir:/home/vmail/%d/%u/Maildir >> mail_plugins = quota >> mail_uid = dovecot >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave >> namespace { >> list = children >> location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u >> prefix = shared/%%u/ >> separator = / >> subscriptions = no >> type = shared >> } >> namespace inbox { >> inbox = yes >> list = yes >> location = >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix = >> separator = / >> type = private >> } >> passdb { >> args = failure_show_msg=yes dovecot >> driver = pam >> } >> plugin { >> acl = vfile:/etc/dovecot/global-acls:cache_secs=300 >> acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes >> mail_log_events = delete undelete expunge copy mailbox_delete >> mailbox_rename >> mail_log_fields = uid box msgid size >> quota = maildir:User quota >> quota_grace = 10%% >> quota_rule = *:storage=1G >> quota_rule2 = Trash:storage=+100M >> quota_warning = storage=95%% quota-warning 95 %u >> quota_warning2 = storage=80%% quota-warning 80 %u >> sieve = ~/.dovecot.sieve >> sieve_dir = ~/sieve >> } >> postmaster_address = postmaster at ip6.li >> protocols = imap pop3 lmtp sieve >> quota_full_tempfail = yes >> sendmail_path = /usr/lib/sendmail >> service managesieve-login { >> inet_listener sieve { >> port = 4190 >> } >> inet_listener sieve_deprecated { >> port = 2000 >> } >> } >> ssl_ca = > ssl_cert = > ssl_cert_username_field = emailAddress >> ssl_key = > ssl_require_crl = no >> ssl_verify_client_cert = yes >> userdb { >> args = allow_all_users=yes uid=vmail gid=vmail home=/home/vmail/%d/%u >> driver = static >> } >> protocol lda { >> auth_socket_path = /var/run/dovecot/auth-master >> mail_plugin_dir = /opt/dovecot/lib/dovecot >> mail_plugins = quota sieve acl >> } >> protocol imap { >> mail_plugins = quota acl imap_acl imap_quota >> } >> protocol lmtp { >> mail_plugins = quota sieve >> } >> protocol sieve { >> managesieve_implementation_string = Dovecot Pigeonhole >> managesieve_logout_format = bytes ( in=%i : out=%o ) >> } >> protocol pop3 { >> mail_plugins = quota >> pop3_uidl_format = %08Xu%08Xv >> } >> ---cut here--- >> >> best regards >> Christian >> > From hostmaster at taunusstein.net Sun Mar 31 17:38:12 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Sun, 31 Mar 2013 16:38:12 +0200 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: <068950E3-87C4-4EAA-8F5A-7DC79CED7BED@iki.fi> References: <5152B2B0.5090303@taunusstein.net> <51583067.3010109@taunusstein.net> <068950E3-87C4-4EAA-8F5A-7DC79CED7BED@iki.fi> Message-ID: <51584A54.2000404@taunusstein.net> There were log entries regarding that problem: Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011valid-client-cert#011sessi on=J8pV8bzYIACwxigG#011cert_username=user at example.net#011lip=192.168.200.22#011rip=192.168.200.6#011lport=993#011rport=8480 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client passdb out: CONT#0111#011 Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONT Mar 25 11:05:21 dovecot dovecot: auth: Debug: sql(user at example.net,192.168.200.6,): query: SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE userid = 'user at example.net' Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONT Mar 25 11:05:21 dovecot dovecot: auth: sql(user at example.net,192.168.200.6,): Empty password returned without nopassword Mar 25 11:05:23 dovecot dovecot: auth: Debug: client passdb out: FAIL#0111#011user=user at example.net Dovecot got nopassword but does still not accept an empty password. Christian Am 31.03.2013 15:18, schrieb Timo Sirainen: > On 31.3.2013, at 15.47, Christian Felsing wrote: > >> thank you for that hint. >> >> SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users >> WHERE userid = '%u' >> does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: > > I don't understand. I remember some other mail about this as well. It works fine with my tests.. What does it log with you? > From tss at iki.fi Sun Mar 31 17:40:57 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 17:40:57 +0300 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local><51503291.5070008@sys4.de><51503FF4.8080409@sys4.de><17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local><8A86F82DFA0144129F043A1C71CB37EB@ai.local> <404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> Message-ID: <1F480C03-4A84-4C56-A27F-25BEE50F7497@iki.fi> On 25.3.2013, at 17.14, Hajo Locke wrote: >> Looks like it fixed the TAB problem. So I guess I need to fix userdb_userdb_import. > >> Could you try if the attached patch fixes it? > > i added the patch and did build my packages. sql.conf i switched back to prefetch. > Log looks like: > > Mar 25 16:01:55 myhostname dovecot: auth: Debug: prefetch(myusername,ip.ip.ip.ip,): success > Mar 25 16:01:55 myhostname dovecot: auth: Debug: master out: USER 3357409281 myusername home=/home/myusername uid=1004 gid=1000 > namespace/inbox/mailbox=hallohallo^Atnamespace/inbox/mailbox/hallohallo/auto=subscribe > > same line occurs when querying ...userdb_import as userdb_import... in place of ...userdb_import as userdb_userdb_import? http://hg.dovecot.org/dovecot-2.1/rev/cd919c490ea6 makes userdb_userdb_import work. From tss at iki.fi Sun Mar 31 18:06:39 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 18:06:39 +0300 Subject: [Dovecot] Outlook 2013 - mounting folders with XLIST In-Reply-To: <1F480C03-4A84-4C56-A27F-25BEE50F7497@iki.fi> References: <9F7FF84F91BA4164A1C07DF0143799DD@ai.local> <51503291.5070008@sys4.de><51503FF4.8080409@sys4.de> <17A6BDEBDD0C4C6EB4D0D2545E33B842@ai.local> <8A86F82DFA0144129F043A1C71CB37EB@ai.local> <404DACB73FF34ECCB6EB5B2EF060CBEC@ai.local> <1F480C03-4A84-4C56-A27F-25BEE50F7497@iki.fi> Message-ID: <1364742399.32610.2.camel@hurina> On Sun, 2013-03-31 at 17:40 +0300, Timo Sirainen wrote: > > namespace/inbox/mailbox=hallohallo^Atnamespace/inbox/mailbox/hallohallo/auto=subscribe > > > > same line occurs when querying ...userdb_import as userdb_import... in place of ...userdb_import as userdb_userdb_import? > > http://hg.dovecot.org/dovecot-2.1/rev/cd919c490ea6 makes userdb_userdb_import work. Ugh. Not really. OK, latest v2.1 hg has passdb_import, userdb_import and userdb_userdb_import and they all work. In addition, here's a list of settings that are required for adding two new mailboxes without them being in the configuration: /usr/local/libexec/dovecot/imap -o 'namespace/inbox/mailbox=foo bar' -o namespace/inbox/mailbox/foo/name=foo -o namespace/inbox/mailbox/bar/name=bar -o namespace/inbox/mailbox/foo/auto=create -o namespace/inbox/mailbox/bar/auto=create -o namespace/inbox/mailbox/foo/special_use=\\sent -o namespace/inbox/mailbox/bar/special_use=\\drafts That way you can easily test them. They work just the same (without -o parameter of course) in userdb_import. From tss at iki.fi Sun Mar 31 18:16:02 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 18:16:02 +0300 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: <51584A54.2000404@taunusstein.net> References: <5152B2B0.5090303@taunusstein.net> <51583067.3010109@taunusstein.net> <068950E3-87C4-4EAA-8F5A-7DC79CED7BED@iki.fi> <51584A54.2000404@taunusstein.net> Message-ID: <678C2C17-714C-4F81-9053-F0DE484E1C63@iki.fi> On 31.3.2013, at 17.38, Christian Felsing wrote: > There were log entries regarding that problem: Ah, you were using PostgreSQL and I tested MySQL. They are handled somewhat differently. This should fix it: http://hg.dovecot.org/dovecot-2.2/rev/37cd62516b37 > > > Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=imap#011secured#011valid-client-cert#011sessi > on=J8pV8bzYIACwxigG#011cert_username=user at example.net#011lip=192.168.200.22#011rip=192.168.200.6#011lport=993#011rport=8480 > Mar 25 11:05:21 dovecot dovecot: auth: Debug: client passdb out: > CONT#0111#011 > Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONT > Mar 25 11:05:21 dovecot dovecot: auth: Debug: > sql(user at example.net,192.168.200.6,): query: SELECT > NULL AS password, 'Y' as nopassword, userid AS user FROM users WHERE > userid = 'user at example.net' > Mar 25 11:05:21 dovecot dovecot: auth: Debug: client in: CONT > Mar 25 11:05:21 dovecot dovecot: auth: > sql(user at example.net,192.168.200.6,): Empty password > returned without nopassword > Mar 25 11:05:23 dovecot dovecot: auth: Debug: client passdb out: > FAIL#0111#011user=user at example.net > > Dovecot got nopassword but does still not accept an empty password. > > Christian > > > > Am 31.03.2013 15:18, schrieb Timo Sirainen: >> On 31.3.2013, at 15.47, Christian Felsing wrote: >> >>> thank you for that hint. >>> >>> SELECT NULL AS password, 'Y' as nopassword, userid AS user FROM users >>> WHERE userid = '%u' >>> does not work, seems Dovecot 2.2rc3 ignores nopassword, so my solution is: >> >> I don't understand. I remember some other mail about this as well. It works fine with my tests.. What does it log with you? >> > From tss at iki.fi Sun Mar 31 18:47:11 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 18:47:11 +0300 Subject: [Dovecot] v2.2 dsync In-Reply-To: <20130322084721.GA21212@uran.iai.uni-bonn.de> References: <20130226154031.GH6073@uran.iai.uni-bonn.de> <1361968244.27458.30.camel@hurina> <20130227132749.GC28069@uran.iai.uni-bonn.de> <20130314100529.GA18113@uran.iai.uni-bonn.de> <265F0ADB-759E-4ACA-BDD3-C570D090F247@iki.fi> <98F7A42B-A5E9-46A8-BE58-B5AB1ADBCC85@iki.fi> <20130322084721.GA21212@uran.iai.uni-bonn.de> Message-ID: On 22.3.2013, at 10.47, Walter Steiner wrote: > doveadm backup -R -u ... imapc: > => mailboxes are created and some/many messages but not all messages > are copied from the origin cyrus mailbox to the dovecot box. > (i.e. the first consecutive 233 out of 523 are okay) > > All of the missing messages are logged: > => dsync(...): Error: Mailbox ...: Remote didn't send mail UID=... > (references to this error seen on the list in Jan. with older versions) Finally fixed: http://hg.dovecot.org/dovecot-2.2/rev/800836bd8f2e Also if there are any similar bugs left, it no longer exits with success: http://hg.dovecot.org/dovecot-2.2/rev/0eef38d78069 From tss at iki.fi Sun Mar 31 18:51:29 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 18:51:29 +0300 Subject: [Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree? In-Reply-To: <20130322173450.GA623@uran.iai.uni-bonn.de> References: <20130322143510.GA28803@uran.iai.uni-bonn.de> <78A5903C-AFD6-42BE-BE2F-445E47EAD392@iki.fi> <20130322152953.GB3485@uran.iai.uni-bonn.de> <34BEEEBD-DA8C-45CC-A9A4-6E676F6A9D56@iki.fi> <20130322173450.GA623@uran.iai.uni-bonn.de> Message-ID: <1364745089.32610.4.camel@hurina> On Fri, 2013-03-22 at 18:34 +0100, Walter Steiner wrote: > > You most likely want to have subscriptions=no for your shared namespace. Also you most likely want to enable ACL plugin. > > Yes - thank you for your comment! The ACLs I had configured before are > not enabled in this minimalistic configuration because of crashes when > running doveadm backup -R ... imapc: with ACLs enabled. > > You wrote that you are continuing debugging "my problem". Regardless > of this, should I investigate / file this ACL (related) bug? > > With todays nightly: > > dsync(wsunpriv at iai.uni-bonn.de): Panic: file imapc-list.c: line 199 (imapc_list_get_vname): assertion failed: (strncmp(prefix, storage_name, prefix_len) == 0 && storage_name[prefix_len] == list->sep) Oh, and this would be good to solve too. What does it say with gdb: gdb dsync core fr 5 p prefix p storage_name p prefix_len p list.sep p list.ns.prefix From tss at iki.fi Sun Mar 31 19:31:27 2013 From: tss at iki.fi (Timo Sirainen) Date: Sun, 31 Mar 2013 19:31:27 +0300 Subject: [Dovecot] Dovecot METADATA support In-Reply-To: <4AAED0D9-424B-460D-9B64-2668211ED374@iki.fi> References: <2846-51530380-1b-230f3880@7907076> <4AAED0D9-424B-460D-9B64-2668211ED374@iki.fi> Message-ID: <1364747487.32610.15.camel@hurina> On Wed, 2013-03-27 at 21:25 +0200, Timo Sirainen wrote: > The metadata plugin started with implementing the IMAP commands and > kind of ignored the difficult parts of fitting it in with everything. > The stuff that is in Dovecot now handles most of the difficult parts, > but the IMAP commands are missing. There are still two somewhat > difficult things missing: So, here are some plans for them: > * Where/how to keep track of metadata quota to prevent abuse? Maybe > some limits to number of entries, max. bytes total in entries, max. > bytes per entry. Although the last one only is useful for those > backends that can't handle large entry sizes. I guess there should be a total number of metadata items and total bytes of metadata, similar as to mails. Possibly it could even share the same quotas by default. Whenever metadata item is updated, its key is logged to dovecot.index.log among (in future version) the value's length. These can be used to update quota and minimize locking waits: - remember current transaction log offset - read existing modified keys' value lengths - mailbox metadata lock - update new keys' values, remember their lengths - commit transaction - mailbox metadata unlock - scan transaction log for changes to same keys, replace old key length with latest seen key length - increase quota with (new length - previous length) Would be nice to get rid of the locking, but I guess it's not possible without causing a race condition (S1, S2 = session 1/2): S1: read 10 S1: write 25 S2: read 25 S2: write 30 a) S1 committed first: old=10, new=30 -> quota +20 S1: 25-10 = +15 S2: 30-25 = +5 b) S2 committed first (which can't happen with locking): old=10, new=25 -> quota +15 S1: 25-30 = -5 S2: 30-25 = +5 [30-10=+20 would be correct..] > * Currently it's configured via mail_attribute_dict, which can e.g. > point to a file in user's home directory. How to handle shared > metadata in shared folders? Should userA just be accessing userB's > dict file? Where are metadata stored for public folders that have no > owner? Should there be two dict settings for private and public dict? > (The last, or maybe all, would be a non-issue if I had already > implemented my idea of having only one dict configuration where > different prefixes could be mapped to completely different > locations/backends/etc.) METADATA RFC says that shared metadata is required, while private metadata isn't required. So most of the metadata is probably marked as shared, even for mailboxes without any ACLs. So for efficiency most of the metadata should be stored in each user's own metadata database rather than one huge shared database. So that's why mail_attribute_dict must be used for private and shared metadata for your user's own mailboxes. That also forces using the same for shared mailboxes. For public mailboxes there is no owner user, so I guess there needs to be a new setting mail_attribute_public_dict. I was also considering a per-namespace mail_attribute_dict, but maybe that's not worth the trouble for now. In any case in future the idea is to allow all mail settings to be overridden by putting them inside namespace {}. From jakej1978 at gmail.com Sun Mar 31 19:46:38 2013 From: jakej1978 at gmail.com (Jake Johnson) Date: Sun, 31 Mar 2013 09:46:38 -0700 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem In-Reply-To: <5152B2B0.5090303@taunusstein.net> References: <5152B2B0.5090303@taunusstein.net> Message-ID: unsubscribe On Wed, Mar 27, 2013 at 1:49 AM, Christian Felsing < hostmaster at taunusstein.net> wrote: > Hello, > > I would like to set up a Dovecot based mail system which uses X.509 > Client Certificates for authentication. A webmail system based on Horde5 > should use Dovecot as backend. > > For now Dovecot works with client certificates issued by my CA and Horde > authenticates also with same client certs. Due to protocol it is > impossible to use client certs presented by user to Horde for > authentication at Dovecot, so Horde should be allowed to authenticate > itself without or an arbitrary password to Dovecot. Horde and Dovecot > are running in same protected LAN. > > Unfortunately Dovecot does not support different authentication methods > on different IP addresses or ports. This does not work: > > remote 192.168.116.28/32 { > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = yes > disable_plaintext_auth = no > ssl = yes > > } > > Result is "doveconf: Fatal: Error in configuration file > /opt/dovecot-2.2.rc3/etc/dovecot/conf.d/10-auth.conf line 103: Auth > settings not supported inside local/remote blocks: > auth_ssl_require_client_cert" > > Replacing "auth_ssl_require_client_cert = no" by "ssl_verify_client_cert = > no" does not yield in an error, but it does nothing, Dovecot still > insists for a client certificate. > > I afraid that I am trapped by this problem: > > http://dovecot.2317879.n4.nabble.com/Problem-with-requiring-client-certificates-for-external-connections-tp475.html > > Is there any way to turn off client certs for specific local or remote > IP addresses? > > best regards > Christian > From jakej1978 at gmail.com Sun Mar 31 19:46:52 2013 From: jakej1978 at gmail.com (Jake Johnson) Date: Sun, 31 Mar 2013 09:46:52 -0700 Subject: [Dovecot] dsync mirror to convert from mbox (1.2x) to mdbox (2.2) In-Reply-To: <514B8A46.4040309@pacific.net> References: <514B8A46.4040309@pacific.net> Message-ID: unsubscribe On Thu, Mar 21, 2013 at 3:31 PM, Ken A wrote: > I'm converting mail from mbox to mdbox. > I've copied mail over to a new system, and now I'm running dsync like this: > > dsync -u username mirror > mbox:/folder_location/username:INBOX=/inbox_location/username > > That seemed to work, with a couple minor errors: > > > dsync(username): Warning: Our dotlock file /mail_location/username.lock > was deleted (locked 20 secs ago, touched 20 secs ago) > > dsync(username): Error: file_dotlock_delete() failed with mbox file > /mail_location/username: No such file or directory > > Do I also need to specify where dovecot's indexes are for the old mbox > files, or is this not needed for mbox conversions (when they are the > source)? > > Thanks, > Ken A. > From jakej1978 at gmail.com Sun Mar 31 19:50:27 2013 From: jakej1978 at gmail.com (Jake Johnson) Date: Sun, 31 Mar 2013 09:50:27 -0700 Subject: [Dovecot] Incorrect response when opening read-only mailboxes with per-user flags? In-Reply-To: <20130327201641.GM5217@hal.local.invalid> References: <20130327114125.GH5217@hal.local.invalid> <6A65F367-7AD0-466F-A274-FBD3BD2CA522@iki.fi> <20130327201641.GM5217@hal.local.invalid> Message-ID: unsubscribe On Wed, Mar 27, 2013 at 1:16 PM, Guido Berhoerster < guido+dovecot.org at berhoerster.name> wrote: > * Timo Sirainen [2013-03-27 20:27]: > > On 27.3.2013, at 13.41, Guido Berhoerster < > guido+dovecot.org at berhoerster.name> wrote: > > > > > After some debugging on the protocol level I've finally found the > > > problem with per-user seen flags in read-only mailboxes. Dovecot > > > actually does allow storing the seen flag on messages but AFAICS > > > it does not communicate that correctly to clients, this is what > > > its response to selecting a read-only mailbox with "lrs" ACL in > > > effect for the logged in user looks like: > > > > > > 2 SELECT "Public/Test" > > .. > > > 2 OK [READ-ONLY] Select completed. > > > > > > Shouldn't PERMANENTFLAGS contain \Seen here if per-user seen > > > flags are enable and should it even be tagged READ-ONLY at all in > > > this case? At least clients such as Python imaplib, IMAPClient, > > > or Roundcube will open such mailboxes with EXAMINE and thus do > > > not allow the modification of flags. > > > > Are you still testing on v2.0? It could be a bug in it. > > Yes, this is 2.0.9 from RHEL6. > -- > Guido Berhoerster > From hostmaster at taunusstein.net Sun Mar 31 19:54:32 2013 From: hostmaster at taunusstein.net (Christian Felsing) Date: Sun, 31 Mar 2013 18:54:32 +0200 Subject: [Dovecot] Dovecot 2.2rc3 Client Cert Auth and Webmail -> auth_ssl_require_client_cert problem [solved] In-Reply-To: <678C2C17-714C-4F81-9053-F0DE484E1C63@iki.fi> References: <5152B2B0.5090303@taunusstein.net> <51583067.3010109@taunusstein.net> <068950E3-87C4-4EAA-8F5A-7DC79CED7BED@iki.fi> <51584A54.2000404@taunusstein.net> <678C2C17-714C-4F81-9053-F0DE484E1C63@iki.fi> Message-ID: <51586A48.8030505@taunusstein.net> Thank you, works now with 'Y' as nopassword :-) best regards Christian Am 31.03.2013 17:16, schrieb Timo Sirainen: > On 31.3.2013, at 17.38, Christian Felsing wrote: > >> There were log entries regarding that problem: > > Ah, you were using PostgreSQL and I tested MySQL. They are handled somewhat differently. This should fix it: http://hg.dovecot.org/dovecot-2.2/rev/37cd62516b37 From Lutz.Pressler at SerNet.DE Sun Mar 31 20:55:52 2013 From: Lutz.Pressler at SerNet.DE (Lutz =?iso-8859-1?Q?Pre=DFler?=) Date: Sun, 31 Mar 2013 19:55:52 +0200 Subject: [Dovecot] stats: duration of sessions, commands Message-ID: Hello Timo, I would like to have reset_timestamp (or another field) in stats dump output of levels session and command. Both session duration and individual command execution times would be interesting data to have. Greetings, Lutz